Jump to content

Search the Community

Showing results for tags 'Scorpion'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 8 results

  1. So over a year ago I was infected with the PUP Scorpion Saver. For those who don't know, Scorpion Saver is a PUP that is supposed to give you great online shopping deals via pop-up adds. This ends up getting annoying and after I ended up getting rid of it using Malwarebytes (seriously thank you Malwarebytes that thing was annoying.) So I was wondering. Has anybody else on the forum been infected by this terrible PUP?
  2. For the past two days I've been dealing with this hidden malware which only recently showed up in my program's list as "ScorpionSaver Services." I've tried all I could think of along with anything I could search for, but most things seemed tailor-made for the user who posted the help thread in the first place or just didn't work. I even attempted to just plainly uninstall the program, which doesn't work. The images are the results of just trying to uninstall the program: Perhaps the malware is already removed and it is just a ghost entry in my programs list. Either way, I'll take the precautions and ask for assistance here. Attached are FRST's FRST and Addition text logs.FRST.txtAddition.txt
  3. Cannot remove Scorpion with MBAW Addition.txt FRST.txt
  4. Hi there, So, somehow I managed to get Scorpion Saver on my computer. I've gotten most of the virus deleted by now because there are no noticeable folder and registry keys, but Scorpion Saver is still in my Programs and Features folder. I've tried to uninstall the program through control panel, but that doesn't. I'm stumped for ideas and figured actually asking someone would be the best. Can anyone help?
  5. Hi, There are 2 issues (at least) 1. I need help deleting Scorpion. 2. I opened my desktop shortcut to run AdwCleaner. While it was opening, I looked at another program. While I was looking at that program, a Window opened asking if I would like to update. I assumed that it was for AdwCleaner and said yes. Now AdwCleaner has vanished. When I search under "Search Programs and Files" nothing shows up except for log files it created earlier. DDS files follow. Would appreciate any help. Cathy DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2 Run by Cathy at 19:37:48 on 2014-01-10 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7667.5597 [GMT -5:00] . AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D} SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\svchost.exe -k NetworkService C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\CISVC.EXE C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe C:\Windows\system32\taskeng.exe C:\Windows\SysWOW64\Rundll32.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe C:\Windows\system32\mfevtps.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskmgr.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe C:\Program Files (x86)\McAfee\VirusScan Enterprise\mcconsol.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealtimeProtector.exe C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uURLSearchHooks: Connect DLC 2 Toolbar: {515b2424-5911-40bd-8a2c-bdb20286d8f5} - C:\Program Files (x86)\Connect_DLC_2\prxtbConn.dll mURLSearchHooks: Connect DLC 2 Toolbar: {515b2424-5911-40bd-8a2c-bdb20286d8f5} - C:\Program Files (x86)\Connect_DLC_2\prxtbConn.dll mWinlogon: Userinit = userinit.exe, BHO: Connect DLC 2 Toolbar: {515b2424-5911-40bd-8a2c-bdb20286d8f5} - C:\Program Files (x86)\Connect_DLC_2\prxtbConn.dll BHO: Dragon NaturallySpeaking Rich Internet Application Support - Extension: {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll TB: Connect DLC 2 Toolbar: {515b2424-5911-40bd-8a2c-bdb20286d8f5} - C:\Program Files (x86)\Connect_DLC_2\prxtbConn.dll uRun: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Cathy\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun uRun: [APISupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Cathy\AppData\Local\Conduit\APISupport\APISupport.dll",DLLRunAPISupport uRunOnce: [18_0458451817683] "C:\Users\Cathy\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp_r.bat" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto StartupFolder: C:\Users\Cathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Download video on this page - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 IE: Download video this links to - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/301 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {731DC20B-51DE-4681-BBB9-69593E9F99A2} - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{1BD4E6D2-579F-43CF-BF5A-B3EBC2E35860} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn IFEO: PDapp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120713205253.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll x64-SSODL: WebCheck - <orphaned> x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn x64-IFEO: PDapp.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\bl0lhixu.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Cathy\AppData\Local\Citrix\Plugins\94\npappdetector.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll FF - ExtSQL: 2013-11-15 12:09; searchads@instair.net; C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\bl0lhixu.default\extensions\searchads@instair.net FF - ExtSQL: 2013-11-30 21:40; zotero@chnm.gmu.edu; C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\bl0lhixu.default\extensions\zotero@chnm.gmu.edu.xpi FF - ExtSQL: 2013-12-21 18:13; adsremoval@adsremoval.net; C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\bl0lhixu.default\extensions\adsremoval@adsremoval.net FF - ExtSQL: 2014-01-08 19:01; ascsurfingprotection@iobit.com; C:\Users\Cathy\AppData\Roaming\Mozilla\Firefox\Profiles\bl0lhixu.default\extensions\ascsurfingprotection@iobit.com FF - ExtSQL: 2014-01-08 19:01; iobitapps@mybrowserbar.com; C:\Program Files (x86)\IObit Apps Toolbar\FF . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-11-23 82240] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-11-23 42304] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-7-4 642952] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-7-4 283744] R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2013-9-26 17720] R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2013-11-20 881440] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-11-23 239616] R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888] R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2013-3-29 71608] R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-10-15 311184] R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-12-21 341824] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-29 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-29 701512] R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2011-1-12 120128] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-7-4 199008] R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2011-1-12 209760] R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-6-9 46136] R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-12-21 23048] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-7-4 25928] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-7-4 228752] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-5 1874016] R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-12-21 34848] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-9 884952] R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-12-21 23016] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-1-12 47232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-20 2151200] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-10 111616] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-7-4 100904] S3 PulseUsb;Livescribe Smartpen USB Driver;C:\Windows\System32\drivers\PulseUsb.sys [2011-10-27 26112] S3 rcmirror;HP RC Mirror Driver;C:\Windows\System32\drivers\rcmirror64.sys [2012-8-13 13120] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-29 19456] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-29 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-10-29 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984] S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320] S4 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648] S4 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384] S4 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2013-3-29 116000] S4 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-8-5 101888] S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] S4 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-6-11 335888] S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216] SUnknown CltMngSvc;CltMngSvc; [x] . =============== File Associations =============== . FileExt: .vbe: VBEFile=NOTEPAD.EXE "%1" FileExt: .vbs: VBSFile=NOTEPAD.EXE "%1" FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\Dreamweaver.exe","%1" FileExt: .jse: JSEFile=NOTEPAD.EXE "%1" FileExt: .wsf: WSFFile=NOTEPAD.EXE "%1" ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1" . =============== Created Last 30 ================ . 