dllhost.exe COM Surrogate High CPU Usage

TyGuy · October 24, 2014

Good evening. My PC runs very slowly. It seems that a process "dllhost.exe" COM Surrogate is eating up all of the resources.

Also, every time I restart my PC the Internet Explorer security settings are changed to not allow downloads.

I do have Premium Malware Bytes, but it hasn't fixed it yet.

TyGuy · October 24, 2014

FRST.txt document text:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Main User Laptop (ATTENTION: The logged in user is not administrator) on LAPTOP on 23-10-2014 22:47:49
Running from C:\Users\Main User Laptop\Desktop
Loaded Profile: Main User Laptop (Available profiles: Administrator Laptop & Main User Laptop)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_182_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
HKLM\...\Run: [setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [intelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [sonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-945921058-683668149-385290710-1006\...\Run: [Google Update] => C:\Users\Main User Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-12] (Google Inc.)
HKU\S-1-5-21-945921058-683668149-385290710-1006\...\Run: [ContourCameraFinder] => "\ContourAutoplay.exe"
HKU\S-1-5-21-945921058-683668149-385290710-1006\...\MountPoints2: {13a1000c-d775-11e2-aabd-5404a62f1879} - G:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-945921058-683668149-385290710-1006\...\MountPoints2: {d7d74424-5bdb-11e1-a864-5404a62f1879} - F:\LaunchU3.exe -a
HKU\S-1-5-21-945921058-683668149-385290710-1006\...A8F59079A8D5}\localserver32: <==== ATTENTION!
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Main User Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA88F48E53BEFCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Main User Laptop\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Main User Laptop\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Main User Laptop\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Main User Laptop\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Main User Laptop\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Main User Laptop\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Main User Laptop\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2014-10-23]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Main User Laptop\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Main User Laptop\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Windows LiveÂ™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Profile: C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-15]
CHR Extension: (Google Drive) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-15]
CHR Extension: (YouTube) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-15]
CHR Extension: (Google Search) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-15]
CHR Extension: (Google Wallet) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-20]
CHR Extension: (Gmail) - C:\Users\Main User Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 ITMRTSVC; C:\Program Files (x86)\CA\PPRT\bin\ITMRTSVC.exe [283912 2007-09-26] (CA, Inc.)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\5.2.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 Blackberry Device Manager; "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]
S2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20141003.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2014-05-13] (Emsisoft GmbH)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20141023.002\IDSvia64.sys [633560 2014-08-22] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20141023.002\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20141023.002\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 22:47 - 2014-10-23 22:49 - 00024225 _____ () C:\Users\Main User Laptop\Desktop\FRST.txt
2014-10-23 22:46 - 2014-10-23 22:47 - 00000000 ____D () C:\FRST
2014-10-23 22:46 - 2014-10-23 22:46 - 02112000 _____ (Farbar) C:\Users\Main User Laptop\Desktop\FRST64.exe
2014-10-23 22:41 - 2014-10-23 22:41 - 00002384 _____ () C:\{CC4BEDFE-4CCF-4010-8449-744F86BECCF5}
2014-10-23 19:34 - 2014-10-23 22:42 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-23 19:34 - 2014-10-23 19:34 - 00001100 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-23 19:34 - 2014-10-23 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-23 19:34 - 2014-10-23 19:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-23 19:34 - 2014-10-23 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-23 19:34 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-23 19:34 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-23 19:34 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 20:00 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 20:00 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 20:00 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 20:00 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 20:00 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 20:00 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 20:00 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 19:59 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 19:59 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 19:59 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 19:59 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 19:59 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 19:59 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 19:59 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 19:59 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 19:59 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 19:59 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 19:59 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 19:59 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 19:59 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 19:58 - 2014-09-20 00:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 19:58 - 2014-09-20 00:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 19:58 - 2014-09-20 00:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 19:58 - 2014-09-20 00:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 19:58 - 2014-09-20 00:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 19:58 - 2014-09-20 00:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 19:58 - 2014-09-20 00:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 19:58 - 2014-09-19 22:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 19:58 - 2014-09-19 22:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 19:58 - 2014-09-19 22:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 19:58 - 2014-09-19 22:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 19:58 - 2014-09-19 22:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 19:58 - 2014-09-19 22:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 19:58 - 2014-09-19 21:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-15 19:58 - 2014-09-19 21:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-15 19:58 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 19:58 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-12 00:06 - 2014-10-12 00:07 - 00000000 ____D () C:\Program Files (x86)\LastPass
2014-10-12 00:06 - 2014-10-12 00:06 - 00000000 ____D () C:\Users\Administrator Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass
2014-10-12 00:06 - 2014-10-12 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass
2014-10-11 10:46 - 2014-10-11 10:57 - 00000000 ____D () C:\Users\Main User Laptop\Desktop\Patio Repair 2014
2014-10-08 22:54 - 2014-10-08 22:54 - 00000378 _____ () C:\Program Files (x86)\temp995.bat
2014-10-08 22:38 - 2014-10-08 22:39 - 00049339 _____ () C:\Users\Administrator
2014-10-04 09:59 - 2014-10-04 09:59 - 00008884 _____ () C:\Users\Main User Laptop\.recently-used.xbel
2014-10-03 21:09 - 2014-10-03 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-03 21:08 - 2014-10-03 21:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-03 21:08 - 2014-10-03 21:09 - 00000000 ____D () C:\Program Files\iTunes
2014-10-03 21:08 - 2014-10-03 21:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-03 21:08 - 2014-10-03 21:08 - 00000000 ____D () C:\Program Files\iPod
2014-10-03 20:55 - 2014-10-03 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-03 20:54 - 2014-10-03 20:56 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-03 17:01 - 2014-10-03 17:01 - 00000000 ____D () C:\Users\Main User Laptop\AppData\Local\{66F75F13-5D24-4EA0-9047-96881814FAEF}
2014-09-30 21:39 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 21:39 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-26 13:27 - 2014-09-26 13:27 - 00000000 ____D () C:\Users\Main User Laptop\AppData\Local\{9EF5CCFE-D58F-4089-B05D-08713EE36E7A}
2014-09-23 20:58 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 20:58 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 22:48 - 2012-09-12 22:04 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-945921058-683668149-385290710-1006UA.job
2014-10-23 22:44 - 2014-02-07 13:21 - 00000374 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2014-10-23 22:44 - 2014-02-07 13:21 - 00000372 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2014-10-23 22:37 - 2011-10-27 06:34 - 01618664 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 22:32 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 22:32 - 2009-07-13 23:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 19:40 - 2011-12-10 13:15 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-10-23 19:40 - 2011-10-27 06:55 - 00001728 _____ () C:\Windows\system32\ServiceFilter.ini
2014-10-23 19:39 - 2011-12-13 00:04 - 00111204 _____ () C:\Windows\setupact.log
2014-10-23 19:39 - 2011-04-01 23:17 - 00452820 _____ () C:\Windows\PFRO.log
2014-10-23 19:39 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 19:23 - 2011-12-22 20:58 - 00000000 ____D () C:\Users\Main User Laptop\AppData\Local\CrashDumps
2014-10-23 06:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-23 02:04 - 2012-02-20 19:25 - 00000000 ____D () C:\ProgramData\InstallMate
2014-10-22 15:32 - 2012-09-12 22:04 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-945921058-683668149-385290710-1006Core.job
2014-10-16 07:33 - 2009-07-13 23:45 - 00303352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 07:31 - 2014-05-06 01:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 01:31 - 2013-08-16 15:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 01:31 - 2011-12-10 13:55 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-12 23:08 - 2009-07-14 00:08 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-10 21:22 - 2011-12-13 01:35 - 00000000 ____D () C:\ProgramData\Norton
2014-10-09 22:35 - 2011-12-14 08:37 - 00068480 _____ () C:\Users\Main User Laptop\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-09 21:40 - 2011-04-01 23:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-08 22:58 - 2011-04-01 23:36 - 00000000 ____D () C:\Program Files\Google
2014-10-08 22:54 - 2012-10-15 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-10-08 22:54 - 2012-10-15 16:50 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-10-08 22:54 - 2012-03-03 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software995
2014-10-08 22:51 - 2013-03-23 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block 2012
2014-10-08 22:50 - 2012-02-12 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&R Block 2011
2014-10-08 22:50 - 2012-02-12 21:38 - 00000000 ____D () C:\Program Files (x86)\HRBlock2011
2014-10-08 22:46 - 2013-03-23 21:35 - 00000000 ____D () C:\Program Files (x86)\HRBlock2012
2014-10-08 22:40 - 2011-12-10 13:15 - 00000000 ____D () C:\ProgramData\Google
2014-10-08 22:39 - 2012-04-05 22:00 - 00000000 ____D () C:\Users\Administrator Laptop\AppData\Roaming\DVDVideoSoft
2014-10-08 22:35 - 2011-12-11 00:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-08 22:23 - 2011-10-27 06:55 - 00002672 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-10-08 22:06 - 2012-02-12 21:38 - 00000000 ____D () C:\Program Files (x86)\PDF995
2014-10-08 22:05 - 2013-05-20 16:48 - 00000000 ____D () C:\ProgramData\Skype
2014-10-08 22:03 - 2013-03-18 19:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-08 22:02 - 2012-05-30 19:59 - 00000000 ____D () C:\ProgramData\Leapfrog
2014-10-08 22:02 - 2012-05-30 19:59 - 00000000 ____D () C:\Program Files (x86)\LeapFrog
2014-10-08 22:01 - 2014-03-27 19:22 - 00000000 ____D () C:\Windows\9155DB04A032491A88B27C19B9E9F945.TMP
2014-10-08 21:56 - 2011-10-27 06:57 - 00000000 ____D () C:\ProgramData\CyberLink
2014-10-08 21:55 - 2011-10-27 06:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-08 21:39 - 2013-05-05 00:05 - 00004042 _____ () C:\Users\Administrator Laptop\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-10-08 21:35 - 2013-01-19 13:05 - 00000000 ____D () C:\Users\Administrator Laptop\AppData\Roaming\Dev-Cpp
2014-10-08 21:35 - 2013-01-19 13:05 - 00000000 ____D () C:\Dev-Cpp
2014-10-08 21:28 - 2011-12-11 01:17 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-10-04 21:47 - 2009-07-14 00:13 - 00797890 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-04 10:01 - 2012-02-20 18:02 - 00000000 ____D () C:\Users\Main User Laptop\.gimp-2.6
2014-10-04 09:59 - 2012-02-20 18:13 - 00000000 ____D () C:\Users\Main User Laptop\AppData\Roaming\gtk-2.0
2014-10-04 09:59 - 2011-12-14 08:37 - 00000000 ____D () C:\Users\Main User Laptop
2014-10-04 09:46 - 2013-05-05 00:08 - 00004438 _____ () C:\Users\Main User Laptop\AppData\Roaming\Rim.Desktop.Exception.log
2014-10-04 09:45 - 2012-02-20 18:05 - 00000000 ____D () C:\Users\Main User Laptop\.thumbnails
2014-10-03 17:42 - 2011-12-14 08:37 - 00000000 ____D () C:\Users\Main User Laptop\AppData\Roaming\Apple Computer
2014-10-03 17:07 - 2011-12-13 00:55 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-02 15:53 - 2013-09-30 23:25 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-01 23:27 - 2011-12-14 03:19 - 00000000 ____D () C:\Users\Administrator Laptop

