TechSpot

Successfully blocked access to malicious web site

Solved
By Kathryn Rowan
Jan 15, 2013
  1. Hi,

    I am performing the steps in the 4-Step Instructions. Here is the log from my Malwarebytes scan:

    2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65454, Process: chrome.exe)
    2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65455, Process: chrome.exe)
    2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65471, Process: chrome.exe)
    2013/01/15 07:25:19 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49309, Process: chrome.exe)
    2013/01/15 07:26:55 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 49371, Process: chrome.exe)
    2013/01/15 07:28:48 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49523, Process: chrome.exe)
    2013/01/15 07:31:04 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 49598, Process: chrome.exe)
    2013/01/15 07:33:28 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49759, Process: chrome.exe)
    2013/01/15 07:35:53 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 49881, Process: chrome.exe)
    2013/01/15 07:38:34 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 50074, Process: chrome.exe)
    2013/01/15 07:40:50 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 50477, Process: chrome.exe)
    2013/01/15 07:43:46 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 50790, Process: chrome.exe)
    2013/01/15 07:45:23 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 50976, Process: chrome.exe)
    2013/01/15 07:47:23 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51147, Process: chrome.exe)
    2013/01/15 07:48:51 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51228, Process: chrome.exe)
    2013/01/15 07:51:08 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 51295, Process: chrome.exe)
    2013/01/15 07:53:28 -0700KATIESLAPTOPKathrynMESSAGEStarting database refresh
    2013/01/15 07:53:28 -0700KATIESLAPTOPKathrynMESSAGEStopping IP protection
    2013/01/15 07:53:29 -0700KATIESLAPTOPKathrynMESSAGEIP Protection stopped successfully
    2013/01/15 07:53:36 -0700KATIESLAPTOPKathrynMESSAGEDatabase refreshed successfully
    2013/01/15 07:53:36 -0700KATIESLAPTOPKathrynMESSAGEStarting IP protection
    2013/01/15 07:53:37 -0700KATIESLAPTOPKathrynMESSAGEIP Protection started successfully
    2013/01/15 07:54:24 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51401, Process: chrome.exe)
    2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEStarting protection
    2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEProtection started successfully
    2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEStarting IP protection
    2013/01/15 08:07:00 -0700KATIESLAPTOP(null)MESSAGEIP Protection started successfully
    2013/01/15 08:08:28 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 49323, Process: chrome.exe)

    The next step says to download DDSby sUPs from either DDS.com or DDS.pif but I can't seem to figure out what I'm supposed to download. Please help.

    Katie
     
  2. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    I found the link in another post. Here's the logs:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.10.2
    Run by Kathryn at 8:24:00 on 2013-01-15
    Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3961.2413 [GMT -7:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\dwm.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k NetworkService
    C:\Windows\system32\AECLSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Windows\system32\BtwRSupportService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    C:\Windows\system32\dashost.exe
    C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\taskhostex.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Users\Kathryn\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\mcafee.com\agent\mcagent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\SysWOW64\RunDll32.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
    C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
    C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://dell13.msn.com
    uDefault_Page_URL = hxxp://dell13.msn.com
    mWinlogon: Userinit = userinit.exe,
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: PricePeep: {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
    uRun: [GoogleChromeAutoLaunch_5F8DEE5AAD550B4A05D8853BE7B4418F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\Kathryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kathryn\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
    TCP: NameServer = 192.168.1.1 75.75.75.75 75.75.76.76
    TCP: Interfaces\{7564D7AD-005D-47B0-BC6B-A7BD4B20CCA8} : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
    TCP: Interfaces\{83CADE12-5A3F-4F9F-B925-A96EE9A82399} : DHCPNameServer = 172.21.1.177
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
    x64-Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
    x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-26 651832]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-6-22 771096]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-6-22 339776]
    R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-5 92536]
    R2 AECLFilters;Andrea Cirrus Logic Filters Service;C:\Windows\System32\AECLSr64.exe [2012-11-5 99696]
    R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2012-11-5 2247992]
    R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-5 7168]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-5 166720]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-9 398184]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-9 682344]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-5 241016]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-5 218320]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-5 177680]
    R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-5 1914728]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-5 365376]
    R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2012-11-5 164152]
    R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
    R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\Drivers\btwampfl.sys [2012-11-5 126776]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\Drivers\btwl2cap.sys [2012-11-5 39736]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-6-22 69672]
    R3 CirrusLFD;CS42xxLowerFilter;C:\Windows\System32\Drivers\CSLFDx64.sys [2012-11-5 41328]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-5 342528]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-9 24176]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-6-22 309400]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-6-22 515528]
    R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-5 683664]
    S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-6-18 69168]
    S2 CirrusAudioService;Cirrus Audio Service;C:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe [2012-8-6 7168]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
    S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-5 10752]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2012-12-27 196440]
    S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-11-5 332080]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-6-22 106112]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUStor.sys [2012-11-5 252048]
    S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
    S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
    .
    =============== Created Last 30 ================
    .
    2013-01-12 18:20:061131520----a-w-C:\Windows\System32\AppXDeploymentServer.dll
    2013-01-12 18:20:05707584----a-w-C:\Windows\System32\AppXDeploymentExtensions.dll
    2013-01-12 18:20:03178176----a-w-C:\Windows\System32\SystemEventsBrokerServer.dll
    2013-01-12 18:20:03170496----a-w-C:\Windows\System32\TimeBrokerServer.dll
    2013-01-12 18:19:414055552----a-w-C:\Windows\System32\win32k.sys
    2013-01-12 18:19:40368640----a-w-C:\Windows\System32\sppwinob.dll
    2013-01-10 00:53:34--------d-----w-C:\Users\Kathryn\AppData\Roaming\Malwarebytes
    2013-01-10 00:52:58--------d-----w-C:\ProgramData\Malwarebytes
    2013-01-10 00:52:5624176----a-w-C:\Windows\System32\drivers\mbam.sys
    2013-01-10 00:52:56--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-10 00:52:38--------d-----w-C:\Users\Kathryn\AppData\Local\Programs
    2013-01-10 00:05:23182464----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10188.bin
    2013-01-09 15:25:1286016----a-w-C:\Windows\System32\ncryptsslp.dll
    2013-01-09 15:25:1271168----a-w-C:\Windows\SysWow64\ncryptsslp.dll
    2013-01-09 15:24:572361344----a-w-C:\Windows\System32\msxml6.dll
    2013-01-09 15:24:571836032----a-w-C:\Windows\System32\msxml3.dll
    2013-01-09 15:24:561802240----a-w-C:\Windows\SysWow64\msxml6.dll
    2013-01-09 15:24:561438720----a-w-C:\Windows\SysWow64\msxml3.dll
    2013-01-09 15:24:552048----a-w-C:\Windows\SysWow64\msxml6r.dll
    2013-01-09 15:24:552048----a-w-C:\Windows\SysWow64\msxml3r.dll
    2013-01-09 15:24:552048----a-w-C:\Windows\System32\msxml6r.dll
    2013-01-09 15:24:552048----a-w-C:\Windows\System32\msxml3r.dll
    2013-01-05 01:36:45--------d-----w-C:\Program Files\CCleaner
    2013-01-04 20:44:04--------d-----w-C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
    2013-01-02 23:06:39--------d-----w-C:\Users\Kathryn\AppData\Local\Apple Computer
    2013-01-02 23:06:3033240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
    2013-01-02 23:06:07--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 23:06:07--------d-----w-C:\Program Files\iTunes
    2013-01-02 23:06:07--------d-----w-C:\Program Files\iPod
    2013-01-02 23:06:07--------d-----w-C:\Program Files (x86)\iTunes
    2013-01-02 23:05:52--------d-----w-C:\Users\Kathryn\AppData\Local\Apple
    2013-01-02 23:05:17--------d-----w-C:\Program Files\Bonjour
    2013-01-02 23:05:17--------d-----w-C:\Program Files (x86)\Bonjour
    2013-01-02 22:46:4568608----a-w-C:\Windows\System32\wwanprotdim.dll
    2013-01-02 22:46:45446976----a-w-C:\Windows\System32\wwansvc.dll
    2013-01-02 22:45:4876288----a-w-C:\Windows\System32\newdev.exe
    2013-01-02 22:45:4875264----a-w-C:\Windows\System32\ndadmin.exe
    2013-01-02 22:45:4774240----a-w-C:\Windows\SysWow64\newdev.exe
    2013-01-02 22:45:4773728----a-w-C:\Windows\SysWow64\ndadmin.exe
    2013-01-02 22:45:47275968----a-w-C:\Windows\SysWow64\newdev.dll
    2013-01-02 22:45:46301568----a-w-C:\Windows\System32\newdev.dll
    2013-01-02 22:37:1783968----a-w-C:\Windows\SysWow64\OEMLicense.dll
    2013-01-02 22:34:599216----a-w-C:\Windows\SysWow64\spwmp.dll
    2013-01-02 22:33:5883456----a-w-C:\Windows\System32\drivers\wanarp.sys
    2013-01-02 22:32:591126912----a-w-C:\Windows\SysWow64\user32.dll
    2013-01-02 22:31:58573440----a-w-C:\Windows\System32\WinSATAPI.dll
    2013-01-02 22:31:573964416----a-w-C:\Windows\System32\WinSAT.exe
    2013-01-02 19:43:431172992----a-w-C:\Windows\System32\mfnetsrc.dll
    2013-01-02 19:43:42929792----a-w-C:\Windows\SysWow64\mfnetsrc.dll
    2013-01-02 19:43:42677888----a-w-C:\Windows\System32\mfnetcore.dll
    2013-01-02 19:43:42673280----a-w-C:\Windows\System32\mfmpeg2srcsnk.dll
    2013-01-02 19:43:42568832----a-w-C:\Windows\SysWow64\mfnetcore.dll
    2013-01-02 19:43:42513024----a-w-C:\Windows\SysWow64\mfmpeg2srcsnk.dll
    2013-01-02 19:43:41850944----a-w-C:\Windows\SysWow64\mfasfsrcsnk.dll
    2013-01-02 19:43:411048064----a-w-C:\Windows\System32\mfasfsrcsnk.dll
    2013-01-02 19:43:013554304----a-w-C:\Windows\System32\tquery.dll
    2013-01-02 19:41:1011459584----a-w-C:\Windows\System32\glcndFilter.dll
    2013-01-02 19:41:0810096640----a-w-C:\Windows\System32\twinui.dll
    2013-01-02 19:41:078856576----a-w-C:\Windows\SysWow64\twinui.dll
    2013-01-02 19:41:038552448----a-w-C:\Windows\SysWow64\glcndFilter.dll
    2013-01-02 19:41:02710656----a-w-C:\Windows\System32\winhttp.dll
    2013-01-02 19:41:021526784----a-w-C:\Windows\System32\mfcore.dll
    2013-01-02 19:41:011451520----a-w-C:\Windows\SysWow64\mfcore.dll
    2013-01-02 19:41:00976384----a-w-C:\Windows\System32\KernelBase.dll
    2013-01-02 19:41:001566432----a-w-C:\Windows\System32\ole32.dll
    2012-12-31 21:55:44--------d-----w-C:\Users\Kathryn\AppData\Local\ElevatedDiagnostics
    2012-12-29 20:37:41579952----a-w-C:\Windows\SysWow64\dsNcSmartCardProv.dll
    2012-12-29 20:37:40405360----a-w-C:\Windows\SysWow64\dsNcCredProv.dll
    2012-12-29 20:37:23--------d-----w-C:\Program Files (x86)\Juniper Networks
    2012-12-29 20:19:4682944----a-w-C:\Windows\System32\Spool\prtprocs\x64\CNMPP90.DLL
    2012-12-29 20:19:4627648----a-w-C:\Windows\System32\Spool\prtprocs\x64\CNMPD90.DLL
    2012-12-29 20:19:36258560----a-w-C:\Windows\System32\CNMLM90.DLL
    2012-12-29 20:19:303584----a-w-C:\Windows\System32\CNCFLcUS.DLL
    2012-12-29 20:19:303072----a-w-C:\Windows\System32\CNCFLcJP.DLL
    2012-12-29 20:19:30183296----a-w-C:\Windows\System32\CNCF2Lc.DLL
    2012-12-29 20:19:30143360----a-w-C:\Windows\System32\CNCFMSc.EXE
    2012-12-29 20:14:21--------d-----w-C:\Program Files (x86)\DriverTuner
    2012-12-29 01:30:31--------d-----r-C:\Program Files (x86)\Skype
    2012-12-29 01:30:16--------d-----w-C:\Users\Kathryn\AppData\Roaming\SkypePackages
    2012-12-29 01:30:14--------d-----w-C:\Users\Kathryn\AppData\Local\couponamazing
    2012-12-29 01:30:11--------d-----w-C:\Program Files (x86)\PricePeep
    2012-12-28 23:33:13--------d-----w-C:\Users\Kathryn\AppData\Roaming\Juniper Networks
    2012-12-28 23:32:49859072----a-w-C:\Windows\SysWow64\npDeployJava1.dll
    2012-12-28 23:32:49779704----a-w-C:\Windows\SysWow64\deployJava1.dll
    2012-12-28 23:32:4595184----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-12-28 22:58:4616114176----a-w-C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
    2012-12-28 22:58:4515541248----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
    2012-12-28 22:41:3117888----a-w-C:\Windows\System32\msvcr100_clr0400.dll
    2012-12-28 22:41:2717888----a-w-C:\Windows\SysWow64\msvcr100_clr0400.dll
    2012-12-28 22:37:16144384----a-w-C:\Windows\System32\tssdisai.dll
    2012-12-28 22:37:16135680----a-w-C:\Windows\System32\appserverai.dll
    2012-12-28 22:37:16126976----a-w-C:\Windows\System32\RDWebAI.dll
    2012-12-28 22:37:16122880----a-w-C:\Windows\System32\VmHostAI.dll
    2012-12-28 22:37:13148480----a-w-C:\Windows\System32\poqexec.exe
    2012-12-28 22:37:13132608----a-w-C:\Windows\SysWow64\poqexec.exe
    2012-12-28 22:37:1194208----a-w-C:\Windows\System32\synceng.dll
    2012-12-28 22:37:1072192----a-w-C:\Windows\SysWow64\synceng.dll
    2012-12-28 21:42:12--------d-----w-C:\Program Files (x86)\MSECache
    2012-12-28 21:31:18--------d-----w-C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-12-28 21:30:21--------d-----w-C:\Users\Kathryn\AppData\Local\Microsoft Help
    2012-12-28 18:06:52--------d-----w-C:\Users\Kathryn\AppData\Roaming\PCDr
    2012-12-28 18:01:27--------d-----r-C:\Users\Kathryn\Dropbox
    2012-12-28 17:58:18--------d-----w-C:\Users\Kathryn\AppData\Roaming\Dropbox
    2012-12-28 17:33:18--------d-----w-C:\Program Files (x86)\Dell Digital Delivery
    2012-12-28 17:28:33--------d-----w-C:\Users\Kathryn\AppData\Local\softthinks
    2012-12-28 02:46:35196440----a-w-C:\Windows\System32\drivers\HipShieldK.sys
    2012-12-27 23:10:22--------d-----w-C:\Users\Kathryn\AppData\Local\Google
    2012-12-27 23:09:30--------d-----w-C:\Users\Kathryn\AppData\Local\Deployment
    2012-12-27 23:09:30--------d-----w-C:\Users\Kathryn\AppData\Local\Apps
    2012-12-27 22:32:50--------d-----w-C:\Users\Kathryn\AppData\Roaming\Intel Corporation
    2012-12-27 22:31:54--------d-----w-C:\Users\Kathryn\AppData\Local\Broadcom
    2012-12-27 22:31:48--------d-----w-C:\Users\Kathryn\AppData\Local\Power2Go8
    2012-12-27 22:31:13--------d-----r-C:\Users\Kathryn\Searches
    2012-12-27 22:31:13--------d-----r-C:\Users\Kathryn\Contacts
    2012-12-27 22:30:5950784----a-w-C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
    2012-12-27 22:30:3618528----a-w-C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
    2012-12-27 22:29:05--------d-----w-C:\Users\Kathryn\AppData\Local\VirtualStore
    .
    ==================== Find3M ====================
    .
    2012-12-18 23:32:5880728----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-18 23:32:58695640----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-12-16 08:28:2046080----a-w-C:\Windows\System32\atmlib.dll
    2012-12-16 08:20:0135328----a-w-C:\Windows\SysWow64\atmlib.dll
    2012-12-16 08:08:33362496----a-w-C:\Windows\System32\atmfd.dll
    2012-12-16 07:57:09300032----a-w-C:\Windows\SysWow64\atmfd.dll
    2012-11-28 04:21:1744032----a-w-C:\Windows\SysWow64\UXInit.dll
    2012-11-28 04:20:5953760----a-w-C:\Windows\System32\UXInit.dll
    2012-11-27 07:00:32194280----a-w-C:\Windows\System32\drivers\sdbus.sys
    2012-11-27 07:00:29124648----a-w-C:\Windows\System32\drivers\dumpsd.sys
    2012-11-27 06:59:13329960----a-w-C:\Windows\System32\drivers\storport.sys
    2012-11-27 06:39:461122768----a-w-C:\Windows\System32\Taskmgr.exe
    2012-11-27 04:49:201027152----a-w-C:\Windows\SysWow64\Taskmgr.exe
    2012-11-27 04:20:501048064----a-w-C:\Windows\SysWow64\mstsc.exe
    2012-11-27 04:20:42179200----a-w-C:\Windows\SysWow64\wpnapps.dll
    2012-11-27 04:20:35891904----a-w-C:\Windows\SysWow64\winmde.dll
    2012-11-27 04:20:31798208----a-w-C:\Windows\SysWow64\WebcamUi.dll
    2012-11-27 04:20:2946592----a-w-C:\Windows\SysWow64\vds_ps.dll
    2012-11-27 04:20:28560128----a-w-C:\Windows\SysWow64\UserLanguagesCpl.dll
    2012-11-27 04:20:231217536----a-w-C:\Windows\SysWow64\storagewmi.dll
    2012-11-27 04:20:15680960----a-w-C:\Windows\System32\vds.exe
    2012-11-27 04:20:07702464----a-w-C:\Windows\SysWow64\nshwfp.dll
    2012-11-27 04:20:071123840----a-w-C:\Windows\System32\mstsc.exe
    2012-11-27 04:18:59888832----a-w-C:\Windows\System32\nshwfp.dll
    2012-11-27 04:18:395974528----a-w-C:\Windows\System32\mstscax.dll
    2012-11-27 04:18:131071104----a-w-C:\Windows\System32\IKEEXT.DLL
    2012-11-27 04:18:06378880----a-w-C:\Windows\System32\FWPUCLNT.DLL
    2012-11-27 04:17:32718848----a-w-C:\Windows\System32\BFE.DLL
    2012-11-27 04:17:312302464----a-w-C:\Windows\System32\authui.dll
    2012-11-27 03:57:3218432----a-w-C:\Windows\System32\drivers\BtaMPM.sys
    2012-11-27 03:56:2931104----a-w-C:\Windows\System32\drivers\BthAvrcpTg.sys
    2012-11-27 03:55:4429952----a-w-C:\Windows\System32\drivers\BthhfHid.sys
    2012-11-20 08:00:236971624----a-w-C:\Windows\System32\ntoskrnl.exe
    2012-11-20 05:24:191164800----a-w-C:\Windows\SysWow64\Display.dll
    2012-11-20 05:24:1736352----a-w-C:\Windows\SysWow64\DevDispItemProvider.dll
    2012-11-20 05:17:231184256----a-w-C:\Windows\System32\Display.dll
    2012-11-20 05:17:2049152----a-w-C:\Windows\System32\DevDispItemProvider.dll
    2012-11-20 05:02:466656----a-w-C:\Windows\SysWow64\KBDKURD.DLL
    2012-11-20 04:59:267168----a-w-C:\Windows\System32\KBDKURD.DLL
    2012-11-20 04:56:2727136----a-w-C:\Windows\System32\drivers\usbohci.sys
    2012-11-20 04:56:1183456----a-w-C:\Windows\System32\drivers\hidclass.sys
    2012-11-20 04:54:3139936----a-w-C:\Windows\System32\drivers\hidi2c.sys
    2012-11-15 06:08:412706432----a-w-C:\Windows\System32\mshtml.tlb
    2012-11-15 06:06:342706432----a-w-C:\Windows\SysWow64\mshtml.tlb
    2012-11-13 04:20:301120768----a-w-C:\Windows\System32\msctf.dll
    2012-11-13 04:19:23890880----a-w-C:\Windows\SysWow64\msctf.dll
    2012-11-09 12:40:2469672----a-w-C:\Windows\System32\drivers\cfwids.sys
    2012-11-09 12:37:42339776----a-w-C:\Windows\System32\drivers\mfewfpk.sys
    2012-11-09 12:37:30177680----a-w-C:\Windows\System32\mfevtps.exe
    2012-11-09 12:36:4010288----a-w-C:\Windows\System32\drivers\mfeclnk.sys
    2012-11-09 12:36:30106112----a-w-C:\Windows\System32\drivers\mferkdet.sys
    2012-11-09 12:35:50771096----a-w-C:\Windows\System32\drivers\mfehidk.sys
    2012-11-09 12:35:2669168----a-w-C:\Windows\System32\drivers\mfeelamk.sys
    2012-11-09 12:34:58515528----a-w-C:\Windows\System32\drivers\mfefirek.sys
    2012-11-09 12:34:18309400----a-w-C:\Windows\System32\drivers\mfeavfk.sys
    2012-11-09 12:33:58178840----a-w-C:\Windows\System32\drivers\mfeapfk.sys
    2012-11-09 04:49:512048----a-w-C:\Windows\System32\tzres.dll
    2012-11-09 04:03:482048----a-w-C:\Windows\SysWow64\tzres.dll
    2012-11-08 04:25:36523776----a-w-C:\Windows\SysWow64\WSShared.dll
    2012-11-08 04:25:36143872----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
    2012-11-08 04:25:36124928----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
    2012-11-08 04:25:351775104----a-w-C:\Windows\SysWow64\wininet.dll
    2012-11-08 04:24:272881536----a-w-C:\Windows\SysWow64\jscript9.dll
    2012-11-08 04:24:2261440----a-w-C:\Windows\SysWow64\iesetup.dll
    2012-11-08 04:24:22109056----a-w-C:\Windows\SysWow64\iesysprep.dll
    2012-11-08 04:24:1975776----a-w-C:\Windows\SysWow64\fontsub.dll
    2012-11-08 04:24:0610752----a-w-C:\Windows\SysWow64\dciman32.dll
    2012-11-08 04:22:21641536----a-w-C:\Windows\System32\WSShared.dll
    2012-11-08 04:22:20198656----a-w-C:\Windows\System32\Windows.ApplicationModel.Store.dll
    2012-11-08 04:22:20163840----a-w-C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
    2012-11-08 04:22:192246656----a-w-C:\Windows\System32\wininet.dll
    2012-11-08 04:22:12907776----a-w-C:\Windows\System32\uxtheme.dll
    2012-11-08 04:21:003966464----a-w-C:\Windows\System32\jscript9.dll
    2012-11-08 04:20:5667072----a-w-C:\Windows\System32\iesetup.dll
    2012-11-08 04:20:56136704----a-w-C:\Windows\System32\iesysprep.dll
    2012-11-08 04:20:5096256----a-w-C:\Windows\System32\fontsub.dll
    2012-11-08 04:20:3714336----a-w-C:\Windows\System32\dciman32.dll
    2012-11-08 04:02:163072----a-w-C:\Windows\System32\lpk.dll
    2012-11-08 04:01:403072----a-w-C:\Windows\SysWow64\lpk.dll
    2012-11-08 01:56:52534528----a-w-C:\Windows\SysWow64\uxtheme.dll
    2012-11-06 07:52:07445160----a-w-C:\Windows\System32\drivers\USBHUB3.SYS
    2012-11-06 07:52:04277736----a-w-C:\Windows\System32\drivers\msiscsi.sys
    2012-11-06 07:36:2369864----a-w-C:\Windows\System32\drivers\pdc.sys
    2012-11-06 07:33:46522640----a-w-C:\Windows\System32\AUDIOKSE.dll
    2012-11-06 07:33:46253512----a-w-C:\Windows\System32\audiodg.exe
    2012-11-06 07:33:45490064----a-w-C:\Windows\System32\AudioEng.dll
    2012-11-06 07:33:45447792----a-w-C:\Windows\System32\AudioSes.dll
    2012-11-06 05:00:06463768----a-w-C:\Windows\SysWow64\AUDIOKSE.dll
    2012-11-06 05:00:06427568----a-w-C:\Windows\SysWow64\AudioEng.dll
    2012-11-06 05:00:06324344----a-w-C:\Windows\SysWow64\AudioSes.dll
    2012-11-06 04:54:132205696----a-w-C:\Windows\SysWow64\PrintConfig.dll
    2012-11-06 04:48:271150160----a-w-C:\Windows\SysWow64\ole32.dll
    2012-11-06 04:19:59470016----a-w-C:\Windows\System32\wlanmsm.dll
    2012-11-06 04:19:59446464----a-w-C:\Windows\System32\wlansec.dll
    2012-11-06 04:19:59273408----a-w-C:\Windows\System32\wlanapi.dll
    2012-11-06 04:19:591386496----a-w-C:\Windows\System32\wlansvc.dll
    2012-11-06 04:19:53291328----a-w-C:\Windows\System32\Windows.Networking.Connectivity.dll
    2012-11-06 04:19:5230720----a-w-C:\Windows\System32\wfdprov.dll
    2012-11-06 04:19:48466944----a-w-C:\Windows\System32\wcncsvc.dll
    2012-11-06 04:19:4827136----a-w-C:\Windows\System32\WcnEapPeerProxy.dll
    .
    ============= FINISH: 8:24:56.70 ===============
    And log from Attach.txt:
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 8
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/27/2012 3:28:47 PM
    System Uptime: 1/15/2013 8:05:43 AM (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0G8TPV
    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | SOCKET 0 | 2501/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 457 GiB total, 416.302 GiB free.
    D: is CDROM ()
    W: is FIXED (NTFS) - 7 GiB total, 0.301 GiB free.
    X: is FIXED (NTFS) - 0 GiB total, 0.225 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP2: 12/28/2012 2:29:35 PM - Installed Microsoft Office Enterprise 2007
    RP3: 1/2/2013 12:47:35 PM - Windows Update
    RP4: 1/9/2013 9:15:59 AM - Windows Update
    RP5: 1/12/2013 11:27:16 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    2007 Microsoft Office Suite Service Pack 3 (SP3)
    Amazon Browser App
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bonjour
    Canon MX300 series
    CCleaner
    Cirrus Logic Audio Panel
    Compatibility Pack for the 2007 Office system
    couponamazing
    CyberLink LabelPrint 2.5
    CyberLink Media Suite 10
    CyberLink Media Suite Essentials
    CyberLink Power2Go 8
    CyberLink PowerDirector 10
    CyberLink PowerDVD 10
    D3DX10
    Dell Backup and Recovery
    Dell Backup and Recovery - Support Software
    Dell Digital Delivery
    Dell Support Center
    Dell Touchpad
    DriverTuner 3.1.0.0
    Dropbox
    DSC/AA Factory Installer
    DW WLAN Card
    Google Chrome
    Google Update Helper
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) Turbo Boost Technology Monitor 2.6
    Intel® Trusted Connect Service Client
    iTunes
    Java 7 Update 10
    Java Auto Updater
    Juniper Networks Network Connect 7.0.0
    Juniper Networks Setup Client
    Juniper Networks Setup Client Activex Control
    Juniper Terminal Services Client
    Malwarebytes Anti-Malware version 1.70.0.1100
    McAfee SecurityCenter
    Microsoft Application Error Reporting
    Microsoft Office
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Movie Maker
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    Photo Common
    Photo Gallery
    PricePeep
    Quickset64
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Shared C Run-time for x64
    Skype Packages
    Skype™ 6.0
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    WIDCOMM Bluetooth Software
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    .
    ==== Event Viewer Messages From Past Week ========
    .
    1/9/2013 3:18:54 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
    1/9/2013 3:18:54 PM, Error: Schannel [36884] - The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
    1/8/2013 10:50:35 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
    1/14/2013 5:29:27 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
    1/14/2013 12:51:03 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OFFICE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7564D7AD-005D-47B0-BC6B-A7BD4B20CCA8}. The master browser is stopping or an election is being forced.
    1/12/2013 11:13:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the msiserver service.
    1/12/2013 11:13:13 AM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: Incorrect function.
    1/12/2013 11:11:52 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
    .
    ==== End Of File ===========================

