Solved Successfully blocked access to malicious web site

K

Kathryn Rowan

Posts: 62   +0
Hi,

I am performing the steps in the 4-Step Instructions. Here is the log from my Malwarebytes scan:

2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65454, Process: chrome.exe)
2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65455, Process: chrome.exe)
2013/01/15 07:22:38 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 65471, Process: chrome.exe)
2013/01/15 07:25:19 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49309, Process: chrome.exe)
2013/01/15 07:26:55 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 49371, Process: chrome.exe)
2013/01/15 07:28:48 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49523, Process: chrome.exe)
2013/01/15 07:31:04 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 49598, Process: chrome.exe)
2013/01/15 07:33:28 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 49759, Process: chrome.exe)
2013/01/15 07:35:53 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 49881, Process: chrome.exe)
2013/01/15 07:38:34 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 50074, Process: chrome.exe)
2013/01/15 07:40:50 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 50477, Process: chrome.exe)
2013/01/15 07:43:46 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 50790, Process: chrome.exe)
2013/01/15 07:45:23 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 50976, Process: chrome.exe)
2013/01/15 07:47:23 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51147, Process: chrome.exe)
2013/01/15 07:48:51 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51228, Process: chrome.exe)
2013/01/15 07:51:08 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.41 (Type: outgoing, Port: 51295, Process: chrome.exe)
2013/01/15 07:53:28 -0700KATIESLAPTOPKathrynMESSAGEStarting database refresh
2013/01/15 07:53:28 -0700KATIESLAPTOPKathrynMESSAGEStopping IP protection
2013/01/15 07:53:29 -0700KATIESLAPTOPKathrynMESSAGEIP Protection stopped successfully
2013/01/15 07:53:36 -0700KATIESLAPTOPKathrynMESSAGEDatabase refreshed successfully
2013/01/15 07:53:36 -0700KATIESLAPTOPKathrynMESSAGEStarting IP protection
2013/01/15 07:53:37 -0700KATIESLAPTOPKathrynMESSAGEIP Protection started successfully
2013/01/15 07:54:24 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.40 (Type: outgoing, Port: 51401, Process: chrome.exe)
2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEStarting protection
2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEProtection started successfully
2013/01/15 08:06:59 -0700KATIESLAPTOP(null)MESSAGEStarting IP protection
2013/01/15 08:07:00 -0700KATIESLAPTOP(null)MESSAGEIP Protection started successfully
2013/01/15 08:08:28 -0700KATIESLAPTOPKathrynIP-BLOCK66.150.14.42 (Type: outgoing, Port: 49323, Process: chrome.exe)

The next step says to download DDSby sUPs from either DDS.com or DDS.pif but I can't seem to figure out what I'm supposed to download. Please help.

Katie
 
I found the link in another post. Here's the logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.10.2
Run by Kathryn at 8:24:00 on 2013-01-15
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.3961.2413 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\AECLSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Kathryn\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\RunDll32.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://dell13.msn.com
uDefault_Page_URL = hxxp://dell13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: PricePeep: {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll
uRun: [GoogleChromeAutoLaunch_5F8DEE5AAD550B4A05D8853BE7B4418F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Kathryn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kathryn\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{7564D7AD-005D-47B0-BC6B-A7BD4B20CCA8} : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{83CADE12-5A3F-4F9F-B925-A96EE9A82399} : DHCPNameServer = 172.21.1.177
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-26 651832]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\Drivers\mfehidk.sys [2012-6-22 771096]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\Drivers\mfewfpk.sys [2012-6-22 339776]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-11-5 92536]
R2 AECLFilters;Andrea Cirrus Logic Filters Service;C:\Windows\System32\AECLSr64.exe [2012-11-5 99696]
R2 BcmBtRSupport;Bluetooth Radio Control Service;C:\Windows\System32\BtwRSupportService.exe [2012-11-5 2247992]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-9 173568]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-5 7168]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-5 166720]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-9 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-9 682344]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-11-5 241016]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-11-5 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-11-5 177680]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2012-11-5 1914728]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\Drivers\TurboB.sys [2012-5-30 16168]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-5 365376]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\Drivers\bcbtums.sys [2012-11-5 164152]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btwampfl;btwampfl Bluetooth filter driver;C:\Windows\System32\Drivers\btwampfl.sys [2012-11-5 126776]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\Drivers\btwl2cap.sys [2012-11-5 39736]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\Drivers\cfwids.sys [2012-6-22 69672]
R3 CirrusLFD;CS42xxLowerFilter;C:\Windows\System32\Drivers\CSLFDx64.sys [2012-11-5 41328]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-11-5 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-1-9 24176]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\Drivers\mfeavfk.sys [2012-6-22 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\Drivers\mfefirek.sys [2012-6-22 515528]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-11-5 683664]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\Drivers\mfeelamk.sys [2012-6-18 69168]
S2 CirrusAudioService;Cirrus Audio Service;C:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe [2012-8-6 7168]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 DellRbtn;Airplane Mode Switch;C:\Windows\System32\Drivers\DellRbtn.sys [2012-11-5 10752]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\Drivers\HipShieldK.sys [2012-12-27 196440]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-11-5 332080]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\Drivers\mferkdet.sys [2012-6-22 106112]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUStor.sys [2012-11-5 252048]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-9-28 53760]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-12-27 201304]
.
=============== Created Last 30 ================
.
2013-01-12 18:20:061131520----a-w-C:\Windows\System32\AppXDeploymentServer.dll
2013-01-12 18:20:05707584----a-w-C:\Windows\System32\AppXDeploymentExtensions.dll
2013-01-12 18:20:03178176----a-w-C:\Windows\System32\SystemEventsBrokerServer.dll
2013-01-12 18:20:03170496----a-w-C:\Windows\System32\TimeBrokerServer.dll
2013-01-12 18:19:414055552----a-w-C:\Windows\System32\win32k.sys
2013-01-12 18:19:40368640----a-w-C:\Windows\System32\sppwinob.dll
2013-01-10 00:53:34--------d-----w-C:\Users\Kathryn\AppData\Roaming\Malwarebytes
2013-01-10 00:52:58--------d-----w-C:\ProgramData\Malwarebytes
2013-01-10 00:52:5624176----a-w-C:\Windows\System32\drivers\mbam.sys
2013-01-10 00:52:56--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-10 00:52:38--------d-----w-C:\Users\Kathryn\AppData\Local\Programs
2013-01-10 00:05:23182464----a-w-C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10188.bin
2013-01-09 15:25:1286016----a-w-C:\Windows\System32\ncryptsslp.dll
2013-01-09 15:25:1271168----a-w-C:\Windows\SysWow64\ncryptsslp.dll
2013-01-09 15:24:572361344----a-w-C:\Windows\System32\msxml6.dll
2013-01-09 15:24:571836032----a-w-C:\Windows\System32\msxml3.dll
2013-01-09 15:24:561802240----a-w-C:\Windows\SysWow64\msxml6.dll
2013-01-09 15:24:561438720----a-w-C:\Windows\SysWow64\msxml3.dll
2013-01-09 15:24:552048----a-w-C:\Windows\SysWow64\msxml6r.dll
2013-01-09 15:24:552048----a-w-C:\Windows\SysWow64\msxml3r.dll
2013-01-09 15:24:552048----a-w-C:\Windows\System32\msxml6r.dll
2013-01-09 15:24:552048----a-w-C:\Windows\System32\msxml3r.dll
2013-01-05 01:36:45--------d-----w-C:\Program Files\CCleaner
2013-01-04 20:44:04--------d-----w-C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
2013-01-02 23:06:39--------d-----w-C:\Users\Kathryn\AppData\Local\Apple Computer
2013-01-02 23:06:3033240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-01-02 23:06:07--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 23:06:07--------d-----w-C:\Program Files\iTunes
2013-01-02 23:06:07--------d-----w-C:\Program Files\iPod
2013-01-02 23:06:07--------d-----w-C:\Program Files (x86)\iTunes
2013-01-02 23:05:52--------d-----w-C:\Users\Kathryn\AppData\Local\Apple
2013-01-02 23:05:17--------d-----w-C:\Program Files\Bonjour
2013-01-02 23:05:17--------d-----w-C:\Program Files (x86)\Bonjour
2013-01-02 22:46:4568608----a-w-C:\Windows\System32\wwanprotdim.dll
2013-01-02 22:46:45446976----a-w-C:\Windows\System32\wwansvc.dll
2013-01-02 22:45:4876288----a-w-C:\Windows\System32\newdev.exe
2013-01-02 22:45:4875264----a-w-C:\Windows\System32\ndadmin.exe
2013-01-02 22:45:4774240----a-w-C:\Windows\SysWow64\newdev.exe
2013-01-02 22:45:4773728----a-w-C:\Windows\SysWow64\ndadmin.exe
2013-01-02 22:45:47275968----a-w-C:\Windows\SysWow64\newdev.dll
2013-01-02 22:45:46301568----a-w-C:\Windows\System32\newdev.dll
2013-01-02 22:37:1783968----a-w-C:\Windows\SysWow64\OEMLicense.dll
2013-01-02 22:34:599216----a-w-C:\Windows\SysWow64\spwmp.dll
2013-01-02 22:33:5883456----a-w-C:\Windows\System32\drivers\wanarp.sys
2013-01-02 22:32:591126912----a-w-C:\Windows\SysWow64\user32.dll
2013-01-02 22:31:58573440----a-w-C:\Windows\System32\WinSATAPI.dll
2013-01-02 22:31:573964416----a-w-C:\Windows\System32\WinSAT.exe
2013-01-02 19:43:431172992----a-w-C:\Windows\System32\mfnetsrc.dll
2013-01-02 19:43:42929792----a-w-C:\Windows\SysWow64\mfnetsrc.dll
2013-01-02 19:43:42677888----a-w-C:\Windows\System32\mfnetcore.dll
2013-01-02 19:43:42673280----a-w-C:\Windows\System32\mfmpeg2srcsnk.dll
2013-01-02 19:43:42568832----a-w-C:\Windows\SysWow64\mfnetcore.dll
2013-01-02 19:43:42513024----a-w-C:\Windows\SysWow64\mfmpeg2srcsnk.dll
2013-01-02 19:43:41850944----a-w-C:\Windows\SysWow64\mfasfsrcsnk.dll
2013-01-02 19:43:411048064----a-w-C:\Windows\System32\mfasfsrcsnk.dll
2013-01-02 19:43:013554304----a-w-C:\Windows\System32\tquery.dll
2013-01-02 19:41:1011459584----a-w-C:\Windows\System32\glcndFilter.dll
2013-01-02 19:41:0810096640----a-w-C:\Windows\System32\twinui.dll
2013-01-02 19:41:078856576----a-w-C:\Windows\SysWow64\twinui.dll
2013-01-02 19:41:038552448----a-w-C:\Windows\SysWow64\glcndFilter.dll
2013-01-02 19:41:02710656----a-w-C:\Windows\System32\winhttp.dll
2013-01-02 19:41:021526784----a-w-C:\Windows\System32\mfcore.dll
2013-01-02 19:41:011451520----a-w-C:\Windows\SysWow64\mfcore.dll
2013-01-02 19:41:00976384----a-w-C:\Windows\System32\KernelBase.dll
2013-01-02 19:41:001566432----a-w-C:\Windows\System32\ole32.dll
2012-12-31 21:55:44--------d-----w-C:\Users\Kathryn\AppData\Local\ElevatedDiagnostics
2012-12-29 20:37:41579952----a-w-C:\Windows\SysWow64\dsNcSmartCardProv.dll
2012-12-29 20:37:40405360----a-w-C:\Windows\SysWow64\dsNcCredProv.dll
2012-12-29 20:37:23--------d-----w-C:\Program Files (x86)\Juniper Networks
2012-12-29 20:19:4682944----a-w-C:\Windows\System32\Spool\prtprocs\x64\CNMPP90.DLL
2012-12-29 20:19:4627648----a-w-C:\Windows\System32\Spool\prtprocs\x64\CNMPD90.DLL
2012-12-29 20:19:36258560----a-w-C:\Windows\System32\CNMLM90.DLL
2012-12-29 20:19:303584----a-w-C:\Windows\System32\CNCFLcUS.DLL
2012-12-29 20:19:303072----a-w-C:\Windows\System32\CNCFLcJP.DLL
2012-12-29 20:19:30183296----a-w-C:\Windows\System32\CNCF2Lc.DLL
2012-12-29 20:19:30143360----a-w-C:\Windows\System32\CNCFMSc.EXE
2012-12-29 20:14:21--------d-----w-C:\Program Files (x86)\DriverTuner
2012-12-29 01:30:31--------d-----r-C:\Program Files (x86)\Skype
2012-12-29 01:30:16--------d-----w-C:\Users\Kathryn\AppData\Roaming\SkypePackages
2012-12-29 01:30:14--------d-----w-C:\Users\Kathryn\AppData\Local\couponamazing
2012-12-29 01:30:11--------d-----w-C:\Program Files (x86)\PricePeep
2012-12-28 23:33:13--------d-----w-C:\Users\Kathryn\AppData\Roaming\Juniper Networks
2012-12-28 23:32:49859072----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2012-12-28 23:32:49779704----a-w-C:\Windows\SysWow64\deployJava1.dll
2012-12-28 23:32:4595184----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-12-28 22:58:4616114176----a-w-C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 22:58:4515541248----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2012-12-28 22:41:3117888----a-w-C:\Windows\System32\msvcr100_clr0400.dll
2012-12-28 22:41:2717888----a-w-C:\Windows\SysWow64\msvcr100_clr0400.dll
2012-12-28 22:37:16144384----a-w-C:\Windows\System32\tssdisai.dll
2012-12-28 22:37:16135680----a-w-C:\Windows\System32\appserverai.dll
2012-12-28 22:37:16126976----a-w-C:\Windows\System32\RDWebAI.dll
2012-12-28 22:37:16122880----a-w-C:\Windows\System32\VmHostAI.dll
2012-12-28 22:37:13148480----a-w-C:\Windows\System32\poqexec.exe
2012-12-28 22:37:13132608----a-w-C:\Windows\SysWow64\poqexec.exe
2012-12-28 22:37:1194208----a-w-C:\Windows\System32\synceng.dll
2012-12-28 22:37:1072192----a-w-C:\Windows\SysWow64\synceng.dll
2012-12-28 21:42:12--------d-----w-C:\Program Files (x86)\MSECache
2012-12-28 21:31:18--------d-----w-C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-28 21:30:21--------d-----w-C:\Users\Kathryn\AppData\Local\Microsoft Help
2012-12-28 18:06:52--------d-----w-C:\Users\Kathryn\AppData\Roaming\PCDr
2012-12-28 18:01:27--------d-----r-C:\Users\Kathryn\Dropbox
2012-12-28 17:58:18--------d-----w-C:\Users\Kathryn\AppData\Roaming\Dropbox
2012-12-28 17:33:18--------d-----w-C:\Program Files (x86)\Dell Digital Delivery
2012-12-28 17:28:33--------d-----w-C:\Users\Kathryn\AppData\Local\softthinks
2012-12-28 02:46:35196440----a-w-C:\Windows\System32\drivers\HipShieldK.sys
2012-12-27 23:10:22--------d-----w-C:\Users\Kathryn\AppData\Local\Google
2012-12-27 23:09:30--------d-----w-C:\Users\Kathryn\AppData\Local\Deployment
2012-12-27 23:09:30--------d-----w-C:\Users\Kathryn\AppData\Local\Apps
2012-12-27 22:32:50--------d-----w-C:\Users\Kathryn\AppData\Roaming\Intel Corporation
2012-12-27 22:31:54--------d-----w-C:\Users\Kathryn\AppData\Local\Broadcom
2012-12-27 22:31:48--------d-----w-C:\Users\Kathryn\AppData\Local\Power2Go8
2012-12-27 22:31:13--------d-----r-C:\Users\Kathryn\Searches
2012-12-27 22:31:13--------d-----r-C:\Users\Kathryn\Contacts
2012-12-27 22:30:5950784----a-w-C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2012-12-27 22:30:3618528----a-w-C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2012-12-27 22:29:05--------d-----w-C:\Users\Kathryn\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2012-12-18 23:32:5880728----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58695640----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-16 08:28:2046080----a-w-C:\Windows\System32\atmlib.dll
2012-12-16 08:20:0135328----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33362496----a-w-C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09300032----a-w-C:\Windows\SysWow64\atmfd.dll
2012-11-28 04:21:1744032----a-w-C:\Windows\SysWow64\UXInit.dll
2012-11-28 04:20:5953760----a-w-C:\Windows\System32\UXInit.dll
2012-11-27 07:00:32194280----a-w-C:\Windows\System32\drivers\sdbus.sys
2012-11-27 07:00:29124648----a-w-C:\Windows\System32\drivers\dumpsd.sys
2012-11-27 06:59:13329960----a-w-C:\Windows\System32\drivers\storport.sys
2012-11-27 06:39:461122768----a-w-C:\Windows\System32\Taskmgr.exe
2012-11-27 04:49:201027152----a-w-C:\Windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:501048064----a-w-C:\Windows\SysWow64\mstsc.exe
2012-11-27 04:20:42179200----a-w-C:\Windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35891904----a-w-C:\Windows\SysWow64\winmde.dll
2012-11-27 04:20:31798208----a-w-C:\Windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:2946592----a-w-C:\Windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28560128----a-w-C:\Windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:231217536----a-w-C:\Windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15680960----a-w-C:\Windows\System32\vds.exe
2012-11-27 04:20:07702464----a-w-C:\Windows\SysWow64\nshwfp.dll
2012-11-27 04:20:071123840----a-w-C:\Windows\System32\mstsc.exe
2012-11-27 04:18:59888832----a-w-C:\Windows\System32\nshwfp.dll
2012-11-27 04:18:395974528----a-w-C:\Windows\System32\mstscax.dll
2012-11-27 04:18:131071104----a-w-C:\Windows\System32\IKEEXT.DLL
2012-11-27 04:18:06378880----a-w-C:\Windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32718848----a-w-C:\Windows\System32\BFE.DLL
2012-11-27 04:17:312302464----a-w-C:\Windows\System32\authui.dll
2012-11-27 03:57:3218432----a-w-C:\Windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:2931104----a-w-C:\Windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:4429952----a-w-C:\Windows\System32\drivers\BthhfHid.sys
2012-11-20 08:00:236971624----a-w-C:\Windows\System32\ntoskrnl.exe
2012-11-20 05:24:191164800----a-w-C:\Windows\SysWow64\Display.dll
2012-11-20 05:24:1736352----a-w-C:\Windows\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:231184256----a-w-C:\Windows\System32\Display.dll
2012-11-20 05:17:2049152----a-w-C:\Windows\System32\DevDispItemProvider.dll
2012-11-20 05:02:466656----a-w-C:\Windows\SysWow64\KBDKURD.DLL
2012-11-20 04:59:267168----a-w-C:\Windows\System32\KBDKURD.DLL
2012-11-20 04:56:2727136----a-w-C:\Windows\System32\drivers\usbohci.sys
2012-11-20 04:56:1183456----a-w-C:\Windows\System32\drivers\hidclass.sys
2012-11-20 04:54:3139936----a-w-C:\Windows\System32\drivers\hidi2c.sys
2012-11-15 06:08:412706432----a-w-C:\Windows\System32\mshtml.tlb
2012-11-15 06:06:342706432----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-11-13 04:20:301120768----a-w-C:\Windows\System32\msctf.dll
2012-11-13 04:19:23890880----a-w-C:\Windows\SysWow64\msctf.dll
2012-11-09 12:40:2469672----a-w-C:\Windows\System32\drivers\cfwids.sys
2012-11-09 12:37:42339776----a-w-C:\Windows\System32\drivers\mfewfpk.sys
2012-11-09 12:37:30177680----a-w-C:\Windows\System32\mfevtps.exe
2012-11-09 12:36:4010288----a-w-C:\Windows\System32\drivers\mfeclnk.sys
2012-11-09 12:36:30106112----a-w-C:\Windows\System32\drivers\mferkdet.sys
2012-11-09 12:35:50771096----a-w-C:\Windows\System32\drivers\mfehidk.sys
2012-11-09 12:35:2669168----a-w-C:\Windows\System32\drivers\mfeelamk.sys
2012-11-09 12:34:58515528----a-w-C:\Windows\System32\drivers\mfefirek.sys
2012-11-09 12:34:18309400----a-w-C:\Windows\System32\drivers\mfeavfk.sys
2012-11-09 12:33:58178840----a-w-C:\Windows\System32\drivers\mfeapfk.sys
2012-11-09 04:49:512048----a-w-C:\Windows\System32\tzres.dll
2012-11-09 04:03:482048----a-w-C:\Windows\SysWow64\tzres.dll
2012-11-08 04:25:36523776----a-w-C:\Windows\SysWow64\WSShared.dll
2012-11-08 04:25:36143872----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36124928----a-w-C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:351775104----a-w-C:\Windows\SysWow64\wininet.dll
2012-11-08 04:24:272881536----a-w-C:\Windows\SysWow64\jscript9.dll
2012-11-08 04:24:2261440----a-w-C:\Windows\SysWow64\iesetup.dll
2012-11-08 04:24:22109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2012-11-08 04:24:1975776----a-w-C:\Windows\SysWow64\fontsub.dll
2012-11-08 04:24:0610752----a-w-C:\Windows\SysWow64\dciman32.dll
2012-11-08 04:22:21641536----a-w-C:\Windows\System32\WSShared.dll
2012-11-08 04:22:20198656----a-w-C:\Windows\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20163840----a-w-C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:192246656----a-w-C:\Windows\System32\wininet.dll
2012-11-08 04:22:12907776----a-w-C:\Windows\System32\uxtheme.dll
2012-11-08 04:21:003966464----a-w-C:\Windows\System32\jscript9.dll
2012-11-08 04:20:5667072----a-w-C:\Windows\System32\iesetup.dll
2012-11-08 04:20:56136704----a-w-C:\Windows\System32\iesysprep.dll
2012-11-08 04:20:5096256----a-w-C:\Windows\System32\fontsub.dll
2012-11-08 04:20:3714336----a-w-C:\Windows\System32\dciman32.dll
2012-11-08 04:02:163072----a-w-C:\Windows\System32\lpk.dll
2012-11-08 04:01:403072----a-w-C:\Windows\SysWow64\lpk.dll
2012-11-08 01:56:52534528----a-w-C:\Windows\SysWow64\uxtheme.dll
2012-11-06 07:52:07445160----a-w-C:\Windows\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04277736----a-w-C:\Windows\System32\drivers\msiscsi.sys
2012-11-06 07:36:2369864----a-w-C:\Windows\System32\drivers\pdc.sys
2012-11-06 07:33:46522640----a-w-C:\Windows\System32\AUDIOKSE.dll
2012-11-06 07:33:46253512----a-w-C:\Windows\System32\audiodg.exe
2012-11-06 07:33:45490064----a-w-C:\Windows\System32\AudioEng.dll
2012-11-06 07:33:45447792----a-w-C:\Windows\System32\AudioSes.dll
2012-11-06 05:00:06463768----a-w-C:\Windows\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06427568----a-w-C:\Windows\SysWow64\AudioEng.dll
2012-11-06 05:00:06324344----a-w-C:\Windows\SysWow64\AudioSes.dll
2012-11-06 04:54:132205696----a-w-C:\Windows\SysWow64\PrintConfig.dll
2012-11-06 04:48:271150160----a-w-C:\Windows\SysWow64\ole32.dll
2012-11-06 04:19:59470016----a-w-C:\Windows\System32\wlanmsm.dll
2012-11-06 04:19:59446464----a-w-C:\Windows\System32\wlansec.dll
2012-11-06 04:19:59273408----a-w-C:\Windows\System32\wlanapi.dll
2012-11-06 04:19:591386496----a-w-C:\Windows\System32\wlansvc.dll
2012-11-06 04:19:53291328----a-w-C:\Windows\System32\Windows.Networking.Connectivity.dll
2012-11-06 04:19:5230720----a-w-C:\Windows\System32\wfdprov.dll
2012-11-06 04:19:48466944----a-w-C:\Windows\System32\wcncsvc.dll
2012-11-06 04:19:4827136----a-w-C:\Windows\System32\WcnEapPeerProxy.dll
.
============= FINISH: 8:24:56.70 ===============
And log from Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 12/27/2012 3:28:47 PM
System Uptime: 1/15/2013 8:05:43 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0G8TPV
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | SOCKET 0 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 457 GiB total, 416.302 GiB free.
D: is CDROM ()
W: is FIXED (NTFS) - 7 GiB total, 0.301 GiB free.
X: is FIXED (NTFS) - 0 GiB total, 0.225 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 12/28/2012 2:29:35 PM - Installed Microsoft Office Enterprise 2007
RP3: 1/2/2013 12:47:35 PM - Windows Update
RP4: 1/9/2013 9:15:59 AM - Windows Update
RP5: 1/12/2013 11:27:16 AM - Windows Update
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 3 (SP3)
Amazon Browser App
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
Canon MX300 series
CCleaner
Cirrus Logic Audio Panel
Compatibility Pack for the 2007 Office system
couponamazing
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink Media Suite Essentials
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD 10
D3DX10
Dell Backup and Recovery
Dell Backup and Recovery - Support Software
Dell Digital Delivery
Dell Support Center
Dell Touchpad
DriverTuner 3.1.0.0
Dropbox
DSC/AA Factory Installer
DW WLAN Card
Google Chrome
Google Update Helper
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Monitor 2.6
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 10
Java Auto Updater
Juniper Networks Network Connect 7.0.0
Juniper Networks Setup Client
Juniper Networks Setup Client Activex Control
Juniper Terminal Services Client
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee SecurityCenter
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Photo Common
Photo Gallery
PricePeep
Quickset64
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shared C Run-time for x64
Skype Packages
Skype™ 6.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
1/9/2013 3:18:54 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
1/9/2013 3:18:54 PM, Error: Schannel [36884] - The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is client.wns.windows.com. The SSL connection request has failed. The attached data contains the server certificate.
1/8/2013 10:50:35 AM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
1/14/2013 5:29:27 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
1/14/2013 12:51:03 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OFFICE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7564D7AD-005D-47B0-BC6B-A7BD4B20CCA8}. The master browser is stopping or an election is being forced.
1/12/2013 11:13:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the msiserver service.
1/12/2013 11:13:13 AM, Error: Service Control Manager [7023] - The McAfee VirusScan Announcer service terminated with the following error: Incorrect function.
1/12/2013 11:11:52 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================