2014-01-09 05:05:35 884952 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys 2014-01-09 05:05:35 74456 ----a-w- C:\Windows\System32\RtNicProp64.dll 2014-01-08 02:43:27 -------- d-----w- C:\Program Files (x86)\Conduit 2014-01-08 02:43:10 -------- d-----w- C:\ProgramData\Conduit 2014-01-08 02:42:59 -------- d-----w- C:\Program Files (x86)\Connect_DLC_2 2014-01-08 02:42:20 -------- d-----w- C:\Users\Cathy\AppData\Local\NativeMessaging 2014-01-08 02:42:12 -------- d-----w- C:\Users\Cathy\AppData\Local\Conduit 2014-01-08 02:42:08 -------- d-----w- C:\Users\Cathy\AppData\Local\CRE 2014-01-08 02:40:04 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2014-01-01 04:10:59 63488 ----a-w- C:\Windows\System32\OpenCL.dll 2014-01-01 04:10:59 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll 2014-01-01 04:10:59 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2014-01-01 04:10:58 28469248 ----a-w- C:\Windows\System32\amdocl64.dll 2014-01-01 04:10:57 24008704 ----a-w- C:\Windows\SysWow64\amdocl.dll 2014-01-01 03:24:38 -------- d-----w- C:\Users\Cathy\AppData\Local\ElevatedDiagnostics 2013-12-27 21:46:29 -------- d-----w- C:\ProgramData\HP Photo Creations 2013-12-27 21:46:29 -------- d-----w- C:\Program Files (x86)\HP Photo Creations 2013-12-27 21:46:26 -------- d-----w- C:\Program Files (x86)\Coupons 2013-12-27 21:42:25 -------- d-----w- C:\Users\Cathy\AppData\Local\HP 2013-12-14 15:19:02 -------- d-----w- C:\Users\Cathy\AppData\Roaming\Systweak 2013-12-13 01:16:48 -------- d-----w- C:\AdwCleaner . ==================== Find3M ==================== . 2014-01-09 05:05:35 108760 ----a-w- C:\Windows\System32\RTNUninst64.dll 2014-01-01 04:10:59 1133568 ----a-w- C:\Windows\System32\atiadlxx.dll 2013-12-31 04:10:15 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-12-31 04:10:15 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-24 01:05:56 127488 ----a-w- C:\Windows\System32\coinst_13.152.dll 2013-11-24 01:05:44 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe 2013-11-24 01:05:44 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe 2013-11-24 01:05:44 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe 2013-11-24 01:05:44 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe 2013-11-24 01:00:33 82240 ----a-w- C:\Windows\System32\drivers\amd_sata.sys 2013-11-24 01:00:33 42304 ----a-w- C:\Windows\System32\drivers\amd_xata.sys 2013-11-24 00:57:18 108760 ----a-w- C:\Windows\System32\SET478A.tmp 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll 2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2013-11-07 01:19:07 102248 ----a-w- C:\Users\Cathy\GoToAssistDownloadHelper.exe 2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll 2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll 2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-10-22 22:40:31 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-22 22:40:31 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-22 22:40:31 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-22 22:40:31 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-10-22 22:40:31 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-22 22:40:31 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-22 22:40:31 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-20 14:22:06 53152 ----a-w- C:\Windows\System32\USBCoInstaller.dll 2013-10-20 14:22:06 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll 2013-10-19 19:41:28 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat 2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2013-10-16 15:18:44 439296 ----a-w- C:\Windows\System32\AdpeakProxy64.dll . ============= FINISH: 19:39:06.57 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 5/3/2012 12:36:30 AM System Uptime: 1/9/2014 3:51:13 PM (28 hours ago) . Motherboard: PEGATRON CORPORATION | | 2ACF Processor: AMD A4-3420 APU with Radeon HD Graphics | P0 | 2800/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 915 GiB total, 529.019 GiB free. D: is FIXED (NTFS) - 17 GiB total, 2.084 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP302: 12/31/2013 11:55:35 AM - Scheduled Checkpoint RP303: 12/31/2013 11:10:20 PM - Driver Booster : AMD Radeon HD 6410D RP304: 1/7/2014 9:31:09 PM - Removed HP Support Assistant. RP305: 1/7/2014 9:34:20 PM - Removed HP Support Assistant. RP306: 1/7/2014 9:46:24 PM - Revo Uninstaller's restore point - HP Support Assistant RP307: 1/7/2014 10:22:56 PM - Revo Uninstaller's restore point - HP Support Assistant RP308: 1/7/2014 10:23:31 PM - Removed HP Support Assistant. RP309: 1/9/2014 12:04:48 AM - Driver Booster : Realtek PCIe GBE Family Controller . ==== Installed Programs ====================== . 802.11n Wireless LAN Card AccelerateTab Adobe Acrobat X Pro - English, Français, Deutsch Adobe AIR Adobe Community Help Adobe Content Viewer Adobe Contribute CS5 Adobe Creative Suite 5.5 Design Premium Adobe Download Assistant Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Shockwave Player 12.0 Adobe Widget Browser Advanced SystemCare 7 Advanced Uninstaller PRO - Version 11 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In AMD VISION Engine Control Center Apple Application Support Apple Mobile Device Support Apple Software Update AudibleManager Bing Bar Blio Bonjour Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner Connect DLC 2 Toolbar for IE Coupon Printer for Windows CPUID CPU-Z 1.66 CrossEyes D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dia (remove only) Diagram Designer DirectX for Managed Code Update (Summer 2004) Display Tuner v1.7 Download App Dragon NaturallySpeaking 12 Driver Booster Facebook Fences 2 FileASSASSIN Freemake Video Converter version 4.0.0 Google Chrome Google Drive Google Update Helper GoToAssist Corporate GoToMeeting 5.4.0.1082 HP Application Assistant HP Auto HP Calendar HP Client Services HP Clock HP Customer Experience Enhancements HP Deskjet 1000 J110 series Basic Device Software HP Deskjet 1000 J110 series Help HP Deskjet 1000 J110 series Product Improvement Study HP LinkUp HP Magic Canvas HP Magic Canvas Tutorials HP MovieStore HP Notes HP Odometer HP Photo Creations HP Product Detection HP RSS HP Setup HP Setup Manager HP Support Information HP TouchSmart RecipeBox HP Update HP Vision Hardware Diagnostics HP Weather iCloud IHA_MessageCenter IObit Apps Toolbar v8.4 IObit Malware Fighter IObit Uninstaller iTunes Java 7 Update 45 Java Auto Updater JavaFX 2.1.1 Juniper Networks Network Connect 7.1.10 Juniper Networks, Inc. Setup Client Junk Mail filter update Livescribe Connect Livescribe Desktop Malwarebytes Anti-Malware version 1.75.0.1300 ManageMyMobile McAfee Agent McAfee Profiler McAfee Security Scan Plus McAfee VirusScan Enterprise Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Mathematics Microsoft Mouse and Keyboard Center Microsoft Office 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Labs Search Commands Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Visio 2010 Microsoft Office Visio MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visio Premium 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 Mobogenie Mozilla Firefox 26.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyScript for Livescribe 1.2 opensource OverDrive Media Console PDF Complete Special Edition PDF Settings CS5 PhoneClean 2.1.6 PhotoScape PlayReady PC Runtime amd64 PlayReady PC Runtime x86 PodTrans 3.6.6 Pogoplug Backup PressReader QuickTime Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver Revo Uninstaller 1.95 ScorpionSaver Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SiSoftware Sandra Lite 2011 Skype Click to Call Skype™ 6.3 Smart Defrag 2 Surfing Protection swMSM Syncios version 3.0.0 TSHostedAppLauncher Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Verizon Online DSL Vz In Home Agent Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin Xmarks for IE Xmarks Thumbnails for IE XMind 2012 (v3.3.1) YouTube Downloader 5 Zinio Reader 4 . ==== Event Viewer Messages From Past Week ======== . 1/9/2014 9:30:26 PM, Error: Service Control Manager [7030] - The Apple Mobile Device service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 1/9/2014 9:30:12 PM, Error: Service Control Manager [7030] - The Realtek Audio Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 1/8/2014 8:06:17 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 1/8/2014 11:57:54 PM, Error: Service Control Manager [7034] - The Search Protect by Conduit Updater service terminated unexpectedly. It has done this 1 time(s). 1/7/2014 10:41:30 PM, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The system cannot find the file specified. 1/7/2014 10:40:19 PM, Error: Service Control Manager [7034] - The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). 1/7/2014 10:39:20 PM, Error: Service Control Manager [7000] - The WinI2C-DDC Kernel Mode Driver service failed to start due to the following error: This driver has been blocked from loading 1/7/2014 10:39:20 PM, Error: Service Control Manager [7000] - The SecureUpdate service failed to start due to the following error: The system cannot find the path specified. 1/7/2014 10:39:20 PM, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\DDCDrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 1/6/2014 8:34:26 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR5. 1/5/2014 12:29:58 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 1/3/2014 9:56:17 AM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. 1/10/2014 7:13:01 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3. . ==== End Of File ===========================