    Please tell me what to do next to get rid of this problem. Thank you.
    Katie
     
  3. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================

    I still need Malwarebytes log.
     
  4. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Sorry - Here you go.

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.01.15.10

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16466
    Kathryn :: KATIESLAPTOP [administrator]

    Protection: Enabled

    1/15/2013 7:53:39 AM
    mbam-log-2013-01-15 (07-53-39).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 211826
    Time elapsed: 7 minute(s), 33 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
    HKCR\CLSID\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\Kathryn\AppData\Local\couponamazing\ie\couponamazing_1356744302.dll (PUP.CouponAmazing) -> Quarantined and deleted successfully.

    (end)
     
  5. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ========================

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE
    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
     
  6. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Here's the log from RogueKiller:

    RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows 8 (6.2.9200 ) 64 bits version
    Started in : Normal mode
    User : Kathryn [Admin rights]
    Mode : Scan -- Date : 01/15/2013 16:05:20

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 2 ¤¤¤
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts
    mbar came back twice saying there was nothing found. Here's the mbar log:

    Malwarebytes Anti-Rootkit BETA 1.01.0.1016
    www.malwarebytes.org

    Database version: v2013.01.15.14

    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16466
    Kathryn :: KATIESLAPTOP [administrator]

    1/15/2013 4:21:42 PM
    mbar-log-2013-01-15 (16-21-42).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 7852
    Time elapsed: 10 minute(s), 36 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    And here's the system log:

    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.2.9200 Windows 8 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16466

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, W:\ DRIVE_FIXED, X:\ DRIVE_FIXED
    CPU speed: 2.494000 GHz
    Memory total: 4153499648, free: 2171174912

    ------------ Kernel report ------------
    01/15/2013 16:08:33
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kd.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\System32\drivers\CLFS.SYS
    \SystemRoot\System32\drivers\tm.sys
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\BOOTVID.dll
    \SystemRoot\system32\CI.dll
    \SystemRoot\System32\drivers\msrpc.sys
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\System32\Drivers\acpiex.sys
    \SystemRoot\System32\Drivers\WppRecorder.sys
    \SystemRoot\System32\drivers\ACPI.sys
    \SystemRoot\System32\drivers\WMILIB.SYS
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\msisadrv.sys
    \SystemRoot\System32\drivers\pci.sys
    \SystemRoot\System32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\pdc.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\System32\drivers\spaceport.sys
    \SystemRoot\System32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\System32\drivers\iaStorA.sys
    \SystemRoot\System32\drivers\storport.sys
    \SystemRoot\System32\drivers\EhStorClass.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\System32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\mfehidk.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\DRIVERS\wfplwfs.sys
    \SystemRoot\system32\drivers\mfewfpk.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\System32\drivers\volsnap.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\disk.sys
    \SystemRoot\System32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\drivers\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\BasicRender.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\System32\drivers\BasicDisplay.sys
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\System32\drivers\npsvctrig.sys
    \SystemRoot\System32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\System32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\kdnic.sys
    \SystemRoot\System32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\System32\drivers\HECIx64.sys
    \SystemRoot\System32\drivers\usbehci.sys
    \SystemRoot\System32\drivers\USBPORT.SYS
    \SystemRoot\System32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\bcmwl63a.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \SystemRoot\System32\drivers\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt630x64.sys
    \SystemRoot\System32\drivers\i8042prt.sys
    \SystemRoot\System32\drivers\Apfiltr.sys
    \SystemRoot\System32\drivers\mouclass.sys
    \SystemRoot\System32\drivers\kbdclass.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\System32\drivers\intelppm.sys
    \SystemRoot\System32\drivers\CmBatt.sys
    \SystemRoot\System32\drivers\BATTC.SYS
    \SystemRoot\System32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\dsNcAdpt.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\System32\drivers\swenum.sys
    \SystemRoot\System32\drivers\ks.sys
    \SystemRoot\System32\drivers\rdpbus.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\drivers\usbhub.sys
    \SystemRoot\System32\drivers\USBD.SYS
    \SystemRoot\system32\DRIVERS\CSLFDx64.sys
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\IntcDAud.sys
    \SystemRoot\system32\drivers\mfeavfk.sys
    \SystemRoot\system32\drivers\mfefirek.sys
    \SystemRoot\System32\Drivers\dump_diskdump.sys
    \SystemRoot\System32\Drivers\dump_iaStorA.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\drivers\hidusb.sys
    \SystemRoot\System32\drivers\HIDCLASS.SYS
    \SystemRoot\System32\drivers\HIDPARSE.SYS
    \SystemRoot\System32\drivers\mouhid.sys
    \SystemRoot\system32\drivers\bcbtums.sys
    \??\C:\Windows\system32\drivers\btwampfl.sys
    \SystemRoot\System32\Drivers\BTHUSB.sys
    \SystemRoot\System32\Drivers\bthport.sys
    \SystemRoot\System32\drivers\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\DRIVERS\BthLEEnum.sys
    \SystemRoot\system32\DRIVERS\rfcomm.sys
    \SystemRoot\System32\drivers\BthEnum.sys
    \SystemRoot\system32\DRIVERS\bthpan.sys
    \SystemRoot\System32\drivers\btwavdt.sys
    \SystemRoot\system32\drivers\btwaudio.sys
    \SystemRoot\system32\DRIVERS\btwl2cap.sys
    \SystemRoot\System32\drivers\btwrchid.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\DRIVERS\TurboB.sys
    \SystemRoot\System32\drivers\condrv.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\Ndu.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\cfwids.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\drivers\mfeapfk.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8005cbe740
    Upper Device Driver Name: \Driver\disk\
    Lower Device Name: \Device\00000037\
    Lower Device Object: 0xfffffa800443d7f0
    Lower Device Driver Name: \Driver\iaStorA\
    Driver name found: iaStorA
    Initialization returned 0x0
    Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0)
    Load Function returned 0x0
    =======================================


    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.2.9200 Windows 8 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16466

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED, W:\ DRIVE_FIXED, X:\ DRIVE_FIXED
    CPU speed: 2.494000 GHz
    Memory total: 4153499648, free: 2200100864

    ------------ Kernel report ------------
    01/15/2013 16:10:28
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kd.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\System32\drivers\CLFS.SYS
    \SystemRoot\System32\drivers\tm.sys
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\BOOTVID.dll
    \SystemRoot\system32\CI.dll
    \SystemRoot\System32\drivers\msrpc.sys
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\System32\Drivers\acpiex.sys
    \SystemRoot\System32\Drivers\WppRecorder.sys
    \SystemRoot\System32\drivers\ACPI.sys
    \SystemRoot\System32\drivers\WMILIB.SYS
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\msisadrv.sys
    \SystemRoot\System32\drivers\pci.sys
    \SystemRoot\System32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\pdc.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\System32\drivers\spaceport.sys
    \SystemRoot\System32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\System32\drivers\iaStorA.sys
    \SystemRoot\System32\drivers\storport.sys
    \SystemRoot\System32\drivers\EhStorClass.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\System32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\mfehidk.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\DRIVERS\wfplwfs.sys
    \SystemRoot\system32\drivers\mfewfpk.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\System32\drivers\volsnap.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\disk.sys
    \SystemRoot\System32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\drivers\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\BasicRender.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\System32\drivers\BasicDisplay.sys
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\System32\drivers\npsvctrig.sys
    \SystemRoot\System32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\System32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\kdnic.sys
    \SystemRoot\System32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\System32\drivers\HECIx64.sys
    \SystemRoot\System32\drivers\usbehci.sys
    \SystemRoot\System32\drivers\USBPORT.SYS
    \SystemRoot\System32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\bcmwl63a.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \SystemRoot\System32\drivers\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt630x64.sys
    \SystemRoot\System32\drivers\i8042prt.sys
    \SystemRoot\System32\drivers\Apfiltr.sys
    \SystemRoot\System32\drivers\mouclass.sys
    \SystemRoot\System32\drivers\kbdclass.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\System32\drivers\intelppm.sys
    \SystemRoot\System32\drivers\CmBatt.sys
    \SystemRoot\System32\drivers\BATTC.SYS
    \SystemRoot\System32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\dsNcAdpt.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\System32\drivers\swenum.sys
    \SystemRoot\System32\drivers\ks.sys
    \SystemRoot\System32\drivers\rdpbus.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\drivers\usbhub.sys
    \SystemRoot\System32\drivers\USBD.SYS
    \SystemRoot\system32\DRIVERS\CSLFDx64.sys
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\IntcDAud.sys
    \SystemRoot\system32\drivers\mfeavfk.sys
    \SystemRoot\system32\drivers\mfefirek.sys
    \SystemRoot\System32\Drivers\dump_diskdump.sys
    \SystemRoot\System32\Drivers\dump_iaStorA.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\drivers\hidusb.sys
    \SystemRoot\System32\drivers\HIDCLASS.SYS
    \SystemRoot\System32\drivers\HIDPARSE.SYS
    \SystemRoot\System32\drivers\mouhid.sys
    \SystemRoot\system32\drivers\bcbtums.sys
    \??\C:\Windows\system32\drivers\btwampfl.sys
    \SystemRoot\System32\Drivers\BTHUSB.sys
    \SystemRoot\System32\Drivers\bthport.sys
    \SystemRoot\System32\drivers\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\DRIVERS\BthLEEnum.sys
    \SystemRoot\system32\DRIVERS\rfcomm.sys
    \SystemRoot\System32\drivers\BthEnum.sys
    \SystemRoot\system32\DRIVERS\bthpan.sys
    \SystemRoot\System32\drivers\btwavdt.sys
    \SystemRoot\system32\drivers\btwaudio.sys
    \SystemRoot\system32\DRIVERS\btwl2cap.sys
    \SystemRoot\System32\drivers\btwrchid.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\DRIVERS\TurboB.sys
    \SystemRoot\System32\drivers\condrv.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\drivers\Ndu.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\cfwids.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\drivers\mfeapfk.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8005cbe740
    Upper Device Driver Name: \Driver\disk\
    Lower Device Name: \Device\00000037\
    Lower Device Object: 0xfffffa800443d7f0
    Lower Device Driver Name: \Driver\iaStorA\
    Device already Exists: 0xfffffa8009d27da0
    Downloaded database version: v2013.01.15.14
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 5
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8005cbe1f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
    DevicePointer: 0xfffffa800443d260, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa800443d7f0, DeviceName: \Device\00000037\, DriverName: \Driver\iaStorA\
    ------------ End ----------
    Upper DeviceData: 0xfffff8a0096ae4c0, 0xfffffa8005cbe740, 0xfffffa8009c84090
    Lower DeviceData: 0xfffff8a003d16ae0, 0xfffffa800443d7f0, 0xfffffa8009d27da0
    Partition type: GUID
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    This drive is a GPT Drive.
    MBR Signature: 55AA
    Disk Signature: FE23E3BD

    GPT Protective MBR Partition information:

    Partition 0 type is Other (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1 Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    GPT Partition information:

    GptHeader Signature 4546492050415254
    GptHeader Revision 65536 Size 92 CRC 429470283
    GptHeader CurrentLba = 1 BackupLba 976773167
    GptHeader FirstUsableLba 34 LastUsableLba 976773134
    GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
    GptHeader 128 Partitions starting at LBA 2
    GptHeader Partition entry size = 128

    Backup GptHeader Signature 4546492050415254
    Backup GptHeader Revision 65536 Size 92 CRC 429470283
    Backup GptHeader CurrentLba = 976773167 BackupLba 1
    Backup GptHeader FirstUsableLba 34 LastUsableLba 976773134
    Backup GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
    Backup GptHeader 128 Partitions starting at LBA 976773135
    Backup GptHeader Partition entry size = 128
    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 253af83e-aaca-477d-a7cf-1762d51d8ba3
    FirstLBA 2048 Last LBA 1026047
    Attributes 0
    Partition Name EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
    Partition ID d2152f95-456-4dec-8b31-9c5b4fbcafe9
    FirstLBA 1026048 Last LBA 1107967
    Attributes 1
    Partition Name Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID fc60785d-b83c-400f-b23a-18214a8a9fb6
    FirstLBA 1107968 Last LBA 1370111
    Attributes 0
    Partition Name Microsoft reserved partition

    Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID ead74758-35dc-4e1f-a338-263b53f407
    FirstLBA 1370112 Last LBA 2394111
    Attributes 1
    Partition Name Basic data partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 7cf670eb-86d0-4745-9794-afbd3513c2c3
    FirstLBA 2394112 Last LBA 961607679
    Attributes 0
    Partition Name Basic data partition

    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID ab40decd-6fb6-47e2-8cbe-14648714df5
    FirstLBA 961607680 Last LBA 976771119
    Attributes 1
    Partition Name Microsoft recovery partition

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Done!
    Performing system, memory and registry scan...
    Done!
    Scan finished
    =======================================