Please tell me what to do next to get rid of this problem. Thank you.
Katie
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

I still need Malwarebytes log.
 
Sorry - Here you go.

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.10

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Kathryn :: KATIESLAPTOP [administrator]

Protection: Enabled

1/15/2013 7:53:39 AM
mbam-log-2013-01-15 (07-53-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 211826
Time elapsed: 7 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
HKCR\CLSID\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F40A2D01-8777-490B-8E2B-A0AFD02AF3DF} (PUP.CouponAmazing) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Kathryn\AppData\Local\couponamazing\ie\couponamazing_1356744302.dll (PUP.CouponAmazing) -> Quarantined and deleted successfully.

(end)
 
  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

========================

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
Here's the log from RogueKiller:

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Kathryn [Admin rights]
Mode : Scan -- Date : 01/15/2013 16:05:20

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
mbar came back twice saying there was nothing found. Here's the mbar log:

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.15.14

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Kathryn :: KATIESLAPTOP [administrator]

1/15/2013 4:21:42 PM
mbar-log-2013-01-15 (16-21-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 7852
Time elapsed: 10 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

And here's the system log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16466

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, W:\ DRIVE_FIXED, X:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 4153499648, free: 2171174912

------------ Kernel report ------------
01/15/2013 16:08:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl63a.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\Apfiltr.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\CSLFDx64.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\drivers\bcbtums.sys
\??\C:\Windows\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\System32\drivers\btwrchid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005cbe740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000037\
Lower Device Object: 0xfffffa800443d7f0
Lower Device Driver Name: \Driver\iaStorA\
Driver name found: iaStorA
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0)
Load Function returned 0x0
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16466

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, W:\ DRIVE_FIXED, X:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 4153499648, free: 2200100864

------------ Kernel report ------------
01/15/2013 16:10:28
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl63a.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\Apfiltr.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\CSLFDx64.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\drivers\bcbtums.sys
\??\C:\Windows\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\System32\drivers\btwrchid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005cbe740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000037\
Lower Device Object: 0xfffffa800443d7f0
Lower Device Driver Name: \Driver\iaStorA\
Device already Exists: 0xfffffa8009d27da0
Downloaded database version: v2013.01.15.14
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 5
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005cbe1f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800443d260, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800443d7f0, DeviceName: \Device\00000037\, DriverName: \Driver\iaStorA\
------------ End ----------
Upper DeviceData: 0xfffff8a0096ae4c0, 0xfffffa8005cbe740, 0xfffffa8009c84090
Lower DeviceData: 0xfffff8a003d16ae0, 0xfffffa800443d7f0, 0xfffffa8009d27da0
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: FE23E3BD

GPT Protective MBR Partition information:

Partition 0 type is Other (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GptHeader Signature 4546492050415254
GptHeader Revision 65536 Size 92 CRC 429470283
GptHeader CurrentLba = 1 BackupLba 976773167
GptHeader FirstUsableLba 34 LastUsableLba 976773134
GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
GptHeader 128 Partitions starting at LBA 2
GptHeader Partition entry size = 128

Backup GptHeader Signature 4546492050415254
Backup GptHeader Revision 65536 Size 92 CRC 429470283
Backup GptHeader CurrentLba = 976773167 BackupLba 1
Backup GptHeader FirstUsableLba 34 LastUsableLba 976773134
Backup GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
Backup GptHeader 128 Partitions starting at LBA 976773135
Backup GptHeader Partition entry size = 128
Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 253af83e-aaca-477d-a7cf-1762d51d8ba3
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
Partition ID d2152f95-456-4dec-8b31-9c5b4fbcafe9
FirstLBA 1026048 Last LBA 1107967
Attributes 1
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID fc60785d-b83c-400f-b23a-18214a8a9fb6
FirstLBA 1107968 Last LBA 1370111
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ead74758-35dc-4e1f-a338-263b53f407
FirstLBA 1370112 Last LBA 2394111
Attributes 1
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 7cf670eb-86d0-4745-9794-afbd3513c2c3
FirstLBA 2394112 Last LBA 961607679
Attributes 0
Partition Name Basic data partition

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ab40decd-6fb6-47e2-8cbe-14648714df5
FirstLBA 961607680 Last LBA 976771119
Attributes 1
Partition Name Microsoft recovery partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16466

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 4153499648, free: 3008282624

=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16466

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 4153499648, free: 2478985216

------------ Kernel report ------------
01/15/2013 16:30:13
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\bcmwl63a.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\Apfiltr.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\dsNcAdpt.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\CSLFDx64.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\drivers\bcbtums.sys
\??\C:\Windows\system32\drivers\btwampfl.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\System32\drivers\btwrchid.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8005cbe740
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000037\
Lower Device Object: 0xfffffa8004376060
Lower Device Driver Name: \Driver\iaStorA\
Driver name found: iaStorA
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\Drivers\storport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 5
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005cbe1f0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005cbe740, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8004376c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004376060, DeviceName: \Device\00000037\, DriverName: \Driver\iaStorA\
------------ End ----------
Upper DeviceData: 0xfffff8a009f01170, 0xfffffa8005cbe740, 0xfffffa8005dfb740
Lower DeviceData: 0xfffff8a009e55250, 0xfffffa8004376060, 0xfffffa80074df600
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: FE23E3BD

GPT Protective MBR Partition information:

Partition 0 type is Other (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GptHeader Signature 4546492050415254
GptHeader Revision 65536 Size 92 CRC 429470283
GptHeader CurrentLba = 1 BackupLba 976773167
GptHeader FirstUsableLba 34 LastUsableLba 976773134
GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
GptHeader 128 Partitions starting at LBA 2
GptHeader Partition entry size = 128

Backup GptHeader Signature 4546492050415254
Backup GptHeader Revision 65536 Size 92 CRC 429470283
Backup GptHeader CurrentLba = 976773167 BackupLba 1
Backup GptHeader FirstUsableLba 34 LastUsableLba 976773134
Backup GptHeader Guid 3f4250a8-88b3-4156-bb8d-b3219034d2a
Backup GptHeader 128 Partitions starting at LBA 976773135
Backup GptHeader Partition entry size = 128
Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 253af83e-aaca-477d-a7cf-1762d51d8ba3
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
Partition ID d2152f95-456-4dec-8b31-9c5b4fbcafe9
FirstLBA 1026048 Last LBA 1107967
Attributes 1
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID fc60785d-b83c-400f-b23a-18214a8a9fb6
FirstLBA 1107968 Last LBA 1370111
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ead74758-35dc-4e1f-a338-263b53f407
FirstLBA 1370112 Last LBA 2394111
Attributes 1
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 7cf670eb-86d0-4745-9794-afbd3513c2c3
FirstLBA 2394112 Last LBA 961607679
Attributes 0
Partition Name Basic data partition

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID ab40decd-6fb6-47e2-8cbe-14648714df5
FirstLBA 961607680 Last LBA 976771119
Attributes 1
Partition Name Microsoft recovery partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================
 
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

=============================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
Sorry about that...

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
This log is apparently too big so here's the 1st FRST.txt log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
Ran by Kathryn at 15-01-2013 18:40:52
Running from C:\Users\Kathryn\Downloads
(X64) OS Language: English(US)
Attention: Could not load system hive.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.