ZeroAccess:
C:\Users\Main User Laptop\AppData\Local\Application Data

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.

==================== End Of Log ============================

TyGuy · October 24, 2014

Addition.txt document text:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Main User Laptop at 2014-10-23 22:49:49
Running from C:\Users\Main User Laptop\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
CA Pest Patrol Realtime Protection (HKLM-x32\...\{F05A5232-CE5E-4274-AB27-44EB8105898D}) (Version: 001.001.0034 - Computer Associates Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CoffeeCup Free HTML Editor (HKCU\...\CoffeeCup Free HTML Editor) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Creative Memories StoryBook Creator Plus 3 (HKLM-x32\...\{95ED1AC3-DF2A-4719-B029-909C0875CD8F}) (Version: 3.0 - Caspedia Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
H&R Block Deluxe + Efile + State 2013 (HKLM-x32\...\{EDE796DE-0A72-464D-9D21-F04BC41A092B}) (Version: 13.05.6502 - HRB Technology, LLC.)
H&R Block Illinois 2013 (HKLM-x32\...\{CA0B4F43-A37E-4066-8864-99C4AAEB83AB}) (Version: 1.13.2801 - HRB Technology, LLC.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Norton Security Suite (HKLM-x32\...\N360) (Version: 5.2.2.3 - Symantec Corporation)
PipPlus (HKLM-x32\...\{28706B95-C23E-4949-A01A-64626724F43F}) (Version: 1.0.0 - RehanFX)
Quicken 2009 (HKLM-x32\...\{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}) (Version: 18.1.1.29 - Intuit)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Radmin Viewer 3.3 (HKLM-x32\...\{EEAA3E5E-1296-45AD-A59E-5D63F604867D}) (Version: 3.30.0000 - Famatech)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
TextPad 5 (HKLM-x32\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.4.2 - Helios)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rel.job => ?
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-945921058-683668149-385290710-1006Core.job => C:\Users\Main User Laptop\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-945921058-683668149-385290710-1006UA.job => C:\Users\Main User Laptop\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-07-19 23:42 - 2011-04-09 21:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-09-23 18:53 - 2010-09-23 18:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2011-07-19 23:43 - 2011-05-05 07:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: ContourCameraFinder => C:\Program Files (x86)\ContourStoryteller\ContourAutoplay.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-945921058-683668149-385290710-500 - Administrator - Disabled)
Administrator Laptop (S-1-5-21-945921058-683668149-385290710-1005 - Administrator - Enabled) => C:\Users\Administrator Laptop
Guest (S-1-5-21-945921058-683668149-385290710-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-945921058-683668149-385290710-1003 - Limited - Enabled)
Main User Laptop (S-1-5-21-945921058-683668149-385290710-1006 - Limited - Enabled) => C:\Users\Main User Laptop

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 07:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dllhost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002b01e2
Faulting process id: 0xb2c
Faulting application start time: 0xdllhost.exe0
Faulting application path: dllhost.exe1
Faulting module path: dllhost.exe2
Report Id: dllhost.exe3