    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.2.9200 Windows 8 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16466

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.494000 GHz
    Memory total: 4153499648, free: 3008282624

    =======================================
    ---------------------------------------
    Malwarebytes Anti-Rootkit BETA 1.01.0.1016

    (c) Malwarebytes Corporation 2011-2012

    OS version: 6.2.9200 Windows 8 x64

    Account is Administrative

    Internet Explorer version: 10.0.9200.16466

    File system is: NTFS
    Disk drives: C:\ DRIVE_FIXED
    CPU speed: 2.494000 GHz
    Memory total: 4153499648, free: 2478985216

    ------------ Kernel report ------------
    01/15/2013 16:30:13
    ------------ Loaded modules -----------
    \SystemRoot\system32\ntoskrnl.exe
    \SystemRoot\system32\hal.dll
    \SystemRoot\system32\kd.dll
    \SystemRoot\system32\mcupdate_GenuineIntel.dll
    \SystemRoot\System32\drivers\CLFS.SYS
    \SystemRoot\System32\drivers\tm.sys
    \SystemRoot\system32\PSHED.dll
    \SystemRoot\system32\BOOTVID.dll
    \SystemRoot\system32\CI.dll
    \SystemRoot\System32\drivers\msrpc.sys
    \SystemRoot\system32\drivers\Wdf01000.sys
    \SystemRoot\system32\drivers\WDFLDR.SYS
    \SystemRoot\System32\Drivers\acpiex.sys
    \SystemRoot\System32\Drivers\WppRecorder.sys
    \SystemRoot\System32\drivers\ACPI.sys
    \SystemRoot\System32\drivers\WMILIB.SYS
    \SystemRoot\System32\Drivers\cng.sys
    \SystemRoot\System32\drivers\msisadrv.sys
    \SystemRoot\System32\drivers\pci.sys
    \SystemRoot\System32\drivers\vdrvroot.sys
    \SystemRoot\system32\drivers\pdc.sys
    \SystemRoot\System32\drivers\partmgr.sys
    \SystemRoot\System32\drivers\spaceport.sys
    \SystemRoot\System32\drivers\volmgr.sys
    \SystemRoot\System32\drivers\volmgrx.sys
    \SystemRoot\System32\drivers\mountmgr.sys
    \SystemRoot\System32\drivers\iaStorA.sys
    \SystemRoot\System32\drivers\storport.sys
    \SystemRoot\System32\drivers\EhStorClass.sys
    \SystemRoot\system32\drivers\fltmgr.sys
    \SystemRoot\System32\drivers\fileinfo.sys
    \SystemRoot\system32\drivers\mfehidk.sys
    \SystemRoot\System32\Drivers\Ntfs.sys
    \SystemRoot\System32\Drivers\ksecdd.sys
    \SystemRoot\System32\drivers\pcw.sys
    \SystemRoot\System32\Drivers\Fs_Rec.sys
    \SystemRoot\system32\drivers\ndis.sys
    \SystemRoot\system32\drivers\NETIO.SYS
    \SystemRoot\System32\Drivers\ksecpkg.sys
    \SystemRoot\System32\drivers\tcpip.sys
    \SystemRoot\System32\drivers\fwpkclnt.sys
    \SystemRoot\system32\DRIVERS\wfplwfs.sys
    \SystemRoot\system32\drivers\mfewfpk.sys
    \SystemRoot\System32\DRIVERS\fvevol.sys
    \SystemRoot\System32\drivers\volsnap.sys
    \SystemRoot\System32\drivers\rdyboost.sys
    \SystemRoot\System32\Drivers\mup.sys
    \SystemRoot\System32\drivers\disk.sys
    \SystemRoot\System32\drivers\CLASSPNP.SYS
    \SystemRoot\System32\Drivers\crashdmp.sys
    \SystemRoot\System32\drivers\cdrom.sys
    \SystemRoot\System32\Drivers\Null.SYS
    \SystemRoot\System32\Drivers\Beep.SYS
    \SystemRoot\System32\drivers\BasicRender.sys
    \SystemRoot\System32\drivers\dxgkrnl.sys
    \SystemRoot\System32\drivers\watchdog.sys
    \SystemRoot\System32\drivers\dxgmms1.sys
    \SystemRoot\System32\drivers\BasicDisplay.sys
    \SystemRoot\System32\Drivers\Npfs.SYS
    \SystemRoot\System32\Drivers\Msfs.SYS
    \SystemRoot\system32\DRIVERS\tdx.sys
    \SystemRoot\system32\DRIVERS\TDI.SYS
    \SystemRoot\System32\DRIVERS\netbt.sys
    \SystemRoot\system32\drivers\afd.sys
    \SystemRoot\system32\DRIVERS\pacer.sys
    \SystemRoot\system32\DRIVERS\vwififlt.sys
    \SystemRoot\system32\DRIVERS\netbios.sys
    \SystemRoot\system32\DRIVERS\rdbss.sys
    \SystemRoot\system32\DRIVERS\wanarp.sys
    \SystemRoot\system32\drivers\nsiproxy.sys
    \SystemRoot\System32\drivers\npsvctrig.sys
    \SystemRoot\System32\drivers\mssmbios.sys
    \SystemRoot\System32\drivers\discache.sys
    \SystemRoot\System32\Drivers\dfsc.sys
    \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
    \SystemRoot\system32\DRIVERS\ndistapi.sys
    \SystemRoot\System32\Drivers\fastfat.SYS
    \SystemRoot\system32\DRIVERS\ndiswan.sys
    \SystemRoot\system32\DRIVERS\rassstp.sys
    \SystemRoot\system32\DRIVERS\AgileVpn.sys
    \SystemRoot\system32\DRIVERS\tunnel.sys
    \SystemRoot\System32\drivers\CompositeBus.sys
    \SystemRoot\system32\DRIVERS\kdnic.sys
    \SystemRoot\System32\drivers\umbus.sys
    \SystemRoot\system32\DRIVERS\igdkmd64.sys
    \SystemRoot\System32\drivers\HECIx64.sys
    \SystemRoot\System32\drivers\usbehci.sys
    \SystemRoot\System32\drivers\USBPORT.SYS
    \SystemRoot\System32\drivers\HDAudBus.sys
    \SystemRoot\system32\DRIVERS\bcmwl63a.sys
    \SystemRoot\System32\drivers\vwifibus.sys
    \SystemRoot\system32\DRIVERS\Rt630x64.sys
    \SystemRoot\System32\drivers\i8042prt.sys
    \SystemRoot\System32\drivers\Apfiltr.sys
    \SystemRoot\System32\drivers\mouclass.sys
    \SystemRoot\System32\drivers\kbdclass.sys
    \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
    \SystemRoot\System32\drivers\intelppm.sys
    \SystemRoot\System32\drivers\CmBatt.sys
    \SystemRoot\System32\drivers\BATTC.SYS
    \SystemRoot\System32\drivers\wmiacpi.sys
    \SystemRoot\system32\DRIVERS\raspptp.sys
    \SystemRoot\system32\DRIVERS\dsNcAdpt.sys
    \SystemRoot\system32\DRIVERS\rasl2tp.sys
    \SystemRoot\system32\DRIVERS\raspppoe.sys
    \SystemRoot\System32\drivers\swenum.sys
    \SystemRoot\System32\drivers\ks.sys
    \SystemRoot\System32\drivers\rdpbus.sys
    \SystemRoot\System32\Drivers\NDProxy.SYS
    \SystemRoot\System32\drivers\usbhub.sys
    \SystemRoot\System32\drivers\USBD.SYS
    \SystemRoot\system32\DRIVERS\CSLFDx64.sys
    \SystemRoot\system32\drivers\HdAudio.sys
    \SystemRoot\system32\drivers\portcls.sys
    \SystemRoot\system32\drivers\drmk.sys
    \SystemRoot\system32\drivers\ksthunk.sys
    \SystemRoot\system32\DRIVERS\IntcDAud.sys
    \SystemRoot\System32\drivers\hidusb.sys
    \SystemRoot\System32\drivers\HIDCLASS.SYS
    \SystemRoot\System32\drivers\HIDPARSE.SYS
    \SystemRoot\System32\drivers\mouhid.sys
    \SystemRoot\system32\drivers\bcbtums.sys
    \??\C:\Windows\system32\drivers\btwampfl.sys
    \SystemRoot\System32\Drivers\BTHUSB.sys
    \SystemRoot\System32\Drivers\bthport.sys
    \SystemRoot\System32\drivers\usbccgp.sys
    \SystemRoot\System32\Drivers\usbvideo.sys
    \SystemRoot\system32\DRIVERS\BthLEEnum.sys
    \SystemRoot\system32\DRIVERS\rfcomm.sys
    \SystemRoot\System32\drivers\BthEnum.sys
    \SystemRoot\system32\DRIVERS\bthpan.sys
    \SystemRoot\System32\drivers\btwavdt.sys
    \SystemRoot\system32\drivers\btwaudio.sys
    \SystemRoot\system32\DRIVERS\btwl2cap.sys
    \SystemRoot\System32\drivers\btwrchid.sys
    \SystemRoot\system32\drivers\mfeavfk.sys
    \SystemRoot\system32\drivers\mfefirek.sys
    \SystemRoot\System32\Drivers\dump_diskdump.sys
    \SystemRoot\System32\Drivers\dump_iaStorA.sys
    \SystemRoot\System32\Drivers\dump_dumpfve.sys
    \SystemRoot\System32\win32k.sys
    \SystemRoot\system32\DRIVERS\monitor.sys
    \SystemRoot\System32\TSDDD.dll
    \SystemRoot\System32\cdd.dll
    \SystemRoot\system32\drivers\luafv.sys
    \??\C:\Windows\system32\drivers\mbam.sys
    \SystemRoot\system32\DRIVERS\lltdio.sys
    \SystemRoot\system32\DRIVERS\nwifi.sys
    \SystemRoot\system32\DRIVERS\ndisuio.sys
    \SystemRoot\system32\DRIVERS\rspndr.sys
    \SystemRoot\system32\DRIVERS\TurboB.sys
    \SystemRoot\System32\drivers\condrv.sys
    \SystemRoot\system32\drivers\HTTP.sys
    \SystemRoot\system32\DRIVERS\bowser.sys
    \SystemRoot\System32\drivers\mpsdrv.sys
    \SystemRoot\system32\DRIVERS\mrxsmb.sys
    \SystemRoot\system32\DRIVERS\mrxsmb10.sys
    \SystemRoot\system32\DRIVERS\mrxsmb20.sys
    \SystemRoot\system32\DRIVERS\vwifimp.sys
    \SystemRoot\system32\drivers\Ndu.sys
    \SystemRoot\system32\drivers\peauth.sys
    \SystemRoot\System32\Drivers\secdrv.SYS
    \SystemRoot\System32\DRIVERS\srvnet.sys
    \SystemRoot\System32\drivers\tcpipreg.sys
    \SystemRoot\System32\DRIVERS\srv2.sys
    \SystemRoot\System32\DRIVERS\srv.sys
    \SystemRoot\system32\drivers\cfwids.sys
    \SystemRoot\system32\DRIVERS\cdfs.sys
    \SystemRoot\system32\drivers\mfeapfk.sys
    \??\C:\Windows\system32\drivers\mbamchameleon.sys
    \??\C:\Windows\system32\drivers\mbamswissarmy.sys
    ----------- End -----------
    <<<1>>>
    Upper Device Name: \Device\Harddisk0\DR0
    Upper Device Object: 0xfffffa8005cbe740
    Upper Device Driver Name: \Driver\disk\
    Lower Device Name: \Device\00000037\
    Lower Device Object: 0xfffffa8004376060
    Lower Device Driver Name: \Driver\iaStorA\
    Driver name found: iaStorA
    Initialization returned 0x0
    Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0)
    Load Function returned 0x0
    Initializing...
    Done!
    <<<2>>>
    Device number: 0, partition: 5
    Physical Sector Size: 512
    Drive: 0, DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
    --------- Disk Stack ------
    DevicePointer: 0xfffffa8005cbe1f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
    DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
    DevicePointer: 0xfffffa8004376c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
    DevicePointer: 0xfffffa8004376060, DeviceName: \Device\00000037\, DriverName: \Driver\iaStorA\
    ------------ End ----------
    Upper DeviceData: 0xfffff8a009f01170, 0xfffffa8005cbe740, 0xfffffa8005dfb740
    Lower DeviceData: 0xfffff8a009e55250, 0xfffffa8004376060, 0xfffffa80074df600
    Partition type: GUID
    <<<3>>>
    Volume: C:
    File system type: NTFS
    SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
    Scanning directory: C:\Windows\system32\drivers...
    Done!
    Drive 0
    Scanning MBR on drive 0...
    Inspecting partition table:
    This drive is a GPT Drive.
    MBR Signature: 55AA
    Disk Signature: FE23E3BD

    GPT Protective MBR Partition information:

    Partition 0 type is Other (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1 Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

    GPT Partition information:

    GptHeader Signature 4546492050415254
    GptHeader Revision 65536 Size 92 CRC 429470283
    GptHeader CurrentLba = 1 BackupLba 976773167
    GptHeader FirstUsableLba 34 LastUsableLba 976773134
    GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
    GptHeader 128 Partitions starting at LBA 2
    GptHeader Partition entry size = 128

    Backup GptHeader Signature 4546492050415254
    Backup GptHeader Revision 65536 Size 92 CRC 429470283
    Backup GptHeader CurrentLba = 976773167 BackupLba 1
    Backup GptHeader FirstUsableLba 34 LastUsableLba 976773134
    Backup GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
    Backup GptHeader 128 Partitions starting at LBA 976773135
    Backup GptHeader Partition entry size = 128
    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 253af83e-aaca-477d-a7cf-1762d51d8ba3
    FirstLBA 2048 Last LBA 1026047
    Attributes 0
    Partition Name EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
    Partition ID d2152f95-456-4dec-8b31-9c5b4fbcafe9
    FirstLBA 1026048 Last LBA 1107967
    Attributes 1
    Partition Name Basic data partition

    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID fc60785d-b83c-400f-b23a-18214a8a9fb6
    FirstLBA 1107968 Last LBA 1370111
    Attributes 0
    Partition Name Microsoft reserved partition

    Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID ead74758-35dc-4e1f-a338-263b53f407
    FirstLBA 1370112 Last LBA 2394111
    Attributes 1
    Partition Name Basic data partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 7cf670eb-86d0-4745-9794-afbd3513c2c3
    FirstLBA 2394112 Last LBA 961607679
    Attributes 0
    Partition Name Basic data partition

    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID ab40decd-6fb6-47e2-8cbe-14648714df5
    FirstLBA 961607680 Last LBA 976771119
    Attributes 1
    Partition Name Microsoft recovery partition

    Disk Size: 500107862016 bytes
    Sector size: 512 bytes

    Done!
    Performing system, memory and registry scan...
    Done!
    Scan finished
    =======================================
     
  7. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    Create new restore point before proceeding with the next step....
    How to:
    - Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
    - Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
    - XP: http://support.microsoft.com/kb/948247

    =============================

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If the connection is not there use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  8. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    ComboFix doesn't run on Window's 8. What do I do now?
     
  9. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    Sorry about that...

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
  10. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    So I just run Farbar Recovery Scan Tool, correct? What do I do after that?
     
  11. Broni

    Broni Malware Annihilator Posts: 47,078   +257

     
     
  12. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    This log is apparently too big so here's the 1st FRST.txt log:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
    Ran by Kathryn at 15-01-2013 18:40:52
    Running from C:\Users\Kathryn\Downloads
    (X64) OS Language: English(US)
    Attention: Could not load system hive.
    ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.


    ==================== One Month Created Files and Folders ========

    2013-01-15 18:40 - 2013-01-15 18:40 - 00000000 ____D C:\FRST
    2013-01-15 18:39 - 2013-01-15 18:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
    2013-01-15 18:36 - 2013-01-15 18:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
    2013-01-15 17:27 - 2013-01-15 17:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
    2013-01-15 17:26 - 2013-01-15 17:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
    2013-01-15 17:24 - 2013-01-15 17:25 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
    2013-01-15 16:25 - 2013-01-15 16:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-15 16:07 - 2013-01-15 16:08 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
    2013-01-15 16:07 - 2013-01-15 16:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
    2013-01-15 16:05 - 2013-01-15 16:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
    2013-01-15 16:05 - 2013-01-15 16:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
    2013-01-15 16:04 - 2013-01-15 16:05 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
    2013-01-15 16:04 - 2013-01-15 16:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
    2013-01-15 08:25 - 2013-01-15 08:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
    2013-01-15 08:25 - 2013-01-15 08:24 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
    2013-01-12 11:24 - 2012-11-27 00:00 - 00194280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
    2013-01-12 11:24 - 2012-11-27 00:00 - 00124648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
    2013-01-12 11:24 - 2012-11-26 23:59 - 00329960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
    2013-01-12 11:24 - 2012-11-26 23:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    2013-01-12 11:24 - 2012-11-26 23:27 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2013-01-12 11:24 - 2012-11-26 21:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
    2013-01-12 11:24 - 2012-11-26 21:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
    2013-01-12 11:24 - 2012-11-26 21:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2013-01-12 11:24 - 2012-11-26 21:20 - 00891904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
    2013-01-12 11:24 - 2012-11-26 21:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
    2013-01-12 11:24 - 2012-11-26 21:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 05088256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 03345920 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 01145856 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 01096704 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2013-01-12 11:24 - 2012-11-26 21:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
    2013-01-12 11:24 - 2012-11-26 21:19 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
    2013-01-12 11:24 - 2012-11-26 21:18 - 05974528 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
    2013-01-12 11:24 - 2012-11-26 21:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
    2013-01-12 11:24 - 2012-11-26 21:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
    2013-01-12 11:24 - 2012-11-26 21:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
    2013-01-12 11:24 - 2012-11-26 21:17 - 02302464 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
    2013-01-12 11:24 - 2012-11-26 21:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
    2013-01-12 11:24 - 2012-11-26 20:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
    2013-01-12 11:24 - 2012-11-26 20:56 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
    2013-01-12 11:24 - 2012-11-26 20:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
    2013-01-12 11:24 - 2012-09-10 22:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
    2013-01-12 11:24 - 2012-09-10 22:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
    2013-01-12 11:24 - 2012-09-10 22:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
    2013-01-12 11:20 - 2012-12-05 21:23 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
    2013-01-12 11:20 - 2012-12-05 21:22 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
    2013-01-12 11:20 - 2012-11-28 22:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
    2013-01-12 11:20 - 2012-11-28 22:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
    2013-01-12 11:19 - 2012-12-03 21:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
    2013-01-12 11:19 - 2012-12-03 20:59 - 04055552 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-01-12 11:13 - 2013-01-15 08:05 - 00003094 ____A C:\Windows\PFRO.log
    2013-01-09 17:53 - 2013-01-09 17:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 17:53 - 2013-01-09 17:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
    2013-01-09 17:52 - 2013-01-09 17:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-09 17:52 - 2013-01-09 17:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
    2013-01-09 17:52 - 2013-01-09 17:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-09 17:52 - 2012-12-14 16:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2013-01-09 17:51 - 2013-01-09 17:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-09 08:25 - 2012-11-25 21:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2013-01-09 08:25 - 2012-11-25 21:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
    2013-01-09 08:24 - 2012-10-31 21:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2013-01-09 08:24 - 2012-10-31 21:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2013-01-09 08:24 - 2012-10-31 21:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2013-01-09 08:24 - 2012-10-31 21:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2013-01-09 08:24 - 2012-10-31 21:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
    2013-01-09 08:24 - 2012-10-31 21:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
    2013-01-09 08:24 - 2012-10-31 21:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2013-01-09 08:24 - 2012-10-31 21:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2013-01-07 20:56 - 2013-01-12 11:07 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
    2013-01-05 10:53 - 2013-01-15 18:33 - 01799166 ____A C:\Windows\WindowsUpdate.log
    2013-01-04 18:36 - 2013-01-04 18:36 - 00000000 ____D C:\Program Files\CCleaner
    2013-01-04 18:35 - 2013-01-04 18:36 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
    2013-01-04 18:33 - 2013-01-04 18:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
    2013-01-04 13:44 - 2013-01-04 13:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
    2013-01-03 14:46 - 2009-07-03 13:23 - 00132024 ____A C:\Users\Kathryn\Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
    2013-01-02 16:06 - 2013-01-02 16:07 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iTunes
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iPod
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-01-02 16:06 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\All Users\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Bonjour
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-01-02 16:03 - 2013-01-02 16:04 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
    2013-01-02 15:48 - 2013-01-02 15:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
    2013-01-02 15:46 - 2012-10-02 00:34 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
    2013-01-02 15:46 - 2012-10-02 00:34 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
    2013-01-02 15:45 - 2012-09-27 00:17 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\newdev.exe
    2013-01-02 15:45 - 2012-09-27 00:17 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\ndadmin.exe
    2013-01-02 15:45 - 2012-09-27 00:15 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll
    2013-01-02 15:45 - 2012-09-26 23:35 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
    2013-01-02 15:45 - 2012-09-26 23:35 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
    2013-01-02 15:45 - 2012-09-26 23:34 - 00275968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
    2013-01-02 15:37 - 2012-09-19 22:55 - 00083968 ____A C:\Windows\SysWOW64\OEMLicense.dll
    2013-01-02 15:35 - 2012-09-20 02:08 - 00027280 ____A (Microsoft Corporation) C:\Windows\System32\avrt.dll
    2013-01-02 15:35 - 2012-09-20 01:04 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2013-01-02 15:35 - 2012-09-19 23:33 - 00420352 ____A (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    2013-01-02 15:35 - 2012-09-19 23:33 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\WSClient.dll
    2013-01-02 15:35 - 2012-09-19 23:33 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-01-02 15:35 - 2012-09-19 23:33 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\WSSync.dll
    2013-01-02 15:35 - 2012-09-19 23:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
    2013-01-02 15:35 - 2012-09-19 23:33 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe
    2013-01-02 15:35 - 2012-09-19 23:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\perfos.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\PackageStateRoaming.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\RpcEpMap.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\perfctrs.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\perfproc.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\perfnet.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
    2013-01-02 15:35 - 2012-09-19 23:32 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\shimeng.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
    2013-01-02 15:35 - 2012-09-19 23:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\DevPropMgr.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\LangCleanupSysprepAction.dll
    2013-01-02 15:35 - 2012-09-19 23:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
    2013-01-02 15:35 - 2012-09-19 23:30 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
    2013-01-02 15:35 - 2012-09-19 23:30 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
    2013-01-02 15:35 - 2012-09-19 23:13 - 00023656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
    2013-01-02 15:35 - 2012-09-19 23:08 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
    2013-01-02 15:35 - 2012-09-19 22:55 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    2013-01-02 15:35 - 2012-09-19 22:55 - 00239616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2013-01-02 15:35 - 2012-09-19 22:55 - 00166912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
    2013-01-02 15:35 - 2012-09-19 22:55 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
    2013-01-02 15:35 - 2012-09-19 22:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    2013-01-02 15:35 - 2012-09-19 22:54 - 00533504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00089088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
     