  6. I've tried many things on my own including following many of the responses here. The easy things: Removed the two ScorpionSaver files even blowing past the cannot remove because can't find the key message. Run CCCleaner, Malwarebytes, and it is back. Have donwloaded Farbar and the FRST file is embedded here: _________________________________________________________________ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-11-2013 Ran by barrysherry (administrator) on BARRYS-LAPTOP on 28-11-2013 19:49:18 Running from C:\Users\barrysherry\Documents\Farbar Windows 8.1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (HP) C:\Windows\System32\HPSIsvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Adpeak, Inc.) C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Intuit Inc.) C:\Program Files (x86)\Quicken\qw.exe (Helios Software Solutions) C:\Program Files (x86)\TextPad 7\TextPad.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-18] (IDT, Inc.) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-08-18] (Synaptics Incorporated) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital) HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKCU - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869 SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: socialfixer - C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765\Extensions\socialfixer@mattkruse.com.xpi FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Extension: (Google Docs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (LessTabs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekmkdkefndbeciggfanobcemjnppbbb\1.7.2.0_0 CHR Extension: (Google Search) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Social Fixer for Facebook) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\8.0_0 CHR Extension: (Norton Identity Protection) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0 CHR Extension: (Google Wallet) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx ==================== Services (Whitelisted) ================= R2 AdpeakProxy; c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [3688448 2013-10-16] (Adpeak, Inc.) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-26] (Microsoft Corporation) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-06-14] (Western Digital ) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 AdpeakWFP; C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys [41624 2013-09-26] (Adpeak, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131127.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-26] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\ENG64.SYS [126040 2013-11-13] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\EX64.SYS [2099288 2013-11-13] (Symantec Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-08-18] (Synaptics Incorporated) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-26] (Microsoft Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-02] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:46 - 2013-11-28 19:49 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 18:06 - 2013-11-28 19:19 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 12:18 - 2013-11-28 18:06 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 11:26 - 2013-09-26 09:50 - 00041624 _____ (Adpeak, Inc.) C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys 2013-11-26 11:01 - 2013-11-27 14:04 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:47 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2013-11-26 10:47 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-28 07:40 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:31 - 2013-11-28 18:16 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:15 - 2013-11-26 08:46 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:15 - 2013-11-26 08:16 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:21 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:04 - 2013-11-26 08:18 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:04 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2013-11-26 08:04 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2013-11-26 08:04 - 2013-08-18 08:03 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl 2013-11-26 08:04 - 2013-08-18 08:03 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe 2013-11-26 08:04 - 2013-08-18 08:03 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:00 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry 2013-11-24 22:36 - 2013-11-26 00:29 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-23 16:11 - 2013-11-24 22:15 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\VDP 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:35 - 2013-11-23 20:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:46 - 2013-11-20 19:12 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-18 22:45 - 2013-11-21 10:23 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:05 - 2013-11-18 20:06 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:57 - 2013-11-18 19:58 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:44 - 2012-09-26 00:45 - 00049664 ____R C:\WINDOWS\system32\HP1100SMs.dll 2013-11-18 17:44 - 2012-08-31 15:10 - 00350720 _____ C:\WINDOWS\system32\mvhlewsi.DLL 2013-11-18 17:44 - 2012-08-31 15:03 - 01696256 _____ C:\WINDOWS\system32\HP1100SM.EXE 2013-11-18 17:33 - 2013-11-18 17:34 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-21 23:08 - 00000000 ____D C:\ProgramData\Adobe 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-06 17:44 - 2013-11-06 18:13 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-28 18:06 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:06 - 2013-11-05 17:05 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:45 - 2013-11-05 16:44 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-11-05 15:16 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-11-05 15:14 - 2013-11-05 15:16 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== One Month Modified Files and Folders ======= 2013-11-28 19:49 - 2013-11-28 19:46 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:22 - 2013-08-02 22:12 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-28 19:19 - 2013-11-28 18:06 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 19:18 - 2013-08-07 13:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-11-28 19:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-11-28 18:16 - 2013-11-26 08:31 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-28 18:06 - 2013-11-28 12:18 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 18:06 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-28 12:20 - 2013-09-29 23:04 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-28 07:40 - 2013-11-26 08:46 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-27 23:21 - 2013-08-02 22:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2192412686-3903143364-2309934108-1001 2013-11-27 22:59 - 2013-08-02 22:25 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-27 22:58 - 2013-08-02 22:12 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-27 22:57 - 2013-09-15 06:46 - 00000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForbarrysherry.job 2013-11-27 22:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:56 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:47 - 2013-08-02 23:17 - 33266688 _____ C:\Users\barrysherry\Documents\MasterFileJuly2009.rmgc 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 21:14 - 2013-08-02 22:05 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2379458-0A65-4C7C-820B-6D4C4390CD67} 2013-11-27 14:44 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-11-27 14:42 - 2013-10-01 20:19 - 00037376 ___SH C:\Users\barrysherry\Desktop\Thumbs.db 2013-11-27 14:04 - 2013-11-26 11:01 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-27 14:04 - 2013-08-09 17:05 - 00000000 ____D C:\Users\barrysherry\AppData\Local\CrashDumps 2013-11-27 13:58 - 2013-09-15 06:46 - 00003210 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForbarrysherry 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 13:55 - 2013-08-11 15:14 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2013-11-27 13:55 - 2013-08-11 15:14 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-27 13:45 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2013-11-27 13:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\restore 2013-11-27 10:23 - 2013-08-02 23:10 - 00000000 ____D C:\Program Files (x86)\RootsMagic 6 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 11:00 - 2013-08-22 10:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-26 