==================== One Month Created Files and Folders ========

2013-01-15 18:40 - 2013-01-15 18:40 - 00000000 ____D C:\FRST
2013-01-15 18:39 - 2013-01-15 18:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
2013-01-15 18:36 - 2013-01-15 18:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
2013-01-15 17:27 - 2013-01-15 17:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
2013-01-15 17:26 - 2013-01-15 17:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
2013-01-15 17:24 - 2013-01-15 17:25 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
2013-01-15 16:25 - 2013-01-15 16:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-15 16:07 - 2013-01-15 16:08 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
2013-01-15 16:07 - 2013-01-15 16:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
2013-01-15 16:05 - 2013-01-15 16:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
2013-01-15 16:05 - 2013-01-15 16:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
2013-01-15 16:04 - 2013-01-15 16:05 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
2013-01-15 16:04 - 2013-01-15 16:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
2013-01-15 08:25 - 2013-01-15 08:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
2013-01-15 08:25 - 2013-01-15 08:24 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
2013-01-12 11:24 - 2012-11-27 00:00 - 00194280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-01-12 11:24 - 2012-11-27 00:00 - 00124648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-01-12 11:24 - 2012-11-26 23:59 - 00329960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-01-12 11:24 - 2012-11-26 23:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-01-12 11:24 - 2012-11-26 23:27 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-01-12 11:24 - 2012-11-26 21:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-01-12 11:24 - 2012-11-26 21:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-01-12 11:24 - 2012-11-26 21:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-01-12 11:24 - 2012-11-26 21:20 - 00891904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-01-12 11:24 - 2012-11-26 21:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-01-12 11:24 - 2012-11-26 21:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 05088256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 03345920 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 01145856 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 01096704 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-01-12 11:24 - 2012-11-26 21:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-01-12 11:24 - 2012-11-26 21:19 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-01-12 11:24 - 2012-11-26 21:18 - 05974528 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-01-12 11:24 - 2012-11-26 21:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-01-12 11:24 - 2012-11-26 21:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-01-12 11:24 - 2012-11-26 21:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-01-12 11:24 - 2012-11-26 21:17 - 02302464 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-01-12 11:24 - 2012-11-26 21:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-01-12 11:24 - 2012-11-26 20:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-01-12 11:24 - 2012-11-26 20:56 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-01-12 11:24 - 2012-11-26 20:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-01-12 11:24 - 2012-09-10 22:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-01-12 11:24 - 2012-09-10 22:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-01-12 11:24 - 2012-09-10 22:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-01-12 11:20 - 2012-12-05 21:23 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-01-12 11:20 - 2012-12-05 21:22 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-01-12 11:20 - 2012-11-28 22:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-01-12 11:20 - 2012-11-28 22:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-01-12 11:19 - 2012-12-03 21:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-01-12 11:19 - 2012-12-03 20:59 - 04055552 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-12 11:13 - 2013-01-15 08:05 - 00003094 ____A C:\Windows\PFRO.log
2013-01-09 17:53 - 2013-01-09 17:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 17:53 - 2013-01-09 17:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
2013-01-09 17:52 - 2013-01-09 17:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-09 17:52 - 2013-01-09 17:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
2013-01-09 17:52 - 2013-01-09 17:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-09 17:52 - 2012-12-14 16:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-01-09 17:51 - 2013-01-09 17:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
2013-01-09 08:25 - 2012-11-25 21:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-01-09 08:25 - 2012-11-25 21:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-01-09 08:24 - 2012-10-31 21:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-01-09 08:24 - 2012-10-31 21:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-01-09 08:24 - 2012-10-31 21:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-09 08:24 - 2012-10-31 21:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-01-09 08:24 - 2012-10-31 21:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-01-09 08:24 - 2012-10-31 21:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-01-09 08:24 - 2012-10-31 21:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-01-09 08:24 - 2012-10-31 21:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-01-07 20:56 - 2013-01-12 11:07 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
2013-01-05 10:53 - 2013-01-15 18:33 - 01799166 ____A C:\Windows\WindowsUpdate.log
2013-01-04 18:36 - 2013-01-04 18:36 - 00000000 ____D C:\Program Files\CCleaner
2013-01-04 18:35 - 2013-01-04 18:36 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
2013-01-04 18:33 - 2013-01-04 18:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
2013-01-04 13:44 - 2013-01-04 13:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
2013-01-03 14:46 - 2009-07-03 13:23 - 00132024 ____A C:\Users\Kathryn\Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
2013-01-02 16:06 - 2013-01-02 16:07 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iTunes
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iPod
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-01-02 16:06 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\All Users\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Bonjour
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-01-02 16:03 - 2013-01-02 16:04 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
2013-01-02 15:48 - 2013-01-02 15:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
2013-01-02 15:46 - 2012-10-02 00:34 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-01-02 15:46 - 2012-10-02 00:34 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-01-02 15:45 - 2012-09-27 00:17 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\newdev.exe
2013-01-02 15:45 - 2012-09-27 00:17 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\ndadmin.exe
2013-01-02 15:45 - 2012-09-27 00:15 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll
2013-01-02 15:45 - 2012-09-26 23:35 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2013-01-02 15:45 - 2012-09-26 23:35 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2013-01-02 15:45 - 2012-09-26 23:34 - 00275968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2013-01-02 15:37 - 2012-09-19 22:55 - 00083968 ____A C:\Windows\SysWOW64\OEMLicense.dll
2013-01-02 15:35 - 2012-09-20 02:08 - 00027280 ____A (Microsoft Corporation) C:\Windows\System32\avrt.dll
2013-01-02 15:35 - 2012-09-20 01:04 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-01-02 15:35 - 2012-09-19 23:33 - 00420352 ____A (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2013-01-02 15:35 - 2012-09-19 23:33 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2013-01-02 15:35 - 2012-09-19 23:33 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-02 15:35 - 2012-09-19 23:33 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2013-01-02 15:35 - 2012-09-19 23:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
2013-01-02 15:35 - 2012-09-19 23:33 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe
2013-01-02 15:35 - 2012-09-19 23:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\perfos.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\PackageStateRoaming.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\RpcEpMap.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\perfctrs.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\perfproc.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\perfnet.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2013-01-02 15:35 - 2012-09-19 23:32 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2013-01-02 15:35 - 2012-09-19 23:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\DevPropMgr.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\LangCleanupSysprepAction.dll
2013-01-02 15:35 - 2012-09-19 23:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
2013-01-02 15:35 - 2012-09-19 23:30 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2013-01-02 15:35 - 2012-09-19 23:30 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
2013-01-02 15:35 - 2012-09-19 23:13 - 00023656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
2013-01-02 15:35 - 2012-09-19 23:08 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-01-02 15:35 - 2012-09-19 22:55 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2013-01-02 15:35 - 2012-09-19 22:55 - 00239616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-01-02 15:35 - 2012-09-19 22:55 - 00166912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-01-02 15:35 - 2012-09-19 22:55 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-01-02 15:35 - 2012-09-19 22:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-01-02 15:35 - 2012-09-19 22:54 - 00533504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00089088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
 
Here is the 2nd:

2013-01-02 15:35 - 2012-09-19 22:54 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2013-01-02 15:35 - 2012-09-19 22:54 - 00005632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2013-01-02 15:35 - 2012-09-19 22:53 - 01247232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2013-01-02 15:35 - 2012-09-19 22:53 - 00461824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-01-02 15:35 - 2012-09-19 22:53 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2013-01-02 15:34 - 2012-09-20 02:10 - 02367528 ____A (Microsoft Corporation) C:\Windows\System32\WSService.dll
2013-01-02 15:34 - 2012-09-20 01:40 - 00389360 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2013-01-02 15:34 - 2012-09-20 00:55 - 00533224 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-01-02 15:34 - 2012-09-19 23:33 - 01304064 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2013-01-02 15:34 - 2012-09-19 23:33 - 00588800 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00545280 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2013-01-02 15:34 - 2012-09-19 23:33 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00390144 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\wpnprv.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00110592 ____A C:\Windows\System32\OEMLicense.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2013-01-02 15:34 - 2012-09-19 23:33 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
2013-01-02 15:34 - 2012-09-19 23:33 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\vsstrace.dll
2013-01-02 15:34 - 2012-09-19 23:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
2013-01-02 15:34 - 2012-09-19 23:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
2013-01-02 15:34 - 2012-09-19 23:32 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-01-02 15:34 - 2012-09-19 23:32 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-01-02 15:34 - 2012-09-19 23:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
2013-01-02 15:34 - 2012-09-19 23:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2013-01-02 15:34 - 2012-09-19 23:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00437760 ____A (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00236544 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\mmcss.dll
2013-01-02 15:34 - 2012-09-19 23:31 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\lpksetupproxyserv.dll
2013-01-02 15:34 - 2012-09-19 23:30 - 02016256 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2013-01-02 15:34 - 2012-09-19 23:30 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2013-01-02 15:34 - 2012-09-19 23:30 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2013-01-02 15:34 - 2012-09-19 23:30 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2013-01-02 15:34 - 2012-09-19 23:30 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-01-02 15:34 - 2012-09-19 23:13 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-kernel-power-events.dll
2013-01-02 15:34 - 2012-09-19 23:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-01-02 15:34 - 2012-09-19 23:08 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-01-02 15:34 - 2012-09-19 22:55 - 00995328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2013-01-02 15:34 - 2012-09-19 22:55 - 00417280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-01-02 15:34 - 2012-09-19 22:55 - 00267776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-01-02 15:34 - 2012-09-19 22:55 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-01-02 15:34 - 2012-09-19 22:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2013-01-02 15:34 - 2012-09-19 22:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2013-01-02 15:34 - 2012-09-19 22:54 - 00709632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00413184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-01-02 15:34 - 2012-09-19 22:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-01-02 15:34 - 2012-09-19 22:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-01-02 15:34 - 2012-09-19 22:53 - 02007040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2013-01-02 15:34 - 2012-09-19 22:53 - 00675840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-01-02 15:34 - 2012-09-19 22:53 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2013-01-02 15:34 - 2012-09-19 21:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-01-02 15:33 - 2012-09-20 02:05 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-01-02 15:33 - 2012-09-20 01:56 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-01-02 15:33 - 2012-09-20 01:04 - 00100072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-01-02 15:33 - 2012-09-20 00:03 - 00465128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-01-02 15:33 - 2012-09-20 00:03 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-01-02 15:33 - 2012-09-19 23:48 - 00062488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2013-01-02 15:33 - 2012-09-19 23:47 - 00307192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 13640704 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 01513984 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00866304 ____A (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00699392 ____A (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00410624 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-01-02 15:33 - 2012-09-19 23:33 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\wlidcredprov.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00117760 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
2013-01-02 15:33 - 2012-09-19 23:33 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-01-02 15:33 - 2012-09-19 23:33 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2013-01-02 15:33 - 2012-09-19 23:33 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-01-02 15:33 - 2012-09-19 23:33 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2013-01-02 15:33 - 2012-09-19 23:32 - 01739264 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\provcore.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00256512 ____A (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
2013-01-02 15:33 - 2012-09-19 23:32 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-01-02 15:33 - 2012-09-19 23:31 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2013-01-02 15:33 - 2012-09-19 23:31 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-01-02 15:33 - 2012-09-19 23:31 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\eventcls.dll
2013-01-02 15:33 - 2012-09-19 23:30 - 03847168 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-01-02 15:33 - 2012-09-19 23:30 - 02219008 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-01-02 15:33 - 2012-09-19 23:30 - 01743872 ____A (Microsoft Corporation) C:\Windows\System32\combase.dll
2013-01-02 15:33 - 2012-09-19 23:30 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-01-02 15:33 - 2012-09-19 23:09 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2013-01-02 15:33 - 2012-09-19 23:07 - 00210304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-01-02 15:33 - 2012-09-19 23:05 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-01-02 15:33 - 2012-09-19 22:55 - 10791936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-01-02 15:33 - 2012-09-19 22:55 - 00263168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2013-01-02 15:33 - 2012-09-19 22:55 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-01-02 15:33 - 2012-09-19 22:55 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-01-02 15:33 - 2012-09-19 22:55 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2013-01-02 15:33 - 2012-09-19 22:54 - 01369600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 01196032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00509952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00480768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00449024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00325632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2013-01-02 15:33 - 2012-09-19 22:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2013-01-02 15:33 - 2012-09-19 22:53 - 03296256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-01-02 15:33 - 2012-09-19 22:53 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-01-02 15:33 - 2012-09-19 22:53 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-01-02 15:33 - 2012-09-19 22:53 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2013-01-02 15:32 - 2012-09-20 02:05 - 01448168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-01-02 15:32 - 2012-09-20 01:31 - 00425192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-01-02 15:32 - 2012-09-20 01:28 - 01825208 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-01-02 15:32 - 2012-09-20 01:04 - 02225896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-01-02 15:32 - 2012-09-20 00:55 - 03265256 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-01-02 15:32 - 2012-09-20 00:55 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-01-02 15:32 - 2012-09-20 00:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-01-02 15:32 - 2012-09-20 00:55 - 00120040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-01-02 15:32 - 2012-09-20 00:55 - 00028392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-01-02 15:32 - 2012-09-19 23:33 - 02397184 ____A (Microsoft Corporation) C:\Windows\System32\WpcMon.exe
2013-01-02 15:32 - 2012-09-19 23:33 - 01590272 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-01-02 15:32 - 2012-09-19 23:33 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-01-02 15:32 - 2012-09-19 23:33 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-01-02 15:32 - 2012-09-19 23:33 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
2013-01-02 15:32 - 2012-09-19 23:32 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-01-02 15:32 - 2012-09-19 23:32 - 01019392 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2013-01-02 15:32 - 2012-09-19 23:32 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\ProximityService.dll
2013-01-02 15:32 - 2012-09-19 23:32 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2013-01-02 15:32 - 2012-09-19 23:32 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\MUILanguageCleanup.dll
2013-01-02 15:32 - 2012-09-19 23:31 - 00755200 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2013-01-02 15:32 - 2012-09-19 23:31 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-01-02 15:32 - 2012-09-19 23:31 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
2013-01-02 15:32 - 2012-09-19 23:30 - 02066432 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-01-02 15:32 - 2012-09-19 23:26 - 01409376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-01-02 15:32 - 2012-09-19 23:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-01-02 15:32 - 2012-09-19 22:55 - 01319424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-01-02 15:32 - 2012-09-19 22:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2013-01-02 15:32 - 2012-09-19 22:55 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-01-02 15:32 - 2012-09-19 22:55 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2013-01-02 15:32 - 2012-09-19 22:54 - 01137152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2013-01-02 15:32 - 2012-09-19 22:53 - 01701376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-01-02 15:32 - 2012-09-19 22:53 - 00366080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-01-02 15:32 - 2012-09-19 22:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-01-02 15:32 - 2012-09-19 21:10 - 01126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-01-02 15:31 - 2012-09-19 23:33 - 14259712 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-01-02 15:31 - 2012-09-19 23:33 - 03964416 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2013-01-02 15:31 - 2012-09-19 23:33 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2013-01-02 15:31 - 2012-09-19 22:55 - 11875328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-01-02 15:30 - 2013-01-02 15:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
2013-01-02 15:30 - 2013-01-02 15:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
2013-01-02 15:09 - 2013-01-02 15:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
2013-01-02 13:38 - 2013-01-02 13:39 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
2013-01-02 13:29 - 2013-01-02 13:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
2013-01-02 12:44 - 2012-11-20 01:00 - 06971624 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-01-02 12:44 - 2012-11-19 22:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-01-02 12:44 - 2012-11-19 22:24 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-01-02 12:44 - 2012-11-19 22:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-01-02 12:44 - 2012-11-19 22:17 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-01-02 12:44 - 2012-11-19 22:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-01-02 12:44 - 2012-11-19 21:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-01-02 12:44 - 2012-11-19 21:56 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-01-02 12:44 - 2012-11-19 21:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-01-02 12:44 - 2012-11-19 21:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-01-02 12:44 - 2012-11-12 21:20 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-01-02 12:44 - 2012-11-12 21:19 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-01-02 12:44 - 2012-11-07 21:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-01-02 12:44 - 2012-11-07 21:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-01-02 12:44 - 2012-11-07 21:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-01-02 12:44 - 2012-11-07 21:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-01-02 12:44 - 2012-11-07 21:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-01-02 12:44 - 2012-11-07 21:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-01-02 12:44 - 2012-11-01 22:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-01-02 12:44 - 2012-10-12 01:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-01-02 12:44 - 2012-10-11 23:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-01-02 12:44 - 2012-10-11 23:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-01-02 12:44 - 2012-10-11 22:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-01-02 12:44 - 2012-10-11 22:46 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-01-02 12:44 - 2012-10-11 22:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-01-02 12:44 - 2012-09-20 00:55 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-01-02 12:44 - 2012-09-20 00:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-01-02 12:44 - 2012-09-20 00:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-01-02 12:44 - 2012-09-20 00:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-01-02 12:44 - 2012-09-19 23:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-01-02 12:43 - 2012-10-23 21:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-01-02 12:43 - 2012-10-16 21:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-01-02 12:43 - 2012-10-16 21:32 - 01048064 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-01-02 12:43 - 2012-10-16 21:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-01-02 12:43 - 2012-10-16 21:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-01-02 12:43 - 2012-10-16 20:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-01-02 12:43 - 2012-10-16 20:57 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-01-02 12:43 - 2012-10-16 20:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-01-02 12:43 - 2012-10-16 20:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-01-02 12:43 - 2012-10-10 22:45 - 03554304 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-01-02 12:42 - 2012-10-11 00:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-01-02 12:42 - 2012-10-11 00:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-01-02 12:42 - 2012-10-11 00:26 - 00336104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-01-02 12:42 - 2012-10-11 00:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-01-02 12:42 - 2012-10-11 00:23 - 01001192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-01-02 12:42 - 2012-10-11 00:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-01-02 12:42 - 2012-10-11 00:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-01-02 12:42 - 2012-10-11 00:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-01-02 12:42 - 2012-10-11 00:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-01-02 12:42 - 2012-10-11 00:16 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-01-02 12:42 - 2012-10-11 00:16 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-01-02 12:42 - 2012-10-11 00:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-01-02 12:42 - 2012-10-11 00:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-01-02 12:42 - 2012-10-11 00:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-01-02 12:42 - 2012-10-11 00:01 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-01-02 12:42 - 2012-10-10 22:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-01-02 12:42 - 2012-10-10 22:46 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 00594944 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-01-02 12:42 - 2012-10-10 22:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-01-02 12:42 - 2012-10-10 22:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-01-02 12:42 - 2012-10-10 22:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-01-02 12:42 - 2012-10-10 22:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 02116096 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-01-02 12:42 - 2012-10-10 22:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-01-02 12:42 - 2012-10-10 22:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-01-02 12:42 - 2012-10-10 22:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-01-02 12:42 - 2012-10-10 22:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-01-02 12:42 - 2012-10-10 22:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-01-02 12:42 - 2012-10-10 22:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-01-02 12:42 - 2012-10-10 22:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-01-02 12:42 - 2012-10-10 22:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-01-02 12:42 - 2012-10-10 22:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-01-02 12:42 - 2012-10-10 22:08 - 00671232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-01-02 12:42 - 2012-10-10 22:08 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-01-02 12:42 - 2012-10-10 22:08 - 00170496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-01-02 12:42 - 2012-10-10 22:07 - 02764288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-01-02 12:42 - 2012-10-10 22:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 01610240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00658432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00653824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00408064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-01-02 12:42 - 2012-10-10 22:06 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-01-02 12:42 - 2012-10-10 22:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-01-02 12:42 - 2012-10-10 21:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-01-02 12:42 - 2012-10-10 20:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-01-02 12:42 - 2012-10-10 17:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-01-02 12:42 - 2012-10-10 17:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-01-02 12:41 - 2012-11-06 00:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-01-02 12:41 - 2012-11-05 21:20 - 17560576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-01-02 12:41 - 2012-11-05 21:20 - 08856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-01-02 12:41 - 2012-11-05 21:19 - 19789824 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-01-02 12:41 - 2012-11-05 21:19 - 10096640 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-01-02 12:41 - 2012-11-05 21:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-01-02 12:41 - 2012-11-05 21:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-01-02 12:41 - 2012-11-05 21:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-01-02 12:41 - 2012-11-05 21:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-01-02 12:41 - 2012-11-05 21:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-01-02 12:41 - 2012-11-05 21:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-02 12:40 - 2012-11-06 00:52 - 00445160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-01-02 12:40 - 2012-11-06 00:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-01-02 12:40 - 2012-11-06 00:36 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-01-02 12:40 - 2012-11-06 00:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-01-02 12:40 - 2012-11-06 00:33 - 00490064 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-01-02 12:40 - 2012-11-06 00:33 - 00447792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-01-02 12:40 - 2012-11-06 00:33 - 00253512 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-01-02 12:40 - 2012-11-05 22:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-01-02 12:40 - 2012-11-05 22:00 - 00427568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-01-02 12:40 - 2012-11-05 22:00 - 00324344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-01-02 12:40 - 2012-11-05 21:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00767488 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00195072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-01-02 12:40 - 2012-11-05 21:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-01-02 12:40 - 2012-11-05 21:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00318464 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-01-02 12:40 - 2012-11-05 21:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00753664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00549376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-01-02 12:40 - 2012-11-05 21:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-01-02 12:40 - 2012-11-05 21:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-01-02 12:40 - 2012-11-05 21:17 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-01-02 12:40 - 2012-11-05 21:17 - 00785920 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-01-02 12:40 - 2012-11-05 21:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-01-02 12:40 - 2012-11-05 21:17 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-01-02 12:40 - 2012-11-05 21:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-01-02 12:40 - 2012-11-05 21:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-01-02 12:40 - 2012-11-05 21:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-01-02 12:40 - 2012-11-05 20:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-01-02 12:40 - 2012-11-05 20:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-01-02 12:40 - 2012-11-05 20:55 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-01-02 12:40 - 2012-11-05 20:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-01-02 12:40 - 2012-11-05 20:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-01-02 12:40 - 2012-11-05 20:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-01-02 12:40 - 2012-11-05 20:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-01-02 12:40 - 2012-11-05 20:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-01-02 12:40 - 2012-11-05 20:54 - 00859136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-01-02 12:40 - 2012-11-05 20:54 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-01-02 12:40 - 2012-11-05 20:53 - 01171968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-01-02 12:40 - 2012-11-05 20:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-01-02 12:40 - 2012-11-05 20:53 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-01-02 12:40 - 2012-11-05 20:52 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-01-02 12:40 - 2012-11-05 20:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-01-02 12:40 - 2012-11-02 17:05 - 00385604 ____A C:\Windows\System32\ApnDatabase.xml
2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
2012-12-31 14:57 - 2012-12-31 14:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
2012-12-31 14:56 - 2012-12-31 14:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
2012-12-31 14:41 - 2012-12-31 14:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
2012-12-31 14:39 - 2012-12-31 14:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
2012-12-31 14:38 - 2012-12-31 14:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
2012-12-31 14:23 - 2012-12-31 14:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
2012-12-31 14:22 - 2012-12-31 14:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
2012-12-29 13:59 - 2012-12-29 13:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Public\Juniper Networks
2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2012-12-29 13:37 - 2010-10-22 22:49 - 00579952 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcSmartCardProv.dll
2012-12-29 13:37 - 2010-10-22 22:49 - 00405360 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcCredProv.dll
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Program Files\CanonBJ
2012-12-29 13:19 - 2007-05-01 05:00 - 00258560 ____A (CANON INC.) C:\Windows\System32\CNMLM90.DLL
2012-12-29 13:19 - 2007-04-25 19:28 - 00183296 ____A (Canon Inc.) C:\Windows\System32\CNCF2Lc.DLL
2012-12-29 13:19 - 2007-04-25 19:23 - 00143360 ____A (Canon Inc.) C:\Windows\System32\CNCFMSc.EXE
2012-12-29 13:19 - 2007-04-25 19:19 - 00003584 ____A (Canon Inc.) C:\Windows\System32\CNCFLcUS.DLL
2012-12-29 13:19 - 2007-04-25 19:19 - 00003072 ____A (Canon Inc.) C:\Windows\System32\CNCFLcJP.DLL
2012-12-29 13:18 - 2012-12-29 13:19 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
2012-12-29 13:17 - 2012-12-29 13:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
2012-12-29 13:15 - 2012-12-29 13:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
2012-12-29 13:14 - 2012-12-29 13:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2012-12-29 13:13 - 2012-12-29 13:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
2012-12-29 12:51 - 2012-12-29 12:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
2012-12-29 12:48 - 2012-12-29 12:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
2012-12-29 12:48 - 2012-12-29 12:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
2012-12-28 18:30 - 2013-01-15 18:28 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
2012-12-28 18:30 - 2012-12-28 18:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\All Users\Skype
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\extensions.sqlite
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\end
 