  13. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Here is the 2nd:

    2013-01-02 15:35 - 2012-09-19 22:54 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
    2013-01-02 15:35 - 2012-09-19 22:54 - 00005632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2013-01-02 15:35 - 2012-09-19 22:53 - 01247232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
    2013-01-02 15:35 - 2012-09-19 22:53 - 00461824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2013-01-02 15:35 - 2012-09-19 22:53 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
    2013-01-02 15:34 - 2012-09-20 02:10 - 02367528 ____A (Microsoft Corporation) C:\Windows\System32\WSService.dll
    2013-01-02 15:34 - 2012-09-20 01:40 - 00389360 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
    2013-01-02 15:34 - 2012-09-20 00:55 - 00533224 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
    2013-01-02 15:34 - 2012-09-19 23:33 - 01304064 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
    2013-01-02 15:34 - 2012-09-19 23:33 - 00588800 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00545280 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
    2013-01-02 15:34 - 2012-09-19 23:33 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00390144 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\wpnprv.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00110592 ____A C:\Windows\System32\OEMLicense.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    2013-01-02 15:34 - 2012-09-19 23:33 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
    2013-01-02 15:34 - 2012-09-19 23:33 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\vsstrace.dll
    2013-01-02 15:34 - 2012-09-19 23:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
    2013-01-02 15:34 - 2012-09-19 23:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
    2013-01-02 15:34 - 2012-09-19 23:32 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
    2013-01-02 15:34 - 2012-09-19 23:32 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
    2013-01-02 15:34 - 2012-09-19 23:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
    2013-01-02 15:34 - 2012-09-19 23:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
    2013-01-02 15:34 - 2012-09-19 23:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00437760 ____A (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00236544 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\mmcss.dll
    2013-01-02 15:34 - 2012-09-19 23:31 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\lpksetupproxyserv.dll
    2013-01-02 15:34 - 2012-09-19 23:30 - 02016256 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
    2013-01-02 15:34 - 2012-09-19 23:30 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
    2013-01-02 15:34 - 2012-09-19 23:30 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
    2013-01-02 15:34 - 2012-09-19 23:30 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
    2013-01-02 15:34 - 2012-09-19 23:30 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
    2013-01-02 15:34 - 2012-09-19 23:13 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-kernel-power-events.dll
    2013-01-02 15:34 - 2012-09-19 23:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
    2013-01-02 15:34 - 2012-09-19 23:08 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
    2013-01-02 15:34 - 2012-09-19 22:55 - 00995328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
    2013-01-02 15:34 - 2012-09-19 22:55 - 00417280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
    2013-01-02 15:34 - 2012-09-19 22:55 - 00267776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2013-01-02 15:34 - 2012-09-19 22:55 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2013-01-02 15:34 - 2012-09-19 22:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
    2013-01-02 15:34 - 2012-09-19 22:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
    2013-01-02 15:34 - 2012-09-19 22:54 - 00709632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00413184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2013-01-02 15:34 - 2012-09-19 22:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2013-01-02 15:34 - 2012-09-19 22:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2013-01-02 15:34 - 2012-09-19 22:53 - 02007040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
    2013-01-02 15:34 - 2012-09-19 22:53 - 00675840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2013-01-02 15:34 - 2012-09-19 22:53 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
    2013-01-02 15:34 - 2012-09-19 21:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2013-01-02 15:33 - 2012-09-20 02:05 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
    2013-01-02 15:33 - 2012-09-20 01:56 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
    2013-01-02 15:33 - 2012-09-20 01:04 - 00100072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2013-01-02 15:33 - 2012-09-20 00:03 - 00465128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
    2013-01-02 15:33 - 2012-09-20 00:03 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
    2013-01-02 15:33 - 2012-09-19 23:48 - 00062488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
    2013-01-02 15:33 - 2012-09-19 23:47 - 00307192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 13640704 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 01513984 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00866304 ____A (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00699392 ____A (Microsoft Corporation) C:\Windows\System32\twinapi.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00410624 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
    2013-01-02 15:33 - 2012-09-19 23:33 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\wlidcredprov.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00117760 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
    2013-01-02 15:33 - 2012-09-19 23:33 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
    2013-01-02 15:33 - 2012-09-19 23:33 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
    2013-01-02 15:33 - 2012-09-19 23:33 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
    2013-01-02 15:33 - 2012-09-19 23:33 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
    2013-01-02 15:33 - 2012-09-19 23:32 - 01739264 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\provcore.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00256512 ____A (Microsoft Corporation) C:\Windows\System32\msvproc.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
    2013-01-02 15:33 - 2012-09-19 23:32 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
    2013-01-02 15:33 - 2012-09-19 23:31 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
    2013-01-02 15:33 - 2012-09-19 23:31 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
    2013-01-02 15:33 - 2012-09-19 23:31 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\eventcls.dll
    2013-01-02 15:33 - 2012-09-19 23:30 - 03847168 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
    2013-01-02 15:33 - 2012-09-19 23:30 - 02219008 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
    2013-01-02 15:33 - 2012-09-19 23:30 - 01743872 ____A (Microsoft Corporation) C:\Windows\System32\combase.dll
    2013-01-02 15:33 - 2012-09-19 23:30 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
    2013-01-02 15:33 - 2012-09-19 23:09 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
    2013-01-02 15:33 - 2012-09-19 23:07 - 00210304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
    2013-01-02 15:33 - 2012-09-19 23:05 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
    2013-01-02 15:33 - 2012-09-19 22:55 - 10791936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2013-01-02 15:33 - 2012-09-19 22:55 - 00263168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
    2013-01-02 15:33 - 2012-09-19 22:55 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
    2013-01-02 15:33 - 2012-09-19 22:55 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2013-01-02 15:33 - 2012-09-19 22:55 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2013-01-02 15:33 - 2012-09-19 22:54 - 01369600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 01196032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00509952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00480768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00449024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00325632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
    2013-01-02 15:33 - 2012-09-19 22:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
    2013-01-02 15:33 - 2012-09-19 22:53 - 03296256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-01-02 15:33 - 2012-09-19 22:53 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-01-02 15:33 - 2012-09-19 22:53 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2013-01-02 15:33 - 2012-09-19 22:53 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
    2013-01-02 15:32 - 2012-09-20 02:05 - 01448168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-01-02 15:32 - 2012-09-20 01:31 - 00425192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
    2013-01-02 15:32 - 2012-09-20 01:28 - 01825208 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
    2013-01-02 15:32 - 2012-09-20 01:04 - 02225896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-01-02 15:32 - 2012-09-20 00:55 - 03265256 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
    2013-01-02 15:32 - 2012-09-20 00:55 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
    2013-01-02 15:32 - 2012-09-20 00:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
    2013-01-02 15:32 - 2012-09-20 00:55 - 00120040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
    2013-01-02 15:32 - 2012-09-20 00:55 - 00028392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
    2013-01-02 15:32 - 2012-09-19 23:33 - 02397184 ____A (Microsoft Corporation) C:\Windows\System32\WpcMon.exe
    2013-01-02 15:32 - 2012-09-19 23:33 - 01590272 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
    2013-01-02 15:32 - 2012-09-19 23:33 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
    2013-01-02 15:32 - 2012-09-19 23:33 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
    2013-01-02 15:32 - 2012-09-19 23:33 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
    2013-01-02 15:32 - 2012-09-19 23:32 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
    2013-01-02 15:32 - 2012-09-19 23:32 - 01019392 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
    2013-01-02 15:32 - 2012-09-19 23:32 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\ProximityService.dll
    2013-01-02 15:32 - 2012-09-19 23:32 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
    2013-01-02 15:32 - 2012-09-19 23:32 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\MUILanguageCleanup.dll
    2013-01-02 15:32 - 2012-09-19 23:31 - 00755200 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
    2013-01-02 15:32 - 2012-09-19 23:31 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
    2013-01-02 15:32 - 2012-09-19 23:31 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
    2013-01-02 15:32 - 2012-09-19 23:30 - 02066432 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
    2013-01-02 15:32 - 2012-09-19 23:26 - 01409376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-01-02 15:32 - 2012-09-19 23:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
    2013-01-02 15:32 - 2012-09-19 22:55 - 01319424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2013-01-02 15:32 - 2012-09-19 22:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
    2013-01-02 15:32 - 2012-09-19 22:55 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
    2013-01-02 15:32 - 2012-09-19 22:55 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
    2013-01-02 15:32 - 2012-09-19 22:54 - 01137152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2013-01-02 15:32 - 2012-09-19 22:53 - 01701376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2013-01-02 15:32 - 2012-09-19 22:53 - 00366080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-01-02 15:32 - 2012-09-19 22:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2013-01-02 15:32 - 2012-09-19 21:10 - 01126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2013-01-02 15:31 - 2012-09-19 23:33 - 14259712 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
    2013-01-02 15:31 - 2012-09-19 23:33 - 03964416 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
    2013-01-02 15:31 - 2012-09-19 23:33 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
    2013-01-02 15:31 - 2012-09-19 22:55 - 11875328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2013-01-02 15:30 - 2013-01-02 15:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
    2013-01-02 15:30 - 2013-01-02 15:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
    2013-01-02 15:09 - 2013-01-02 15:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
    2013-01-02 13:38 - 2013-01-02 13:39 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
    2013-01-02 13:29 - 2013-01-02 13:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
    2013-01-02 12:44 - 2012-11-20 01:00 - 06971624 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-01-02 12:44 - 2012-11-19 22:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2013-01-02 12:44 - 2012-11-19 22:24 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
    2013-01-02 12:44 - 2012-11-19 22:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
    2013-01-02 12:44 - 2012-11-19 22:17 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
    2013-01-02 12:44 - 2012-11-19 22:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
    2013-01-02 12:44 - 2012-11-19 21:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
    2013-01-02 12:44 - 2012-11-19 21:56 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
    2013-01-02 12:44 - 2012-11-19 21:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
    2013-01-02 12:44 - 2012-11-19 21:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
    2013-01-02 12:44 - 2012-11-12 21:20 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
    2013-01-02 12:44 - 2012-11-12 21:19 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2013-01-02 12:44 - 2012-11-07 21:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2013-01-02 12:44 - 2012-11-07 21:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
    2013-01-02 12:44 - 2012-11-07 21:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2013-01-02 12:44 - 2012-11-07 21:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
    2013-01-02 12:44 - 2012-11-07 21:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
    2013-01-02 12:44 - 2012-11-07 21:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
    2013-01-02 12:44 - 2012-11-01 22:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2013-01-02 12:44 - 2012-10-12 01:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
    2013-01-02 12:44 - 2012-10-11 23:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
    2013-01-02 12:44 - 2012-10-11 23:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
    2013-01-02 12:44 - 2012-10-11 22:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
    2013-01-02 12:44 - 2012-10-11 22:46 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
    2013-01-02 12:44 - 2012-10-11 22:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
    2013-01-02 12:44 - 2012-09-20 00:55 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
    2013-01-02 12:44 - 2012-09-20 00:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
    2013-01-02 12:44 - 2012-09-20 00:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
    2013-01-02 12:44 - 2012-09-20 00:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
    2013-01-02 12:44 - 2012-09-19 23:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
    2013-01-02 12:43 - 2012-10-23 21:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
    2013-01-02 12:43 - 2012-10-16 21:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
    2013-01-02 12:43 - 2012-10-16 21:32 - 01048064 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
    2013-01-02 12:43 - 2012-10-16 21:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
    2013-01-02 12:43 - 2012-10-16 21:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
    2013-01-02 12:43 - 2012-10-16 20:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2013-01-02 12:43 - 2012-10-16 20:57 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
    2013-01-02 12:43 - 2012-10-16 20:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2013-01-02 12:43 - 2012-10-16 20:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2013-01-02 12:43 - 2012-10-10 22:45 - 03554304 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
    2013-01-02 12:42 - 2012-10-11 00:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
    2013-01-02 12:42 - 2012-10-11 00:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
    2013-01-02 12:42 - 2012-10-11 00:26 - 00336104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
    2013-01-02 12:42 - 2012-10-11 00:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
    2013-01-02 12:42 - 2012-10-11 00:23 - 01001192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
    2013-01-02 12:42 - 2012-10-11 00:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2013-01-02 12:42 - 2012-10-11 00:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2013-01-02 12:42 - 2012-10-11 00:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
    2013-01-02 12:42 - 2012-10-11 00:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
    2013-01-02 12:42 - 2012-10-11 00:16 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
    2013-01-02 12:42 - 2012-10-11 00:16 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
    2013-01-02 12:42 - 2012-10-11 00:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
    2013-01-02 12:42 - 2012-10-11 00:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
    2013-01-02 12:42 - 2012-10-11 00:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2013-01-02 12:42 - 2012-10-11 00:01 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
    2013-01-02 12:42 - 2012-10-10 22:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
    2013-01-02 12:42 - 2012-10-10 22:46 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 00594944 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
    2013-01-02 12:42 - 2012-10-10 22:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
    2013-01-02 12:42 - 2012-10-10 22:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
    2013-01-02 12:42 - 2012-10-10 22:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
    2013-01-02 12:42 - 2012-10-10 22:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 02116096 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
    2013-01-02 12:42 - 2012-10-10 22:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
    2013-01-02 12:42 - 2012-10-10 22:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
    2013-01-02 12:42 - 2012-10-10 22:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2013-01-02 12:42 - 2012-10-10 22:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
    2013-01-02 12:42 - 2012-10-10 22:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
    2013-01-02 12:42 - 2012-10-10 22:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
    2013-01-02 12:42 - 2012-10-10 22:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
    2013-01-02 12:42 - 2012-10-10 22:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
    2013-01-02 12:42 - 2012-10-10 22:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
    2013-01-02 12:42 - 2012-10-10 22:08 - 00671232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2013-01-02 12:42 - 2012-10-10 22:08 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2013-01-02 12:42 - 2012-10-10 22:08 - 00170496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2013-01-02 12:42 - 2012-10-10 22:07 - 02764288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2013-01-02 12:42 - 2012-10-10 22:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 01610240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00658432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00653824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00408064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2013-01-02 12:42 - 2012-10-10 22:06 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2013-01-02 12:42 - 2012-10-10 22:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
    2013-01-02 12:42 - 2012-10-10 21:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
    2013-01-02 12:42 - 2012-10-10 20:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2013-01-02 12:42 - 2012-10-10 17:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
    2013-01-02 12:42 - 2012-10-10 17:44 - 00478424 ____A C:\Windows\System32\locale.nls
    2013-01-02 12:41 - 2012-11-06 00:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
    2013-01-02 12:41 - 2012-11-05 21:20 - 17560576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-01-02 12:41 - 2012-11-05 21:20 - 08856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2013-01-02 12:41 - 2012-11-05 21:19 - 19789824 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2013-01-02 12:41 - 2012-11-05 21:19 - 10096640 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
    2013-01-02 12:41 - 2012-11-05 21:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
    2013-01-02 12:41 - 2012-11-05 21:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2013-01-02 12:41 - 2012-11-05 21:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
    2013-01-02 12:41 - 2012-11-05 21:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
    2013-01-02 12:41 - 2012-11-05 21:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
    2013-01-02 12:41 - 2012-11-05 21:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-01-02 12:40 - 2012-11-06 00:52 - 00445160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
    2013-01-02 12:40 - 2012-11-06 00:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
    2013-01-02 12:40 - 2012-11-06 00:36 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
    2013-01-02 12:40 - 2012-11-06 00:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
    2013-01-02 12:40 - 2012-11-06 00:33 - 00490064 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
    2013-01-02 12:40 - 2012-11-06 00:33 - 00447792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
    2013-01-02 12:40 - 2012-11-06 00:33 - 00253512 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
    2013-01-02 12:40 - 2012-11-05 22:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2013-01-02 12:40 - 2012-11-05 22:00 - 00427568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2013-01-02 12:40 - 2012-11-05 22:00 - 00324344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2013-01-02 12:40 - 2012-11-05 21:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00767488 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00195072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2013-01-02 12:40 - 2012-11-05 21:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2013-01-02 12:40 - 2012-11-05 21:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00318464 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
    2013-01-02 12:40 - 2012-11-05 21:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00753664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00549376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
    2013-01-02 12:40 - 2012-11-05 21:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
    2013-01-02 12:40 - 2012-11-05 21:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
    2013-01-02 12:40 - 2012-11-05 21:17 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
    2013-01-02 12:40 - 2012-11-05 21:17 - 00785920 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
    2013-01-02 12:40 - 2012-11-05 21:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
    2013-01-02 12:40 - 2012-11-05 21:17 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
    2013-01-02 12:40 - 2012-11-05 21:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
    2013-01-02 12:40 - 2012-11-05 21:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
    2013-01-02 12:40 - 2012-11-05 21:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
    2013-01-02 12:40 - 2012-11-05 20:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
    2013-01-02 12:40 - 2012-11-05 20:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
    2013-01-02 12:40 - 2012-11-05 20:55 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
    2013-01-02 12:40 - 2012-11-05 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
    2013-01-02 12:40 - 2012-11-05 20:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
    2013-01-02 12:40 - 2012-11-05 20:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
    2013-01-02 12:40 - 2012-11-05 20:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
    2013-01-02 12:40 - 2012-11-05 20:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
    2013-01-02 12:40 - 2012-11-05 20:54 - 00859136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
    2013-01-02 12:40 - 2012-11-05 20:54 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
    2013-01-02 12:40 - 2012-11-05 20:53 - 01171968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
    2013-01-02 12:40 - 2012-11-05 20:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
    2013-01-02 12:40 - 2012-11-05 20:53 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
    2013-01-02 12:40 - 2012-11-05 20:52 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
    2013-01-02 12:40 - 2012-11-05 20:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-01-02 12:40 - 2012-11-02 17:05 - 00385604 ____A C:\Windows\System32\ApnDatabase.xml
    2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
    2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
    2012-12-31 14:57 - 2012-12-31 14:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
    2012-12-31 14:56 - 2012-12-31 14:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
    2012-12-31 14:41 - 2012-12-31 14:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
    2012-12-31 14:39 - 2012-12-31 14:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
    2012-12-31 14:38 - 2012-12-31 14:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
    2012-12-31 14:23 - 2012-12-31 14:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
    2012-12-31 14:22 - 2012-12-31 14:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
    2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
    2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
    2012-12-29 13:59 - 2012-12-29 13:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Public\Juniper Networks
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
    2012-12-29 13:37 - 2010-10-22 22:49 - 00579952 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcSmartCardProv.dll
    2012-12-29 13:37 - 2010-10-22 22:49 - 00405360 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcCredProv.dll
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Program Files\CanonBJ
    2012-12-29 13:19 - 2007-05-01 05:00 - 00258560 ____A (CANON INC.) C:\Windows\System32\CNMLM90.DLL
    2012-12-29 13:19 - 2007-04-25 19:28 - 00183296 ____A (Canon Inc.) C:\Windows\System32\CNCF2Lc.DLL
    2012-12-29 13:19 - 2007-04-25 19:23 - 00143360 ____A (Canon Inc.) C:\Windows\System32\CNCFMSc.EXE
    2012-12-29 13:19 - 2007-04-25 19:19 - 00003584 ____A (Canon Inc.) C:\Windows\System32\CNCFLcUS.DLL
    2012-12-29 13:19 - 2007-04-25 19:19 - 00003072 ____A (Canon Inc.) C:\Windows\System32\CNCFLcJP.DLL
    2012-12-29 13:18 - 2012-12-29 13:19 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
    2012-12-29 13:17 - 2012-12-29 13:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
    2012-12-29 13:15 - 2012-12-29 13:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
    2012-12-29 13:14 - 2012-12-29 13:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
    2012-12-29 13:13 - 2012-12-29 13:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
    2012-12-29 12:51 - 2012-12-29 12:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
    2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
    2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
    2012-12-29 12:48 - 2012-12-29 12:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
    2012-12-29 12:48 - 2012-12-29 12:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
    2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
    2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
    2012-12-28 18:30 - 2013-01-15 18:28 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
    2012-12-28 18:30 - 2012-12-28 18:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ___RD C:\Program Files (x86)\Skype
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\All Users\Skype
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\extensions.sqlite
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\end
     