08:15 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:45 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Packages 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:42 - 2013-10-02 06:50 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Libraries 2013-11-26 08:23 - 2013-08-22 09:44 - 00370280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-11-26 08:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-11-26 08:21 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:21 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2013-11-26 08:21 - 2012-09-11 21:11 - 00000000 ____D C:\WINDOWS\en 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\system32\WCN 2013-11-26 08:19 - 2013-09-12 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\SearchProtect 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2013-11-26 08:19 - 2012-12-28 10:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2013-11-26 08:19 - 2012-09-11 21:07 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2013-11-26 08:19 - 2012-07-26 00:37 - 00000000 ____D C:\Users\Default.migrated 2013-11-26 08:18 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:18 - 2013-08-22 10:43 - 00000000 ____D C:\WINDOWS\DigitalLocker 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Resources 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-11-26 08:18 - 2012-08-03 17:29 - 00000000 ____D C:\ProgramData\PRICache 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:16 - 2013-11-26 08:15 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:16 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Recovery 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:02 - 2013-08-22 08:36 - 00000000 __RHD C:\Users\Default 2013-11-26 07:00 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-11-26 00:29 - 2013-11-24 22:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-26 00:21 - 2013-08-13 18:18 - 00000000 ____D C:\Users\barrysherry\Documents\Quicken 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:20 - 2013-11-25 23:00 - 00000000 ____D C:\Users\Barry 2013-11-25 09:33 - 2013-08-12 19:39 - 00825856 ___SH C:\Users\barrysherry\Downloads\Thumbs.db 2013-11-24 22:36 - 2012-12-28 11:16 - 00000000 ____D C:\ProgramData\Norton 2013-11-24 22:15 - 2013-11-23 16:11 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-24 22:09 - 2012-09-11 21:20 - 00000000 ____D C:\Program Files (x86)\HP Games 2013-11-24 21:17 - 2012-09-11 21:18 - 00000000 ____D C:\ProgramData\WildTangent 2013-11-24 13:42 - 2013-08-07 13:45 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Adobe 2013-11-24 13:41 - 2013-08-07 13:46 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-11-24 10:25 - 2013-08-07 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-23 20:35 - 2013-11-21 23:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\VDP 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:36 - 2013-08-13 18:10 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Intuit 2013-11-21 23:36 - 2012-09-11 21:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-21 23:08 - 2013-11-18 17:15 - 00000000 ____D C:\ProgramData\Adobe 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-21 10:23 - 2013-11-18 22:45 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-20 19:12 - 2013-11-19 15:46 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:32 - 2013-08-02 22:05 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Adobe 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:07 - 2012-09-11 21:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-11-18 20:06 - 2013-11-18 20:05 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:58 - 2013-11-18 19:57 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:45 - 2013-08-07 17:24 - 00000104 _____ C:\WINDOWS\SysWOW64\msiexec.log 2013-11-18 17:35 - 2013-08-07 17:19 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution 2013-11-18 17:34 - 2013-11-18 17:33 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:02 - 2013-08-07 17:23 - 00000000 ____D C:\Program Files (x86)\HP 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 18:21 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\VirtualStore 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-13 16:21 - 2013-08-16 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-11-13 16:18 - 2013-08-06 17:40 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-11-06 18:13 - 2013-11-06 17:44 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 18:31 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2013-11-05 18:31 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:05 - 2013-11-05 17:06 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:44 - 2013-11-05 16:45 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-11-05 15:14 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-05 15:16 - 2013-08-07 21:02 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-26 08:02 ==================== End Of Log ============================ _____________________________________________________________________________ The Addition.txt file is attached. On this day of Thanksgiving I will be glad for any assistance. Thanks in advance! Barry Addition.txt
  7. I've tried many things on my own including following many of the responses here. The easy things: Removed the two ScorpionSaver files even blowing past the cannot remove because can't find the key message. Run CCCleaner, Malwarebytes, and it is back. Have donwloaded Farbar and the FRST file is embedded here: _________________________________________________________________ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-11-2013 Ran by barrysherry (administrator) on BARRYS-LAPTOP on 28-11-2013 19:49:18 Running from C:\Users\barrysherry\Documents\Farbar Windows 8.1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (HP) C:\Windows\System32\HPSIsvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Adpeak, Inc.) C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Intuit Inc.) C:\Program Files (x86)\Quicken\qw.exe (Helios Software Solutions) C:\Program Files (x86)\TextPad 7\TextPad.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-18] (IDT, Inc.) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-08-18] (Synaptics Incorporated) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital) HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKCU - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869 SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: socialfixer - C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765\Extensions\socialfixer@mattkruse.com.xpi FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Extension: (Google Docs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (LessTabs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekmkdkefndbeciggfanobcemjnppbbb\1.7.2.0_0 CHR Extension: (Google Search) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Social Fixer for Facebook) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\8.0_0 CHR Extension: (Norton Identity Protection) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0 CHR Extension: (Google Wallet) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx ==================== Services (Whitelisted) ================= R2 AdpeakProxy; c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [3688448 2013-10-16] (Adpeak, Inc.) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-26] (Microsoft Corporation) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-06-14] (Western Digital ) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 AdpeakWFP; C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys [41624 2013-09-26] (Adpeak, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131127.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-26] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\ENG64.SYS [126040 2013-11-13] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\EX64.SYS [2099288 2013-11-13] (Symantec Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-08-18] (Synaptics Incorporated) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-26] (Microsoft Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-02] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:46 - 2013-11-28 19:49 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 18:06 - 2013-11-28 19:19 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 12:18 - 2013-11-28 18:06 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 11:26 - 2013-09-26 09:50 - 00041624 _____ (Adpeak, Inc.) C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys 2013-11-26 11:01 - 2013-11-27 14:04 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:47 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2013-11-26 10:47 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-28 07:40 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:31 - 2013-11-28 18:16 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:15 - 2013-11-26 08:46 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:15 - 2013-11-26 08:16 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:21 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:04 - 2013-11-26 08:18 