Error: (10/22/2014 11:45:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17116, time stamp: 0x541ccf72
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0001e651
Faulting process id: 0x1ea4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/21/2014 11:01:05 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak). hr = 0x80070539, The security ID structure is invalid.
.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {96ed603c-de3b-40eb-b97a-48eb49271541}

Error: (10/16/2014 09:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17116, time stamp: 0x541ccf72
Faulting module name: igdumd32.dll, version: 8.15.10.2696, time stamp: 0x4f67c0b9
Exception code: 0xc0000005
Fault offset: 0x000eaede
Faulting process id: 0xbf8
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/16/2014 08:20:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: Laptop)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/16/2014 01:28:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak). hr = 0x80070539, The security ID structure is invalid.
.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {99064428-a57f-4bb2-874f-257bfd175efc}

Error: (10/16/2014 01:02:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17088, time stamp: 0x53eedc10
Faulting module name: Flash32_13_0_0_182.ocx, version: 13.0.0.182, time stamp: 0x533390a3
Exception code: 0xc0000005
Fault offset: 0x0020c6b3
Faulting process id: 0x1110
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/16/2014 00:55:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17088, time stamp: 0x53eedc10
Faulting module name: Flash32_13_0_0_182.ocx, version: 13.0.0.182, time stamp: 0x533390a3
Exception code: 0xc0000005
Fault offset: 0x0020c6b3
Faulting process id: 0x1344
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (10/15/2014 07:57:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak). hr = 0x80070539, The security ID structure is invalid.
.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {fe3ec572-0dac-483d-a536-20ba14a6d785}

Error: (10/12/2014 10:01:51 PM) (Source: MsiInstaller) (EventID: 1024) (User: Laptop)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

System errors:
=============
Error: (10/23/2014 10:31:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (10/23/2014 10:31:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (10/23/2014 10:31:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/23/2014 09:32:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/23/2014 07:42:22 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (10/23/2014 07:40:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CGPS Service service failed to start due to the following error:
%%2

Error: (10/23/2014 07:38:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (10/23/2014 07:33:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/23/2014 07:29:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CGPS Service service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (10/23/2014 07:23:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: dllhost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005002b01e2b2c01cfef20b6fa9086C:\Windows\syswow64\dllhost.exeunknownf5067981-5b13-11e4-b935-5404a62f1879

Error: (10/22/2014 11:45:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.17116541ccf72ole32.dll6.1.7601.175144ce7b96fc00000050001e6511ea401cfee793b0a6c91C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\ole32.dll622727c0-5a6f-11e4-b760-5404a62f1879

Error: (10/21/2014 11:01:05 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak)0x80070539, The security ID structure is invalid.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {96ed603c-de3b-40eb-b97a-48eb49271541}

Error: (10/16/2014 09:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.17116541ccf72igdumd32.dll8.15.10.26964f67c0b9c0000005000eaedebf801cfe9a6bd11cf28C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\igdumd32.dll777adc87-55a8-11e4-9795-5404a62f1879

Error: (10/16/2014 08:20:09 PM) (Source: MsiInstaller) (EventID: 1024) (User: Laptop)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (10/16/2014 01:28:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak)0x80070539, The security ID structure is invalid.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {99064428-a57f-4bb2-874f-257bfd175efc}

Error: (10/16/2014 01:02:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1708853eedc10Flash32_13_0_0_182.ocx13.0.0.182533390a3c00000050020c6b3111001cfe8fa0ecc678fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\Macromed\Flash\Flash32_13_0_0_182.ocx138dce44-54fa-11e4-8776-5404a62f1879

Error: (10/16/2014 00:55:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE10.0.9200.1708853eedc10Flash32_13_0_0_182.ocx13.0.0.182533390a3c00000050020c6b3134401cfe8f99e704865C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\Macromed\Flash\Flash32_13_0_0_182.ocx0da5063a-54f9-11e4-8776-5404a62f1879

Error: (10/15/2014 07:57:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-945921058-683668149-385290710-1006.bak)0x80070539, The security ID structure is invalid.

Operation:
OnIdentify event
Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {fe3ec572-0dac-483d-a536-20ba14a6d785}

Error: (10/12/2014 10:01:51 PM) (Source: MsiInstaller) (EventID: 1024) (User: Laptop)
Description: Adobe Reader XI{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

CodeIntegrity Errors:
===================================
Date: 2014-03-29 20:35:19.382
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 20:35:19.289
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:37:54.395
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:37:54.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:09:09.426
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:09:09.332
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:01:16.379
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 13:01:16.286
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 12:21:29.422
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-03-29 12:21:29.328
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage of memory in use: 74%
Total physical RAM: 4000.13 MB
Available physical RAM: 1014.02 MB
Total Pagefile: 7998.43 MB
Available Pagefile: 4023.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:111.06 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:45.41 GB) NTFS
Drive m: () (Network) (Total:74.21 GB) (Free:11.6 GB)

==================== MBR & Partition Table ==================

==================== End Of Log ============================

TyGuy · October 24, 2014

I did run FRST with Norton turned off. Norton was blocking the download of FRST. Now that FRST is downloaded I could turn on Norton and rerun FRST if that is required.

Thank you.

LiquidTension · October 24, 2014

Hello TyGuy, welcome to Malwarebytes' Malware Removal forum!

My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. xsmile.png.pagespeed.ic.CwSpBGGvqN.png

General P2P/Piracy Notice:

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

======================================================

Please read through the points below to ensure this process moves as quickly and efficiently as possible.

Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
Ensure you are following this topic. Click at the top of the page.

======================================================

Unfortunately, your computer is badly infected, and as such, I must issue the following warning. Please let me know what you think and how you wish to proceed.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor, that allows attackers to remotely control your computer, download/execute files and steal critical system, financial and personal information.

If your computer was used for online banking, has credit card information or other sensitive data, using a non-infected computer/device you should immediately change all account information (including those used for banking, email, eBay, paypal, online forums, etc).

Banking and credit card institutions should be notified of the possible security breach immediately. Please read the following article for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Whilst the identified infection(s) can be removed, there is no way to guarantee that your computer will be trustworthy again unless you reformat your Hard Drive and reinstall your Operating System. This is due to the nature of the infection, which allows the attacker complete control over the computer. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat/reinstall. Please read the following articles for more information.
When should I re-format? How should I reinstall?
Help: I Got Hacked. Now What Do I Do?
Where to draw the line? When to recommend a format and reinstall?
You have a choice between cleaning the infection(s) or reformatting your computer. Ultimately, the decision is personal, and up to you and whatever you're most comfortable with. Please let me know how you wish to proceed, and if you have any questions.

TyGuy · October 24, 2014

Wht personal files can I safely backup without transferring the virus?

Pictures, videos, music, financial program information, etc....?

LiquidTension · October 24, 2014

Hello,

I take it you have decided to reformat?

The safest practice is not to backup any executable (.exe), screensavers (.scr), dynamic link library (.dll), autorun (.ini) or script (.php,.asp, .htm, .html, .xml) files because they may be infected by malware. You should also avoid backing up compressed (.zip, .cab, .rar) files that have executables inside as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may disguise itself by hiding a file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension, so be sure you look closely at the full file name.