  14. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    And here's the 3rd part of the log:

    5088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
    2012-12-28 18:29 - 2012-12-28 18:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
    2012-12-28 16:33 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
    2012-12-28 16:32 - 2012-12-28 16:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Users\All Users\Sun
    2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Program Files (x86)\Java
    2012-12-28 16:30 - 2012-12-28 16:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-12-28 15:56 - 2013-01-09 09:18 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-12-28 15:41 - 2012-08-30 17:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
    2012-12-28 15:41 - 2012-08-30 17:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
    2012-12-28 15:37 - 2012-11-09 21:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
    2012-12-28 15:37 - 2012-11-09 21:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2012-12-28 15:37 - 2012-11-09 21:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
    2012-12-28 15:37 - 2012-11-09 21:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
    2012-12-28 15:37 - 2012-11-09 21:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
    2012-12-28 15:37 - 2012-11-09 21:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
    2012-12-28 15:37 - 2012-10-10 00:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
    2012-12-28 15:37 - 2012-10-09 23:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
    2012-12-28 15:33 - 2012-12-16 01:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2012-12-28 15:33 - 2012-12-16 01:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2012-12-28 15:33 - 2012-12-16 01:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2012-12-28 15:33 - 2012-12-16 00:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2012-12-28 15:33 - 2012-11-27 21:21 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2012-12-28 15:33 - 2012-11-27 21:20 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
    2012-12-28 15:33 - 2012-11-14 23:26 - 19439616 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-12-28 15:33 - 2012-11-14 23:26 - 14324224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-12-28 15:33 - 2012-11-14 23:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-12-28 15:33 - 2012-11-14 23:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-12-28 15:33 - 2012-11-08 21:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2012-12-28 15:33 - 2012-11-08 21:03 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2012-12-28 15:33 - 2012-11-07 21:25 - 01775104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-12-28 15:33 - 2012-11-07 21:25 - 01138688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 13740032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 02881536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 01684992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2012-12-28 15:33 - 2012-11-07 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2012-12-28 15:33 - 2012-11-07 21:22 - 02246656 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-12-28 15:33 - 2012-11-07 21:22 - 01352704 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-12-28 15:33 - 2012-11-07 21:22 - 00907776 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
    2012-12-28 15:33 - 2012-11-07 21:22 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2012-12-28 15:33 - 2012-11-07 21:21 - 03966464 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-12-28 15:33 - 2012-11-07 21:21 - 00854528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-12-28 15:33 - 2012-11-07 21:21 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-12-28 15:33 - 2012-11-07 21:21 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 15416832 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 02162176 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2012-12-28 15:33 - 2012-11-07 21:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
    2012-12-28 15:33 - 2012-11-07 21:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
    2012-12-28 15:33 - 2012-11-07 21:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2012-12-28 15:33 - 2012-11-07 18:56 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2012-12-28 15:33 - 2012-11-02 22:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
    2012-12-28 15:33 - 2012-11-02 22:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
    2012-12-28 15:33 - 2012-11-02 22:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
    2012-12-28 15:33 - 2012-11-02 22:25 - 01009664 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
    2012-12-28 15:33 - 2012-11-02 22:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
    2012-12-28 15:33 - 2012-11-02 22:25 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
    2012-12-28 15:33 - 2012-11-02 22:25 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
    2012-12-28 15:33 - 2012-11-02 22:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
    2012-12-28 15:33 - 2012-11-02 22:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
    2012-12-28 15:33 - 2012-11-02 22:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
    2012-12-28 15:33 - 2012-11-02 22:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
    2012-12-28 15:33 - 2012-11-02 22:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
    2012-12-28 15:33 - 2012-10-23 20:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
    2012-12-28 15:33 - 2012-10-23 20:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
    2012-12-28 15:33 - 2012-10-23 20:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
    2012-12-28 15:33 - 2012-10-23 20:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
    2012-12-28 15:33 - 2012-10-23 20:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
    2012-12-28 15:33 - 2012-10-23 19:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
    2012-12-28 15:33 - 2012-10-05 21:53 - 02893824 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
    2012-12-28 15:33 - 2012-10-05 21:15 - 02400256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2012-12-28 14:55 - 2012-12-28 14:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
    2012-12-28 14:54 - 2012-12-28 14:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
    2012-12-28 14:42 - 2012-12-28 14:47 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
    2012-12-28 14:42 - 2012-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSECache
    2012-12-28 14:41 - 2012-12-28 14:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
    2012-12-28 14:37 - 2012-12-28 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
    2012-12-28 14:37 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
    2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files\Microsoft Office
    2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-12-28 14:30 - 2013-01-10 09:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2012-12-28 14:30 - 2012-12-28 14:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
    2012-12-28 14:29 - 2012-12-28 14:29 - 00000000 __RHD C:\MSOCache
    2012-12-28 11:06 - 2012-12-28 11:09 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
    2012-12-28 11:01 - 2013-01-15 16:26 - 00000000 ___RD C:\Users\Kathryn\Dropbox
    2012-12-28 11:01 - 2012-12-28 11:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
    2012-12-28 10:58 - 2013-01-15 16:26 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
    2012-12-28 10:57 - 2012-12-28 10:58 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
    2012-12-28 10:33 - 2012-12-28 10:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
    2012-12-28 10:28 - 2013-01-06 16:04 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
    2012-12-28 10:21 - 2012-12-28 10:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
    2012-12-28 10:19 - 2012-12-28 10:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
    2012-12-27 19:46 - 2012-04-20 15:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
    2012-12-27 16:10 - 2013-01-15 18:15 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-12-27 16:10 - 2013-01-15 17:15 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-12-27 16:10 - 2013-01-12 11:18 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
    2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
    2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Program Files (x86)\Google
    2012-12-27 16:09 - 2012-12-27 16:45 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
    2012-12-27 16:09 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
    2012-12-27 15:32 - 2012-12-27 15:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
    2012-12-27 15:28 - 2012-12-28 11:01 - 00000000 ____D C:\users\Kathryn
    2012-12-27 15:28 - 2012-12-27 15:47 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
    2012-12-27 15:28 - 2012-12-27 15:31 - 00000000 ____D C:\Users\All Users\PRICache
    2012-12-27 15:28 - 2012-12-27 15:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
    2012-12-27 15:23 - 2012-12-27 15:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt

    ==================== One Month Modified Files and Folders =======

    2013-01-15 18:40 - 2013-01-15 18:40 - 00000000 ____D C:\FRST
    2013-01-15 18:39 - 2013-01-15 18:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
    2013-01-15 18:39 - 2012-07-26 00:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-01-15 18:38 - 2013-01-05 10:53 - 01799166 ____A C:\Windows\WindowsUpdate.log
    2013-01-15 18:36 - 2013-01-15 18:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
    2013-01-15 18:33 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2013-01-15 18:28 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
    2013-01-15 18:15 - 2012-12-27 16:10 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-01-15 18:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\sru
    2013-01-15 17:27 - 2013-01-15 17:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
    2013-01-15 17:26 - 2013-01-15 17:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
    2013-01-15 17:25 - 2013-01-15 17:24 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
    2013-01-15 17:15 - 2012-12-27 16:10 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-01-15 16:33 - 2012-11-05 15:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2013-01-15 16:26 - 2012-12-28 11:01 - 00000000 ___RD C:\Users\Kathryn\Dropbox
    2013-01-15 16:26 - 2012-12-28 10:58 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
    2013-01-15 16:25 - 2013-01-15 16:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-15 16:25 - 2012-07-26 00:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-01-15 16:24 - 2012-07-25 22:26 - 00262144 __ASH C:\Windows\System32\config\BBI
    2013-01-15 16:08 - 2013-01-15 16:07 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
    2013-01-15 16:07 - 2013-01-15 16:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
    2013-01-15 16:05 - 2013-01-15 16:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
    2013-01-15 16:05 - 2013-01-15 16:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
    2013-01-15 16:05 - 2013-01-15 16:04 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
    2013-01-15 16:04 - 2013-01-15 16:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
    2013-01-15 09:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache
    2013-01-15 08:25 - 2013-01-15 08:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
    2013-01-15 08:24 - 2013-01-15 08:25 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
    2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
    2013-01-15 08:13 - 2012-07-25 22:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
    2013-01-15 08:06 - 2012-11-05 15:48 - 00000000 ____D C:\Program Files (x86)\McAfee
    2013-01-15 08:05 - 2013-01-12 11:13 - 00003094 ____A C:\Windows\PFRO.log
    2013-01-15 08:04 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore
    2013-01-14 13:42 - 2012-11-05 15:43 - 00000000 ____D C:\Users\All Users\CyberLink
    2013-01-12 11:18 - 2012-12-27 16:10 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
    2013-01-12 11:07 - 2013-01-07 20:56 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
    2013-01-10 09:33 - 2012-12-28 14:30 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2013-01-09 17:53 - 2013-01-09 17:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 17:53 - 2013-01-09 17:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
    2013-01-09 17:53 - 2013-01-09 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-09 17:52 - 2013-01-09 17:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
    2013-01-09 17:52 - 2013-01-09 17:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-09 17:51 - 2013-01-09 17:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-09 09:18 - 2012-12-28 15:56 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-01-06 16:04 - 2012-12-28 10:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
    2013-01-04 18:37 - 2012-11-05 17:00 - 00000000 ____D C:\Windows\Panther
    2013-01-04 18:36 - 2013-01-04 18:36 - 00000000 ____D C:\Program Files\CCleaner
    2013-01-04 18:36 - 2013-01-04 18:35 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
    2013-01-04 18:33 - 2013-01-04 18:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
    2013-01-04 13:44 - 2013-01-04 13:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
    2013-01-02 16:07 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\Apple Computer
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iTunes
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iPod
    2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\All Users\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Bonjour
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-01-02 16:04 - 2013-01-02 16:03 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
    2013-01-02 15:55 - 2012-07-26 01:12 - 00000000 ___RD C:\Windows\ToastData
    2013-01-02 15:54 - 2012-07-26 01:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
    2013-01-02 15:54 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\System32\oobe
    2013-01-02 15:48 - 2013-01-02 15:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
    2013-01-02 15:30 - 2013-01-02 15:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
    2013-01-02 15:30 - 2013-01-02 15:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
    2013-01-02 15:09 - 2013-01-02 15:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
    2013-01-02 13:39 - 2013-01-02 13:38 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
    2013-01-02 13:29 - 2013-01-02 13:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
    2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
    2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
    2012-12-31 14:57 - 2012-12-31 14:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
    2012-12-31 14:56 - 2012-12-31 14:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
    2012-12-31 14:55 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\NDF
    2012-12-31 14:41 - 2012-12-31 14:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
    2012-12-31 14:39 - 2012-12-31 14:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
    2012-12-31 14:38 - 2012-12-31 14:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
    2012-12-31 14:23 - 2012-12-31 14:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
    2012-12-31 14:22 - 2012-12-31 14:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
    2012-12-31 14:20 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2012-12-31 14:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\FxsTmp
    2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
    2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
    2012-12-29 13:59 - 2012-12-29 13:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Public\Juniper Networks
    2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
    2012-12-29 13:37 - 2012-12-28 16:33 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
    2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Program Files\CanonBJ
    2012-12-29 13:19 - 2012-12-29 13:18 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
    2012-12-29 13:17 - 2012-12-29 13:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
    2012-12-29 13:15 - 2012-12-29 13:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
    2012-12-29 13:14 - 2012-12-29 13:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
    2012-12-29 13:13 - 2012-12-29 13:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
    2012-12-29 12:51 - 2012-12-29 12:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
    2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
    2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
    2012-12-29 12:48 - 2012-12-29 12:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
    2012-12-29 12:48 - 2012-12-29 12:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
    2012-12-29 10:47 - 2012-11-05 15:43 - 00000000 ____D C:\Users\All Users\PCDr
    2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2012-12-29 10:03 - 2012-07-25 22:26 - 00000199 ____A C:\Windows\win.ini
    2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
    2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
    2012-12-28 18:30 - 2012-12-28 18:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ___RD C:\Program Files (x86)\Skype
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\All Users\Skype
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\extensions.sqlite
    2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\end
    2012-12-28 18:29 - 2012-12-28 18:30 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
    2012-12-28 18:29 - 2012-12-28 18:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-12-28 16:32 - 2012-12-28 16:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Users\All Users\Sun
    2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Program Files (x86)\Java
    2012-12-28 16:30 - 2012-12-28 16:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-12-28 14:55 - 2012-12-28 14:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
    2012-12-28 14:54 - 2012-12-28 14:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
    2012-12-28 14:51 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
    2012-12-28 14:47 - 2012-12-28 14:42 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
    2012-12-28 14:42 - 2012-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSECache
    2012-12-28 14:41 - 2012-12-28 14:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
    2012-12-28 14:37 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
    2012-12-28 14:37 - 2012-11-05 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2012-12-28 14:37 - 2012-11-05 15:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2012-12-28 14:37 - 2012-07-26 00:52 - 00000000 ____D C:\Windows\ShellNew
    2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files\Microsoft Office
    2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-12-28 14:30 - 2012-12-28 14:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
    2012-12-28 14:29 - 2012-12-28 14:29 - 00000000 __RHD C:\MSOCache
    2012-12-28 11:09 - 2012-12-28 11:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
    2012-12-28 11:09 - 2012-11-05 15:43 - 00000000 ____D C:\Program Files\Dell Support Center
    2012-12-28 11:01 - 2012-12-28 11:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
    2012-12-28 11:01 - 2012-12-27 15:28 - 00000000 ____D C:\users\Kathryn
    2012-12-28 10:58 - 2012-12-28 10:57 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
    2012-12-28 10:33 - 2012-12-28 10:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
    2012-12-28 10:33 - 2012-05-08 04:37 - 00000000 ____D C:\DELL
    2012-12-28 10:21 - 2012-12-28 10:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
    2012-12-28 10:20 - 2012-11-05 15:48 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2012-12-28 10:19 - 2012-12-28 10:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
    2012-12-27 19:46 - 2012-11-05 15:48 - 00000000 ____D C:\Users\All Users\McAfee
    2012-12-27 19:45 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP
    2012-12-27 16:45 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
    2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
    2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Program Files (x86)\Google
    2012-12-27 16:09 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
    2012-12-27 15:47 - 2012-12-27 15:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
    2012-12-27 15:32 - 2012-12-27 15:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
    2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
    2012-12-27 15:31 - 2012-12-27 15:28 - 00000000 ____D C:\Users\All Users\PRICache
    2012-12-27 15:31 - 2012-11-05 15:36 - 00000000 ____D C:\Users\All Users\Intel
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
    2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
    2012-12-27 15:28 - 2012-12-27 15:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
    2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
    2012-12-27 15:23 - 2012-12-27 15:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
    2012-12-18 16:32 - 2012-07-26 01:14 - 00695640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-12-18 16:32 - 2012-07-26 01:14 - 00080728 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-12-16 01:28 - 2012-12-28 15:33 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2012-12-16 01:20 - 2012-12-28 15:33 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2012-12-16 01:08 - 2012-12-28 15:33 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2012-12-16 00:57 - 2012-12-28 15:33 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe
    [2013-01-02 12:42] - [2012-10-10 22:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

    C:\Windows\System32\wininit.exe
    [2012-07-25 17:03] - [2012-07-25 20:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

    C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
    C:\Windows\explorer.exe
    [2013-01-02 12:42] - [2012-10-11 00:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

    C:\Windows\SysWOW64\explorer.exe
    [2013-01-02 12:42] - [2012-10-10 22:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

    C:\Windows\System32\svchost.exe
    [2013-01-02 15:35] - [2012-09-19 23:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

    C:\Windows\SysWOW64\svchost.exe
    [2013-01-02 15:35] - [2012-09-19 22:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

    C:\Windows\System32\services.exe
    [2013-01-02 15:33] - [2012-09-19 23:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

    C:\Windows\System32\User32.dll
    [2013-01-02 15:32] - [2012-09-19 23:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

    C:\Windows\SysWOW64\User32.dll
    [2013-01-02 15:32] - [2012-09-19 21:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

    C:\Windows\System32\userinit.exe
    [2012-07-25 17:06] - [2012-07-25 20:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

    C:\Windows\SysWOW64\userinit.exe
    [2012-07-25 17:08] - [2012-07-25 20:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

    C:\Windows\System32\Drivers\volsnap.sys
    [2012-07-25 19:30] - [2012-07-25 21:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


    ==================== Restore Points =========================


    ==================== Memory info ===========================

    Percentage of memory in use: 53%
    Total physical RAM: 3961.09 MB
    Available physical RAM: 1859.83 MB
    Total Pagefile: 6521.09 MB
    Available Pagefile: 3575.36 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Partitions =============================

    1 Drive c: (OS) (Fixed) (Total:457.39 GB) (Free:416.36 GB) NTFS
    3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
    4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.77 GB) FAT32
    5 Drive x: (PBR Image) (Fixed) (Total:7.23 GB) (Free:0.3 GB) NTFS
    6 Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS


    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B *
    Disk 1 Online 971 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 System (partition with boot components) 500 MB 1024 KB
    Partition 2 OEM 40 MB 501 MB
    Partition 3 Reserved 128 MB 541 MB
    Partition 4 Recovery 500 MB 669 MB
    Partition 5 Primary 457 GB 1169 MB
    Partition 6 Recovery 7404 MB 458 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
    Hidden : Yes
    Required: No
    Attrib : 0X8000000000000000

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 ESP FAT32 Partition 500 MB Healthy System (partition with boot components)

    =========================================================

    Disk: 0
    Partition 2
    Type : 796badd3-6bbf-4d9f-b631-466eb71a4965
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    There is no volume associated with this partition.

    =========================================================

    Disk: 0
    Partition 3
    Type : e3c9e316-0b5c-4db8-817d-f92df00215ae
    Hidden : Yes
    Required: No
    Attrib : 0X8000000000000000

    There is no volume associated with this partition.

    =========================================================

    Disk: 0
    Partition 4
    Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 WINRETOOLS NTFS Partition 500 MB Healthy Hidden

    =========================================================

    Disk: 0
    Partition 5
    Type : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Hidden : No
    Required: No
    Attrib : 0000000000000000

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C OS NTFS Partition 457 GB Healthy Boot

    =========================================================

    Disk: 0
    Partition 6
    Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 PBR Image NTFS Partition 7404 MB Healthy Hidden

    =========================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    * Partition 1 Primary 971 MB 0 B

    ==================================================================================

    Disk: 1
    There is no partition selected.

    There is no partition selected.
    Please select a partition and try again.

    =========================================================

    Last Boot: 2013-01-13 18:09

    ==================== End Of Log =============================
     
  15. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    The log is incorrect.
    You ran the tool from within Windows.
    It's incomplete anyway.
    Please re-read my instructions.
     
  16. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    The website you directed me to doesn't tell me how to run the program from the command prompt. It tells me how to get to the command prompt but doesn't tell me how to run to program on the flash drive. Please give me more direction.
     