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:04 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2013-11-26 08:04 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2013-11-26 08:04 - 2013-08-18 08:03 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl 2013-11-26 08:04 - 2013-08-18 08:03 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe 2013-11-26 08:04 - 2013-08-18 08:03 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:00 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry 2013-11-24 22:36 - 2013-11-26 00:29 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-23 16:11 - 2013-11-24 22:15 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\VDP 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:35 - 2013-11-23 20:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:46 - 2013-11-20 19:12 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-18 22:45 - 2013-11-21 10:23 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:05 - 2013-11-18 20:06 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:57 - 2013-11-18 19:58 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:44 - 2012-09-26 00:45 - 00049664 ____R C:\WINDOWS\system32\HP1100SMs.dll 2013-11-18 17:44 - 2012-08-31 15:10 - 00350720 _____ C:\WINDOWS\system32\mvhlewsi.DLL 2013-11-18 17:44 - 2012-08-31 15:03 - 01696256 _____ C:\WINDOWS\system32\HP1100SM.EXE 2013-11-18 17:33 - 2013-11-18 17:34 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-21 23:08 - 00000000 ____D C:\ProgramData\Adobe 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-06 17:44 - 2013-11-06 18:13 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-28 18:06 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:06 - 2013-11-05 17:05 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:45 - 2013-11-05 16:44 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-11-05 15:16 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-11-05 15:14 - 2013-11-05 15:16 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== One Month Modified Files and Folders ======= 2013-11-28 19:49 - 2013-11-28 19:46 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:22 - 2013-08-02 22:12 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-28 19:19 - 2013-11-28 18:06 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 19:18 - 2013-08-07 13:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-11-28 19:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-11-28 18:16 - 2013-11-26 08:31 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-28 18:06 - 2013-11-28 12:18 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 18:06 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-28 12:20 - 2013-09-29 23:04 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-28 07:40 - 2013-11-26 08:46 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-27 23:21 - 2013-08-02 22:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2192412686-3903143364-2309934108-1001 2013-11-27 22:59 - 2013-08-02 22:25 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-27 22:58 - 2013-08-02 22:12 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-27 22:57 - 2013-09-15 06:46 - 00000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForbarrysherry.job 2013-11-27 22:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:56 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:47 - 2013-08-02 23:17 - 33266688 _____ C:\Users\barrysherry\Documents\MasterFileJuly2009.rmgc 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 21:14 - 2013-08-02 22:05 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2379458-0A65-4C7C-820B-6D4C4390CD67} 2013-11-27 14:44 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-11-27 14:42 - 2013-10-01 20:19 - 00037376 ___SH C:\Users\barrysherry\Desktop\Thumbs.db 2013-11-27 14:04 - 2013-11-26 11:01 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-27 14:04 - 2013-08-09 17:05 - 00000000 ____D C:\Users\barrysherry\AppData\Local\CrashDumps 2013-11-27 13:58 - 2013-09-15 06:46 - 00003210 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForbarrysherry 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 13:55 - 2013-08-11 15:14 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2013-11-27 13:55 - 2013-08-11 15:14 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-27 13:45 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2013-11-27 13:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\restore 2013-11-27 10:23 - 2013-08-02 23:10 - 00000000 ____D C:\Program Files (x86)\RootsMagic 6 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 11:00 - 2013-08-22 10:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-26 08:15 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:45 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Packages 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:42 - 2013-10-02 06:50 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Libraries 2013-11-26 08:23 - 2013-08-22 09:44 - 00370280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-11-26 08:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-11-26 08:21 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:21 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2013-11-26 08:21 - 2012-09-11 21:11 - 00000000 ____D C:\WINDOWS\en 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\system32\WCN 2013-11-26 08:19 - 2013-09-12 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\SearchProtect 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2013-11-26 08:19 - 2012-12-28 10:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2013-11-26 08:19 - 2012-09-11 21:07 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2013-11-26 08:19 - 2012-07-26 00:37 - 00000000 ____D C:\Users\Default.migrated 2013-11-26 08:18 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:18 - 2013-08-22 10:43 - 00000000 ____D C:\WINDOWS\DigitalLocker 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Resources 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-11-26 08:18 - 2012-08-03 17:29 - 00000000 ____D C:\ProgramData\PRICache 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:16 - 2013-11-26 08:15 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:16 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Recovery 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:02 - 2013-08-22 08:36 - 00000000 __RHD C:\Users\Default 2013-11-26 07:00 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-11-26 00:29 - 2013-11-24 22:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-26 00:21 - 2013-08-13 18:18 - 00000000 ____D C:\Users\barrysherry\Documents\Quicken 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:20 - 2013-11-25 23:00 - 00000000 ____D C:\Users\Barry 2013-11-25 09:33 - 2013-08-12 19:39 - 00825856 ___SH C:\Users\barrysherry\Downloads\Thumbs.db 2013-11-24 22:36 - 2012-12-28 11:16 - 00000000 ____D C:\ProgramData\Norton 2013-11-24 22:15 - 2013-11-23 16:11 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-24 22:09 - 2012-09-11 21:20 - 00000000 ____D C:\Program Files (x86)\HP Games 2013-11-24 21:17 - 2012-09-11 21:18 - 00000000 ____D C:\ProgramData\WildTangent 2013-11-24 13:42 - 2013-08-07 13:45 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Adobe 2013-11-24 13:41 - 2013-08-07 13:46 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-11-24 10:25 - 2013-08-07 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-23 20:35 - 2013-11-21 23:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\VDP 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:36 - 2013-08-13 18:10 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Intuit 2013-11-21 23:36 - 2012-09-11 21:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-21 23:08 - 2013-11-18 17:15 - 00000000 ____D C:\ProgramData\Adobe 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-21 10:23 - 2013-11-18 22:45 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-20 19:12 - 2013-11-19 15:46 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:32 - 2013-08-02 22:05 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Adobe 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:07 - 2012-09-11 21:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-11-18 20:06 - 2013-11-18 20:05 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:58 - 2013-11-18 19:57 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:45 - 2013-08-07 17:24 - 00000104 _____ C:\WINDOWS\SysWOW64\msiexec.log 2013-11-18 17:35 - 2013-08-07 17:19 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution 2013-11-18 17:34 - 2013-11-18 17:33 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:02 - 2013-08-07 17:23 - 00000000 ____D C:\Program Files (x86)\HP 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 18:21 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\VirtualStore 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-13 16:21 - 2013-08-16 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-11-13 16:18 - 2013-08-06 17:40 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-11-06 18:13 - 2013-11-06 17:44 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 18:31 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2013-11-05 18:31 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:05 - 2013-11-05 17:06 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:44 - 2013-11-05 16:45 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-11-05 15:14 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-05 15:16 - 2013-08-07 21:02 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-26 08:02 ==================== End Of Log ============================ _____________________________________________________________________________ The Addition.txt file is attached. On this day of Thanksgiving I will be glad for any assistance. Thanks in advance! Barry