Backing up documents, image, music and video is fine.
Specially crafted Word/Excel/PDF can be used for malicious intent, so I recommend only backing up such documents that you or other users created (as opposed to downloaded).
To repeat, do not backup up files with the following extensions:

.exe, .scr, .bat, .com, .cmd, .msi, .pif, .ini, .htm, .html, .hta, .php, .asp, .xml, .zip, .rar, .cab

Once you have decided which files you wish to backup, copy the files over to the USB drive.

TyGuy · October 24, 2014

I will be reformatting it tonight.

LiquidTension · October 24, 2014

OK, thank you for letting me know.

Can I provide assistance with anything else?

TyGuy · October 24, 2014

I'll try formatting and reinstalling tonight. Afterward I'll post whether or not there were any other problems. If you don't mind checking this thread some time tomorrow in case I need your assistance again I would appreciate it.

LiquidTension · October 24, 2014

No problem at all.

Let me know how you get on.

TyGuy · October 24, 2014

I thought of one more thing - any ideas on how this got on board? I personally am very wary about things online, but it is a family laptop. Whatever malware I have (not sure of the name) is it usually received through email, fake websites, etc....?

LiquidTension · October 24, 2014

Some of the main infection vectors (methods of becoming infected) include the following:

Browsing the Internet without an active Anti-Virus and Firewall.
Leaving vulnerable Internet-facing software unpatched/outdated (Windows, Adobe software, Java, etc).
Participating in the usage of P2P filesharing.
Participating in the usage of cracked/warez software.
Aimlessly clicking unknown links/email attachments.
Rushing through the installation of new software without reading each page.
Inserting USB drives or other removal media that you do not own.
Social engineering.
Visiting a compromised website.
Malvertisments/compromised ad services delivering malicious ads.

Your computer is/was infected with Poweliks, an infection with rootkit-like capabilities that opens a backdoor on the compromised machine. Unfortunately, it isn't possible to determine the exact cause of infection - it could be one of many possibilities.

TyGuy · October 24, 2014

I figured it was Poweliks, thanks.

I'll let you know how the evening goes. Thanks for all your help. I appreciate it.

LiquidTension · October 24, 2014

You're quite welcome.

TyGuy · October 26, 2014

Format and OS reinstall complete.

TyGuy · October 26, 2014

I'm trying to post the FRST output, but it's too long. Let me break it up

One question though - FRST.exe set off my anti-virus software. Should I be concerned? I followed the link in the pinned post.

TyGuy · October 26, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014

Ran by Home (administrator) on HOME-PC on 26-10-2014 07:57:42

Running from C:\Users\Home\Desktop

Loaded Profile: Home (Available profiles: Home)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(ASUS) C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe

(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

(ASUS) C:\Program Files\P4G\BatteryLife.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(LastPass) C:\Users\Home\AppData\LocalLow\LastPass\LastPassBroker.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [intelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)

HKLM\...\Run: [synAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)

HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [961184 2011-08-02] (Atheros Commnucations)

HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [798880 2011-08-02] (Atheros Commnucations)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)

HKLM-x32\...\Run: [sonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)

HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)

HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)

HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)

HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-08] (ASUS)

HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [iJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-739086126-2961081159-2114223383-1000\...\MountPoints2: {14438372-5c52-11e4-a73e-cd4b36db43f0} - E:\LaunchU3.exe -a

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk

ShortcutTarget: FancyStart daemon.lnk -> C:\Users\Home\AppData\Roaming\Microsoft\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()

ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC6D7819663F0CF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-10-26]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-10-26]

Chrome:

=======

CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-26]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-08-02] (Atheros) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [103584 2011-08-02] (Atheros Commnucations) [File not signed]

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()

R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-16] (Symantec Corporation)

R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-08-26] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-08-26] (Symantec Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141024.001\IDSvia64.sys [633560 2014-10-24] (Symantec Corporation)

R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141025.001\ENG64.SYS [129752 2014-08-11] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141025.001\EX64.SYS [2137304 2014-08-11] (Symantec Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-26] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 07:57 - 2014-10-26 07:58 - 00016509 _____ () C:\Users\Home\Desktop\FRST.txt

2014-10-26 07:57 - 2014-10-26 07:57 - 02113024 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe

2014-10-26 07:57 - 2014-10-26 07:57 - 00000000 ____D () C:\FRST

2014-10-26 01:27 - 2014-10-26 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite

2014-10-26 01:11 - 2014-10-26 01:11 - 00000000 ____D () C:\Users\Home\AppData\Roaming\U3

2014-10-26 01:06 - 2014-10-26 01:06 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3

2014-10-26 01:03 - 2014-10-26 01:03 - 00000000 ____D () C:\Users\Home\AppData\Local\CrashDumps

2014-10-26 00:30 - 2014-10-26 01:27 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration

2014-10-26 00:30 - 2014-10-26 01:27 - 00002440 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk

2014-10-26 00:30 - 2014-10-26 01:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite

2014-10-26 00:30 - 2014-10-26 01:27 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64

2014-10-26 00:30 - 2014-10-26 00:30 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

2014-10-26 00:30 - 2014-10-26 00:30 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT

2014-10-26 00:30 - 2014-10-26 00:30 - 00000000 ____D () C:\Users\Home\Documents\Symantec

2014-10-26 00:30 - 2014-10-26 00:30 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared

2014-10-26 00:30 - 2014-10-26 00:30 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite

2014-10-26 00:25 - 2014-10-26 00:33 - 00000000 ____D () C:\ProgramData\Norton

2014-10-26 00:25 - 2014-10-26 00:25 - 00001267 _____ () C:\Users\Home\Desktop\Norton Installation Files.lnk

2014-10-26 00:25 - 2014-10-26 00:25 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-10-26 00:25 - 2014-10-26 00:25 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

2014-10-26 00:15 - 2014-10-26 00:16 - 00000000 ____D () C:\Program Files (x86)\LastPass

2014-10-26 00:15 - 2014-10-26 00:15 - 00001192 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk

2014-10-26 00:15 - 2014-10-26 00:15 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass

2014-10-26 00:15 - 2014-10-26 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass

2014-10-26 00:12 - 2014-10-26 07:53 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-26 00:08 - 2014-10-26 00:08 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-26 00:08 - 2014-10-26 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-26 00:08 - 2014-10-26 00:08 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-10-26 00:08 - 2014-10-26 00:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-26 00:08 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-10-26 00:08 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-10-26 00:08 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-10-26 00:05 - 2014-10-26 07:53 - 00064232 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT

2014-10-25 23:14 - 2014-10-25 23:14 - 00000376 _____ () C:\Windows\ODBC.INI

2014-10-25 23:14 - 2014-10-25 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2014-10-25 23:14 - 2014-10-25 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync

2014-10-25 23:11 - 2014-10-25 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-10-25 23:11 - 2014-10-25 23:11 - 00000000 ____D () C:\Windows\PCHEALTH

2014-10-25 23:08 - 2014-10-25 23:08 - 00000000 __RHD () C:\MSOCache

2014-10-25 22:51 - 2014-10-25 22:51 - 00001814 _____ () C:\Users\Public\Desktop\Quicken Deluxe 2009.lnk

2014-10-25 22:51 - 2008-08-19 09:46 - 03523872 _____ (Amyuni Technologies http://www.amyuni.com) C:\Windows\SysWOW64\cdintf300.dll