  17. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Hi - did you get my last message? I don't know how to run the program once I get to the command prompt. Is there no "safe mode" for Windows 8?
     
  18. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Ok, I think I got it to run. Here's the first part of the log:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
    Ran by SYSTEM at 16-01-2013 13:45:36
    Running from F:\
    Windows 8 (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
    HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
    HKLM\...\Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20591616 2012-08-06] ()
    HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4123 2012-05-30] ()
    HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [277504 2012-07-09] (Intel Corporation)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-07] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-04] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [143888 2012-06-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.)
    HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
    HKU\Kathryn\...\Run: [GoogleChromeAutoLaunch_5F8DEE5AAD550B4A05D8853BE7B4418F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1248360 2013-01-07] (Google Inc.)
    HKU\Kathryn\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17877168 2012-11-09] (Skype Technologies S.A.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\Users\Kathryn\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> (No File)

    ==================== Services (Whitelisted) ===================

    2 AECLFilters; C:\Windows\System32\AECLSr64.exe [99696 2012-08-06] (Andrea Electronics Corporation)
    3 AllUserInstallAgent; C:\Windows\System32\AUInstallAgent.dll [122368 2012-07-25] (Microsoft Corporation)
    2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [169472 2012-11-05] (Microsoft Corporation)
    2 BcmBtRSupport; C:\Windows\System32\BtwRSupportService.exe [2247992 2012-07-19] (Broadcom Corporation.)
    2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [179712 2012-09-19] (Microsoft Corporation)
    2 CirrusAudioService; "C:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe" [7168 2012-08-06] (Cirrus Logic)
    2 DeviceAssociationService; C:\Windows\System32\das.dll [342016 2012-07-25] (Microsoft Corporation)
    3 DeviceInstall; C:\Windows\System32\umpnpmgr.dll [107008 2012-09-19] (Microsoft Corporation)
    3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [207872 2012-07-25] (Microsoft Corporation)
    3 EFS; C:\Windows\System32\efssvc.dll [37376 2012-07-25] (Microsoft Corporation)
    3 fhsvc; C:\Windows\System32\fhsvc.dll [116736 2012-09-19] (Microsoft Corporation)
    2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    3 KeyIso; C:\Windows\System32\keyiso.dll [59904 2012-07-25] (Microsoft Corporation)
    3 KeyIso; C:\Windows\SysWow64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
    2 LSM; C:\Windows\System32\lsm.dll [438272 2012-07-25] (Microsoft Corporation)
    2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
    2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
    3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
    2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.)
    4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241016 2012-11-09] (McAfee, Inc.)
    2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-11-09] (McAfee, Inc.)
    2 mfevtp; "C:\Windows\system32\mfevtps.exe" [177680 2012-11-09] (McAfee, Inc.)
    2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
    3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-25] (Microsoft Corporation)
    3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-25] (Microsoft Corporation)
    3 Netlogon; C:\Windows\System32\netlogon.dll [743936 2012-07-25] (Microsoft Corporation)
    3 Netlogon; C:\Windows\SysWow64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
    3 netprofm; C:\Windows\System32\netprofmsvc.dll [463872 2012-07-25] (Microsoft Corporation)
    3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-11-05] (Microsoft Corporation)
    2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [254512 2012-04-24] ()
    2 SftService; "C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe" [1914728 2012-09-12] (SoftThinks SAS)
    3 StorSvc; C:\Windows\SysWow64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
    3 svsvc; C:\Windows\System32\svsvc.dll [12800 2012-07-25] (Microsoft Corporation)
    3 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [178176 2012-12-05] (Microsoft Corporation)
    3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [170496 2012-12-05] (Microsoft Corporation)
    3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-25] (Microsoft Corporation)
    3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
    2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [263680 2012-07-25] (Microsoft Corporation)
    3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-25] (Microsoft Corporation)
    3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
    3 WinHttpAutoProxySvc; C:\Windows\SysWow64\winhttp.dll [516608 2012-11-05] (Microsoft Corporation)
    3 wlidsvc; C:\Windows\System32\wlidsvc.dll [1968128 2012-07-25] (Microsoft Corporation)
    3 WSService; C:\Windows\System32\WSService.dll [2367528 2012-09-20] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) =====================

    0 3ware; C:\Windows\System32\Drivers\3ware.sys [106736 2012-07-25] (LSI)
    0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-25] (Microsoft Corporation)
    3 acpipagr; C:\Windows\System32\Drivers\acpipagr.sys [10240 2012-07-25] (Microsoft Corporation)
    3 acpitime; C:\Windows\System32\Drivers\acpitime.sys [10752 2012-07-25] (Microsoft Corporation)
    0 arc; C:\Windows\System32\Drivers\arc.sys [104688 2012-07-25] (PMC-Sierra, Inc.)
    0 arcsas; C:\Windows\System32\Drivers\arcsas.sys [108272 2012-07-25] (PMC-Sierra, Inc.)
    1 BasicDisplay; C:\Windows\System32\Drivers\BasicDisplay.sys [48640 2012-07-25] (Microsoft Corporation)
    1 BasicRender; C:\Windows\System32\Drivers\BasicRender.sys [29696 2012-07-25] (Microsoft Corporation)
    3 bcbtums; C:\Windows\System32\Drivers\bcbtums.sys [164152 2012-07-19] (Broadcom Corporation.)
    3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
    3 BthAvrcpTg; C:\Windows\System32\Drivers\BthAvrcpTg.sys [31104 2012-11-26] (Microsoft Corporation)
    3 BthHFEnum; C:\Windows\System32\Drivers\BthHFEnum.sys [51200 2012-07-25] (Microsoft Corporation)
    3 bthhfhid; C:\Windows\System32\Drivers\bthhfhid.sys [29952 2012-11-26] (Microsoft Corporation)
    3 BthLEEnum; C:\Windows\System32\Drivers\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
    3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
    3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFDx64.sys [41328 2012-08-06] (Cirrus Logic)
    0 CLFS; C:\Windows\System32\Drivers\CLFS.sys [361200 2012-07-25] (Microsoft Corporation)
    1 CLVirtualDrive; C:\Windows\System32\Drivers\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    3 condrv; C:\Windows\System32\Drivers\condrv.sys [33792 2012-07-25] (Microsoft Corporation)
    1 dam; C:\Windows\System32\Drivers\dam.sys [58088 2012-10-10] (Microsoft Corporation)
    3 DellRbtn; C:\Windows\System32\Drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
    0 EhStorClass; C:\Windows\System32\Drivers\EhStorClass.sys [81136 2012-07-25] (Microsoft Corporation)
    0 EhStorTcgDrv; C:\Windows\System32\Drivers\EhStorTcgDrv.sys [113904 2012-07-25] (Microsoft Corporation)
    3 FxPPM; C:\Windows\System32\Drivers\FxPPM.sys [22528 2012-11-05] (Microsoft Corporation)
    3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-25] (Microsoft Corporation)
    3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [120040 2012-09-19] (Microsoft Corporation)
    3 hidi2c; C:\Windows\System32\Drivers\hidi2c.sys [39936 2012-11-19] (Microsoft Corporation)
    3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
    3 hyperkbd; C:\Windows\System32\Drivers\hyperkbd.sys [11776 2012-07-25] (Microsoft Corporation)
    3 HyperVideo; C:\Windows\System32\Drivers\HyperVideo.sys [24576 2012-07-25] (Microsoft Corporation)
    0 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [651832 2012-10-26] (Intel Corporation)
    3 kdnic; C:\Windows\System32\Drivers\kdnic.sys [18432 2012-07-25] (Microsoft Corporation)
    0 LSI_SSS; C:\Windows\System32\Drivers\LSI_SSS.sys [81136 2012-07-25] (LSI Corporation)
    3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
    3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.)
    3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
    0 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [69168 2012-11-09] (McAfee, Inc.)
    3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
    0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-11-09] (McAfee, Inc.)
    3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-11-09] (McAfee, Inc.)
    0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.)
    3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-25] (Microsoft Corporation)
    3 msgpiowin32; C:\Windows\System32\Drivers\msgpiowin32.sys [28392 2012-09-19] (Microsoft Corporation)
    3 mshidumdf; C:\Windows\System32\Drivers\mshidumdf.sys [10752 2012-07-25] (Microsoft Corporation)
    3 MsLldp; C:\Windows\System32\Drivers\MsLldp.sys [68608 2012-07-25] (Microsoft Corporation)
    0 mvumis; C:\Windows\System32\Drivers\mvumis.sys [64240 2012-07-25] (Marvell Semiconductor, Inc.)
    3 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
    3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-25] (Microsoft Corporation)
    2 Ndu; C:\Windows\System32\Drivers\Ndu.sys [97792 2012-07-25] (Microsoft Corporation)
    1 npsvctrig; C:\Windows\System32\Drivers\npsvctrig.sys [23552 2012-07-25] (Microsoft Corporation)
    0 pdc; C:\Windows\System32\Drivers\pdc.sys [69864 2012-11-05] (Microsoft Corporation)
    3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [683664 2012-06-12] (Realtek )
    3 sdstor; C:\Windows\System32\Drivers\sdstor.sys [56552 2012-10-10] (Microsoft Corporation)
    3 SerCx; C:\Windows\System32\Drivers\SerCx.sys [62976 2012-07-25] (Microsoft Corporation)
    0 spaceport; C:\Windows\System32\Drivers\spaceport.sys [283888 2012-07-25] (Microsoft Corporation)
    3 SpbCx; C:\Windows\System32\Drivers\SpbCx.sys [59392 2012-07-25] (Microsoft Corporation)
    0 storahci; C:\Windows\System32\Drivers\storahci.sys [77552 2012-07-25] (Microsoft Corporation)
    3 UASPStor; C:\Windows\System32\Drivers\UASPStor.sys [97008 2012-07-25] (Microsoft Corporation)
    3 UCX01000; C:\Windows\System32\Drivers\UCX01000.sys [212200 2012-09-19] (Microsoft Corporation)
    3 USBHUB3; C:\Windows\System32\Drivers\USBHUB3.sys [445160 2012-11-05] (Microsoft Corporation)
    3 USBXHCI; C:\Windows\System32\Drivers\USBXHCI.sys [337128 2012-09-19] (Microsoft Corporation)
    3 VerifierExt; C:\Windows\System32\Drivers\VerifierExt.sys [106224 2012-07-25] (Microsoft Corporation)
    3 vpci; C:\Windows\System32\Drivers\vpci.sys [67824 2012-07-25] (Microsoft Corporation)
    0 VSTXRAID; C:\Windows\System32\Drivers\VSTXRAID.sys [322800 2012-07-25] (VIA Corporation)
    3 WdBoot; C:\Windows\System32\Drivers\WdBoot.sys [34216 2012-07-25] (Microsoft Corporation)
    3 WdFilter; C:\Windows\System32\Drivers\WdFilter.sys [258288 2012-07-25] (Microsoft Corporation)
    0 WFPLWFS; C:\Windows\System32\Drivers\WFPLWFS.sys [96496 2012-07-25] (Microsoft Corporation)
    3 wpcfltr; C:\Windows\System32\Drivers\wpcfltr.sys [45056 2012-07-25] (Microsoft Corporation)
    3 WpdUpFltr; C:\Windows\System32\Drivers\WpdUpFltr.sys [19968 2012-07-25] (Microsoft Corporation)
    3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
    3 GENERICDRV; \??\C:\Users\Kathryn\Downloads\amifldrv64.sys [x]
    3 mfeavfk01; [x]

    ==================== NetSvcs (Whitelisted) ====================


    ==================== One Month Created Files and Folders ========

    2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ____A C:\Windows\setuperr.log
    2013-01-15 20:58 - 2013-01-15 20:58 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64 (1).exe
    2013-01-15 17:42 - 2013-01-15 17:42 - 00108226 ____A C:\Users\Kathryn\Downloads\FRST.txt
    2013-01-15 17:40 - 2013-01-15 17:40 - 00000000 ____D C:\FRST
    2013-01-15 17:39 - 2013-01-15 17:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
    2013-01-15 17:36 - 2013-01-15 17:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
    2013-01-15 16:27 - 2013-01-15 16:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
    2013-01-15 16:26 - 2013-01-15 16:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
    2013-01-15 16:24 - 2013-01-15 16:25 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
    2013-01-15 15:25 - 2013-01-15 15:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-15 15:07 - 2013-01-15 15:08 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
    2013-01-15 15:07 - 2013-01-15 15:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
    2013-01-15 15:05 - 2013-01-15 15:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
    2013-01-15 15:05 - 2013-01-15 15:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
    2013-01-15 15:04 - 2013-01-15 15:05 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
    2013-01-15 15:04 - 2013-01-15 15:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
    2013-01-15 07:25 - 2013-01-15 07:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
    2013-01-15 07:25 - 2013-01-15 07:24 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
    2013-01-12 10:24 - 2012-11-26 23:00 - 00194280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
    2013-01-12 10:24 - 2012-11-26 23:00 - 00124648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
    2013-01-12 10:24 - 2012-11-26 22:59 - 00329960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
    2013-01-12 10:24 - 2012-11-26 22:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
    2013-01-12 10:24 - 2012-11-26 22:27 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2013-01-12 10:24 - 2012-11-26 20:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
    2013-01-12 10:24 - 2012-11-26 20:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
    2013-01-12 10:24 - 2012-11-26 20:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2013-01-12 10:24 - 2012-11-26 20:20 - 00891904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
    2013-01-12 10:24 - 2012-11-26 20:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
    2013-01-12 10:24 - 2012-11-26 20:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 05088256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 03345920 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 01145856 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 01096704 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
    2013-01-12 10:24 - 2012-11-26 20:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
    2013-01-12 10:24 - 2012-11-26 20:19 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
    2013-01-12 10:24 - 2012-11-26 20:18 - 05974528 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
    2013-01-12 10:24 - 2012-11-26 20:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
    2013-01-12 10:24 - 2012-11-26 20:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
    2013-01-12 10:24 - 2012-11-26 20:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
    2013-01-12 10:24 - 2012-11-26 20:17 - 02302464 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
    2013-01-12 10:24 - 2012-11-26 20:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
    2013-01-12 10:24 - 2012-11-26 19:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
    2013-01-12 10:24 - 2012-11-26 19:56 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
    2013-01-12 10:24 - 2012-11-26 19:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
    2013-01-12 10:24 - 2012-09-10 21:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
    2013-01-12 10:24 - 2012-09-10 21:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
    2013-01-12 10:24 - 2012-09-10 21:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
    2013-01-12 10:20 - 2012-12-05 20:23 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
    2013-01-12 10:20 - 2012-12-05 20:22 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
    2013-01-12 10:20 - 2012-11-28 21:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
    2013-01-12 10:20 - 2012-11-28 21:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
    2013-01-12 10:19 - 2012-12-03 20:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
    2013-01-12 10:19 - 2012-12-03 19:59 - 04055552 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-01-12 10:13 - 2013-01-15 07:05 - 00003094 ____A C:\Windows\PFRO.log
    2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\Application Data\Malwarebytes
    2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
    2013-01-09 16:52 - 2013-01-09 16:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-09 16:52 - 2013-01-09 16:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
    2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
    2013-01-09 16:52 - 2012-12-14 15:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2013-01-09 16:51 - 2013-01-09 16:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-09 07:25 - 2012-11-25 20:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
    2013-01-09 07:25 - 2012-11-25 20:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
    2013-01-09 07:24 - 2012-10-31 20:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2013-01-09 07:24 - 2012-10-31 20:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
    2013-01-09 07:24 - 2012-10-31 20:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2013-01-09 07:24 - 2012-10-31 20:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
    2013-01-09 07:24 - 2012-10-31 20:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
    2013-01-09 07:24 - 2012-10-31 20:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
    2013-01-09 07:24 - 2012-10-31 20:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
    2013-01-09 07:24 - 2012-10-31 20:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
    2013-01-07 19:56 - 2013-01-12 10:07 - 00012075 ____A C:\Users\Kathryn\My Documents\Job applications.xlsx
    2013-01-07 19:56 - 2013-01-12 10:07 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
    2013-01-05 09:53 - 2013-01-16 12:31 - 01907658 ____A C:\Windows\WindowsUpdate.log
    2013-01-04 17:36 - 2013-01-04 17:36 - 00000000 ____D C:\Program Files\CCleaner
    2013-01-04 17:35 - 2013-01-04 17:36 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
    2013-01-04 17:33 - 2013-01-04 17:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Amazon_Services_LLC
     
  19. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Here's the second:

    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Amazon_Services_LLC
    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
    2013-01-03 13:46 - 2009-07-03 12:23 - 00132024 ____A C:\Users\Kathryn\My Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
    2013-01-03 13:46 - 2009-07-03 12:23 - 00132024 ____A C:\Users\Kathryn\Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
    2013-01-02 15:06 - 2013-01-02 15:07 - 00000000 ____D C:\Users\Kathryn\Application Data\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:07 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iTunes
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iPod
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-01-02 15:06 - 2012-08-21 12:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Application Data\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Bonjour
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-01-02 15:03 - 2013-01-02 15:04 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
    2013-01-02 14:48 - 2013-01-02 14:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
    2013-01-02 14:46 - 2012-10-01 23:34 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
    2013-01-02 14:46 - 2012-10-01 23:34 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
    2013-01-02 14:45 - 2012-09-26 23:17 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\newdev.exe
    2013-01-02 14:45 - 2012-09-26 23:17 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\ndadmin.exe
    2013-01-02 14:45 - 2012-09-26 23:15 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll
    2013-01-02 14:45 - 2012-09-26 22:35 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
    2013-01-02 14:45 - 2012-09-26 22:35 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
    2013-01-02 14:45 - 2012-09-26 22:34 - 00275968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
    2013-01-02 14:37 - 2012-09-19 21:55 - 00083968 ____A C:\Windows\SysWOW64\OEMLicense.dll
    2013-01-02 14:35 - 2012-09-20 01:08 - 00027280 ____A (Microsoft Corporation) C:\Windows\System32\avrt.dll
    2013-01-02 14:35 - 2012-09-20 00:04 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2013-01-02 14:35 - 2012-09-19 22:33 - 00420352 ____A (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
    2013-01-02 14:35 - 2012-09-19 22:33 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\WSClient.dll
    2013-01-02 14:35 - 2012-09-19 22:33 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-01-02 14:35 - 2012-09-19 22:33 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\WSSync.dll
    2013-01-02 14:35 - 2012-09-19 22:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
    2013-01-02 14:35 - 2012-09-19 22:33 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe
    2013-01-02 14:35 - 2012-09-19 22:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\perfos.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\PackageStateRoaming.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\RpcEpMap.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\perfctrs.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\perfproc.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\perfnet.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
    2013-01-02 14:35 - 2012-09-19 22:32 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\shimeng.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
    2013-01-02 14:35 - 2012-09-19 22:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\DevPropMgr.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\LangCleanupSysprepAction.dll
    2013-01-02 14:35 - 2012-09-19 22:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
    2013-01-02 14:35 - 2012-09-19 22:30 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
    2013-01-02 14:35 - 2012-09-19 22:30 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
    2013-01-02 14:35 - 2012-09-19 22:13 - 00023656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
    2013-01-02 14:35 - 2012-09-19 22:08 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
    2013-01-02 14:35 - 2012-09-19 21:55 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
    2013-01-02 14:35 - 2012-09-19 21:55 - 00239616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
    2013-01-02 14:35 - 2012-09-19 21:55 - 00166912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
    2013-01-02 14:35 - 2012-09-19 21:55 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
    2013-01-02 14:35 - 2012-09-19 21:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    2013-01-02 14:35 - 2012-09-19 21:54 - 00533504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00089088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
    2013-01-02 14:35 - 2012-09-19 21:54 - 00005632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
    2013-01-02 14:35 - 2012-09-19 21:53 - 01247232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
    2013-01-02 14:35 - 2012-09-19 21:53 - 00461824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2013-01-02 14:35 - 2012-09-19 21:53 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
    2013-01-02 14:34 - 2012-09-20 01:10 - 02367528 ____A (Microsoft Corporation) C:\Windows\System32\WSService.dll
    2013-01-02 14:34 - 2012-09-20 00:40 - 00389360 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
    2013-01-02 14:34 - 2012-09-19 23:55 - 00533224 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
    2013-01-02 14:34 - 2012-09-19 22:33 - 01304064 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
    2013-01-02 14:34 - 2012-09-19 22:33 - 00588800 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00545280 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
    2013-01-02 14:34 - 2012-09-19 22:33 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00390144 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\wpnprv.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00110592 ____A C:\Windows\System32\OEMLicense.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    2013-01-02 14:34 - 2012-09-19 22:33 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
    2013-01-02 14:34 - 2012-09-19 22:33 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\vsstrace.dll
    2013-01-02 14:34 - 2012-09-19 22:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
    2013-01-02 14:34 - 2012-09-19 22:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
    2013-01-02 14:34 - 2012-09-19 22:32 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
    2013-01-02 14:34 - 2012-09-19 22:32 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
    2013-01-02 14:34 - 2012-09-19 22:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
    2013-01-02 14:34 - 2012-09-19 22:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
    2013-01-02 14:34 - 2012-09-19 22:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00437760 ____A (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00236544 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\mmcss.dll
    2013-01-02 14:34 - 2012-09-19 22:31 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\lpksetupproxyserv.dll
    2013-01-02 14:34 - 2012-09-19 22:30 - 02016256 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
    2013-01-02 14:34 - 2012-09-19 22:30 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
    2013-01-02 14:34 - 2012-09-19 22:30 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
    2013-01-02 14:34 - 2012-09-19 22:30 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
    2013-01-02 14:34 - 2012-09-19 22:30 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
    2013-01-02 14:34 - 2012-09-19 22:13 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-kernel-power-events.dll
    2013-01-02 14:34 - 2012-09-19 22:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
    2013-01-02 14:34 - 2012-09-19 22:08 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
    2013-01-02 14:34 - 2012-09-19 21:55 - 00995328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
    2013-01-02 14:34 - 2012-09-19 21:55 - 00417280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
    2013-01-02 14:34 - 2012-09-19 21:55 - 00267776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2013-01-02 14:34 - 2012-09-19 21:55 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2013-01-02 14:34 - 2012-09-19 21:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
    2013-01-02 14:34 - 2012-09-19 21:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
    2013-01-02 14:34 - 2012-09-19 21:54 - 00709632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00413184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2013-01-02 14:34 - 2012-09-19 21:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2013-01-02 14:34 - 2012-09-19 21:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2013-01-02 14:34 - 2012-09-19 21:53 - 02007040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
    2013-01-02 14:34 - 2012-09-19 21:53 - 00675840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
    2013-01-02 14:34 - 2012-09-19 21:53 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
    2013-01-02 14:34 - 2012-09-19 20:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2013-01-02 14:33 - 2012-09-20 01:05 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
    2013-01-02 14:33 - 2012-09-20 00:56 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
    2013-01-02 14:33 - 2012-09-20 00:04 - 00100072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
    2013-01-02 14:33 - 2012-09-19 23:03 - 00465128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
    2013-01-02 14:33 - 2012-09-19 23:03 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
    2013-01-02 14:33 - 2012-09-19 22:48 - 00062488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
    2013-01-02 14:33 - 2012-09-19 22:47 - 00307192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 13640704 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 01513984 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00866304 ____A (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00699392 ____A (Microsoft Corporation) C:\Windows\System32\twinapi.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00410624 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
    2013-01-02 14:33 - 2012-09-19 22:33 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\wlidcredprov.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00117760 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
    2013-01-02 14:33 - 2012-09-19 22:33 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
    2013-01-02 14:33 - 2012-09-19 22:33 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
    2013-01-02 14:33 - 2012-09-19 22:33 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
    2013-01-02 14:33 - 2012-09-19 22:33 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
    2013-01-02 14:33 - 2012-09-19 22:32 - 01739264 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\provcore.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00256512 ____A (Microsoft Corporation) C:\Windows\System32\msvproc.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
    2013-01-02 14:33 - 2012-09-19 22:32 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
    2013-01-02 14:33 - 2012-09-19 22:31 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
    2013-01-02 14:33 - 2012-09-19 22:31 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
    2013-01-02 14:33 - 2012-09-19 22:31 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\eventcls.dll
    2013-01-02 14:33 - 2012-09-19 22:30 - 03847168 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
    2013-01-02 14:33 - 2012-09-19 22:30 - 02219008 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
    2013-01-02 14:33 - 2012-09-19 22:30 - 01743872 ____A (Microsoft Corporation) C:\Windows\System32\combase.dll
    2013-01-02 14:33 - 2012-09-19 22:30 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
    2013-01-02 14:33 - 2012-09-19 22:09 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
    2013-01-02 14:33 - 2012-09-19 22:07 - 00210304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
    2013-01-02 14:33 - 2012-09-19 22:05 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
    2013-01-02 14:33 - 2012-09-19 21:55 - 10791936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2013-01-02 14:33 - 2012-09-19 21:55 - 00263168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
    2013-01-02 14:33 - 2012-09-19 21:55 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
    2013-01-02 14:33 - 2012-09-19 21:55 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
    2013-01-02 14:33 - 2012-09-19 21:55 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
    2013-01-02 14:33 - 2012-09-19 21:54 - 01369600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 01196032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00509952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00480768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00449024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00325632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
    2013-01-02 14:33 - 2012-09-19 21:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
    2013-01-02 14:33 - 2012-09-19 21:53 - 03296256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-01-02 14:33 - 2012-09-19 21:53 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-01-02 14:33 - 2012-09-19 21:53 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
    2013-01-02 14:33 - 2012-09-19 21:53 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
    2013-01-02 14:32 - 2012-09-20 01:05 - 01448168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-01-02 14:32 - 2012-09-20 00:31 - 00425192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
    2013-01-02 14:32 - 2012-09-20 00:28 - 01825208 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
    2013-01-02 14:32 - 2012-09-20 00:04 - 02225896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-01-02 14:32 - 2012-09-19 23:55 - 03265256 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
    2013-01-02 14:32 - 2012-09-19 23:55 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
    2013-01-02 14:32 - 2012-09-19 23:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
    2013-01-02 14:32 - 2012-09-19 23:55 - 00120040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
    2013-01-02 14:32 - 2012-09-19 23:55 - 00028392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
    2013-01-02 14:32 - 2012-09-19 22:33 - 02397184 ____A (Microsoft Corporation) C:\Windows\System32\WpcMon.exe
    2013-01-02 14:32 - 2012-09-19 22:33 - 01590272 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
    2013-01-02 14:32 - 2012-09-19 22:33 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
    2013-01-02 14:32 - 2012-09-19 22:33 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
    2013-01-02 14:32 - 2012-09-19 22:33 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
    2013-01-02 14:32 - 2012-09-19 22:32 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
    2013-01-02 14:32 - 2012-09-19 22:32 - 01019392 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
    2013-01-02 14:32 - 2012-09-19 22:32 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\ProximityService.dll
    2013-01-02 14:32 - 2012-09-19 22:32 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
    2013-01-02 14:32 - 2012-09-19 22:32 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\MUILanguageCleanup.dll
    2013-01-02 14:32 - 2012-09-19 22:31 - 00755200 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
    2013-01-02 14:32 - 2012-09-19 22:31 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
    2013-01-02 14:32 - 2012-09-19 22:31 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
    2013-01-02 14:32 - 2012-09-19 22:30 - 02066432 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
    2013-01-02 14:32 - 2012-09-19 22:26 - 01409376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-01-02 14:32 - 2012-09-19 22:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
    2013-01-02 14:32 - 2012-09-19 21:55 - 01319424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2013-01-02 14:32 - 2012-09-19 21:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
    2013-01-02 14:32 - 2012-09-19 21:55 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
    2013-01-02 14:32 - 2012-09-19 21:55 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
    2013-01-02 14:32 - 2012-09-19 21:54 - 01137152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
    2013-01-02 14:32 - 2012-09-19 21:53 - 01701376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
    2013-01-02 14:32 - 2012-09-19 21:53 - 00366080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-01-02 14:32 - 2012-09-19 21:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2013-01-02 14:32 - 2012-09-19 20:10 - 01126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2013-01-02 14:31 - 2012-09-19 22:33 - 14259712 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
    2013-01-02 14:31 - 2012-09-19 22:33 - 03964416 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
    2013-01-02 14:31 - 2012-09-19 22:33 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
    2013-01-02 14:31 - 2012-09-19 21:55 - 11875328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2013-01-02 14:30 - 2013-01-02 14:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
    2013-01-02 14:30 - 2013-01-02 14:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
    2013-01-02 14:09 - 2013-01-02 14:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
    2013-01-02 12:38 - 2013-01-02 12:39 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
    2013-01-02 12:29 - 2013-01-02 12:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
    2013-01-02 11:44 - 2012-11-20 00:00 - 06971624 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-01-02 11:44 - 2012-11-19 21:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
    2013-01-02 11:44 - 2012-11-19 21:24 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
    2013-01-02 11:44 - 2012-11-19 21:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
    2013-01-02 11:44 - 2012-11-19 21:17 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
    2013-01-02 11:44 - 2012-11-19 21:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
    2013-01-02 11:44 - 2012-11-19 20:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
    2013-01-02 11:44 - 2012-11-19 20:56 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
    2013-01-02 11:44 - 2012-11-19 20:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
    2013-01-02 11:44 - 2012-11-19 20:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
    2013-01-02 11:44 - 2012-11-12 20:20 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
    2013-01-02 11:44 - 2012-11-12 20:19 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2013-01-02 11:44 - 2012-11-07 20:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
    2013-01-02 11:44 - 2012-11-07 20:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
    2013-01-02 11:44 - 2012-11-07 20:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2013-01-02 11:44 - 2012-11-07 20:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
    2013-01-02 11:44 - 2012-11-07 20:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
    2013-01-02 11:44 - 2012-11-07 20:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
    2013-01-02 11:44 - 2012-11-01 21:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2013-01-02 11:44 - 2012-10-12 00:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
    2013-01-02 11:44 - 2012-10-11 22:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
    2013-01-02 11:44 - 2012-10-11 22:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
    2013-01-02 11:44 - 2012-10-11 21:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
    2013-01-02 11:44 - 2012-10-11 21:46 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
    2013-01-02 11:44 - 2012-10-11 21:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
    2013-01-02 11:44 - 2012-09-19 23:55 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
    2013-01-02 11:44 - 2012-09-19 23:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
    2013-01-02 11:44 - 2012-09-19 23:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
    2013-01-02 11:44 - 2012-09-19 23:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
    2013-01-02 11:44 - 2012-09-19 22:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
    2013-01-02 11:43 - 2012-10-23 20:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
    2013-01-02 11:43 - 2012-10-16 20:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
    2013-01-02 11:43 - 2012-10-16 20:32 - 01048064 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
    2013-01-02 11:43 - 2012-10-16 20:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
    2013-01-02 11:43 - 2012-10-16 20:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
    2013-01-02 11:43 - 2012-10-16 19:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
    2013-01-02 11:43 - 2012-10-16 19:57 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
    2013-01-02 11:43 - 2012-10-16 19:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2013-01-02 11:43 - 2012-10-16 19:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
    2013-01-02 11:43 - 2012-10-10 21:45 - 03554304 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
    2013-01-02 11:42 - 2012-10-10 23:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
    2013-01-02 11:42 - 2012-10-10 23:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
    2013-01-02 11:42 - 2012-10-10 23:26 - 00336104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
    2013-01-02 11:42 - 2012-10-10 23:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
    2013-01-02 11:42 - 2012-10-10 23:23 - 01001192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
    2013-01-02 11:42 - 2012-10-10 23:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2013-01-02 11:42 - 2012-10-10 23:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
    2013-01-02 11:42 - 2012-10-10 23:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
    2013-01-02 11:42 - 2012-10-10 23:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
    2013-01-02 11:42 - 2012-10-10 23:16 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
    2013-01-02 11:42 - 2012-10-10 23:16 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
    2013-01-02 11:42 - 2012-10-10 23:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
    2013-01-02 11:42 - 2012-10-10 23:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
    2013-01-02 11:42 - 2012-10-10 23:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
    2013-01-02 11:42 - 2012-10-10 23:01 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
    2013-01-02 11:42 - 2012-10-10 21:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
    2013-01-02 11:42 - 2012-10-10 21:46 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 00594944 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
    2013-01-02 11:42 - 2012-10-10 21:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
    2013-01-02 11:42 - 2012-10-10 21:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
    2013-01-02 11:42 - 2012-10-10 21:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
    2013-01-02 11:42 - 2012-10-10 21:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 02116096 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
    2013-01-02 11:42 - 2012-10-10 21:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
    2013-01-02 11:42 - 2012-10-10 21:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
    2013-01-02 11:42 - 2012-10-10 21:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2013-01-02 11:42 - 2012-10-10 21:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
    2013-01-02 11:42 - 2012-10-10 21:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
    2013-01-02 11:42 - 2012-10-10 21:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
    2013-01-02 11:42 - 2012-10-10 21:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
    2013-01-02 11:42 - 2012-10-10 21:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
    2013-01-02 11:42 - 2012-10-10 21:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
    2013-01-02 11:42 - 2012-10-10 21:08 - 00671232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2013-01-02 11:42 - 2012-10-10 21:08 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2013-01-02 11:42 - 2012-10-10 21:08 - 00170496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2013-01-02 11:42 - 2012-10-10 21:07 - 02764288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2013-01-02 11:42 - 2012-10-10 21:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 01610240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00658432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
     
  20. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    And the next part:

    53824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00411136 ____A (Microsotft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00408064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2013-01-02 11:42 - 2012-10-10 21:06 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2013-01-02 11:42 - 2012-10-10 21:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
    2013-01-02 11:42 - 2012-10-10 20:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
    2013-01-02 11:42 - 2012-10-10 19:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2013-01-02 11:42 - 2012-10-10 16:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
    2013-01-02 11:42 - 2012-10-10 16:44 - 00478424 ____A C:\Windows\System32\locale.nls
    2013-01-02 11:41 - 2012-11-05 23:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
    2013-01-02 11:41 - 2012-11-05 20:20 - 17560576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-01-02 11:41 - 2012-11-05 20:20 - 08856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2013-01-02 11:41 - 2012-11-05 20:19 - 19789824 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2013-01-02 11:41 - 2012-11-05 20:19 - 10096640 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
    2013-01-02 11:41 - 2012-11-05 20:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
    2013-01-02 11:41 - 2012-11-05 20:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2013-01-02 11:41 - 2012-11-05 20:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
    2013-01-02 11:41 - 2012-11-05 20:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
    2013-01-02 11:41 - 2012-11-05 20:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
    2013-01-02 11:41 - 2012-11-05 20:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-01-02 11:40 - 2012-11-05 23:52 - 00445160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
    2013-01-02 11:40 - 2012-11-05 23:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
    2013-01-02 11:40 - 2012-11-05 23:36 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
    2013-01-02 11:40 - 2012-11-05 23:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
    2013-01-02 11:40 - 2012-11-05 23:33 - 00490064 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
    2013-01-02 11:40 - 2012-11-05 23:33 - 00447792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
    2013-01-02 11:40 - 2012-11-05 23:33 - 00253512 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
    2013-01-02 11:40 - 2012-11-05 21:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2013-01-02 11:40 - 2012-11-05 21:00 - 00427568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2013-01-02 11:40 - 2012-11-05 21:00 - 00324344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2013-01-02 11:40 - 2012-11-05 20:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00767488 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00195072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
    2013-01-02 11:40 - 2012-11-05 20:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2013-01-02 11:40 - 2012-11-05 20:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00318464 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
    2013-01-02 11:40 - 2012-11-05 20:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00753664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00549376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
    2013-01-02 11:40 - 2012-11-05 20:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
    2013-01-02 11:40 - 2012-11-05 20:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
    2013-01-02 11:40 - 2012-11-05 20:17 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
    2013-01-02 11:40 - 2012-11-05 20:17 - 00785920 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
    2013-01-02 11:40 - 2012-11-05 20:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
    2013-01-02 11:40 - 2012-11-05 20:17 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
    2013-01-02 11:40 - 2012-11-05 20:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
    2013-01-02 11:40 - 2012-11-05 20:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
    2013-01-02 11:40 - 2012-11-05 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
    2013-01-02 11:40 - 2012-11-05 19:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
    2013-01-02 11:40 - 2012-11-05 19:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
    2013-01-02 11:40 - 2012-11-05 19:55 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
    2013-01-02 11:40 - 2012-11-05 19:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
    2013-01-02 11:40 - 2012-11-05 19:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
    2013-01-02 11:40 - 2012-11-05 19:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
    2013-01-02 11:40 - 2012-11-05 19:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
    2013-01-02 11:40 - 2012-11-05 19:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
    2013-01-02 11:40 - 2012-11-05 19:54 - 00859136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
    2013-01-02 11:40 - 2012-11-05 19:54 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
    2013-01-02 11:40 - 2012-11-05 19:53 - 01171968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
    2013-01-02 11:40 - 2012-11-05 19:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
    2013-01-02 11:40 - 2012-11-05 19:53 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
    2013-01-02 11:40 - 2012-11-05 19:52 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
    2013-01-02 11:40 - 2012-11-05 19:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-01-02 11:40 - 2012-11-02 16:05 - 00385604 ____A C:\Windows\System32\ApnDatabase.xml
    2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
    2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
    2012-12-31 13:57 - 2012-12-31 13:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
    2012-12-31 13:56 - 2012-12-31 13:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
    2012-12-31 13:41 - 2012-12-31 13:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
    2012-12-31 13:39 - 2012-12-31 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
    2012-12-31 13:38 - 2012-12-31 13:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
    2012-12-31 13:23 - 2012-12-31 13:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
    2012-12-31 13:22 - 2012-12-31 13:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
    2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
    2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
    2012-12-29 12:59 - 2012-12-29 12:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Public\Juniper Networks
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
    2012-12-29 12:37 - 2010-10-22 21:49 - 00579952 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcSmartCardProv.dll
    2012-12-29 12:37 - 2010-10-22 21:49 - 00405360 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcCredProv.dll
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\Application Data\CanonBJ
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Program Files\CanonBJ
    2012-12-29 12:19 - 2007-05-01 04:00 - 00258560 ____A (CANON INC.) C:\Windows\System32\CNMLM90.DLL
    2012-12-29 12:19 - 2007-04-25 18:28 - 00183296 ____A (Canon Inc.) C:\Windows\System32\CNCF2Lc.DLL
    2012-12-29 12:19 - 2007-04-25 18:23 - 00143360 ____A (Canon Inc.) C:\Windows\System32\CNCFMSc.EXE
    2012-12-29 12:19 - 2007-04-25 18:19 - 00003584 ____A (Canon Inc.) C:\Windows\System32\CNCFLcUS.DLL
    2012-12-29 12:19 - 2007-04-25 18:19 - 00003072 ____A (Canon Inc.) C:\Windows\System32\CNCFLcJP.DLL
    2012-12-29 12:18 - 2012-12-29 12:19 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
    2012-12-29 12:17 - 2012-12-29 12:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
    2012-12-29 12:15 - 2012-12-29 12:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
    2012-12-29 12:14 - 2012-12-29 12:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
    2012-12-29 12:13 - 2012-12-29 12:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
    2012-12-29 11:51 - 2012-12-29 11:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
    2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
    2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
    2012-12-29 11:48 - 2012-12-29 11:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
    2012-12-29 11:48 - 2012-12-29 11:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
    2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
    2012-12-28 17:30 - 2013-01-16 12:43 - 00000000 ____D C:\Users\Kathryn\Application Data\Skype
    2012-12-28 17:30 - 2013-01-16 12:43 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\All Users\Desktop\Skype.lnk
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\SkypePackages
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Application Data\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\extensions.sqlite
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\end
    2012-12-28 17:30 - 2012-12-28 17:29 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
    2012-12-28 17:29 - 2012-12-28 17:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
    2012-12-28 15:33 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Kathryn\Application Data\Juniper Networks
    2012-12-28 15:33 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
    2012-12-28 15:32 - 2012-12-28 15:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Sun
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Application Data\Sun
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Program Files (x86)\Java
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\GDIPFONTCACHEV1.DAT
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-12-28 14:56 - 2013-01-09 08:18 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-12-28 14:41 - 2012-08-30 16:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
    2012-12-28 14:41 - 2012-08-30 16:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
    2012-12-28 14:37 - 2012-11-09 20:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
    2012-12-28 14:37 - 2012-11-09 20:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2012-12-28 14:37 - 2012-11-09 20:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
    2012-12-28 14:37 - 2012-11-09 20:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
    2012-12-28 14:37 - 2012-11-09 20:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
    2012-12-28 14:37 - 2012-11-09 20:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
    2012-12-28 14:37 - 2012-10-09 23:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
    2012-12-28 14:37 - 2012-10-09 22:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
    2012-12-28 14:33 - 2012-12-16 00:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2012-12-28 14:33 - 2012-12-16 00:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2012-12-28 14:33 - 2012-12-16 00:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2012-12-28 14:33 - 2012-12-15 23:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2012-12-28 14:33 - 2012-11-27 20:21 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
    2012-12-28 14:33 - 2012-11-27 20:20 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
    2012-12-28 14:33 - 2012-11-14 22:26 - 19439616 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-12-28 14:33 - 2012-11-14 22:26 - 14324224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-12-28 14:33 - 2012-11-14 22:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-12-28 14:33 - 2012-11-14 22:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-12-28 14:33 - 2012-11-08 20:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2012-12-28 14:33 - 2012-11-08 20:03 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2012-12-28 14:33 - 2012-11-07 20:25 - 01775104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-12-28 14:33 - 2012-11-07 20:25 - 01138688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 13740032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 02881536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 01684992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2012-12-28 14:33 - 2012-11-07 20:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2012-12-28 14:33 - 2012-11-07 20:22 - 02246656 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-12-28 14:33 - 2012-11-07 20:22 - 01352704 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-12-28 14:33 - 2012-11-07 20:22 - 00907776 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
    2012-12-28 14:33 - 2012-11-07 20:22 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2012-12-28 14:33 - 2012-11-07 20:21 - 03966464 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-12-28 14:33 - 2012-11-07 20:21 - 00854528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-12-28 14:33 - 2012-11-07 20:21 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-12-28 14:33 - 2012-11-07 20:21 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 15416832 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 02162176 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2012-12-28 14:33 - 2012-11-07 20:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
    2012-12-28 14:33 - 2012-11-07 20:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
    2012-12-28 14:33 - 2012-11-07 20:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2012-12-28 14:33 - 2012-11-07 17:56 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
    2012-12-28 14:33 - 2012-11-02 21:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
    2012-12-28 14:33 - 2012-11-02 21:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
    2012-12-28 14:33 - 2012-11-02 21:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
    2012-12-28 14:33 - 2012-11-02 21:25 - 01009664 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
    2012-12-28 14:33 - 2012-11-02 21:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
    2012-12-28 14:33 - 2012-11-02 21:25 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
    2012-12-28 14:33 - 2012-11-02 21:25 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
    2012-12-28 14:33 - 2012-11-02 21:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
    2012-12-28 14:33 - 2012-11-02 21:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
    2012-12-28 14:33 - 2012-11-02 21:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
    2012-12-28 14:33 - 2012-11-02 21:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
    2012-12-28 14:33 - 2012-11-02 21:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
    2012-12-28 14:33 - 2012-10-23 19:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
    2012-12-28 14:33 - 2012-10-23 19:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
    2012-12-28 14:33 - 2012-10-23 19:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
    2012-12-28 14:33 - 2012-10-23 19:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
    2012-12-28 14:33 - 2012-10-23 19:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
    2012-12-28 14:33 - 2012-10-23 18:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
    2012-12-28 14:33 - 2012-10-05 20:53 - 02893824 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
    2012-12-28 14:33 - 2012-10-05 20:15 - 02400256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2012-12-28 13:55 - 2012-12-28 13:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
    2012-12-28 13:54 - 2012-12-28 13:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
    2012-12-28 13:42 - 2012-12-28 13:47 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
    2012-12-28 13:42 - 2012-12-28 13:42 - 00000000 ____D C:\Program Files (x86)\MSECache
    2012-12-28 13:41 - 2012-12-28 13:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
    2012-12-28 13:37 - 2012-12-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
    2012-12-28 13:37 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
    2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
    2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-12-28 13:30 - 2013-01-10 08:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2012-12-28 13:30 - 2013-01-10 08:33 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Microsoft Help
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Microsoft Help
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
    2012-12-28 13:29 - 2012-12-28 13:29 - 00000000 __RHD C:\MSOCache
    2012-12-28 10:06 - 2012-12-28 10:09 - 00000000 ____D C:\Users\Kathryn\Application Data\PCDr
    2012-12-28 10:06 - 2012-12-28 10:09 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
    2012-12-28 10:01 - 2013-01-16 12:42 - 00000000 ___RD C:\Users\Kathryn\Dropbox
    2012-12-28 10:01 - 2012-12-28 10:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
    2012-12-28 09:58 - 2013-01-16 12:42 - 00000000 ____D C:\Users\Kathryn\Application Data\Dropbox
    2012-12-28 09:58 - 2013-01-16 12:42 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
    2012-12-28 09:57 - 2012-12-28 09:58 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
    2012-12-28 09:33 - 2012-12-28 09:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
    2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\Local Settings\softthinks
    2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\softthinks
    2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
    2012-12-28 09:21 - 2012-12-28 09:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
    2012-12-28 09:19 - 2012-12-28 09:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
    2012-12-27 18:46 - 2012-04-20 14:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
    2012-12-27 15:10 - 2013-01-16 12:41 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-12-27 15:10 - 2013-01-16 10:15 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-12-27 15:10 - 2013-01-12 10:18 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Program Files (x86)\Google
    2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\Local Settings\Deployment
    2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Deployment
    2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
    2012-12-27 15:09 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
    2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\Application Data\Intel Corporation
    2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\My Documents\Bluetooth Exchange Folder
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Broadcom
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Broadcom
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\VirtualStore
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\VirtualStore
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Macromedia
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Leadertech
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Adobe
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
    2012-12-27 14:28 - 2012-12-28 10:01 - 00000000 ____D C:\users\Kathryn
    2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\Local Settings\Packages
    2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Packages
    2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
    2012-12-27 14:28 - 2012-12-27 14:31 - 00000000 ____D C:\Users\All Users\PRICache
    2012-12-27 14:28 - 2012-12-27 14:31 - 00000000 ____D C:\Users\All Users\Application Data\PRICache
    2012-12-27 14:28 - 2012-12-27 14:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
    2012-12-27 14:23 - 2012-12-27 14:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
     