And here's the 3rd part of the log:

5088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
2012-12-28 18:29 - 2012-12-28 18:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
2012-12-28 16:33 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
2012-12-28 16:32 - 2012-12-28 16:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Users\All Users\Sun
2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-28 16:30 - 2012-12-28 16:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-28 15:56 - 2013-01-09 09:18 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-28 15:41 - 2012-08-30 17:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2012-12-28 15:41 - 2012-08-30 17:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2012-12-28 15:37 - 2012-11-09 21:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-12-28 15:37 - 2012-11-09 21:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-12-28 15:37 - 2012-11-09 21:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2012-12-28 15:37 - 2012-11-09 21:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2012-12-28 15:37 - 2012-11-09 21:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2012-12-28 15:37 - 2012-11-09 21:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2012-12-28 15:37 - 2012-10-10 00:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-12-28 15:37 - 2012-10-09 23:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-12-28 15:33 - 2012-12-16 01:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-28 15:33 - 2012-12-16 01:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-28 15:33 - 2012-12-16 01:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-28 15:33 - 2012-12-16 00:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-28 15:33 - 2012-11-27 21:21 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2012-12-28 15:33 - 2012-11-27 21:20 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2012-12-28 15:33 - 2012-11-14 23:26 - 19439616 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-28 15:33 - 2012-11-14 23:26 - 14324224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-28 15:33 - 2012-11-14 23:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-28 15:33 - 2012-11-14 23:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-28 15:33 - 2012-11-08 21:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-28 15:33 - 2012-11-08 21:03 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-28 15:33 - 2012-11-07 21:25 - 01775104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-28 15:33 - 2012-11-07 21:25 - 01138688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 13740032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 02881536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 01684992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-12-28 15:33 - 2012-11-07 21:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2012-12-28 15:33 - 2012-11-07 21:22 - 02246656 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-28 15:33 - 2012-11-07 21:22 - 01352704 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-28 15:33 - 2012-11-07 21:22 - 00907776 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2012-12-28 15:33 - 2012-11-07 21:22 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-12-28 15:33 - 2012-11-07 21:21 - 03966464 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-28 15:33 - 2012-11-07 21:21 - 00854528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-28 15:33 - 2012-11-07 21:21 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-28 15:33 - 2012-11-07 21:21 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 15416832 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 02162176 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-12-28 15:33 - 2012-11-07 21:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2012-12-28 15:33 - 2012-11-07 21:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2012-12-28 15:33 - 2012-11-07 21:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2012-12-28 15:33 - 2012-11-07 18:56 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2012-12-28 15:33 - 2012-11-02 22:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2012-12-28 15:33 - 2012-11-02 22:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2012-12-28 15:33 - 2012-11-02 22:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2012-12-28 15:33 - 2012-11-02 22:25 - 01009664 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2012-12-28 15:33 - 2012-11-02 22:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2012-12-28 15:33 - 2012-11-02 22:25 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2012-12-28 15:33 - 2012-11-02 22:25 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2012-12-28 15:33 - 2012-11-02 22:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2012-12-28 15:33 - 2012-11-02 22:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2012-12-28 15:33 - 2012-11-02 22:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2012-12-28 15:33 - 2012-11-02 22:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2012-12-28 15:33 - 2012-11-02 22:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2012-12-28 15:33 - 2012-10-23 20:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2012-12-28 15:33 - 2012-10-23 20:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2012-12-28 15:33 - 2012-10-23 20:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2012-12-28 15:33 - 2012-10-23 20:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2012-12-28 15:33 - 2012-10-23 20:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2012-12-28 15:33 - 2012-10-23 19:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2012-12-28 15:33 - 2012-10-05 21:53 - 02893824 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2012-12-28 15:33 - 2012-10-05 21:15 - 02400256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2012-12-28 14:55 - 2012-12-28 14:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
2012-12-28 14:54 - 2012-12-28 14:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
2012-12-28 14:42 - 2012-12-28 14:47 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2012-12-28 14:42 - 2012-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2012-12-28 14:41 - 2012-12-28 14:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
2012-12-28 14:37 - 2012-12-28 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2012-12-28 14:37 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files\Microsoft Office
2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-28 14:30 - 2013-01-10 09:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-28 14:30 - 2012-12-28 14:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
2012-12-28 14:29 - 2012-12-28 14:29 - 00000000 __RHD C:\MSOCache
2012-12-28 11:06 - 2012-12-28 11:09 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
2012-12-28 11:01 - 2013-01-15 16:26 - 00000000 ___RD C:\Users\Kathryn\Dropbox
2012-12-28 11:01 - 2012-12-28 11:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
2012-12-28 10:58 - 2013-01-15 16:26 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
2012-12-28 10:57 - 2012-12-28 10:58 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
2012-12-28 10:33 - 2012-12-28 10:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2012-12-28 10:28 - 2013-01-06 16:04 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
2012-12-28 10:21 - 2012-12-28 10:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
2012-12-28 10:19 - 2012-12-28 10:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
2012-12-27 19:46 - 2012-04-20 15:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2012-12-27 16:10 - 2013-01-15 18:15 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-27 16:10 - 2013-01-15 17:15 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-27 16:10 - 2013-01-12 11:18 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Program Files (x86)\Google
2012-12-27 16:09 - 2012-12-27 16:45 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
2012-12-27 16:09 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
2012-12-27 15:32 - 2012-12-27 15:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
2012-12-27 15:28 - 2012-12-28 11:01 - 00000000 ____D C:\users\Kathryn
2012-12-27 15:28 - 2012-12-27 15:47 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
2012-12-27 15:28 - 2012-12-27 15:31 - 00000000 ____D C:\Users\All Users\PRICache
2012-12-27 15:28 - 2012-12-27 15:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
2012-12-27 15:23 - 2012-12-27 15:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt

==================== One Month Modified Files and Folders =======

2013-01-15 18:40 - 2013-01-15 18:40 - 00000000 ____D C:\FRST
2013-01-15 18:39 - 2013-01-15 18:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
2013-01-15 18:39 - 2012-07-26 00:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-15 18:38 - 2013-01-05 10:53 - 01799166 ____A C:\Windows\WindowsUpdate.log
2013-01-15 18:36 - 2013-01-15 18:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
2013-01-15 18:33 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-01-15 18:28 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
2013-01-15 18:15 - 2012-12-27 16:10 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-15 18:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\sru
2013-01-15 17:27 - 2013-01-15 17:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
2013-01-15 17:26 - 2013-01-15 17:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
2013-01-15 17:25 - 2013-01-15 17:24 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
2013-01-15 17:15 - 2012-12-27 16:10 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-15 16:33 - 2012-11-05 15:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-01-15 16:26 - 2012-12-28 11:01 - 00000000 ___RD C:\Users\Kathryn\Dropbox
2013-01-15 16:26 - 2012-12-28 10:58 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
2013-01-15 16:25 - 2013-01-15 16:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-15 16:25 - 2012-07-26 00:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-15 16:24 - 2012-07-25 22:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-01-15 16:08 - 2013-01-15 16:07 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
2013-01-15 16:07 - 2013-01-15 16:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
2013-01-15 16:05 - 2013-01-15 16:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
2013-01-15 16:05 - 2013-01-15 16:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
2013-01-15 16:05 - 2013-01-15 16:04 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
2013-01-15 16:04 - 2013-01-15 16:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
2013-01-15 09:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\rescache
2013-01-15 08:25 - 2013-01-15 08:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
2013-01-15 08:24 - 2013-01-15 08:25 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
2013-01-15 08:22 - 2013-01-15 08:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
2013-01-15 08:13 - 2012-07-25 22:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-01-15 08:06 - 2012-11-05 15:48 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-01-15 08:05 - 2013-01-12 11:13 - 00003094 ____A C:\Windows\PFRO.log
2013-01-15 08:04 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\WinStore
2013-01-14 13:42 - 2012-11-05 15:43 - 00000000 ____D C:\Users\All Users\CyberLink
2013-01-12 11:18 - 2012-12-27 16:10 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
2013-01-12 11:07 - 2013-01-07 20:56 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
2013-01-10 09:33 - 2012-12-28 14:30 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-09 17:53 - 2013-01-09 17:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 17:53 - 2013-01-09 17:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
2013-01-09 17:53 - 2013-01-09 17:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-09 17:52 - 2013-01-09 17:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
2013-01-09 17:52 - 2013-01-09 17:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-09 17:51 - 2013-01-09 17:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
2013-01-09 09:18 - 2012-12-28 15:56 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-01-06 16:04 - 2012-12-28 10:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
2013-01-04 18:37 - 2012-11-05 17:00 - 00000000 ____D C:\Windows\Panther
2013-01-04 18:36 - 2013-01-04 18:36 - 00000000 ____D C:\Program Files\CCleaner
2013-01-04 18:36 - 2013-01-04 18:35 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
2013-01-04 18:33 - 2013-01-04 18:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
2013-01-04 13:44 - 2013-01-04 13:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
2013-01-02 16:07 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\Apple Computer
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iTunes
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files\iPod
2013-01-02 16:06 - 2013-01-02 16:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Users\All Users\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files\Bonjour
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-01-02 16:05 - 2013-01-02 16:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-01-02 16:04 - 2013-01-02 16:03 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
2013-01-02 15:55 - 2012-07-26 01:12 - 00000000 ___RD C:\Windows\ToastData
2013-01-02 15:54 - 2012-07-26 01:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-01-02 15:54 - 2012-07-25 22:38 - 00000000 ____D C:\Windows\System32\oobe
2013-01-02 15:48 - 2013-01-02 15:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
2013-01-02 15:30 - 2013-01-02 15:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
2013-01-02 15:30 - 2013-01-02 15:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
2013-01-02 15:09 - 2013-01-02 15:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
2013-01-02 13:39 - 2013-01-02 13:38 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
2013-01-02 13:29 - 2013-01-02 13:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
2013-01-02 04:49 - 2013-01-02 04:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
2012-12-31 14:57 - 2012-12-31 14:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
2012-12-31 14:56 - 2012-12-31 14:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
2012-12-31 14:55 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\NDF
2012-12-31 14:41 - 2012-12-31 14:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
2012-12-31 14:39 - 2012-12-31 14:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
2012-12-31 14:38 - 2012-12-31 14:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
2012-12-31 14:23 - 2012-12-31 14:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
2012-12-31 14:22 - 2012-12-31 14:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
2012-12-31 14:20 - 2012-07-26 01:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-12-31 14:00 - 2012-07-26 01:12 - 00000000 ____D C:\Windows\System32\FxsTmp
2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
2012-12-31 09:02 - 2012-12-31 09:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
2012-12-29 13:59 - 2012-12-29 13:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Users\Public\Juniper Networks
2012-12-29 13:37 - 2012-12-29 13:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2012-12-29 13:37 - 2012-12-28 16:33 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
2012-12-29 13:19 - 2012-12-29 13:19 - 00000000 ___HD C:\Program Files\CanonBJ
2012-12-29 13:19 - 2012-12-29 13:18 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
2012-12-29 13:17 - 2012-12-29 13:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
2012-12-29 13:15 - 2012-12-29 13:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
2012-12-29 13:14 - 2012-12-29 13:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2012-12-29 13:13 - 2012-12-29 13:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
2012-12-29 12:51 - 2012-12-29 12:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
2012-12-29 12:50 - 2012-12-29 12:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
2012-12-29 12:48 - 2012-12-29 12:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
2012-12-29 12:48 - 2012-12-29 12:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
2012-12-29 10:47 - 2012-11-05 15:43 - 00000000 ____D C:\Users\All Users\PCDr
2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-12-29 10:03 - 2012-12-29 10:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-12-29 10:03 - 2012-07-25 22:26 - 00000199 ____A C:\Windows\win.ini
2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
2012-12-29 09:52 - 2012-12-29 09:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
2012-12-28 18:30 - 2012-12-28 18:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Users\All Users\Skype
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\extensions.sqlite
2012-12-28 18:30 - 2012-12-28 18:30 - 00000000 ____A C:\end
2012-12-28 18:29 - 2012-12-28 18:30 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
2012-12-28 18:29 - 2012-12-28 18:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-28 16:32 - 2012-12-28 16:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Users\All Users\Sun
2012-12-28 16:32 - 2012-12-28 16:32 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-28 16:30 - 2012-12-28 16:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-28 14:55 - 2012-12-28 14:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
2012-12-28 14:54 - 2012-12-28 14:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
2012-12-28 14:51 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2012-12-28 14:47 - 2012-12-28 14:42 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2012-12-28 14:42 - 2012-12-28 14:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2012-12-28 14:41 - 2012-12-28 14:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
2012-12-28 14:37 - 2012-12-28 14:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2012-12-28 14:37 - 2012-11-05 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-12-28 14:37 - 2012-11-05 15:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2012-12-28 14:37 - 2012-07-26 00:52 - 00000000 ____D C:\Windows\ShellNew
2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files\Microsoft Office
2012-12-28 14:31 - 2012-12-28 14:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-28 14:30 - 2012-12-28 14:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
2012-12-28 14:29 - 2012-12-28 14:29 - 00000000 __RHD C:\MSOCache
2012-12-28 11:09 - 2012-12-28 11:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
2012-12-28 11:09 - 2012-11-05 15:43 - 00000000 ____D C:\Program Files\Dell Support Center
2012-12-28 11:01 - 2012-12-28 11:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
2012-12-28 11:01 - 2012-12-27 15:28 - 00000000 ____D C:\users\Kathryn
2012-12-28 10:58 - 2012-12-28 10:57 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
2012-12-28 10:33 - 2012-12-28 10:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2012-12-28 10:33 - 2012-05-08 04:37 - 00000000 ____D C:\DELL
2012-12-28 10:21 - 2012-12-28 10:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
2012-12-28 10:20 - 2012-11-05 15:48 - 00000000 ____D C:\Program Files\Common Files\mcafee
2012-12-28 10:19 - 2012-12-28 10:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
2012-12-27 19:46 - 2012-11-05 15:48 - 00000000 ____D C:\Users\All Users\McAfee
2012-12-27 19:45 - 2012-07-26 01:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2012-12-27 16:45 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
2012-12-27 16:10 - 2012-12-27 16:10 - 00000000 ____D C:\Program Files (x86)\Google
2012-12-27 16:09 - 2012-12-27 16:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
2012-12-27 15:47 - 2012-12-27 15:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
2012-12-27 15:32 - 2012-12-27 15:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
2012-12-27 15:31 - 2012-12-27 15:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
2012-12-27 15:31 - 2012-12-27 15:28 - 00000000 ____D C:\Users\All Users\PRICache
2012-12-27 15:31 - 2012-11-05 15:36 - 00000000 ____D C:\Users\All Users\Intel
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
2012-12-27 15:29 - 2012-12-27 15:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
2012-12-27 15:28 - 2012-12-27 15:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
2012-12-27 15:24 - 2012-12-27 15:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
2012-12-27 15:23 - 2012-12-27 15:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
2012-12-18 16:32 - 2012-07-26 01:14 - 00695640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-18 16:32 - 2012-07-26 01:14 - 00080728 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-16 01:28 - 2012-12-28 15:33 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 01:20 - 2012-12-28 15:33 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-16 01:08 - 2012-12-28 15:33 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 00:57 - 2012-12-28 15:33 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2013-01-02 12:42] - [2012-10-10 22:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