  8. I've tried many things on my own including following many of the responses here. The easy things: Removed the two ScorpionSaver files even blowing past the cannot remove because can't find the key message. Run CCCleaner, Malwarebytes, and it is back. Have donwloaded Farbar and the FRST file is embedded here: _________________________________________________________________ Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-11-2013 Ran by barrysherry (administrator) on BARRYS-LAPTOP on 28-11-2013 19:49:18 Running from C:\Users\barrysherry\Documents\Farbar Windows 8.1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (HP) C:\Windows\System32\HPSIsvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Adpeak, Inc.) C:\Program Files\ScorpionSaver Services\AdpeakProxy.exe (Intuit Inc.) C:\Program Files (x86)\Quicken\qw.exe (Helios Software Solutions) C:\Program Files (x86)\TextPad 7\TextPad.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-08-18] (IDT, Inc.) HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2013-08-18] (Synaptics Incorporated) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-27] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [HPUsageTrackingLEDM] - C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company) HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [WD Drive Unlocker] - C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital) HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1 SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKLM-x32 - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP224E328E-4B1D-4CE7-8580-53739BB79FAC&q={SearchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS SearchScopes: HKCU - {2C54A27D-BB47-4503-A28C-D7B7AE30D8B1} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869 SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: socialfixer - C:\Users\barrysherry\AppData\Roaming\Mozilla\Firefox\Profiles\qgp88u6x.default-1385349350765\Extensions\socialfixer@mattkruse.com.xpi FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Extension: (Google Docs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (LessTabs) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekmkdkefndbeciggfanobcemjnppbbb\1.7.2.0_0 CHR Extension: (Google Search) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Social Fixer for Facebook) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\8.0_0 CHR Extension: (Norton Identity Protection) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0 CHR Extension: (Google Wallet) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0 CHR Extension: (Gmail) - C:\Users\BARRYS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx ==================== Services (Whitelisted) ================= R2 AdpeakProxy; c:\Program Files\ScorpionSaver Services\AdpeakProxy.exe [3688448 2013-10-16] (Adpeak, Inc.) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [511480 2013-10-31] () R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-26] (Microsoft Corporation) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-06-14] (Western Digital ) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R2 AdpeakWFP; C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys [41624 2013-09-26] (Adpeak, Inc.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131114.001\BHDrvx64.sys [1524824 2013-10-22] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131127.001\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-26] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\ENG64.SYS [126040 2013-11-13] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131128.002\EX64.SYS [2099288 2013-11-13] (Symantec Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146272 2013-08-22] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-08-18] (Synaptics Incorporated) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-26] (Microsoft Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-07-31] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-02] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:46 - 2013-11-28 19:49 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 18:06 - 2013-11-28 19:19 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 12:18 - 2013-11-28 18:06 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:40 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 11:26 - 2013-09-26 09:50 - 00041624 _____ (Adpeak, Inc.) C:\WINDOWS\system32\Drivers\AdpeakWFP64.sys 2013-11-26 11:01 - 2013-11-27 14:04 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:47 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2013-11-26 10:47 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-11-26 10:47 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-28 07:40 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:31 - 2013-11-28 18:16 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:15 - 2013-11-26 08:46 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:15 - 2013-11-26 08:31 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:15 - 2013-11-26 08:16 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2013-11-26 08:15 - 2013-08-22 10:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:21 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:04 - 2013-11-26 08:18 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:04 - 2013-10-03 23:43 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2013-11-26 08:04 - 2013-10-03 23:43 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2013-11-26 08:04 - 2013-08-18 08:03 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl 2013-11-26 08:04 - 2013-08-18 08:03 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe 2013-11-26 08:04 - 2013-08-18 08:03 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll 2013-11-26 08:04 - 2013-08-18 08:03 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:00 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry 2013-11-24 22:36 - 2013-11-26 00:29 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-23 16:11 - 2013-11-24 22:15 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\VDP 2013-11-21 23:36 - 2013-11-21 23:56 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:35 - 2013-11-23 20:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:46 - 2013-11-20 19:12 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-18 22:45 - 2013-11-21 10:23 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:05 - 2013-11-18 20:06 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:57 - 2013-11-18 19:58 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:44 - 2012-09-26 00:45 - 00049664 ____R C:\WINDOWS\system32\HP1100SMs.dll 2013-11-18 17:44 - 2012-08-31 15:10 - 00350720 _____ C:\WINDOWS\system32\mvhlewsi.DLL 2013-11-18 17:44 - 2012-08-31 15:03 - 01696256 _____ C:\WINDOWS\system32\HP1100SM.EXE 2013-11-18 17:33 - 2013-11-18 17:34 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-21 23:08 - 00000000 ____D C:\ProgramData\Adobe 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-06 17:44 - 2013-11-06 18:13 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-28 18:06 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-06 15:32 - 2013-11-28 18:06 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:06 - 2013-11-05 17:05 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:45 - 2013-11-05 16:44 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2013-11-05 15:16 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2013-11-05 15:16 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2013-11-05 15:14 - 2013-11-05 15:16 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== One Month Modified Files and Folders ======= 2013-11-28 19:49 - 2013-11-28 19:46 - 00000000 ____D C:\Users\barrysherry\Documents\Farbar 2013-11-28 19:48 - 2013-11-28 19:48 - 00000000 ____D C:\FRST 2013-11-28 19:22 - 2013-08-02 22:12 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-28 19:19 - 2013-11-28 18:06 - 00000000 ____D C:\Program Files\ScorpionSaver Services 2013-11-28 19:18 - 2013-08-07 13:46 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2013-11-28 19:02 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\sru 2013-11-28 18:16 - 2013-11-26 08:31 - 01614946 _____ C:\WINDOWS\WindowsUpdate.log 2013-11-28 18:06 - 2013-11-28 12:18 - 00001368 _____ C:\WINDOWS\setupact.log 2013-11-28 18:06 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\SysWOW64\AdpeakProxy.