  21. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    And hopefully the last part:

    ==================== One Month Modified Files and Folders =======

    2013-01-16 12:44 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\BBI
    2013-01-16 12:43 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\Skype
    2013-01-16 12:43 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
    2013-01-16 12:43 - 2012-11-05 14:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
    2013-01-16 12:42 - 2012-12-28 10:01 - 00000000 ___RD C:\Users\Kathryn\Dropbox
    2013-01-16 12:42 - 2012-12-28 09:58 - 00000000 ____D C:\Users\Kathryn\Application Data\Dropbox
    2013-01-16 12:42 - 2012-12-28 09:58 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
    2013-01-16 12:41 - 2013-01-16 12:41 - 00000645 ____A C:\Windows\setupact.log
    2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ____A C:\Windows\setuperr.log
    2013-01-16 12:41 - 2012-12-27 15:10 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-01-16 12:41 - 2012-07-25 23:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-01-16 12:31 - 2013-01-05 09:53 - 01907658 ____A C:\Windows\WindowsUpdate.log
    2013-01-16 12:22 - 2012-07-25 23:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-01-16 12:21 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
    2013-01-16 10:15 - 2012-12-27 15:10 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-01-15 20:58 - 2013-01-15 20:58 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64 (1).exe
    2013-01-15 17:42 - 2013-01-15 17:42 - 00108226 ____A C:\Users\Kathryn\Downloads\FRST.txt
    2013-01-15 17:40 - 2013-01-15 17:40 - 00000000 ____D C:\FRST
    2013-01-15 17:39 - 2013-01-15 17:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
    2013-01-15 17:36 - 2013-01-15 17:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
    2013-01-15 17:33 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
    2013-01-15 16:27 - 2013-01-15 16:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
    2013-01-15 16:26 - 2013-01-15 16:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
    2013-01-15 16:25 - 2013-01-15 16:24 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
    2013-01-15 15:25 - 2013-01-15 15:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-15 15:08 - 2013-01-15 15:07 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
    2013-01-15 15:07 - 2013-01-15 15:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
    2013-01-15 15:05 - 2013-01-15 15:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
    2013-01-15 15:05 - 2013-01-15 15:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
    2013-01-15 15:05 - 2013-01-15 15:04 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
    2013-01-15 15:04 - 2013-01-15 15:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
    2013-01-15 08:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\rescache
    2013-01-15 07:25 - 2013-01-15 07:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
    2013-01-15 07:24 - 2013-01-15 07:25 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
    2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
    2013-01-15 07:13 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
    2013-01-15 07:06 - 2012-11-05 14:48 - 00000000 ____D C:\Program Files (x86)\McAfee
    2013-01-15 07:05 - 2013-01-12 10:13 - 00003094 ____A C:\Windows\PFRO.log
    2013-01-15 07:04 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
    2013-01-14 12:42 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\CyberLink
    2013-01-14 12:42 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\Application Data\CyberLink
    2013-01-12 10:18 - 2012-12-27 15:10 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
    2013-01-12 10:07 - 2013-01-07 19:56 - 00012075 ____A C:\Users\Kathryn\My Documents\Job applications.xlsx
    2013-01-12 10:07 - 2013-01-07 19:56 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
    2013-01-10 08:33 - 2012-12-28 13:30 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2013-01-10 08:33 - 2012-12-28 13:30 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
    2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\Application Data\Malwarebytes
    2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
    2013-01-09 16:53 - 2013-01-09 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-01-09 16:52 - 2013-01-09 16:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
    2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
    2013-01-09 16:51 - 2013-01-09 16:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-09 08:18 - 2012-12-28 14:56 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\softthinks
    2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\softthinks
    2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
    2013-01-04 17:37 - 2012-11-05 16:00 - 00000000 ____D C:\Windows\Panther
    2013-01-04 17:36 - 2013-01-04 17:36 - 00000000 ____D C:\Program Files\CCleaner
    2013-01-04 17:36 - 2013-01-04 17:35 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
    2013-01-04 17:33 - 2013-01-04 17:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Amazon_Services_LLC
    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Amazon_Services_LLC
    2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
    2013-01-02 15:07 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Application Data\Apple Computer
    2013-01-02 15:07 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Apple Computer
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iTunes
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iPod
    2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Application Data\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Bonjour
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-01-02 15:04 - 2013-01-02 15:03 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
    2013-01-02 14:55 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ToastData
    2013-01-02 14:54 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
    2013-01-02 14:54 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\oobe
    2013-01-02 14:48 - 2013-01-02 14:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
    2013-01-02 14:30 - 2013-01-02 14:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
    2013-01-02 14:30 - 2013-01-02 14:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
    2013-01-02 14:09 - 2013-01-02 14:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
    2013-01-02 12:39 - 2013-01-02 12:38 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
    2013-01-02 12:29 - 2013-01-02 12:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
    2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
    2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
    2012-12-31 13:57 - 2012-12-31 13:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
    2012-12-31 13:56 - 2012-12-31 13:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
    2012-12-31 13:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\NDF
    2012-12-31 13:41 - 2012-12-31 13:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
    2012-12-31 13:39 - 2012-12-31 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
    2012-12-31 13:38 - 2012-12-31 13:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
    2012-12-31 13:23 - 2012-12-31 13:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
    2012-12-31 13:22 - 2012-12-31 13:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
    2012-12-31 13:20 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2012-12-31 13:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\FxsTmp
    2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
    2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
    2012-12-29 12:59 - 2012-12-29 12:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Public\Juniper Networks
    2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
    2012-12-29 12:37 - 2012-12-28 15:33 - 00000000 ____D C:\Users\Kathryn\Application Data\Juniper Networks
    2012-12-29 12:37 - 2012-12-28 15:33 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\Application Data\CanonBJ
    2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Program Files\CanonBJ
    2012-12-29 12:19 - 2012-12-29 12:18 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
    2012-12-29 12:17 - 2012-12-29 12:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
    2012-12-29 12:15 - 2012-12-29 12:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
    2012-12-29 12:14 - 2012-12-29 12:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
    2012-12-29 12:13 - 2012-12-29 12:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
    2012-12-29 11:51 - 2012-12-29 11:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
    2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
    2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
    2012-12-29 11:48 - 2012-12-29 11:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
    2012-12-29 11:48 - 2012-12-29 11:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
    2012-12-29 09:47 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\PCDr
    2012-12-29 09:47 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\Application Data\PCDr
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
    2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
    2012-12-29 09:03 - 2012-07-25 21:26 - 00000199 ____A C:\Windows\win.ini
    2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
    2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
    2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
    2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\All Users\Desktop\Skype.lnk
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\SkypePackages
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Application Data\Skype
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\extensions.sqlite
    2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\end
    2012-12-28 17:29 - 2012-12-28 17:30 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
    2012-12-28 17:29 - 2012-12-28 17:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2012-12-28 15:32 - 2012-12-28 15:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Sun
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Application Data\Sun
    2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Program Files (x86)\Java
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\GDIPFONTCACHEV1.DAT
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-12-28 13:55 - 2012-12-28 13:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
    2012-12-28 13:54 - 2012-12-28 13:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
    2012-12-28 13:51 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
    2012-12-28 13:47 - 2012-12-28 13:42 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
    2012-12-28 13:42 - 2012-12-28 13:42 - 00000000 ____D C:\Program Files (x86)\MSECache
    2012-12-28 13:41 - 2012-12-28 13:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
    2012-12-28 13:37 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
    2012-12-28 13:37 - 2012-11-05 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2012-12-28 13:37 - 2012-11-05 14:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
    2012-12-28 13:37 - 2012-07-25 23:52 - 00000000 ____D C:\Windows\ShellNew
    2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
    2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Microsoft Help
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Microsoft Help
    2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
    2012-12-28 13:29 - 2012-12-28 13:29 - 00000000 __RHD C:\MSOCache
    2012-12-28 10:09 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Kathryn\Application Data\PCDr
    2012-12-28 10:09 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
    2012-12-28 10:09 - 2012-11-05 14:43 - 00000000 ____D C:\Program Files\Dell Support Center
    2012-12-28 10:01 - 2012-12-28 10:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
    2012-12-28 10:01 - 2012-12-27 14:28 - 00000000 ____D C:\users\Kathryn
    2012-12-28 09:58 - 2012-12-28 09:57 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
    2012-12-28 09:33 - 2012-12-28 09:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
    2012-12-28 09:33 - 2012-05-08 03:37 - 00000000 ____D C:\DELL
    2012-12-28 09:21 - 2012-12-28 09:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
    2012-12-28 09:20 - 2012-11-05 14:48 - 00000000 ____D C:\Program Files\Common Files\mcafee
    2012-12-28 09:19 - 2012-12-28 09:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
    2012-12-27 18:46 - 2012-11-05 14:48 - 00000000 ____D C:\Users\All Users\McAfee
    2012-12-27 18:46 - 2012-11-05 14:48 - 00000000 ____D C:\Users\All Users\Application Data\McAfee
    2012-12-27 18:45 - 2012-07-26 00:12 - 00000000 ___HD C:\Windows\ELAMBKUP
    2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\Local Settings\Deployment
    2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Deployment
    2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
    2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Program Files (x86)\Google
    2012-12-27 15:09 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
    2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Packages
    2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Packages
    2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
    2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\Application Data\Intel Corporation
    2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\My Documents\Bluetooth Exchange Folder
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Broadcom
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Broadcom
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
    2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
    2012-12-27 14:31 - 2012-12-27 14:28 - 00000000 ____D C:\Users\All Users\PRICache
    2012-12-27 14:31 - 2012-12-27 14:28 - 00000000 ____D C:\Users\All Users\Application Data\PRICache
    2012-12-27 14:31 - 2012-11-05 14:36 - 00000000 ____D C:\Users\All Users\Intel
    2012-12-27 14:31 - 2012-11-05 14:36 - 00000000 ____D C:\Users\All Users\Application Data\Intel
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\VirtualStore
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\VirtualStore
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Macromedia
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Leadertech
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Adobe
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
    2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
    2012-12-27 14:28 - 2012-12-27 14:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
    2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
    2012-12-27 14:23 - 2012-12-27 14:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
    2012-12-18 15:32 - 2012-07-26 00:14 - 00695640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-12-18 15:32 - 2012-07-26 00:14 - 00080728 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl


    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe
    [2013-01-02 11:42] - [2012-10-10 21:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

    C:\Windows\System32\wininit.exe
    [2012-07-25 16:03] - [2012-07-25 19:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

    C:\Windows\explorer.exe
    [2013-01-02 11:42] - [2012-10-10 23:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

    C:\Windows\SysWOW64\explorer.exe
    [2013-01-02 11:42] - [2012-10-10 21:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

    C:\Windows\System32\svchost.exe
    [2013-01-02 14:35] - [2012-09-19 22:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

    C:\Windows\SysWOW64\svchost.exe
    [2013-01-02 14:35] - [2012-09-19 21:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

    C:\Windows\System32\services.exe
    [2013-01-02 14:33] - [2012-09-19 22:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

    C:\Windows\System32\User32.dll
    [2013-01-02 14:32] - [2012-09-19 22:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

    C:\Windows\SysWOW64\User32.dll
    [2013-01-02 14:32] - [2012-09-19 20:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

    C:\Windows\System32\userinit.exe
    [2012-07-25 16:06] - [2012-07-25 19:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

    C:\Windows\SysWOW64\userinit.exe
    [2012-07-25 16:08] - [2012-07-25 19:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

    C:\Windows\System32\Drivers\volsnap.sys
    [2012-07-25 18:30] - [2012-07-25 20:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2012-12-28 13:29:44
    Restore point made on: 2013-01-02 11:48:00
    Restore point made on: 2013-01-09 08:16:39
    Restore point made on: 2013-01-12 10:28:20
    Restore point made on: 2013-01-15 16:18:00

    ==================== Memory info ===========================

    Percentage of memory in use: 16%
    Total physical RAM: 3961.09 MB
    Available physical RAM: 3298.75 MB
    Total Pagefile: 3961.09 MB
    Available Pagefile: 3305.5 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.89 MB

    ==================== Partitions =============================

    1 Drive c: (OS) (Fixed) (Total:457.39 GB) (Free:415.66 GB) NTFS
    3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
    4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.77 GB) FAT32
    5 Drive g: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
    6 Drive w: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
    7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    8 Drive y: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32


    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 0 B *
    Disk 1 Online 971 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 System (partition with boot components) 500 MB 1024 KB
    Partition 2 OEM 40 MB 501 MB
    Partition 3 Reserved 128 MB 541 MB
    Partition 4 Recovery 500 MB 669 MB
    Partition 5 Primary 457 GB 1169 MB
    Partition 6 Recovery 7404 MB 458 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
    Hidden : Yes
    Required: No
    Attrib : 0X8000000000000000

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 Y ESP FAT32 Partition 500 MB Healthy Hidden

    =========================================================

    Disk: 0
    Partition 2
    Type : 796badd3-6bbf-4d9f-b631-466eb71a4965
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 7 DIAGS FAT32 Partition 40 MB Healthy Hidden

    =========================================================

    Disk: 0
    Partition 3
    Type : e3c9e316-0b5c-4db8-817d-f92df00215ae
    Hidden : Yes
    Required: No
    Attrib : 0X8000000000000000

    There is no volume associated with this partition.

    =========================================================

    Disk: 0
    Partition 4
    Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G WINRETOOLS NTFS Partition 500 MB Healthy Hidden

    =========================================================

    Disk: 0
    Partition 5
    Type : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Hidden : No
    Required: No
    Attrib : 0000000000000000

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C OS NTFS Partition 457 GB Healthy

    =========================================================

    Disk: 0
    Partition 6
    Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
    Hidden : Yes
    Required: Yes
    Attrib : 0X8000000000000001

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 PBR Image NTFS Partition 7404 MB Healthy Hidden

    =========================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    * Partition 1 Primary 971 MB 0 B

    ==================================================================================

    Disk: 1
    There is no partition selected.

    There is no partition selected.
    Please select a partition and try again.

    =========================================================

    Last Boot: 2013-01-13 17:09

    ==================== End Of Log =============================
     
  22. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Broni - Are you still working on my problem?
     
  23. Broni

    Broni Malware Annihilator Posts: 47,078   +257

    Yes, but I also go to work :)
    I'm not here 24/7.

    FRST log is clean.

    Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    =========================

    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    ========================

    Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  24. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    Here's the report from AdwCleaner:

    # AdwCleaner v2.105 - Logfile created 01/16/2013 at 17:53:38
    # Updated 08/01/2013 by Xplode
    # Operating system : Windows 8 (64 bits)
    # User : Kathryn - KATIESLAPTOP
    # Boot Mode : Normal
    # Running from : C:\Users\Kathryn\Downloads\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Found : C:\END
    Folder Found : C:\Program Files (x86)\PricePeep
    Folder Found : C:\Users\Kathryn\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software\PricePeep
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
    Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
    Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
    Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v10.0.9200.16453

    [OK] Registry is clean.

    -\\ Google Chrome v24.0.1312.52

    File : C:\Users\Kathryn\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [2220 octets] - [16/01/2013 17:53:38]

    ########## EOF - C:\AdwCleaner[R1].txt - [2280 octets] ##########
    I'll run the Junkware Removal Tool next and post the results.
     
  25. Kathryn Rowan

    Kathryn Rowan TS Member Topic Starter Posts: 62

    When I try to run Junkware Removal Tool, I get a message that "This file appears to be malicious." It is OK. to run?
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.