C:\Windows\System32\wininit.exe
[2012-07-25 17:03] - [2012-07-25 20:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe
[2013-01-02 12:42] - [2012-10-11 00:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

C:\Windows\SysWOW64\explorer.exe
[2013-01-02 12:42] - [2012-10-10 22:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

C:\Windows\System32\svchost.exe
[2013-01-02 15:35] - [2012-09-19 23:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

C:\Windows\SysWOW64\svchost.exe
[2013-01-02 15:35] - [2012-09-19 22:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

C:\Windows\System32\services.exe
[2013-01-02 15:33] - [2012-09-19 23:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

C:\Windows\System32\User32.dll
[2013-01-02 15:32] - [2012-09-19 23:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

C:\Windows\SysWOW64\User32.dll
[2013-01-02 15:32] - [2012-09-19 21:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

C:\Windows\System32\userinit.exe
[2012-07-25 17:06] - [2012-07-25 20:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

C:\Windows\SysWOW64\userinit.exe
[2012-07-25 17:08] - [2012-07-25 20:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

C:\Windows\System32\Drivers\volsnap.sys
[2012-07-25 19:30] - [2012-07-25 21:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3961.09 MB
Available physical RAM: 1859.83 MB
Total Pagefile: 6521.09 MB
Available Pagefile: 3575.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:457.39 GB) (Free:416.36 GB) NTFS
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.77 GB) FAT32
5 Drive x: (PBR Image) (Fixed) (Total:7.23 GB) (Free:0.3 GB) NTFS
6 Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS


Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B *
Disk 1 Online 971 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 System (partition with boot components) 500 MB 1024 KB
Partition 2 OEM 40 MB 501 MB
Partition 3 Reserved 128 MB 541 MB
Partition 4 Recovery 500 MB 669 MB
Partition 5 Primary 457 GB 1169 MB
Partition 6 Recovery 7404 MB 458 GB

==================================================================================

Disk: 0
Partition 1
Type : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 ESP FAT32 Partition 500 MB Healthy System (partition with boot components)

=========================================================

Disk: 0
Partition 2
Type : 796badd3-6bbf-4d9f-b631-466eb71a4965
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 3
Type : e3c9e316-0b5c-4db8-817d-f92df00215ae
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 4
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 WINRETOOLS NTFS Partition 500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 5
Type : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Hidden : No
Required: No
Attrib : 0000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 457 GB Healthy Boot

=========================================================

Disk: 0
Partition 6
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 PBR Image NTFS Partition 7404 MB Healthy Hidden

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 971 MB 0 B

==================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

=========================================================

Last Boot: 2013-01-13 18:09

==================== End Of Log =============================
 
The log is incorrect.
You ran the tool from within Windows.
It's incomplete anyway.
Please re-read my instructions.
 
The website you directed me to doesn't tell me how to run the program from the command prompt. It tells me how to get to the command prompt but doesn't tell me how to run to program on the flash drive. Please give me more direction.
 
Hi - did you get my last message? I don't know how to run the program once I get to the command prompt. Is there no "safe mode" for Windows 8?
 
Ok, I think I got it to run. Here's the first part of the log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2013
Ran by SYSTEM at 16-01-2013 13:45:36
Running from F:\
Windows 8 (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [Dell Audio] c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20591616 2012-08-06] ()
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4123 2012-05-30] ()
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
HKU\Kathryn\...\Run: [GoogleChromeAutoLaunch_5F8DEE5AAD550B4A05D8853BE7B4418F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window [1248360 2013-01-07] (Google Inc.)
HKU\Kathryn\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17877168 2012-11-09] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 75.75.75.75 75.75.76.76
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Kathryn\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) ===================

2 AECLFilters; C:\Windows\System32\AECLSr64.exe [99696 2012-08-06] (Andrea Electronics Corporation)
3 AllUserInstallAgent; C:\Windows\System32\AUInstallAgent.dll [122368 2012-07-25] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [169472 2012-11-05] (Microsoft Corporation)
2 BcmBtRSupport; C:\Windows\System32\BtwRSupportService.exe [2247992 2012-07-19] (Broadcom Corporation.)
2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [179712 2012-09-19] (Microsoft Corporation)
2 CirrusAudioService; "C:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe" [7168 2012-08-06] (Cirrus Logic)
2 DeviceAssociationService; C:\Windows\System32\das.dll [342016 2012-07-25] (Microsoft Corporation)
3 DeviceInstall; C:\Windows\System32\umpnpmgr.dll [107008 2012-09-19] (Microsoft Corporation)
3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [207872 2012-07-25] (Microsoft Corporation)
3 EFS; C:\Windows\System32\efssvc.dll [37376 2012-07-25] (Microsoft Corporation)
3 fhsvc; C:\Windows\System32\fhsvc.dll [116736 2012-09-19] (Microsoft Corporation)
2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
3 KeyIso; C:\Windows\System32\keyiso.dll [59904 2012-07-25] (Microsoft Corporation)
3 KeyIso; C:\Windows\SysWow64\keyiso.dll [43520 2012-07-25] (Microsoft Corporation)
2 LSM; C:\Windows\System32\lsm.dll [438272 2012-07-25] (Microsoft Corporation)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
3 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241016 2012-11-09] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-11-09] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [177680 2012-11-09] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 NcaSvc; C:\Windows\System32\ncasvc.dll [161792 2012-07-25] (Microsoft Corporation)
3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\netlogon.dll [743936 2012-07-25] (Microsoft Corporation)
3 Netlogon; C:\Windows\SysWow64\netlogon.dll [634368 2012-07-25] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofmsvc.dll [463872 2012-07-25] (Microsoft Corporation)
3 PrintNotify; C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll [2675712 2012-11-05] (Microsoft Corporation)
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [254512 2012-04-24] ()
2 SftService; "C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe" [1914728 2012-09-12] (SoftThinks SAS)
3 StorSvc; C:\Windows\SysWow64\storsvc.dll [18432 2012-07-25] (Microsoft Corporation)
3 svsvc; C:\Windows\System32\svsvc.dll [12800 2012-07-25] (Microsoft Corporation)
3 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [178176 2012-12-05] (Microsoft Corporation)
3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [170496 2012-12-05] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\vaultsvc.dll [283648 2012-07-25] (Microsoft Corporation)
3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicrdv; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicshutdown; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmictimesync; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-25] (Microsoft Corporation)
2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [263680 2012-07-25] (Microsoft Corporation)
3 WiaRpc; C:\Windows\System32\wiarpc.dll [65536 2012-07-25] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-25] (Microsoft Corporation)
3 WinHttpAutoProxySvc; C:\Windows\SysWow64\winhttp.dll [516608 2012-11-05] (Microsoft Corporation)
3 wlidsvc; C:\Windows\System32\wlidsvc.dll [1968128 2012-07-25] (Microsoft Corporation)
3 WSService; C:\Windows\System32\WSService.dll [2367528 2012-09-20] (Microsoft Corporation)

==================== Drivers (Whitelisted) =====================

0 3ware; C:\Windows\System32\Drivers\3ware.sys [106736 2012-07-25] (LSI)
0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [77040 2012-07-25] (Microsoft Corporation)
3 acpipagr; C:\Windows\System32\Drivers\acpipagr.sys [10240 2012-07-25] (Microsoft Corporation)
3 acpitime; C:\Windows\System32\Drivers\acpitime.sys [10752 2012-07-25] (Microsoft Corporation)
0 arc; C:\Windows\System32\Drivers\arc.sys [104688 2012-07-25] (PMC-Sierra, Inc.)
0 arcsas; C:\Windows\System32\Drivers\arcsas.sys [108272 2012-07-25] (PMC-Sierra, Inc.)
1 BasicDisplay; C:\Windows\System32\Drivers\BasicDisplay.sys [48640 2012-07-25] (Microsoft Corporation)
1 BasicRender; C:\Windows\System32\Drivers\BasicRender.sys [29696 2012-07-25] (Microsoft Corporation)
3 bcbtums; C:\Windows\System32\Drivers\bcbtums.sys [164152 2012-07-19] (Broadcom Corporation.)
3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
3 BthAvrcpTg; C:\Windows\System32\Drivers\BthAvrcpTg.sys [31104 2012-11-26] (Microsoft Corporation)
3 BthHFEnum; C:\Windows\System32\Drivers\BthHFEnum.sys [51200 2012-07-25] (Microsoft Corporation)
3 bthhfhid; C:\Windows\System32\Drivers\bthhfhid.sys [29952 2012-11-26] (Microsoft Corporation)
3 BthLEEnum; C:\Windows\System32\Drivers\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFDx64.sys [41328 2012-08-06] (Cirrus Logic)
0 CLFS; C:\Windows\System32\Drivers\CLFS.sys [361200 2012-07-25] (Microsoft Corporation)
1 CLVirtualDrive; C:\Windows\System32\Drivers\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
3 condrv; C:\Windows\System32\Drivers\condrv.sys [33792 2012-07-25] (Microsoft Corporation)
1 dam; C:\Windows\System32\Drivers\dam.sys [58088 2012-10-10] (Microsoft Corporation)
3 DellRbtn; C:\Windows\System32\Drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
0 EhStorClass; C:\Windows\System32\Drivers\EhStorClass.sys [81136 2012-07-25] (Microsoft Corporation)
0 EhStorTcgDrv; C:\Windows\System32\Drivers\EhStorTcgDrv.sys [113904 2012-07-25] (Microsoft Corporation)
3 FxPPM; C:\Windows\System32\Drivers\FxPPM.sys [22528 2012-11-05] (Microsoft Corporation)
3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [12288 2012-07-25] (Microsoft Corporation)
3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [120040 2012-09-19] (Microsoft Corporation)
3 hidi2c; C:\Windows\System32\Drivers\hidi2c.sys [39936 2012-11-19] (Microsoft Corporation)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
3 hyperkbd; C:\Windows\System32\Drivers\hyperkbd.sys [11776 2012-07-25] (Microsoft Corporation)
3 HyperVideo; C:\Windows\System32\Drivers\HyperVideo.sys [24576 2012-07-25] (Microsoft Corporation)
0 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [651832 2012-10-26] (Intel Corporation)
3 kdnic; C:\Windows\System32\Drivers\kdnic.sys [18432 2012-07-25] (Microsoft Corporation)
0 LSI_SSS; C:\Windows\System32\Drivers\LSI_SSS.sys [81136 2012-07-25] (LSI Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
0 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [69168 2012-11-09] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-11-09] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-11-09] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.)
3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [129536 2012-07-25] (Microsoft Corporation)
3 msgpiowin32; C:\Windows\System32\Drivers\msgpiowin32.sys [28392 2012-09-19] (Microsoft Corporation)
3 mshidumdf; C:\Windows\System32\Drivers\mshidumdf.sys [10752 2012-07-25] (Microsoft Corporation)
3 MsLldp; C:\Windows\System32\Drivers\MsLldp.sys [68608 2012-07-25] (Microsoft Corporation)
0 mvumis; C:\Windows\System32\Drivers\mvumis.sys [64240 2012-07-25] (Marvell Semiconductor, Inc.)
3 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
3 NDISWANLEGACY; C:\Windows\system32\DRIVERS\ndiswan.sys [174080 2012-07-25] (Microsoft Corporation)
2 Ndu; C:\Windows\System32\Drivers\Ndu.sys [97792 2012-07-25] (Microsoft Corporation)
1 npsvctrig; C:\Windows\System32\Drivers\npsvctrig.sys [23552 2012-07-25] (Microsoft Corporation)
0 pdc; C:\Windows\System32\Drivers\pdc.sys [69864 2012-11-05] (Microsoft Corporation)
3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [683664 2012-06-12] (Realtek )
3 sdstor; C:\Windows\System32\Drivers\sdstor.sys [56552 2012-10-10] (Microsoft Corporation)
3 SerCx; C:\Windows\System32\Drivers\SerCx.sys [62976 2012-07-25] (Microsoft Corporation)
0 spaceport; C:\Windows\System32\Drivers\spaceport.sys [283888 2012-07-25] (Microsoft Corporation)
3 SpbCx; C:\Windows\System32\Drivers\SpbCx.sys [59392 2012-07-25] (Microsoft Corporation)
0 storahci; C:\Windows\System32\Drivers\storahci.sys [77552 2012-07-25] (Microsoft Corporation)
3 UASPStor; C:\Windows\System32\Drivers\UASPStor.sys [97008 2012-07-25] (Microsoft Corporation)
3 UCX01000; C:\Windows\System32\Drivers\UCX01000.sys [212200 2012-09-19] (Microsoft Corporation)
3 USBHUB3; C:\Windows\System32\Drivers\USBHUB3.sys [445160 2012-11-05] (Microsoft Corporation)
3 USBXHCI; C:\Windows\System32\Drivers\USBXHCI.sys [337128 2012-09-19] (Microsoft Corporation)
3 VerifierExt; C:\Windows\System32\Drivers\VerifierExt.sys [106224 2012-07-25] (Microsoft Corporation)
3 vpci; C:\Windows\System32\Drivers\vpci.sys [67824 2012-07-25] (Microsoft Corporation)
0 VSTXRAID; C:\Windows\System32\Drivers\VSTXRAID.sys [322800 2012-07-25] (VIA Corporation)
3 WdBoot; C:\Windows\System32\Drivers\WdBoot.sys [34216 2012-07-25] (Microsoft Corporation)
3 WdFilter; C:\Windows\System32\Drivers\WdFilter.sys [258288 2012-07-25] (Microsoft Corporation)
0 WFPLWFS; C:\Windows\System32\Drivers\WFPLWFS.sys [96496 2012-07-25] (Microsoft Corporation)
3 wpcfltr; C:\Windows\System32\Drivers\wpcfltr.sys [45056 2012-07-25] (Microsoft Corporation)
3 WpdUpFltr; C:\Windows\System32\Drivers\WpdUpFltr.sys [19968 2012-07-25] (Microsoft Corporation)
3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation)
3 GENERICDRV; \??\C:\Users\Kathryn\Downloads\amifldrv64.sys [x]
3 mfeavfk01; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-15 20:58 - 2013-01-15 20:58 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64 (1).exe
2013-01-15 17:42 - 2013-01-15 17:42 - 00108226 ____A C:\Users\Kathryn\Downloads\FRST.txt
2013-01-15 17:40 - 2013-01-15 17:40 - 00000000 ____D C:\FRST
2013-01-15 17:39 - 2013-01-15 17:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
2013-01-15 17:36 - 2013-01-15 17:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
2013-01-15 16:27 - 2013-01-15 16:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
2013-01-15 16:26 - 2013-01-15 16:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
2013-01-15 16:24 - 2013-01-15 16:25 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
2013-01-15 15:25 - 2013-01-15 15:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-15 15:07 - 2013-01-15 15:08 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
2013-01-15 15:07 - 2013-01-15 15:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
2013-01-15 15:05 - 2013-01-15 15:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
2013-01-15 15:05 - 2013-01-15 15:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
2013-01-15 15:04 - 2013-01-15 15:05 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
2013-01-15 15:04 - 2013-01-15 15:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
2013-01-15 07:25 - 2013-01-15 07:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
2013-01-15 07:25 - 2013-01-15 07:24 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
2013-01-12 10:24 - 2012-11-26 23:00 - 00194280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-01-12 10:24 - 2012-11-26 23:00 - 00124648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-01-12 10:24 - 2012-11-26 22:59 - 00329960 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-01-12 10:24 - 2012-11-26 22:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-01-12 10:24 - 2012-11-26 22:27 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-01-12 10:24 - 2012-11-26 20:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-01-12 10:24 - 2012-11-26 20:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-01-12 10:24 - 2012-11-26 20:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-01-12 10:24 - 2012-11-26 20:20 - 00891904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-01-12 10:24 - 2012-11-26 20:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-01-12 10:24 - 2012-11-26 20:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 05088256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 03345920 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 01145856 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 01096704 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-01-12 10:24 - 2012-11-26 20:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-01-12 10:24 - 2012-11-26 20:19 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-01-12 10:24 - 2012-11-26 20:18 - 05974528 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-01-12 10:24 - 2012-11-26 20:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-01-12 10:24 - 2012-11-26 20:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-01-12 10:24 - 2012-11-26 20:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-01-12 10:24 - 2012-11-26 20:17 - 02302464 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-01-12 10:24 - 2012-11-26 20:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-01-12 10:24 - 2012-11-26 19:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-01-12 10:24 - 2012-11-26 19:56 - 00031104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-01-12 10:24 - 2012-11-26 19:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-01-12 10:24 - 2012-09-10 21:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-01-12 10:24 - 2012-09-10 21:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-01-12 10:24 - 2012-09-10 21:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-01-12 10:20 - 2012-12-05 20:23 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-01-12 10:20 - 2012-12-05 20:22 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-01-12 10:20 - 2012-11-28 21:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-01-12 10:20 - 2012-11-28 21:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-01-12 10:19 - 2012-12-03 20:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-01-12 10:19 - 2012-12-03 19:59 - 04055552 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-12 10:13 - 2013-01-15 07:05 - 00003094 ____A C:\Windows\PFRO.log
2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\Application Data\Malwarebytes
2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
2013-01-09 16:52 - 2013-01-09 16:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-09 16:52 - 2013-01-09 16:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-09 16:52 - 2012-12-14 15:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-01-09 16:51 - 2013-01-09 16:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
2013-01-09 07:25 - 2012-11-25 20:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-01-09 07:25 - 2012-11-25 20:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-01-09 07:24 - 2012-10-31 20:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-01-09 07:24 - 2012-10-31 20:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-01-09 07:24 - 2012-10-31 20:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-09 07:24 - 2012-10-31 20:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-01-09 07:24 - 2012-10-31 20:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-01-09 07:24 - 2012-10-31 20:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-01-09 07:24 - 2012-10-31 20:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-01-09 07:24 - 2012-10-31 20:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-01-07 19:56 - 2013-01-12 10:07 - 00012075 ____A C:\Users\Kathryn\My Documents\Job applications.xlsx
2013-01-07 19:56 - 2013-01-12 10:07 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
2013-01-05 09:53 - 2013-01-16 12:31 - 01907658 ____A C:\Windows\WindowsUpdate.log
2013-01-04 17:36 - 2013-01-04 17:36 - 00000000 ____D C:\Program Files\CCleaner
2013-01-04 17:35 - 2013-01-04 17:36 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
2013-01-04 17:33 - 2013-01-04 17:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Amazon_Services_LLC
 