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\SysWOW64\AdpeakProxyOff.ini 2013-11-28 18:06 - 2013-11-06 15:32 - 00002312 _____ C:\WINDOWS\system32\AdpeakProxyOff.ini 2013-11-28 12:20 - 2013-09-29 23:04 - 00956476 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-11-28 12:18 - 2013-11-28 12:18 - 00000000 _____ C:\WINDOWS\setuperr.log 2013-11-28 07:40 - 2013-11-26 08:46 - 00000000 __RDO C:\Users\barrysherry\SkyDrive 2013-11-27 23:21 - 2013-08-02 22:11 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2192412686-3903143364-2309934108-1001 2013-11-27 22:59 - 2013-08-02 22:25 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-11-27 22:58 - 2013-08-02 22:12 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-27 22:57 - 2013-09-15 06:46 - 00000384 _____ C:\WINDOWS\Tasks\HPCeeScheduleForbarrysherry.job 2013-11-27 22:57 - 2013-08-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-11-27 22:56 - 2013-11-27 22:56 - 00009418 _____ C:\WINDOWS\PFRO.log 2013-11-27 22:56 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2013-11-27 22:55 - 2013-11-27 22:55 - 00000718 _____ C:\Users\barrysherry\Documents\Ron.txt 2013-11-27 22:47 - 2013-08-02 23:17 - 33266688 _____ C:\Users\barrysherry\Documents\MasterFileJuly2009.rmgc 2013-11-27 22:41 - 2013-11-27 22:41 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00001125 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-27 22:40 - 2013-11-27 22:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-27 22:39 - 2013-11-27 22:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\barrysherry\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-27 21:14 - 2013-08-02 22:05 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B2379458-0A65-4C7C-820B-6D4C4390CD67} 2013-11-27 14:44 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2013-11-27 14:42 - 2013-10-01 20:19 - 00037376 ___SH C:\Users\barrysherry\Desktop\Thumbs.db 2013-11-27 14:04 - 2013-11-26 11:01 - 00000000 ___DC C:\WINDOWS\Panther 2013-11-27 14:04 - 2013-08-09 17:05 - 00000000 ____D C:\Users\barrysherry\AppData\Local\CrashDumps 2013-11-27 13:58 - 2013-09-15 06:46 - 00003210 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForbarrysherry 2013-11-27 13:57 - 2013-11-27 13:57 - 00002784 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2013-11-27 13:57 - 2013-11-27 13:57 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-11-27 13:57 - 2013-11-27 13:57 - 00000000 ____D C:\Program Files\CCleaner 2013-11-27 13:55 - 2013-11-27 13:55 - 04618136 _____ (Piriform Ltd) C:\Users\barrysherry\Downloads\ccsetup408.exe 2013-11-27 13:55 - 2013-08-11 15:14 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2013-11-27 13:55 - 2013-08-11 15:14 - 00000000 _____ C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-11-27 13:45 - 2012-07-26 03:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2013-11-27 13:24 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\restore 2013-11-27 10:23 - 2013-08-02 23:10 - 00000000 ____D C:\Program Files (x86)\RootsMagic 6 2013-11-26 11:01 - 2013-11-26 11:01 - 00000000 __SHD C:\Recovery 2013-11-26 11:00 - 2013-08-22 10:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template 2013-11-26 10:59 - 2013-11-26 10:59 - 01341288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2013-11-26 10:59 - 2013-11-26 10:59 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01286552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 01018960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00977408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00872840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-11-26 10:58 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ___RD C:\WINDOWS\ToastData 2013-11-26 10:58 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Camera 2013-11-26 10:57 - 2013-11-26 10:57 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 18577408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 13176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2013-11-26 10:57 - 2013-11-26 10:57 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 02801664 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2013-11-26 10:56 - 2013-11-26 10:56 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\WinStore 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\migwiz 2013-11-26 10:56 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2013-11-26 10:55 - 2013-11-26 10:55 - 23212544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 12995584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 06639616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 05765120 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04599808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 04104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03532288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02551640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 02332160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02328872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02134120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 01993728 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2013-11-26 10:55 - 2013-11-26 10:55 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01704448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01394176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01373872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01147904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01067080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 01011712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00708616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00523096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00481392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00465960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00391512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml 2013-11-26 10:55 - 2013-11-26 10:55 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00371032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2013-11-26 10:55 - 2013-11-26 10:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00317616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00258904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\miutils.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00171864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00057176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ftp.exe 2013-11-26 10:55 - 2013-11-26 10:55 - 00044936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2013-11-26 10:55 - 2013-11-26 10:55 - 00039768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2013-11-26 10:55 - 2013-11-26 10:55 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01943536 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2013-11-26 10:53 - 2013-11-26 10:53 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2013-11-26 10:53 - 2013-11-26 10:53 - 00136536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2013-11-26 10:52 - 2013-11-26 10:52 - 00262144 _____ C:\WINDOWS\system32\config\userdiff 2013-11-26 10:48 - 2013-11-26 10:48 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2013-11-26 10:48 - 2013-11-26 10:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\Program Files (x86)\MSBuild 2013-11-26 10:48 - 2013-11-26 10:48 - 00000000 ____D C:\inetpub 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2013-11-26 10:48 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2013-11-26 10:46 - 2013-11-26 10:46 - 00155480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2013-11-26 08:50 - 2013-11-26 08:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2013-11-26 08:46 - 2013-11-26 08:15 - 00000000 ____D C:\Users\barrysherry 2013-11-26 08:45 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Packages 2013-11-26 08:42 - 2013-11-26 08:42 - 00001446 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-26 08:42 - 2013-10-02 06:50 - 00003206 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-26 08:42 - 2013-08-02 22:05 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-11-26 08:41 - 2013-11-26 08:41 - 00000020 ___SH C:\Users\barrysherry\ntuser.ini 2013-11-26 08:33 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\rescache 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagwrn.xml 2013-11-26 08:31 - 2013-11-26 08:15 - 00024768 _____ C:\WINDOWS\diagerr.xml 2013-11-26 08:31 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Registration 2013-11-26 08:30 - 2013-11-26 08:30 - 00022744 _____ C:\WINDOWS\system32\emptyregdb.dat 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RSD C:\WINDOWS\Media 2013-11-26 08:27 - 2013-08-22 10:36 - 00000000 __RHD C:\Users\Public\Libraries 2013-11-26 08:23 - 2013-08-22 09:44 - 00370280 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2013-11-26 08:22 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2013-11-26 08:21 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\IDT 2013-11-26 08:21 - 2013-08-22 08:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2013-11-26 08:21 - 2012-09-11 21:11 - 00000000 ____D C:\WINDOWS\en 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-11-26 08:19 