Here's the second:

2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Amazon_Services_LLC
2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
2013-01-03 13:46 - 2009-07-03 12:23 - 00132024 ____A C:\Users\Kathryn\My Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
2013-01-03 13:46 - 2009-07-03 12:23 - 00132024 ____A C:\Users\Kathryn\Documents\2005 Quality Walls of Boulder Inc Tax Return.tax
2013-01-02 15:06 - 2013-01-02 15:07 - 00000000 ____D C:\Users\Kathryn\Application Data\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:07 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iTunes
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iPod
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-01-02 15:06 - 2012-08-21 12:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Application Data\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Bonjour
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-01-02 15:03 - 2013-01-02 15:04 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
2013-01-02 14:48 - 2013-01-02 14:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
2013-01-02 14:46 - 2012-10-01 23:34 - 00446976 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-01-02 14:46 - 2012-10-01 23:34 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-01-02 14:45 - 2012-09-26 23:17 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\newdev.exe
2013-01-02 14:45 - 2012-09-26 23:17 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\ndadmin.exe
2013-01-02 14:45 - 2012-09-26 23:15 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll
2013-01-02 14:45 - 2012-09-26 22:35 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2013-01-02 14:45 - 2012-09-26 22:35 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2013-01-02 14:45 - 2012-09-26 22:34 - 00275968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2013-01-02 14:37 - 2012-09-19 21:55 - 00083968 ____A C:\Windows\SysWOW64\OEMLicense.dll
2013-01-02 14:35 - 2012-09-20 01:08 - 00027280 ____A (Microsoft Corporation) C:\Windows\System32\avrt.dll
2013-01-02 14:35 - 2012-09-20 00:04 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-01-02 14:35 - 2012-09-19 22:33 - 00420352 ____A (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2013-01-02 14:35 - 2012-09-19 22:33 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2013-01-02 14:35 - 2012-09-19 22:33 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-02 14:35 - 2012-09-19 22:33 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\WSSync.dll
2013-01-02 14:35 - 2012-09-19 22:33 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\fhmanagew.exe
2013-01-02 14:35 - 2012-09-19 22:33 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\svchost.exe
2013-01-02 14:35 - 2012-09-19 22:32 - 00356352 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\perfos.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00121856 ____A (Microsoft Corporation) C:\Windows\System32\rascfg.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00112128 ____A (Microsoft Corporation) C:\Windows\System32\PackageStateRoaming.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\RpcEpMap.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\perfctrs.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\perfproc.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\perfdisk.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\perfnet.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\spwmp.dll
2013-01-02 14:35 - 2012-09-19 22:32 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00604672 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\fhcfg.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00280576 ____A (Microsoft Corporation) C:\Windows\System32\fhcat.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\IPHLPAPI.DLL
2013-01-02 14:35 - 2012-09-19 22:31 - 00137728 ____A (Microsoft Corporation) C:\Windows\System32\fhshl.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00118272 ____A (Microsoft Corporation) C:\Windows\System32\DevPropMgr.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00116736 ____A (Microsoft Corporation) C:\Windows\System32\fhsvc.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchapi.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\fhevents.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\fhsrchph.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhlisten.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\fhautoplay.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\fhcleanup.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\fhtask.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00037888 ____A (Microsoft Corporation) C:\Windows\System32\LangCleanupSysprepAction.dll
2013-01-02 14:35 - 2012-09-19 22:31 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\fhsvcctl.dll
2013-01-02 14:35 - 2012-09-19 22:30 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\bcdsrv.dll
2013-01-02 14:35 - 2012-09-19 22:30 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\DAFWSD.dll
2013-01-02 14:35 - 2012-09-19 22:13 - 00023656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\avrt.dll
2013-01-02 14:35 - 2012-09-19 22:08 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys
2013-01-02 14:35 - 2012-09-19 21:55 - 00333824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2013-01-02 14:35 - 2012-09-19 21:55 - 00239616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-01-02 14:35 - 2012-09-19 21:55 - 00166912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-01-02 14:35 - 2012-09-19 21:55 - 00154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-01-02 14:35 - 2012-09-19 21:55 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-01-02 14:35 - 2012-09-19 21:54 - 00533504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\provcore.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00108544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00089088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00034816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00033792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2013-01-02 14:35 - 2012-09-19 21:54 - 00005632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2013-01-02 14:35 - 2012-09-19 21:53 - 01247232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2013-01-02 14:35 - 2012-09-19 21:53 - 00461824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-01-02 14:35 - 2012-09-19 21:53 - 00119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2013-01-02 14:34 - 2012-09-20 01:10 - 02367528 ____A (Microsoft Corporation) C:\Windows\System32\WSService.dll
2013-01-02 14:34 - 2012-09-20 00:40 - 00389360 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll
2013-01-02 14:34 - 2012-09-19 23:55 - 00533224 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\bxvbda.sys
2013-01-02 14:34 - 2012-09-19 22:33 - 01304064 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\lpksetup.exe
2013-01-02 14:34 - 2012-09-19 22:33 - 00588800 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00545280 ____A (Microsoft Corporation) C:\Windows\System32\taskeng.exe
2013-01-02 14:34 - 2012-09-19 22:33 - 00457216 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00390144 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\wpnprv.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00110592 ____A C:\Windows\System32\OEMLicense.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2013-01-02 14:34 - 2012-09-19 22:33 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\lpremove.exe
2013-01-02 14:34 - 2012-09-19 22:33 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\umpo.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\vsstrace.dll
2013-01-02 14:34 - 2012-09-19 22:33 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\ndptsp.tsp
2013-01-02 14:34 - 2012-09-19 22:33 - 00047104 ____A (Microsoft Corporation) C:\Windows\System32\kmddsp.tsp
2013-01-02 14:34 - 2012-09-19 22:32 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-01-02 14:34 - 2012-09-19 22:32 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2013-01-02 14:34 - 2012-09-19 22:32 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\rasdiag.dll
2013-01-02 14:34 - 2012-09-19 22:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\msdxm.ocx
2013-01-02 14:34 - 2012-09-19 22:32 - 00006144 ____A (Microsoft Corporation) C:\Windows\System32\dxmasf.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00437760 ____A (Microsoft Corporation) C:\Windows\System32\mfh264enc.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00236544 ____A (Microsoft Corporation) C:\Windows\System32\MFPlay.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00080896 ____A (Microsoft Corporation) C:\Windows\System32\mmcss.dll
2013-01-02 14:34 - 2012-09-19 22:31 - 00008704 ____A (Microsoft Corporation) C:\Windows\System32\lpksetupproxyserv.dll
2013-01-02 14:34 - 2012-09-19 22:30 - 02016256 ____A (Microsoft Corporation) C:\Windows\System32\batmeter.dll
2013-01-02 14:34 - 2012-09-19 22:30 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl
2013-01-02 14:34 - 2012-09-19 22:30 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2013-01-02 14:34 - 2012-09-19 22:30 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2013-01-02 14:34 - 2012-09-19 22:30 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2013-01-02 14:34 - 2012-09-19 22:13 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-kernel-power-events.dll
2013-01-02 14:34 - 2012-09-19 22:09 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndistapi.sys
2013-01-02 14:34 - 2012-09-19 22:08 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-01-02 14:34 - 2012-09-19 21:55 - 00995328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2013-01-02 14:34 - 2012-09-19 21:55 - 00417280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-01-02 14:34 - 2012-09-19 21:55 - 00267776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-01-02 14:34 - 2012-09-19 21:55 - 00265216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-01-02 14:34 - 2012-09-19 21:55 - 00051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2013-01-02 14:34 - 2012-09-19 21:55 - 00038912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2013-01-02 14:34 - 2012-09-19 21:54 - 00709632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00413184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00009216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2013-01-02 14:34 - 2012-09-19 21:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2013-01-02 14:34 - 2012-09-19 21:54 - 00004608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2013-01-02 14:34 - 2012-09-19 21:53 - 02007040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2013-01-02 14:34 - 2012-09-19 21:53 - 00675840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-01-02 14:34 - 2012-09-19 21:53 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2013-01-02 14:34 - 2012-09-19 20:13 - 00098816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-01-02 14:33 - 2012-09-20 01:05 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-01-02 14:33 - 2012-09-20 00:56 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-01-02 14:33 - 2012-09-20 00:04 - 00100072 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-01-02 14:33 - 2012-09-19 23:03 - 00465128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-01-02 14:33 - 2012-09-19 23:03 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-01-02 14:33 - 2012-09-19 22:48 - 00062488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpfve.sys
2013-01-02 14:33 - 2012-09-19 22:47 - 00307192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 13640704 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 01513984 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00866304 ____A (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00699392 ____A (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00541184 ____A (Microsoft Corporation) C:\Windows\System32\VAN.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00410624 ____A (Microsoft Corporation) C:\Windows\System32\services.exe
2013-01-02 14:33 - 2012-09-19 22:33 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\wlidcredprov.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00117760 ____A (Microsoft Corporation) C:\Windows\System32\dwm.exe
2013-01-02 14:33 - 2012-09-19 22:33 - 00107008 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-01-02 14:33 - 2012-09-19 22:33 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe
2013-01-02 14:33 - 2012-09-19 22:33 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-01-02 14:33 - 2012-09-19 22:33 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2013-01-02 14:33 - 2012-09-19 22:32 - 01739264 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\provcore.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00416256 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00256512 ____A (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\rasmxs.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00029696 ____A (Microsoft Corporation) C:\Windows\System32\rasser.dll
2013-01-02 14:33 - 2012-09-19 22:32 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-01-02 14:33 - 2012-09-19 22:31 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2013-01-02 14:33 - 2012-09-19 22:31 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-01-02 14:33 - 2012-09-19 22:31 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\eventcls.dll
2013-01-02 14:33 - 2012-09-19 22:30 - 03847168 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-01-02 14:33 - 2012-09-19 22:30 - 02219008 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-01-02 14:33 - 2012-09-19 22:30 - 01743872 ____A (Microsoft Corporation) C:\Windows\System32\combase.dll
2013-01-02 14:33 - 2012-09-19 22:30 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-01-02 14:33 - 2012-09-19 22:09 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ws2ifsl.sys
2013-01-02 14:33 - 2012-09-19 22:07 - 00210304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
2013-01-02 14:33 - 2012-09-19 22:05 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-01-02 14:33 - 2012-09-19 21:55 - 10791936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-01-02 14:33 - 2012-09-19 21:55 - 00263168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2013-01-02 14:33 - 2012-09-19 21:55 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2013-01-02 14:33 - 2012-09-19 21:55 - 00080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-01-02 14:33 - 2012-09-19 21:55 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2013-01-02 14:33 - 2012-09-19 21:54 - 01369600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 01196032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00509952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00480768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00449024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00325632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2013-01-02 14:33 - 2012-09-19 21:54 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2013-01-02 14:33 - 2012-09-19 21:53 - 03296256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-01-02 14:33 - 2012-09-19 21:53 - 02033664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-01-02 14:33 - 2012-09-19 21:53 - 00025088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-01-02 14:33 - 2012-09-19 21:53 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2013-01-02 14:32 - 2012-09-20 01:05 - 01448168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-01-02 14:32 - 2012-09-20 00:31 - 00425192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2013-01-02 14:32 - 2012-09-20 00:28 - 01825208 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-01-02 14:32 - 2012-09-20 00:04 - 02225896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-01-02 14:32 - 2012-09-19 23:55 - 03265256 ____A (Broadcom Corporation) C:\Windows\System32\Drivers\evbda.sys
2013-01-02 14:32 - 2012-09-19 23:55 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-01-02 14:32 - 2012-09-19 23:55 - 00212200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\UCX01000.SYS
2013-01-02 14:32 - 2012-09-19 23:55 - 00120040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpioclx.sys
2013-01-02 14:32 - 2012-09-19 23:55 - 00028392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-01-02 14:32 - 2012-09-19 22:33 - 02397184 ____A (Microsoft Corporation) C:\Windows\System32\WpcMon.exe
2013-01-02 14:32 - 2012-09-19 22:33 - 01590272 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-01-02 14:32 - 2012-09-19 22:33 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
2013-01-02 14:32 - 2012-09-19 22:33 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-01-02 14:32 - 2012-09-19 22:33 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
2013-01-02 14:32 - 2012-09-19 22:32 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll
2013-01-02 14:32 - 2012-09-19 22:32 - 01019392 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2013-01-02 14:32 - 2012-09-19 22:32 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\ProximityService.dll
2013-01-02 14:32 - 2012-09-19 22:32 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2013-01-02 14:32 - 2012-09-19 22:32 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\MUILanguageCleanup.dll
2013-01-02 14:32 - 2012-09-19 22:31 - 00755200 ____A (Microsoft Corporation) C:\Windows\System32\fveapi.dll
2013-01-02 14:32 - 2012-09-19 22:31 - 00459776 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-01-02 14:32 - 2012-09-19 22:31 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fveapibase.dll
2013-01-02 14:32 - 2012-09-19 22:30 - 02066432 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-01-02 14:32 - 2012-09-19 22:26 - 01409376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-01-02 14:32 - 2012-09-19 22:12 - 09374208 ____A (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-01-02 14:32 - 2012-09-19 21:55 - 01319424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-01-02 14:32 - 2012-09-19 21:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2013-01-02 14:32 - 2012-09-19 21:55 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-01-02 14:32 - 2012-09-19 21:55 - 00303616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2013-01-02 14:32 - 2012-09-19 21:54 - 01137152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2013-01-02 14:32 - 2012-09-19 21:53 - 01701376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-01-02 14:32 - 2012-09-19 21:53 - 00366080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-01-02 14:32 - 2012-09-19 21:32 - 09374208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-01-02 14:32 - 2012-09-19 20:10 - 01126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2013-01-02 14:31 - 2012-09-19 22:33 - 14259712 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-01-02 14:31 - 2012-09-19 22:33 - 03964416 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe
2013-01-02 14:31 - 2012-09-19 22:33 - 00573440 ____A (Microsoft Corporation) C:\Windows\System32\WinSATAPI.dll
2013-01-02 14:31 - 2012-09-19 21:55 - 11875328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-01-02 14:30 - 2013-01-02 14:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
2013-01-02 14:30 - 2013-01-02 14:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
2013-01-02 14:09 - 2013-01-02 14:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
2013-01-02 12:38 - 2013-01-02 12:39 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
2013-01-02 12:29 - 2013-01-02 12:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
2013-01-02 11:44 - 2012-11-20 00:00 - 06971624 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-01-02 11:44 - 2012-11-19 21:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-01-02 11:44 - 2012-11-19 21:24 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-01-02 11:44 - 2012-11-19 21:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-01-02 11:44 - 2012-11-19 21:17 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-01-02 11:44 - 2012-11-19 21:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-01-02 11:44 - 2012-11-19 20:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-01-02 11:44 - 2012-11-19 20:56 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-01-02 11:44 - 2012-11-19 20:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-01-02 11:44 - 2012-11-19 20:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-01-02 11:44 - 2012-11-12 20:20 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-01-02 11:44 - 2012-11-12 20:19 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-01-02 11:44 - 2012-11-07 20:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-01-02 11:44 - 2012-11-07 20:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-01-02 11:44 - 2012-11-07 20:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-01-02 11:44 - 2012-11-07 20:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-01-02 11:44 - 2012-11-07 20:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-01-02 11:44 - 2012-11-07 20:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-01-02 11:44 - 2012-11-01 21:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-01-02 11:44 - 2012-10-12 00:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-01-02 11:44 - 2012-10-11 22:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-01-02 11:44 - 2012-10-11 22:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-01-02 11:44 - 2012-10-11 21:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-01-02 11:44 - 2012-10-11 21:46 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-01-02 11:44 - 2012-10-11 21:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-01-02 11:44 - 2012-09-19 23:55 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-01-02 11:44 - 2012-09-19 23:55 - 00488168 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-01-02 11:44 - 2012-09-19 23:55 - 00079080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-01-02 11:44 - 2012-09-19 23:55 - 00021736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-01-02 11:44 - 2012-09-19 22:09 - 00032256 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-01-02 11:43 - 2012-10-23 20:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-01-02 11:43 - 2012-10-16 20:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-01-02 11:43 - 2012-10-16 20:32 - 01048064 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-01-02 11:43 - 2012-10-16 20:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-01-02 11:43 - 2012-10-16 20:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-01-02 11:43 - 2012-10-16 19:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-01-02 11:43 - 2012-10-16 19:57 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-01-02 11:43 - 2012-10-16 19:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-01-02 11:43 - 2012-10-16 19:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-01-02 11:43 - 2012-10-10 21:45 - 03554304 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-01-02 11:42 - 2012-10-10 23:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-01-02 11:42 - 2012-10-10 23:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-01-02 11:42 - 2012-10-10 23:26 - 00336104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-01-02 11:42 - 2012-10-10 23:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-01-02 11:42 - 2012-10-10 23:23 - 01001192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-01-02 11:42 - 2012-10-10 23:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-01-02 11:42 - 2012-10-10 23:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-01-02 11:42 - 2012-10-10 23:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-01-02 11:42 - 2012-10-10 23:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-01-02 11:42 - 2012-10-10 23:16 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-01-02 11:42 - 2012-10-10 23:16 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-01-02 11:42 - 2012-10-10 23:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-01-02 11:42 - 2012-10-10 23:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-01-02 11:42 - 2012-10-10 23:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-01-02 11:42 - 2012-10-10 23:01 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-01-02 11:42 - 2012-10-10 21:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-01-02 11:42 - 2012-10-10 21:46 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 00594944 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-01-02 11:42 - 2012-10-10 21:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-01-02 11:42 - 2012-10-10 21:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-01-02 11:42 - 2012-10-10 21:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-01-02 11:42 - 2012-10-10 21:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 02116096 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00435712 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-01-02 11:42 - 2012-10-10 21:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-01-02 11:42 - 2012-10-10 21:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-01-02 11:42 - 2012-10-10 21:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-01-02 11:42 - 2012-10-10 21:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-01-02 11:42 - 2012-10-10 21:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-01-02 11:42 - 2012-10-10 21:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-01-02 11:42 - 2012-10-10 21:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-01-02 11:42 - 2012-10-10 21:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-01-02 11:42 - 2012-10-10 21:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-01-02 11:42 - 2012-10-10 21:08 - 00671232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-01-02 11:42 - 2012-10-10 21:08 - 00303104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-01-02 11:42 - 2012-10-10 21:08 - 00170496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-01-02 11:42 - 2012-10-10 21:07 - 02764288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-01-02 11:42 - 2012-10-10 21:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 01610240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00658432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
 