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2013-11-26 08:19 - 2013-09-29 22:48 - 00000000 ____D C:\WINDOWS\system32\WCN 2013-11-26 08:19 - 2013-09-12 13:55 - 00000000 ____D C:\WINDOWS\SysWOW64\SearchProtect 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\spool 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\MUI 2013-11-26 08:19 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\IME 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2013-11-26 08:19 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\oobe 2013-11-26 08:19 - 2012-12-28 10:45 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2013-11-26 08:19 - 2012-09-11 21:07 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe 2013-11-26 08:19 - 2012-07-26 00:37 - 00000000 ____D C:\Users\Default.migrated 2013-11-26 08:18 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files (x86)\Intel 2013-11-26 08:18 - 2013-08-22 10:43 - 00000000 ____D C:\WINDOWS\DigitalLocker 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Resources 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Help 2013-11-26 08:18 - 2013-08-22 10:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-11-26 08:18 - 2012-08-03 17:29 - 00000000 ____D C:\ProgramData\PRICache 2013-11-26 08:16 - 2013-11-26 08:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2013-11-26 08:16 - 2013-11-26 08:15 - 00000000 ___RD C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2013-11-26 08:16 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\system32\Recovery 2013-11-26 08:07 - 2013-11-26 08:07 - 00930400 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2013-11-26 08:04 - 2013-11-26 08:04 - 00000264 _____ C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\WINDOWS\system32\SRSLabs 2013-11-26 08:04 - 2013-11-26 08:04 - 00000000 ____D C:\Program Files\Synaptics 2013-11-26 08:02 - 2013-08-22 08:36 - 00000000 __RHD C:\Users\Default 2013-11-26 07:00 - 2012-07-26 03:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent 2013-11-26 00:29 - 2013-11-24 22:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\NPE 2013-11-26 00:23 - 2013-11-26 00:23 - 00000000 ____D C:\ProgramData\SMR410 2013-11-26 00:21 - 2013-08-13 18:18 - 00000000 ____D C:\Users\barrysherry\Documents\Quicken 2013-11-25 23:20 - 2013-11-25 23:20 - 00000000 ____D C:\Users\Barry\Soccer 2013-11-25 23:20 - 2013-11-25 23:00 - 00000000 ____D C:\Users\Barry 2013-11-25 09:33 - 2013-08-12 19:39 - 00825856 ___SH C:\Users\barrysherry\Downloads\Thumbs.db 2013-11-24 22:36 - 2012-12-28 11:16 - 00000000 ____D C:\ProgramData\Norton 2013-11-24 22:15 - 2013-11-23 16:11 - 00000000 ____D C:\Users\barrysherry\Desktop\Old Firefox Data 2013-11-24 22:09 - 2012-09-11 21:20 - 00000000 ____D C:\Program Files (x86)\HP Games 2013-11-24 21:17 - 2012-09-11 21:18 - 00000000 ____D C:\ProgramData\WildTangent 2013-11-24 13:42 - 2013-08-07 13:45 - 00000000 ____D C:\Users\barrysherry\AppData\Local\Adobe 2013-11-24 13:41 - 2013-08-07 13:46 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2013-11-24 10:25 - 2013-08-07 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-23 20:35 - 2013-11-21 23:35 - 00000000 ____D C:\Program Files (x86)\Quicken Medical Expense Manager 2013-11-22 20:15 - 2013-11-22 20:15 - 00000424 _____ C:\Users\barrysherry\Documents\PeterKingDog.txt 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\VDP 2013-11-21 23:56 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\Documents\My Medical Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00072832 _____ C:\Users\barrysherry\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-21 23:36 - 2013-11-21 23:36 - 00002040 _____ C:\Users\Public\Desktop\Quicken Medical Expense Manager.lnk 2013-11-21 23:36 - 2013-11-21 23:36 - 00000099 _____ C:\Users\barrysherry\AppData\Local\fusioncache.dat 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quicken Medical Expense Manager 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\Users\barrysherry\AppData\Local\IsolatedStorage 2013-11-21 23:36 - 2013-11-21 23:36 - 00000000 ____D C:\ProgramData\InstallShield 2013-11-21 23:36 - 2013-08-13 18:10 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Intuit 2013-11-21 23:36 - 2012-09-11 21:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-21 23:08 - 2013-11-18 17:15 - 00000000 ____D C:\ProgramData\Adobe 2013-11-21 10:25 - 2013-11-21 10:25 - 00000000 ____D C:\Users\barrysherry\Documents\Drive_C 2013-11-21 10:23 - 2013-11-18 22:45 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\.oit 2013-11-20 19:12 - 2013-11-19 15:46 - 00007680 _____ C:\Users\barrysherry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-11-19 16:03 - 2013-11-19 16:03 - 00001036 _____ C:\Users\barrysherry\Documents\Roster138-14.txt 2013-11-19 15:32 - 2013-08-02 22:05 - 00000000 ____D C:\Users\barrysherry\AppData\Roaming\Adobe 2013-11-18 22:44 - 2013-11-18 22:44 - 00003239 _____ C:\WINDOWS\SysWOW64\FoxPowerPointVUninstall.ini 2013-11-18 22:44 - 2013-11-18 22:44 - 00002300 _____ C:\Users\barrysherry\AppData\Roaming\Microsoft\Windows\Start Menu\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00002276 _____ C:\Users\barrysherry\Desktop\PowerPoint Viewer 2.0.lnk 2013-11-18 22:44 - 2013-11-18 22:44 - 00000000 ____D C:\Program Files (x86)\FoxPDF Software Inc 2013-11-18 20:07 - 2013-11-18 20:07 - 00000000 ____D C:\Program Files (x86)\MSECache 2013-11-18 20:07 - 2012-09-11 21:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-11-18 20:06 - 2013-11-18 20:05 - 63210976 _____ (Microsoft Corporation) C:\Users\barrysherry\Downloads\PowerPointViewer(1).exe 2013-11-18 19:58 - 2013-11-18 19:57 - 11790275 _____ (FoxPDF Software Inc ) C:\Users\barrysherry\Downloads\PowerPointViewer.exe 2013-11-18 19:57 - 2013-11-18 19:57 - 00000000 ____D C:\Program Files\Level Quality Watcher 2013-11-18 19:55 - 2013-11-18 19:55 - 00598136 _____ C:\Users\barrysherry\Downloads\powerpointviewer-setup.exe 2013-11-18 17:47 - 2013-11-18 17:47 - 00000735 _____ C:\Users\barrysherry\Documents\Kennedy.html 2013-11-18 17:45 - 2013-08-07 17:24 - 00000104 _____ C:\WINDOWS\SysWOW64\msiexec.log 2013-11-18 17:35 - 2013-08-07 17:19 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution 2013-11-18 17:34 - 2013-11-18 17:33 - 149481512 _____ C:\Users\barrysherry\Downloads\LJP1100_P1560_P1600_Full_Solution.exe 2013-11-18 17:16 - 2013-11-18 17:16 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-18 17:15 - 2013-11-18 17:15 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-18 17:04 - 2013-11-18 17:04 - 00000080 _____ C:\Users\barrysherry\Desktop\NetworkKey.txt 2013-11-18 17:02 - 2013-11-18 17:02 - 00002008 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2013-11-18 17:02 - 2013-08-07 17:23 - 00000000 ____D C:\Program Files (x86)\HP 2013-11-18 17:01 - 2013-11-18 17:01 - 06110144 _____ C:\Users\barrysherry\Downloads\HPPSdr.exe 2013-11-16 07:58 - 2013-11-16 07:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-15 18:21 - 2013-08-02 22:03 - 00000000 ____D C:\Users\barrysherry\AppData\Local\VirtualStore 2013-11-14 20:07 - 2013-11-14 20:07 - 00002813 _____ C:\Users\barrysherry\Documents\RecertClinics.html 2013-11-13 17:52 - 2013-11-13 17:52 - 08568278 _____ C:\Users\barrysherry\Downloads\PWSRA Meeting.odp 2013-11-13 16:21 - 2013-08-16 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-11-13 16:18 - 2013-08-06 17:40 - 82896128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2013-11-06 18:13 - 2013-11-06 17:44 - 00000000 ____D C:\Users\barrysherry\Documents\GarminFiles 2013-11-06 15:42 - 2013-11-06 15:42 - 00005360 _____ C:\WINDOWS\system32\AdpeakProxy.ini 2013-11-05 22:36 - 2013-11-05 22:36 - 00067429 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.ods 2013-11-05 18:31 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2013-11-05 18:31 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-05 17:18 - 2013-11-05 17:18 - 00001551 _____ C:\Users\barrysherry\Downloads\CCL1102.xls 2013-11-05 17:14 - 2013-11-05 17:14 - 00046686 _____ C:\Users\barrysherry\Downloads\Schedule1102.xls 2013-11-05 17:07 - 2013-11-05 17:07 - 00006151 _____ C:\Users\barrysherry\Downloads\U121102.xls 2013-11-05 17:06 - 2013-11-05 17:06 - 00011150 _____ C:\Users\barrysherry\Downloads\U101102.xls 2013-11-05 17:05 - 2013-11-05 17:06 - 00008549 _____ C:\Users\barrysherry\Downloads\SFL1102.xls 2013-11-05 16:44 - 2013-11-05 16:45 - 00442880 _____ C:\Users\barrysherry\Downloads\PDF RTF Compare.xls 2013-11-05 15:16 - 2013-11-05 15:16 - 00000000 ____D C:\ProgramData\Oracle 2013-11-05 15:16 - 2013-11-05 15:14 - 00004746 _____ C:\WINDOWS\SysWOW64\jupdate-1.7.0_45-b18.log 2013-11-05 15:16 - 2013-08-07 21:02 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-30 10:51 - 2013-10-30 10:51 - 00012802 _____ C:\Users\barrysherry\Downloads\WAGS2013LATEApplicants.xls ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-26 08:02 ==================== End Of Log ============================ _____________________________________________________________________________ The Addition.txt file is attached. On this day of Thanksgiving I will be glad for any assistance. Thanks in advance! Barry
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.