And the next part:

53824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00411136 ____A (Microsotft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00408064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-01-02 11:42 - 2012-10-10 21:06 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-01-02 11:42 - 2012-10-10 21:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-01-02 11:42 - 2012-10-10 20:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-01-02 11:42 - 2012-10-10 19:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-01-02 11:42 - 2012-10-10 16:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-01-02 11:42 - 2012-10-10 16:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-01-02 11:41 - 2012-11-05 23:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-01-02 11:41 - 2012-11-05 20:20 - 17560576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-01-02 11:41 - 2012-11-05 20:20 - 08856576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-01-02 11:41 - 2012-11-05 20:19 - 19789824 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-01-02 11:41 - 2012-11-05 20:19 - 10096640 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-01-02 11:41 - 2012-11-05 20:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-01-02 11:41 - 2012-11-05 20:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-01-02 11:41 - 2012-11-05 20:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-01-02 11:41 - 2012-11-05 20:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-01-02 11:41 - 2012-11-05 20:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-01-02 11:41 - 2012-11-05 20:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-02 11:40 - 2012-11-05 23:52 - 00445160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-01-02 11:40 - 2012-11-05 23:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-01-02 11:40 - 2012-11-05 23:36 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-01-02 11:40 - 2012-11-05 23:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-01-02 11:40 - 2012-11-05 23:33 - 00490064 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-01-02 11:40 - 2012-11-05 23:33 - 00447792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-01-02 11:40 - 2012-11-05 23:33 - 00253512 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-01-02 11:40 - 2012-11-05 21:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-01-02 11:40 - 2012-11-05 21:00 - 00427568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-01-02 11:40 - 2012-11-05 21:00 - 00324344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-01-02 11:40 - 2012-11-05 20:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00767488 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00195072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-01-02 11:40 - 2012-11-05 20:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-01-02 11:40 - 2012-11-05 20:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00318464 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-01-02 11:40 - 2012-11-05 20:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00753664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00549376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-01-02 11:40 - 2012-11-05 20:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-01-02 11:40 - 2012-11-05 20:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-01-02 11:40 - 2012-11-05 20:17 - 02146816 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-01-02 11:40 - 2012-11-05 20:17 - 00785920 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-01-02 11:40 - 2012-11-05 20:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-01-02 11:40 - 2012-11-05 20:17 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-01-02 11:40 - 2012-11-05 20:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-01-02 11:40 - 2012-11-05 20:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-01-02 11:40 - 2012-11-05 20:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-01-02 11:40 - 2012-11-05 19:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-01-02 11:40 - 2012-11-05 19:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-01-02 11:40 - 2012-11-05 19:55 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-01-02 11:40 - 2012-11-05 19:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-01-02 11:40 - 2012-11-05 19:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-01-02 11:40 - 2012-11-05 19:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-01-02 11:40 - 2012-11-05 19:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-01-02 11:40 - 2012-11-05 19:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-01-02 11:40 - 2012-11-05 19:54 - 00859136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-01-02 11:40 - 2012-11-05 19:54 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-01-02 11:40 - 2012-11-05 19:53 - 01171968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-01-02 11:40 - 2012-11-05 19:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-01-02 11:40 - 2012-11-05 19:53 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-01-02 11:40 - 2012-11-05 19:52 - 00366080 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-01-02 11:40 - 2012-11-05 19:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-01-02 11:40 - 2012-11-02 16:05 - 00385604 ____A C:\Windows\System32\ApnDatabase.xml
2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
2012-12-31 13:57 - 2012-12-31 13:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
2012-12-31 13:56 - 2012-12-31 13:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
2012-12-31 13:41 - 2012-12-31 13:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
2012-12-31 13:39 - 2012-12-31 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
2012-12-31 13:38 - 2012-12-31 13:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
2012-12-31 13:23 - 2012-12-31 13:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
2012-12-31 13:22 - 2012-12-31 13:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
2012-12-29 12:59 - 2012-12-29 12:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Public\Juniper Networks
2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2012-12-29 12:37 - 2010-10-22 21:49 - 00579952 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcSmartCardProv.dll
2012-12-29 12:37 - 2010-10-22 21:49 - 00405360 ____A (Juniper Networks) C:\Windows\SysWOW64\dsNcCredProv.dll
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\Application Data\CanonBJ
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Program Files\CanonBJ
2012-12-29 12:19 - 2007-05-01 04:00 - 00258560 ____A (CANON INC.) C:\Windows\System32\CNMLM90.DLL
2012-12-29 12:19 - 2007-04-25 18:28 - 00183296 ____A (Canon Inc.) C:\Windows\System32\CNCF2Lc.DLL
2012-12-29 12:19 - 2007-04-25 18:23 - 00143360 ____A (Canon Inc.) C:\Windows\System32\CNCFMSc.EXE
2012-12-29 12:19 - 2007-04-25 18:19 - 00003584 ____A (Canon Inc.) C:\Windows\System32\CNCFLcUS.DLL
2012-12-29 12:19 - 2007-04-25 18:19 - 00003072 ____A (Canon Inc.) C:\Windows\System32\CNCFLcJP.DLL
2012-12-29 12:18 - 2012-12-29 12:19 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
2012-12-29 12:17 - 2012-12-29 12:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
2012-12-29 12:15 - 2012-12-29 12:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
2012-12-29 12:14 - 2012-12-29 12:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2012-12-29 12:13 - 2012-12-29 12:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
2012-12-29 11:51 - 2012-12-29 11:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
2012-12-29 11:48 - 2012-12-29 11:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
2012-12-29 11:48 - 2012-12-29 11:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
2012-12-28 17:30 - 2013-01-16 12:43 - 00000000 ____D C:\Users\Kathryn\Application Data\Skype
2012-12-28 17:30 - 2013-01-16 12:43 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\All Users\Desktop\Skype.lnk
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\SkypePackages
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Application Data\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\extensions.sqlite
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\end
2012-12-28 17:30 - 2012-12-28 17:29 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
2012-12-28 17:29 - 2012-12-28 17:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
2012-12-28 15:33 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Kathryn\Application Data\Juniper Networks
2012-12-28 15:33 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
2012-12-28 15:32 - 2012-12-28 15:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Sun
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-28 14:56 - 2013-01-09 08:18 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-28 14:41 - 2012-08-30 16:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2012-12-28 14:41 - 2012-08-30 16:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2012-12-28 14:37 - 2012-11-09 20:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-12-28 14:37 - 2012-11-09 20:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-12-28 14:37 - 2012-11-09 20:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2012-12-28 14:37 - 2012-11-09 20:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2012-12-28 14:37 - 2012-11-09 20:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2012-12-28 14:37 - 2012-11-09 20:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2012-12-28 14:37 - 2012-10-09 23:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-12-28 14:37 - 2012-10-09 22:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-12-28 14:33 - 2012-12-16 00:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-28 14:33 - 2012-12-16 00:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-28 14:33 - 2012-12-16 00:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-28 14:33 - 2012-12-15 23:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-28 14:33 - 2012-11-27 20:21 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2012-12-28 14:33 - 2012-11-27 20:20 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2012-12-28 14:33 - 2012-11-14 22:26 - 19439616 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-28 14:33 - 2012-11-14 22:26 - 14324224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-28 14:33 - 2012-11-14 22:08 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-28 14:33 - 2012-11-14 22:06 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-28 14:33 - 2012-11-08 20:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-28 14:33 - 2012-11-08 20:03 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-28 14:33 - 2012-11-07 20:25 - 01775104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-28 14:33 - 2012-11-07 20:25 - 01138688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 13740032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 02881536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 01684992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-12-28 14:33 - 2012-11-07 20:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2012-12-28 14:33 - 2012-11-07 20:22 - 02246656 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-28 14:33 - 2012-11-07 20:22 - 01352704 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-28 14:33 - 2012-11-07 20:22 - 00907776 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2012-12-28 14:33 - 2012-11-07 20:22 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-12-28 14:33 - 2012-11-07 20:21 - 03966464 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-28 14:33 - 2012-11-07 20:21 - 00854528 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-28 14:33 - 2012-11-07 20:21 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-28 14:33 - 2012-11-07 20:21 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 15416832 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 02162176 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-12-28 14:33 - 2012-11-07 20:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2012-12-28 14:33 - 2012-11-07 20:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2012-12-28 14:33 - 2012-11-07 20:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2012-12-28 14:33 - 2012-11-07 17:56 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2012-12-28 14:33 - 2012-11-02 21:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2012-12-28 14:33 - 2012-11-02 21:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2012-12-28 14:33 - 2012-11-02 21:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2012-12-28 14:33 - 2012-11-02 21:25 - 01009664 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2012-12-28 14:33 - 2012-11-02 21:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2012-12-28 14:33 - 2012-11-02 21:25 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2012-12-28 14:33 - 2012-11-02 21:25 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2012-12-28 14:33 - 2012-11-02 21:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2012-12-28 14:33 - 2012-11-02 21:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2012-12-28 14:33 - 2012-11-02 21:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2012-12-28 14:33 - 2012-11-02 21:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2012-12-28 14:33 - 2012-11-02 21:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2012-12-28 14:33 - 2012-10-23 19:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2012-12-28 14:33 - 2012-10-23 19:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2012-12-28 14:33 - 2012-10-23 19:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2012-12-28 14:33 - 2012-10-23 19:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2012-12-28 14:33 - 2012-10-23 19:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2012-12-28 14:33 - 2012-10-23 18:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2012-12-28 14:33 - 2012-10-05 20:53 - 02893824 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2012-12-28 14:33 - 2012-10-05 20:15 - 02400256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2012-12-28 13:55 - 2012-12-28 13:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
2012-12-28 13:54 - 2012-12-28 13:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
2012-12-28 13:42 - 2012-12-28 13:47 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2012-12-28 13:42 - 2012-12-28 13:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2012-12-28 13:41 - 2012-12-28 13:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
2012-12-28 13:37 - 2012-12-28 13:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2012-12-28 13:37 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-28 13:30 - 2013-01-10 08:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-28 13:30 - 2013-01-10 08:33 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Microsoft Help
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Microsoft Help
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
2012-12-28 13:29 - 2012-12-28 13:29 - 00000000 __RHD C:\MSOCache
2012-12-28 10:06 - 2012-12-28 10:09 - 00000000 ____D C:\Users\Kathryn\Application Data\PCDr
2012-12-28 10:06 - 2012-12-28 10:09 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
2012-12-28 10:01 - 2013-01-16 12:42 - 00000000 ___RD C:\Users\Kathryn\Dropbox
2012-12-28 10:01 - 2012-12-28 10:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
2012-12-28 09:58 - 2013-01-16 12:42 - 00000000 ____D C:\Users\Kathryn\Application Data\Dropbox
2012-12-28 09:58 - 2013-01-16 12:42 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
2012-12-28 09:57 - 2012-12-28 09:58 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
2012-12-28 09:33 - 2012-12-28 09:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\Local Settings\softthinks
2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\softthinks
2012-12-28 09:28 - 2013-01-06 15:04 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
2012-12-28 09:21 - 2012-12-28 09:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
2012-12-28 09:19 - 2012-12-28 09:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
2012-12-27 18:46 - 2012-04-20 14:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2012-12-27 15:10 - 2013-01-16 12:41 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-12-27 15:10 - 2013-01-16 10:15 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-12-27 15:10 - 2013-01-12 10:18 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Program Files (x86)\Google
2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\Local Settings\Deployment
2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Deployment
2012-12-27 15:09 - 2012-12-27 15:45 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
2012-12-27 15:09 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\Application Data\Intel Corporation
2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\My Documents\Bluetooth Exchange Folder
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Broadcom
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Broadcom
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\VirtualStore
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\VirtualStore
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Macromedia
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Leadertech
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Adobe
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
2012-12-27 14:28 - 2012-12-28 10:01 - 00000000 ____D C:\users\Kathryn
2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\Local Settings\Packages
2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Packages
2012-12-27 14:28 - 2012-12-27 14:47 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
2012-12-27 14:28 - 2012-12-27 14:31 - 00000000 ____D C:\Users\All Users\PRICache
2012-12-27 14:28 - 2012-12-27 14:31 - 00000000 ____D C:\Users\All Users\Application Data\PRICache
2012-12-27 14:28 - 2012-12-27 14:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
2012-12-27 14:23 - 2012-12-27 14:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
 
And hopefully the last part:

==================== One Month Modified Files and Folders =======

2013-01-16 12:44 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-01-16 12:43 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\Skype
2013-01-16 12:43 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Skype
2013-01-16 12:43 - 2012-11-05 14:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2013-01-16 12:42 - 2012-12-28 10:01 - 00000000 ___RD C:\Users\Kathryn\Dropbox
2013-01-16 12:42 - 2012-12-28 09:58 - 00000000 ____D C:\Users\Kathryn\Application Data\Dropbox
2013-01-16 12:42 - 2012-12-28 09:58 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Dropbox
2013-01-16 12:41 - 2013-01-16 12:41 - 00000645 ____A C:\Windows\setupact.log
2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-01-16 12:41 - 2013-01-16 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-16 12:41 - 2012-12-27 15:10 - 00000922 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-16 12:41 - 2012-07-25 23:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-16 12:31 - 2013-01-05 09:53 - 01907658 ____A C:\Windows\WindowsUpdate.log
2013-01-16 12:22 - 2012-07-25 23:28 - 00850046 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-16 12:21 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\sru
2013-01-16 10:15 - 2012-12-27 15:10 - 00000926 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-15 20:58 - 2013-01-15 20:58 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64 (1).exe
2013-01-15 17:42 - 2013-01-15 17:42 - 00108226 ____A C:\Users\Kathryn\Downloads\FRST.txt
2013-01-15 17:40 - 2013-01-15 17:40 - 00000000 ____D C:\FRST
2013-01-15 17:39 - 2013-01-15 17:39 - 00710824 ____A (Reimage®) C:\Users\Kathryn\Downloads\ReimageRepairNU.exe
2013-01-15 17:36 - 2013-01-15 17:36 - 01464233 ____A (Farbar) C:\Users\Kathryn\Downloads\FRST64.exe
2013-01-15 17:33 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-01-15 16:27 - 2013-01-15 16:27 - 05021250 ____A C:\Users\Kathryn\Downloads\ComboFix (2).exe
2013-01-15 16:26 - 2013-01-15 16:26 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix (1).exe
2013-01-15 16:25 - 2013-01-15 16:24 - 05022206 ____A (Swearware) C:\Users\Kathryn\Downloads\ComboFix.exe
2013-01-15 15:25 - 2013-01-15 15:25 - 00433640 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-15 15:08 - 2013-01-15 15:07 - 00000000 ____D C:\Users\Kathryn\Downloads\mbar-1.01.0.1016
2013-01-15 15:07 - 2013-01-15 15:07 - 13462931 ____A C:\Users\Kathryn\Downloads\mbar-1.01.0.1016.zip
2013-01-15 15:05 - 2013-01-15 15:05 - 00001284 ____A C:\Users\Kathryn\Desktop\RKreport[2]_D_01152013_02d1605.txt
2013-01-15 15:05 - 2013-01-15 15:05 - 00001231 ____A C:\Users\Kathryn\Desktop\RKreport[1]_S_01152013_02d1605.txt
2013-01-15 15:05 - 2013-01-15 15:04 - 00000000 ____D C:\Users\Kathryn\Desktop\RK_Quarantine
2013-01-15 15:04 - 2013-01-15 15:04 - 00764416 ____A C:\Users\Kathryn\Downloads\RogueKiller.exe
2013-01-15 08:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\rescache
2013-01-15 07:25 - 2013-01-15 07:25 - 00008432 ____A C:\Users\Kathryn\Desktop\attach.txt
2013-01-15 07:24 - 2013-01-15 07:25 - 00030906 ____A C:\Users\Kathryn\Desktop\dds.txt
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____R (Swearware) C:\Users\Kathryn\Downloads\dds.scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (3).scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (2).scr
2013-01-15 07:22 - 2013-01-15 07:22 - 00688992 ____A (Swearware) C:\Users\Kathryn\Downloads\dds (1).scr
2013-01-15 07:13 - 2012-07-25 21:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-01-15 07:06 - 2012-11-05 14:48 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-01-15 07:05 - 2013-01-12 10:13 - 00003094 ____A C:\Windows\PFRO.log
2013-01-15 07:04 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\WinStore
2013-01-14 12:42 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\CyberLink
2013-01-14 12:42 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\Application Data\CyberLink
2013-01-12 10:18 - 2012-12-27 15:10 - 00002257 ____A C:\Users\Kathryn\Desktop\Google Chrome.lnk
2013-01-12 10:07 - 2013-01-07 19:56 - 00012075 ____A C:\Users\Kathryn\My Documents\Job applications.xlsx
2013-01-12 10:07 - 2013-01-07 19:56 - 00012075 ____A C:\Users\Kathryn\Documents\Job applications.xlsx
2013-01-10 08:33 - 2012-12-28 13:30 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-10 08:33 - 2012-12-28 13:30 - 00000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 16:53 - 2013-01-09 16:53 - 00001111 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\Application Data\Malwarebytes
2013-01-09 16:53 - 2013-01-09 16:53 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Malwarebytes
2013-01-09 16:53 - 2013-01-09 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-09 16:52 - 2013-01-09 16:52 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100 (1).exe
2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Malwarebytes
2013-01-09 16:52 - 2013-01-09 16:52 - 00000000 ____D C:\Users\All Users\Application Data\Malwarebytes
2013-01-09 16:51 - 2013-01-09 16:51 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\Kathryn\Downloads\mbam-setup-1.70.0.1100.exe
2013-01-09 08:18 - 2012-12-28 14:56 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\softthinks
2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\softthinks
2013-01-06 15:04 - 2012-12-28 09:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\softthinks
2013-01-04 17:37 - 2012-11-05 16:00 - 00000000 ____D C:\Windows\Panther
2013-01-04 17:36 - 2013-01-04 17:36 - 00000000 ____D C:\Program Files\CCleaner
2013-01-04 17:36 - 2013-01-04 17:35 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326 (1).exe
2013-01-04 17:33 - 2013-01-04 17:33 - 04178040 ____A (Piriform Ltd) C:\Users\Kathryn\Downloads\ccsetup326.exe
2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Amazon_Services_LLC
2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\Local Settings\Amazon_Services_LLC
2013-01-04 12:44 - 2013-01-04 12:44 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Amazon_Services_LLC
2013-01-02 15:07 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Application Data\Apple Computer
2013-01-02 15:07 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-01-02 15:06 - 2013-01-02 15:06 - 00001785 ____A C:\Users\All Users\Desktop\iTunes.lnk
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Application Data\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\Apple Computer
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iTunes
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files\iPod
2013-01-02 15:06 - 2013-01-02 15:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\Local Settings\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Application Data\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Users\All Users\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files\Bonjour
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-01-02 15:05 - 2013-01-02 15:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-01-02 15:04 - 2013-01-02 15:03 - 88946664 ____A (Apple Inc.) C:\Users\Kathryn\Downloads\iTunes64Setup.exe
2013-01-02 14:55 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ToastData
2013-01-02 14:54 - 2012-07-26 00:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-01-02 14:54 - 2012-07-25 21:38 - 00000000 ____D C:\Windows\System32\oobe
2013-01-02 14:48 - 2013-01-02 14:48 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (2).exe
2013-01-02 14:30 - 2013-01-02 14:30 - 07228798 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2761094-x64.msu
2013-01-02 14:30 - 2013-01-02 14:30 - 00439787 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2764870-x64.msu
2013-01-02 14:09 - 2013-01-02 14:09 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov (1).exe
2013-01-02 12:39 - 2013-01-02 12:38 - 170699203 ____A C:\Users\Kathryn\Downloads\Windows8-RT-KB2756872-x64.msu
2013-01-02 12:29 - 2013-01-02 12:29 - 00024576 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\delmigprov.exe
2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137287781.txt
2013-01-02 03:49 - 2013-01-02 03:49 - 00000117 ____A C:\Windows\System32\netcfg-137284578.txt
2012-12-31 13:57 - 2012-12-31 13:57 - 00000117 ____A C:\Windows\System32\netcfg-1006171.txt
2012-12-31 13:56 - 2012-12-31 13:56 - 00000117 ____A C:\Windows\System32\netcfg-946500.txt
2012-12-31 13:55 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\NDF
2012-12-31 13:41 - 2012-12-31 13:41 - 00000117 ____A C:\Windows\System32\netcfg-51359.txt
2012-12-31 13:39 - 2012-12-31 13:39 - 00000117 ____A C:\Windows\System32\netcfg-1014765.txt
2012-12-31 13:38 - 2012-12-31 13:38 - 06219408 ____A C:\Users\Kathryn\Downloads\3520A04.EXE
2012-12-31 13:23 - 2012-12-31 13:23 - 00000117 ____A C:\Windows\System32\netcfg-50062.txt
2012-12-31 13:22 - 2012-12-31 13:22 - 00000117 ____A C:\Windows\System32\netcfg-257209437.txt
2012-12-31 13:20 - 2012-07-26 00:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2012-12-31 13:00 - 2012-07-26 00:12 - 00000000 ____D C:\Windows\System32\FxsTmp
2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238015515.txt
2012-12-31 08:02 - 2012-12-31 08:02 - 00000117 ____A C:\Windows\System32\netcfg-238014062.txt
2012-12-29 12:59 - 2012-12-29 12:59 - 00000117 ____A C:\Windows\System32\netcfg-83053484.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00001171 ____A C:\Windows\System32\netcfg-81758953.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81779828.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81776750.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000117 ____A C:\Windows\System32\netcfg-81773546.txt
2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Users\Public\Juniper Networks
2012-12-29 12:37 - 2012-12-29 12:37 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2012-12-29 12:37 - 2012-12-28 15:33 - 00000000 ____D C:\Users\Kathryn\Application Data\Juniper Networks
2012-12-29 12:37 - 2012-12-28 15:33 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Juniper Networks
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Windows\System32\CanonIJ Uninstaller Information
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\CanonBJ
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Users\All Users\Application Data\CanonBJ
2012-12-29 12:19 - 2012-12-29 12:19 - 00000000 ___HD C:\Program Files\CanonBJ
2012-12-29 12:19 - 2012-12-29 12:18 - 17196360 ____A C:\Users\Kathryn\Downloads\mx300swin64101ej.exe
2012-12-29 12:17 - 2012-12-29 12:17 - 16397640 ____A C:\Users\Kathryn\Downloads\mx300swin101ej.exe
2012-12-29 12:15 - 2012-12-29 12:15 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup (1).exe
2012-12-29 12:14 - 2012-12-29 12:14 - 00000000 ____D C:\Program Files (x86)\DriverTuner
2012-12-29 12:13 - 2012-12-29 12:13 - 02539496 ____A (LionSea SoftWare ) C:\Users\Kathryn\Downloads\setup.exe
2012-12-29 11:51 - 2012-12-29 11:51 - 00000117 ____A C:\Windows\System32\netcfg-78991046.txt
2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78953718.txt
2012-12-29 11:50 - 2012-12-29 11:50 - 00000117 ____A C:\Windows\System32\netcfg-78908468.txt
2012-12-29 11:48 - 2012-12-29 11:48 - 00001131 ____A C:\Windows\System32\netcfg-78808015.txt
2012-12-29 11:48 - 2012-12-29 11:48 - 00000117 ____A C:\Windows\System32\netcfg-78809187.txt
2012-12-29 09:47 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\PCDr
2012-12-29 09:47 - 2012-11-05 14:43 - 00000000 ____D C:\Users\All Users\Application Data\PCDr
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\Microsoft Help
2012-12-29 09:03 - 2012-12-29 09:03 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2012-12-29 09:03 - 2012-07-25 21:26 - 00000199 ____A C:\Windows\win.ini
2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223156.txt
2012-12-29 08:52 - 2012-12-29 08:52 - 00000117 ____A C:\Windows\System32\netcfg-68223000.txt
2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-12-28 17:30 - 2012-12-28 17:30 - 00002515 ____A C:\Users\All Users\Desktop\Skype.lnk
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\Application Data\SkypePackages
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\SkypePackages
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\couponamazing
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Users\All Users\Application Data\Skype
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____D C:\Program Files (x86)\PricePeep
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\extensions.sqlite
2012-12-28 17:30 - 2012-12-28 17:30 - 00000000 ____A C:\end
2012-12-28 17:29 - 2012-12-28 17:30 - 20185088 ____A C:\Users\Kathryn\Downloads\SkypeSetup_6.0.0.126.msi
2012-12-28 17:29 - 2012-12-28 17:29 - 01203848 ____A C:\Users\Kathryn\Downloads\SkypeSetup.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00896016 ____A (Oracle Corporation) C:\Users\Kathryn\Downloads\chromeinstall-7u10.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00859072 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00779704 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00260528 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00174000 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00173992 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-12-28 15:32 - 2012-12-28 15:32 - 00095184 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Sun
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Users\All Users\Application Data\Sun
2012-12-28 15:32 - 2012-12-28 15:32 - 00000000 ____D C:\Program Files (x86)\Java
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-28 15:30 - 2012-12-28 15:30 - 00118104 ____A C:\Users\Kathryn\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-28 13:55 - 2012-12-28 13:55 - 00000117 ____A C:\Windows\System32\netcfg-39687.txt
2012-12-28 13:54 - 2012-12-28 13:54 - 00000117 ____A C:\Windows\System32\netcfg-16477937.txt
2012-12-28 13:51 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2012-12-28 13:47 - 2012-12-28 13:42 - 368945248 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\office2007sp3-kb2526086-fullfile-en-us.exe
2012-12-28 13:42 - 2012-12-28 13:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2012-12-28 13:41 - 2012-12-28 13:41 - 38808920 ____A (Microsoft Corporation) C:\Users\Kathryn\Downloads\FileFormatConverters.exe
2012-12-28 13:37 - 2012-12-28 13:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2012-12-28 13:37 - 2012-11-05 14:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2012-12-28 13:37 - 2012-11-05 14:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2012-12-28 13:37 - 2012-07-25 23:52 - 00000000 ____D C:\Windows\ShellNew
2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files\Microsoft Office
2012-12-28 13:31 - 2012-12-28 13:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Microsoft Help
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Microsoft Help
2012-12-28 13:30 - 2012-12-28 13:30 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Microsoft Help
2012-12-28 13:29 - 2012-12-28 13:29 - 00000000 __RHD C:\MSOCache
2012-12-28 10:09 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Kathryn\Application Data\PCDr
2012-12-28 10:09 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\PCDr
2012-12-28 10:09 - 2012-11-05 14:43 - 00000000 ____D C:\Program Files\Dell Support Center
2012-12-28 10:01 - 2012-12-28 10:01 - 00001049 ____A C:\Users\Kathryn\Desktop\Dropbox.lnk
2012-12-28 10:01 - 2012-12-27 14:28 - 00000000 ____D C:\users\Kathryn
2012-12-28 09:58 - 2012-12-28 09:57 - 19241048 ____A (Dropbox, Inc.) C:\Users\Kathryn\Downloads\Dropbox 1.6.10.exe
2012-12-28 09:33 - 2012-12-28 09:33 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2012-12-28 09:33 - 2012-05-08 03:37 - 00000000 ____D C:\DELL
2012-12-28 09:21 - 2012-12-28 09:21 - 00000117 ____A C:\Windows\System32\netcfg-66781.txt
2012-12-28 09:20 - 2012-11-05 14:48 - 00000000 ____D C:\Program Files\Common Files\mcafee
2012-12-28 09:19 - 2012-12-28 09:19 - 00000117 ____A C:\Windows\System32\netcfg-68333234.txt
2012-12-27 18:46 - 2012-11-05 14:48 - 00000000 ____D C:\Users\All Users\McAfee
2012-12-27 18:46 - 2012-11-05 14:48 - 00000000 ____D C:\Users\All Users\Application Data\McAfee
2012-12-27 18:45 - 2012-07-26 00:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\Local Settings\Deployment
2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Deployment
2012-12-27 15:45 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Deployment
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Google
2012-12-27 15:10 - 2012-12-27 15:10 - 00000000 ____D C:\Program Files (x86)\Google
2012-12-27 15:09 - 2012-12-27 15:09 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Apps\2.0
2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Packages
2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Packages
2012-12-27 14:47 - 2012-12-27 14:28 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Packages
2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\Application Data\Intel Corporation
2012-12-27 14:32 - 2012-12-27 14:32 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Intel Corporation
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\My Documents\Bluetooth Exchange Folder
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Broadcom
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\Broadcom
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\Documents\Bluetooth Exchange Folder
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Power2Go8
2012-12-27 14:31 - 2012-12-27 14:31 - 00000000 ____D C:\Users\Kathryn\AppData\Local\Broadcom
2012-12-27 14:31 - 2012-12-27 14:28 - 00000000 ____D C:\Users\All Users\PRICache
2012-12-27 14:31 - 2012-12-27 14:28 - 00000000 ____D C:\Users\All Users\Application Data\PRICache
2012-12-27 14:31 - 2012-11-05 14:36 - 00000000 ____D C:\Users\All Users\Intel
2012-12-27 14:31 - 2012-11-05 14:36 - 00000000 ____D C:\Users\All Users\Application Data\Intel
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\VirtualStore
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Local Settings\Application Data\VirtualStore
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Macromedia
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Leadertech
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\Application Data\Adobe
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Macromedia
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Leadertech
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Roaming\Adobe
2012-12-27 14:29 - 2012-12-27 14:29 - 00000000 ____D C:\Users\Kathryn\AppData\Local\VirtualStore
2012-12-27 14:28 - 2012-12-27 14:28 - 00000020 ___SH C:\Users\Kathryn\ntuser.ini
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234234.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-234203.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-231140.txt
2012-12-27 14:24 - 2012-12-27 14:24 - 00000117 ____A C:\Windows\System32\netcfg-224703.txt
2012-12-27 14:23 - 2012-12-27 14:23 - 00000117 ____A C:\Windows\System32\netcfg-206406.txt
2012-12-18 15:32 - 2012-07-26 00:14 - 00695640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-18 15:32 - 2012-07-26 00:14 - 00080728 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2013-01-02 11:42] - [2012-10-10 21:46] - 0517120 ____A (Microsoft Corporation) BCF2036A0DD579E47C008C133550283E

C:\Windows\System32\wininit.exe
[2012-07-25 16:03] - [2012-07-25 19:08] - 0132608 ____A (Microsoft Corporation) FE9AB232B56A12224E8A3F3F9878C9A3

C:\Windows\explorer.exe
[2013-01-02 11:42] - [2012-10-10 23:35] - 2380944 ____A (Microsoft Corporation) E13A31D5254C25406A7946BDD9B06364

C:\Windows\SysWOW64\explorer.exe
[2013-01-02 11:42] - [2012-10-10 21:56] - 2115952 ____A (Microsoft Corporation) 953ADECFF08202A01EFC6110214FDE02

C:\Windows\System32\svchost.exe
[2013-01-02 14:35] - [2012-09-19 22:33] - 0029696 ____A (Microsoft Corporation) EDE27EACE742EE2888C5DD36400A2EC0

C:\Windows\SysWOW64\svchost.exe
[2013-01-02 14:35] - [2012-09-19 21:55] - 0023040 ____A (Microsoft Corporation) A46DC432F81473F526E3994AA483E366

C:\Windows\System32\services.exe
[2013-01-02 14:33] - [2012-09-19 22:33] - 0410624 ____A (Microsoft Corporation) 8F226143046435C75C033B0C52E90FFE

C:\Windows\System32\User32.dll
[2013-01-02 14:32] - [2012-09-19 22:33] - 1342464 ____A (Microsoft Corporation) A99AD14F26BDA7D7F27F76BC91B7EED7

C:\Windows\SysWOW64\User32.dll
[2013-01-02 14:32] - [2012-09-19 20:10] - 1126912 ____A (Microsoft Corporation) BA1C3ACD929A71E88B49C2B6E38F92B3

C:\Windows\System32\userinit.exe
[2012-07-25 16:06] - [2012-07-25 19:08] - 0025088 ____A (Microsoft Corporation) 0E925F7BA032920D58DD284B6181A247

C:\Windows\SysWOW64\userinit.exe
[2012-07-25 16:08] - [2012-07-25 19:21] - 0021504 ____A (Microsoft Corporation) 9F6289D194A04A09671FEED4B6CB6EF7

C:\Windows\System32\Drivers\volsnap.sys
[2012-07-25 18:30] - [2012-07-25 20:57] - 0332016 ____A (Microsoft Corporation) 2FB3CDFD5EAF4CD9D4AFAF96877D13AE


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-12-28 13:29:44
Restore point made on: 2013-01-02 11:48:00
Restore point made on: 2013-01-09 08:16:39
Restore point made on: 2013-01-12 10:28:20
Restore point made on: 2013-01-15 16:18:00

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3961.09 MB
Available physical RAM: 3298.75 MB
Total Pagefile: 3961.09 MB
Available Pagefile: 3305.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:457.39 GB) (Free:415.66 GB) NTFS
3 Drive e: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.77 GB) FAT32
5 Drive g: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
6 Drive w: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
7 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
8 Drive y: (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32


Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B *
Disk 1 Online 971 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 System (partition with boot components) 500 MB 1024 KB
Partition 2 OEM 40 MB 501 MB
Partition 3 Reserved 128 MB 541 MB
Partition 4 Recovery 500 MB 669 MB
Partition 5 Primary 457 GB 1169 MB
Partition 6 Recovery 7404 MB 458 GB

==================================================================================

Disk: 0
Partition 1
Type : c12a7328-f81f-11d2-ba4b-00a0c93ec93b
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 Y ESP FAT32 Partition 500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 796badd3-6bbf-4d9f-b631-466eb71a4965
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 DIAGS FAT32 Partition 40 MB Healthy Hidden

=========================================================

Disk: 0
Partition 3
Type : e3c9e316-0b5c-4db8-817d-f92df00215ae
Hidden : Yes
Required: No
Attrib : 0X8000000000000000

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 4
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G WINRETOOLS NTFS Partition 500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 5
Type : ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Hidden : No
Required: No
Attrib : 0000000000000000

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 457 GB Healthy

=========================================================

Disk: 0
Partition 6
Type : de94bba4-06d1-4d40-a16a-bfd50179d6ac
Hidden : Yes
Required: Yes
Attrib : 0X8000000000000001

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 PBR Image NTFS Partition 7404 MB Healthy Hidden

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 971 MB 0 B

==================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

=========================================================

Last Boot: 2013-01-13 17:09

==================== End Of Log =============================
 
Yes, but I also go to work :)
I'm not here 24/7.

FRST log is clean.

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

=========================

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

========================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Here's the report from AdwCleaner:

# AdwCleaner v2.105 - Logfile created 01/16/2013 at 17:53:38
# Updated 08/01/2013 by Xplode
# Operating system : Windows 8 (64 bits)
# User : Kathryn - KATIESLAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Kathryn\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\END
Folder Found : C:\Program Files (x86)\PricePeep
Folder Found : C:\Users\Kathryn\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\PricePeep
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.52

File : C:\Users\Kathryn\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2220 octets] - [16/01/2013 17:53:38]

########## EOF - C:\AdwCleaner[R1].txt - [2280 octets] ##########
I'll run the Junkware Removal Tool next and post the results.
 
You must log in or register to reply here.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back