2014-10-25 22:51 - 2008-08-19 09:46 - 01848608 _____ (Apache Software Foundation) C:\Windows\SysWOW64\acXMLParser.dll

2014-10-25 22:50 - 2014-10-25 22:51 - 00000000 ____D () C:\Program Files (x86)\Quicken

2014-10-25 22:50 - 2014-10-25 22:50 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Intuit

2014-10-25 22:50 - 2014-10-25 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quicken 2009

2014-10-25 22:49 - 2014-10-25 22:50 - 00000126 _____ () C:\Windows\QUICKEN.INI

2014-10-25 22:49 - 2014-10-25 22:49 - 00000000 ____D () C:\ProgramData\Intuit

2014-10-25 22:34 - 2014-10-25 22:34 - 00001009 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk

2014-10-25 22:34 - 2014-10-25 22:34 - 00000997 _____ () C:\Users\Public\Desktop\Acrobat.com.lnk

2014-10-25 22:33 - 2014-10-25 22:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

2014-10-25 22:33 - 2014-10-25 22:33 - 00002014 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk

2014-10-25 22:30 - 2014-10-25 22:30 - 00045056 _____ () C:\Windows\SysWOW64\acovcnt.exe

2014-10-25 22:28 - 2014-10-25 22:28 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Macromedia

2014-10-25 22:28 - 2014-10-25 22:28 - 00000000 ___HD () C:\Users\Default\AppData\Roaming\Macromedia

2014-10-25 22:28 - 2014-10-25 22:28 - 00000000 ___HD () C:\Users\Default User\AppData\Roaming\Macromedia

2014-10-25 22:26 - 2014-10-25 22:26 - 00001225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 8.0.lnk

2014-10-25 22:26 - 2008-06-16 03:00 - 00055024 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys

2014-10-25 22:24 - 2014-10-25 22:34 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-10-25 22:24 - 2014-10-25 22:33 - 00000000 ____D () C:\ProgramData\Adobe

2014-10-25 22:10 - 2014-10-25 22:10 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX

2014-10-25 22:10 - 2014-10-25 22:10 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter

2014-10-25 22:10 - 2014-10-25 22:10 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2

2014-10-25 22:10 - 2014-10-25 22:10 - 00000000 ___HD () C:\ProgramData\CanonEPP

2014-10-25 22:09 - 2014-10-25 22:10 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-10-25 22:09 - 2014-10-25 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities

2014-10-25 22:09 - 2014-10-25 22:09 - 00000000 ____D () C:\ProgramData\Canon IJ Network Tool

2014-10-25 22:09 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200L.dll

2014-10-25 22:09 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200U.dll

2014-10-25 22:09 - 2009-11-27 14:29 - 00013056 _____ () C:\Windows\SysWOW64\CNC1749D.TBL

2014-10-25 22:09 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll

2014-10-25 22:08 - 2014-10-25 22:08 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk

2014-10-25 22:08 - 2014-10-25 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series User Registration

2014-10-25 22:08 - 2014-10-25 22:08 - 00000000 ____D () C:\ProgramData\CanonIJWSpt

2014-10-25 22:08 - 2014-10-25 22:08 - 00000000 ____D () C:\ProgramData\CanonIJMSetup

2014-10-25 22:08 - 2014-10-25 22:08 - 00000000 ____D () C:\Program Files\Common Files\CANON

2014-10-25 22:06 - 2014-10-25 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

2014-10-25 22:06 - 2014-10-25 22:06 - 00002358 _____ () C:\Users\Public\Desktop\Canon MG5200 series On-screen Manual.lnk

2014-10-25 22:06 - 2014-10-25 22:06 - 00000000 ____D () C:\Program Files\Canon

2014-10-25 22:05 - 2014-10-25 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual

2014-10-25 22:05 - 2014-10-25 22:05 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information

2014-10-25 22:05 - 2014-10-25 22:05 - 00000000 ___HD () C:\ProgramData\CanonBJ

2014-10-25 22:05 - 2014-10-25 22:05 - 00000000 ___HD () C:\Program Files\CanonBJ

2014-10-25 22:05 - 2014-10-25 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series

2014-10-25 22:05 - 2010-04-07 05:00 - 00361472 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL

2014-10-25 22:05 - 2010-03-11 02:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNMIUAE.DLL

2014-10-25 22:04 - 2014-10-25 22:04 - 00000000 ____D () C:\Windows\system32\STRING

2014-10-25 22:04 - 2010-02-05 04:37 - 00327680 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL

2014-10-25 22:04 - 2010-02-05 04:37 - 00037376 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL

2014-10-25 22:02 - 2014-10-25 22:10 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-10-25 21:20 - 2014-10-25 21:20 - 00003016 _____ () C:\Windows\System32\Tasks\ASUS Live Update

2014-10-25 21:05 - 2014-10-25 21:05 - 00003066 _____ () C:\Windows\System32\Tasks\ACMON

2014-10-25 21:05 - 2014-10-25 21:05 - 00001108 _____ () C:\Users\Public\Desktop\Splendid Utility.Lnk

2014-10-25 21:05 - 2011-05-30 13:48 - 00155648 _____ (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe

2014-10-25 21:03 - 2014-10-25 21:03 - 00000000 __SHD () C:\Users\Home\AppData\Local\EmieUserList

2014-10-25 21:03 - 2014-10-25 21:03 - 00000000 __SHD () C:\Users\Home\AppData\Local\EmieSiteList

2014-10-25 21:00 - 2014-10-25 21:00 - 00002986 _____ () C:\Windows\System32\Tasks\ASUS SmartLogon Console Sensor

2014-10-25 21:00 - 2014-10-25 21:00 - 00001148 _____ () C:\Users\Public\Desktop\SmartLogon Manager.lnk

2014-10-25 20:48 - 2014-10-25 20:51 - 00000000 ____D () C:\Program Files\P4G

2014-10-25 20:48 - 2014-10-25 20:48 - 00003044 _____ () C:\Windows\System32\Tasks\ASUS P4G

2014-10-25 20:48 - 2014-10-25 20:48 - 00000000 ____D () C:\ProgramData\P4G

2014-10-25 20:34 - 2014-10-25 22:30 - 00059096 ____H () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT

2014-10-25 20:32 - 2014-10-25 20:32 - 00003230 _____ () C:\Windows\System32\Tasks\SidebarExecute

2014-10-25 20:32 - 2014-10-25 20:32 - 00000000 ___HD () C:\Users\Home\AppData\Local\ASUS

2014-10-25 20:27 - 2014-10-26 00:37 - 00001814 _____ () C:\Windows\system32\AutoRunFilter.ini

2014-10-25 20:27 - 2014-10-26 00:37 - 00001230 _____ () C:\Windows\system32\ServiceFilter.ini

2014-10-25 20:27 - 2014-10-25 20:51 - 00000080 _____ () C:\Windows\system32\Defrag.ini

2014-10-25 20:27 - 2014-10-25 20:27 - 00000000 ____D () C:\Program Files\ASUS

2014-10-25 20:27 - 2011-01-25 14:11 - 00379520 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe

2014-10-25 20:27 - 2009-06-12 17:55 - 00000105 _____ () C:\Windows\system32\FastBoot.ini

2014-10-25 20:27 - 2009-06-05 13:35 - 00000052 _____ () C:\Windows\system32\RemoveFont.ini

2014-10-25 20:27 - 2009-06-05 13:35 - 00000015 _____ () C:\Windows\system32\BootTime.ini

2014-10-25 20:26 - 2014-10-25 20:27 - 00000382 _____ () C:\setuplogfile.log

2014-10-25 20:21 - 2014-10-25 22:54 - 00000000 ___HD () C:\ASUS.DAT

2014-10-25 20:21 - 2014-10-25 20:21 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Utility

2014-10-25 20:17 - 2014-10-25 20:17 - 00002984 _____ () C:\Windows\System32\Tasks\ATKOSD2

2014-10-25 20:12 - 2014-10-25 23:05 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Adobe

2014-10-25 20:00 - 2014-10-25 20:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-10-25 14:22 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-10-25 14:22 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-10-25 14:22 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-10-25 14:22 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-10-25 14:13 - 2014-10-25 14:13 - 00758128 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-10-25 14:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-10-25 14:02 - 2014-10-25 14:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-25 14:02 - 2014-10-25 14:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-10-25 14:01 - 2014-10-25 14:01 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-10-25 14:01 - 2014-10-25 14:01 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-10-25 14:01 - 2014-10-25 14:01 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-10-25 14:01 - 2014-10-25 14:01 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-10-25 14:01 - 2014-10-25 14:01 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-10-25 14:01 - 2014-10-25 14:01 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-10-25 14:01 - 2014-10-25 14:01 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-10-25 14:01 - 2014-10-25 14:01 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-10-25 14:01 - 2014-10-25 14:01 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-10-25 14:01 - 2014-10-25 14:01 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-10-25 14:01 - 2014-10-25 14:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-10-25 14:01 - 2014-10-25 14:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2014-10-25 13:59 - 2014-10-25 13:59 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll

LiquidTension · October 26, 2014

No, it's a false-positive and can be ignored.

TyGuy · October 26, 2014

2014-10-25 13:57 - 2014-10-25 14:05 - 00011133 _____ () C:\Windows\IE11_main.log

2014-10-25 13:33 - 2012-07-25 22:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll

2014-10-25 13:33 - 2012-07-25 22:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-10-25 13:33 - 2012-07-25 22:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-10-25 13:33 - 2012-07-25 22:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-10-25 13:33 - 2012-07-25 22:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll

2014-10-25 13:33 - 2012-07-25 21:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-10-25 13:33 - 2012-07-25 21:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-10-25 13:33 - 2012-06-02 09:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf

2014-10-25 13:27 - 2011-04-09 01:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2014-10-25 13:27 - 2011-04-09 00:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2014-10-25 13:25 - 2014-10-25 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility

2014-10-25 13:25 - 2014-10-25 13:25 - 00001020 _____ () C:\Users\Public\Desktop\LifeFrame.lnk

2014-10-25 13:24 - 2014-01-27 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-10-25 13:24 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-10-25 13:24 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-10-25 13:24 - 2013-07-04 07:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2014-10-25 13:24 - 2013-07-04 06:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2014-10-25 13:24 - 2013-03-19 00:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2014-10-25 13:24 - 2011-06-16 00:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll

2014-10-25 13:24 - 2011-06-15 23:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll

2014-10-25 13:24 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll

2014-10-25 13:24 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll

2014-10-25 13:24 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll

2014-10-25 13:24 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll

2014-10-25 13:24 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll

2014-10-25 13:24 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll

2014-10-25 13:24 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll

2014-10-25 13:24 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll

2014-10-25 13:24 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll

2014-10-25 13:23 - 2014-09-09 17:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-10-25 13:23 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-10-25 13:23 - 2012-10-09 13:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2014-10-25 13:23 - 2012-10-09 13:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2014-10-25 13:23 - 2012-10-09 12:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2014-10-25 13:23 - 2012-10-09 12:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2014-10-25 13:22 - 2013-07-09 00:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-10-25 13:22 - 2013-07-08 23:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-10-25 13:22 - 2012-01-04 05:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2014-10-25 13:22 - 2012-01-04 03:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2014-10-25 13:22 - 2011-10-26 00:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-10-25 13:22 - 2011-10-25 23:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-10-25 13:22 - 2011-05-04 00:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2014-10-25 13:22 - 2011-05-04 00:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2014-10-25 13:22 - 2011-05-04 00:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2014-10-25 13:22 - 2011-05-04 00:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2014-10-25 13:22 - 2011-05-04 00:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2014-10-25 13:22 - 2011-05-04 00:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2014-10-25 13:22 - 2011-05-04 00:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2014-10-25 13:22 - 2011-05-04 00:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2014-10-25 13:22 - 2011-05-04 00:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2014-10-25 13:22 - 2011-05-03 23:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2014-10-25 13:22 - 2011-05-03 23:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2014-10-25 13:22 - 2011-05-03 23:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2014-10-25 13:22 - 2011-05-03 23:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2014-10-25 13:22 - 2011-05-03 23:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll

2014-10-25 13:22 - 2011-05-03 23:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2014-10-25 13:22 - 2011-05-03 23:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2014-10-25 13:22 - 2011-05-03 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2014-10-25 13:22 - 2011-05-03 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2014-10-25 13:22 - 2010-12-23 05:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll

2014-10-25 13:22 - 2010-12-23 05:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2014-10-25 13:22 - 2010-12-23 05:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax

2014-10-25 13:22 - 2010-12-23 00:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll

2014-10-25 13:22 - 2010-12-23 00:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2014-10-25 13:22 - 2010-12-23 00:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax

2014-10-25 13:21 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-10-25 13:21 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-10-25 13:21 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll

2014-10-25 13:21 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2014-10-25 13:21 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-10-25 13:21 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-10-25 13:21 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-10-25 13:21 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-10-25 13:21 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-10-25 13:21 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-10-25 13:21 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls

2014-10-25 13:21 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls

2014-10-25 13:21 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-10-25 13:21 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-10-25 13:21 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-10-25 13:21 - 2013-10-05 15:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-10-25 13:21 - 2013-10-05 14:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-10-25 13:21 - 2013-07-09 00:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-10-25 13:21 - 2013-07-09 00:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-10-25 13:21 - 2013-07-08 23:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-10-25 13:21 - 2013-07-08 23:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-10-25 13:21 - 2011-11-17 01:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll

2014-10-25 13:21 - 2011-11-17 00:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll

2014-10-25 13:21 - 2011-07-08 21:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2014-10-25 13:21 - 2011-04-26 21:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2014-10-25 13:21 - 2011-04-26 21:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2014-10-25 13:20 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-10-25 13:20 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-10-25 13:20 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-10-25 13:20 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-10-25 13:20 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-10-25 13:20 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-10-25 13:20 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-10-25 13:20 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-10-25 13:20 - 2011-12-30 01:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl

2014-10-25 13:20 - 2011-12-30 00:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl

2014-10-25 13:19 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-10-25 13:19 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-10-25 13:19 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll

2014-10-25 13:19 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll

2014-10-25 13:19 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll

2014-10-25 13:19 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll

2014-10-25 13:19 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll

2014-10-25 13:19 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe

2014-10-25 13:19 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe

2014-10-25 13:19 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe

2014-10-25 13:19 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe

2014-10-25 13:19 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll

2014-10-25 13:19 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll

2014-10-25 13:19 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll

2014-10-25 13:19 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll

2014-10-25 13:19 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll

2014-10-25 13:19 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe

2014-10-25 13:19 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe

2014-10-25 13:19 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe

2014-10-25 13:19 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe

2014-10-25 13:19 - 2013-10-03 21:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2014-10-25 13:19 - 2013-10-03 21:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll

2014-10-25 13:19 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-10-25 13:19 - 2013-10-03 20:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2014-10-25 13:19 - 2013-10-03 20:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll

2014-10-25 13:19 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-10-25 13:19 - 2013-08-04 21:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2014-10-25 13:19 - 2013-06-06 00:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2014-10-25 13:19 - 2013-06-06 00:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2014-10-25 13:19 - 2013-06-06 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2014-10-25 13:19 - 2013-06-06 00:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2014-10-25 13:19 - 2013-06-05 23:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2014-10-25 13:19 - 2013-06-05 23:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2014-10-25 13:19 - 2013-06-05 23:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2014-10-25 13:19 - 2013-06-05 22:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2014-10-25 13:19 - 2013-06-05 22:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2014-10-25 13:19 - 2013-06-05 22:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2014-10-25 13:19 - 2011-03-11 01:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll

2014-10-25 13:19 - 2011-03-11 01:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll

2014-10-25 13:19 - 2011-03-11 00:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll

2014-10-25 13:19 - 2011-03-11 00:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll

2014-10-25 13:07 - 2014-10-25 13:07 - 00000000 ___HD () C:\Users\Home\Documents\Bluetooth Folder

2014-10-25 13:07 - 2014-10-25 13:07 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Atheros

2014-10-25 13:01 - 2014-10-25 13:08 - 00000000 ____D () C:\Program Files (x86)\Bluetooth Suite

2014-10-25 12:59 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-10-25 12:59 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-10-25 12:59 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-10-25 12:59 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-10-25 12:59 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-10-25 12:58 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2014-10-25 12:58 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll

2014-10-25 12:58 - 2012-08-22 13:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2014-10-25 12:58 - 2012-07-04 15:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys

2014-10-25 12:57 - 2014-10-09 21:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-10-25 12:57 - 2014-10-09 21:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-10-25 12:57 - 2014-10-09 21:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-10-25 12:57 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-10-25 12:57 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-10-25 12:57 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-10-25 12:57 - 2013-07-25 04:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

2014-10-25 12:57 - 2013-07-25 03:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

2014-10-25 12:57 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys

2014-10-25 12:57 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys

2014-10-25 12:57 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys

2014-10-25 12:57 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys

2014-10-25 12:57 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys

2014-10-25 12:57 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2014-10-25 12:57 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys

2014-10-25 12:57 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll

2014-10-25 12:57 - 2012-11-28 17:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf

2014-10-25 12:57 - 2012-10-03 12:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2014-10-25 12:57 - 2012-10-03 12:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2014-10-25 12:57 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2014-10-25 12:57 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2014-10-25 12:57 - 2012-10-03 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll

2014-10-25 12:57 - 2012-10-03 12:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll

2014-10-25 12:57 - 2012-10-03 11:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2014-10-25 12:57 - 2012-10-03 11:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2014-10-25 12:57 - 2012-10-03 11:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll

2014-10-25 12:57 - 2012-10-03 11:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-10-25 12:57 - 2012-05-01 00:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2014-10-25 12:57 - 2012-01-13 02:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2014-10-25 12:57 - 2011-03-03 01:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2014-10-25 12:57 - 2011-03-03 01:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2014-10-25 12:57 - 2011-03-03 01:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe

2014-10-25 12:57 - 2011-03-03 00:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2014-10-25 12:57 - 2011-03-03 00:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe

2014-10-25 12:56 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-10-25 12:56 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-10-25 12:56 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-10-25 12:56 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-10-25 12:56 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-10-25 12:56 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-10-25 12:56 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-10-25 12:56 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-10-25 12:56 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-10-25 12:56 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-10-25 12:56 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-10-25 12:56 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-10-25 12:56 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-10-25 12:56 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-10-25 12:56 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2014-10-25 12:56 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2014-10-25 12:56 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2014-10-25 12:56 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2014-10-25 12:56 - 2013-07-04 07:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2014-10-25 12:56 - 2013-07-04 07:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2014-10-25 12:56 - 2013-07-04 06:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2014-10-25 12:56 - 2013-07-04 06:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2014-10-25 12:56 - 2013-07-04 05:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2014-10-25 12:56 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll

2014-10-25 12:56 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll

2014-10-25 12:55 - 2014-09-24 21:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2014-10-25 12:55 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2014-10-25 12:55 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe

2014-10-25 12:55 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll

2014-10-25 12:55 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax

2014-10-25 12:55 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll

2014-10-25 12:55 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax

2014-10-25 12:55 - 2011-04-28 22:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2014-10-25 12:55 - 2011-04-28 22:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2014-10-25 12:55 - 2011-04-28 22:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2014-10-25 12:54 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-10-25 12:54 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2014-10-25 12:54 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2014-10-25 12:54 - 2013-04-10 01:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-10-25 12:54 - 2011-02-03 06:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-10-25 12:52 - 2013-08-28 21:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2014-10-25 12:52 - 2013-08-28 21:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2014-10-25 12:52 - 2013-08-28 21:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2014-10-25 12:52 - 2013-08-28 20:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2014-10-25 12:52 - 2013-08-28 20:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2014-10-25 12:52 - 2013-08-28 20:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2014-10-25 12:52 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys

2014-10-25 12:45 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-10-25 12:45 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-10-25 12:45 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-10-25 12:45 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-10-25 12:45 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-10-25 12:45 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-10-25 12:45 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-10-25 12:45 - 2013-02-27 00:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2014-10-25 12:44 - 2010-12-20 18:08 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll

2014-10-25 12:43 - 2014-10-25 12:43 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\InstallShield

2014-10-25 12:43 - 2010-10-19 16:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys

2014-10-25 12:41 - 2011-05-31 16:38 - 00443040 _____ (Atheros) C:\Windows\system32\athihvs.dll

2014-10-25 11:33 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys

2014-10-25 11:33 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll

2014-10-25 11:33 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll

2014-10-25 11:28 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-10-25 11:28 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-10-25 11:28 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-10-25 11:28 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-10-25 11:28 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-10-25 11:25 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-10-25 11:25 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-10-25 11:25 - 2011-02-05 12:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2014-10-25 11:25 - 2011-02-05 12:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll

2014-10-25 11:25 - 2011-02-05 12:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll

2014-10-25 11:25 - 2011-02-05 12:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll

2014-10-25 11:25 - 2011-02-05 12:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2014-10-25 11:25 - 2011-02-05 12:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2014-10-25 11:25 - 2011-02-05 12:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2014-10-25 11:24 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-10-25 11:24 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-10-25 11:22 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-10-25 11:22 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-10-25 11:22 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-10-25 11:22 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-10-25 11:22 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-10-25 11:22 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-10-25 11:21 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-10-25 11:21 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-10-25 11:09 - 2014-10-25 11:09 - 00000000 ____D () C:\ProgramData\AmUStor

2014-10-25 11:09 - 2014-10-25 11:09 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun

2014-10-25 11:04 - 2014-10-25 11:04 - 00015420 _____ () C:\Windows\system32\results.xml

2014-10-25 10:56 - 2014-10-25 21:20 - 00000000 ____D () C:\Program Files (x86)\ASUS

2014-10-25 10:56 - 2014-10-25 10:56 - 00002745 _____ () C:\Users\Public\Desktop\ASUS Sonic Focus.lnk

2014-10-25 10:56 - 2014-10-25 10:56 - 00000000 ___HD () C:\Users\Home\AppData\Local\Downloaded Installations

2014-10-25 10:56 - 2014-10-25 10:56 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM

2014-10-25 10:56 - 2014-10-25 10:56 - 00000000 ____D () C:\ProgramData\SonicFocus

2014-10-25 10:56 - 2014-10-25 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp

2014-10-25 10:56 - 2014-10-25 10:56 - 00000000 ____D () C:\Program Files\Realtek

2014-10-25 10:55 - 2014-10-25 10:57 - 00000000 ___HD () C:\Program Files (x86)\Temp

2014-10-25 10:55 - 2014-10-25 10:55 - 00000000 ____D () C:\Program Files (x86)\Realtek

2014-10-25 10:55 - 2011-08-16 18:46 - 03056360 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2014-10-25 10:55 - 2011-08-16 16:57 - 01501696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat

2014-10-25 10:55 - 2011-08-16 14:43 - 03200104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll

2014-10-25 10:55 - 2011-08-16 14:43 - 02518120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2014-10-25 10:55 - 2011-08-15 16:47 - 00093800 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll

2014-10-25 10:55 - 2011-07-29 14:46 - 01827944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2014-10-25 10:55 - 2011-07-28 00:55 - 02604376 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll

2014-10-25 10:55 - 2011-07-28 00:55 - 02132824 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll

2014-10-25 10:55 - 2011-07-22 19:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2014-10-25 10:55 - 2011-07-11 14:17 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll

2014-10-25 10:55 - 2011-06-30 16:14 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2014-10-25 10:55 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll

2014-10-25 10:55 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll

2014-10-25 10:55 - 2011-05-05 15:24 - 02085440 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2014-10-25 10:55 - 2011-05-05 14:15 - 00220512 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll

2014-10-25 10:55 - 2011-05-05 14:14 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll

2014-10-25 10:55 - 2011-05-05 14:14 - 00078176 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2014-10-25 10:55 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2014-10-25 10:55 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2014-10-25 10:55 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2014-10-25 10:55 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2014-10-25 10:55 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll

2014-10-25 10:55 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2014-10-25 10:55 - 2010-07-11 21:28 - 00180048 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFProc64.dll

2014-10-25 10:55 - 2010-07-11 21:28 - 00086352 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFComm64.dll

2014-10-25 10:55 - 2010-07-11 21:28 - 00083792 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFSAPO64.dll

2014-10-25 10:55 - 2010-07-11 21:28 - 00082768 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFHAPO64.dll

2014-10-25 10:55 - 2010-07-11 21:28 - 00082768 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFDAPO64.dll

2014-10-25 10:55 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2014-10-25 10:55 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2014-10-25 10:55 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2014-10-25 10:55 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2014-10-25 10:55 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2014-10-25 10:50 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-10-25 10:50 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2014-10-25 10:50 - 2013-05-10 00:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll

2014-10-25 10:50 - 2013-05-09 22:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll

2014-10-25 10:50 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-10-25 10:50 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-10-25 10:50 - 2012-11-22 22:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-10-25 10:49 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-10-25 10:49 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-10-25 10:49 - 2011-05-24 06:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll

2014-10-25 10:49 - 2011-05-24 05:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll

2014-10-25 10:49 - 2011-05-24 05:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll

2014-10-25 10:49 - 2011-05-24 05:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll

2014-10-25 10:49 - 2011-05-24 05:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe

2014-10-25 10:40 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-10-25 10:40 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-10-25 10:40 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-10-25 10:40 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-10-25 10:40 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-10-25 10:40 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll

2014-10-25 10:40 - 2014-07-16 20:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-10-25 10:40 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-10-25 10:40 - 2014-07-16 20:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2014-10-25 10:40 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-10-25 10:40 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-10-25 10:40 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-10-25 10:40 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-10-25 10:40 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-10-25 10:40 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-10-25 10:40 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-10-25 10:40 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-10-25 10:40 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-10-25 10:40 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-10-25 10:40 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-10-25 10:40 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-10-25 10:40 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-10-25 10:40 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-10-25 10:40 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-10-25 10:40 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-10-25 10:40 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-10-25 10:40 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-10-25 10:40 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-10-25 10:40 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-10-25 10:40 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-10-25 10:40 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-10-25 10:40 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-10-25 10:40 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-10-25 10:40 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-10-25 10:40 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-10-25 10:40 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-10-25 10:40 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-10-25 10:40 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-10-25 10:40 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-10-25 10:40 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-10-25 10:40 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-10-25 10:40 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-10-25 10:40 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-10-25 10:40 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-10-25 10:40 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-10-25 10:40 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-10-25 10:40 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2014-10-25 10:40 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2014-10-25 10:40 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2014-10-25 10:40 - 2013-07-20 05:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-10-25 10:40 - 2013-07-20 05:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-10-25 10:40 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-10-25 10:40 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-10-25 10:40 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-10-25 10:40 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-10-25 10:40 - 2013-02-15 01:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-10-25 10:40 - 2013-02-15 01:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2014-10-25 10:40 - 2013-02-14 22:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-10-25 10:40 - 2013-01-24 01:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys

2014-10-25 10:40 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

2014-10-25 10:40 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll

2014-10-25 10:40 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll

2014-10-25 10:40 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll

2014-10-25 10:40 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll

2014-10-25 10:40 - 2012-05-14 00:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2014-10-25 10:40 - 2012-05-05 03:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-10-25 10:40 - 2012-05-05 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-10-25 10:40 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll

2014-10-25 10:40 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe

2014-10-25 10:40 - 2011-12-16 03:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll

2014-10-25 10:40 - 2011-12-16 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll

2014-10-25 10:40 - 2011-05-03 00:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2014-10-25 10:40 - 2011-05-02 23:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2014-10-25 10:40 - 2011-02-18 05:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe

2014-10-25 10:40 - 2011-02-18 00:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

2014-10-25 10:40 - 2011-02-12 06:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe

2014-10-25 10:39 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-10-25 10:39 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-10-25 10:39 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-10-25 10:39 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-10-25 10:39 - 2014-04-11 21:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-10-25 10:39 - 2014-04-11 21:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-10-25 10:39 - 2014-04-11 21:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-10-25 10:39 - 2014-04-11 21:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-10-25 10:39 - 2014-04-11 21:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-10-25 10:39 - 2014-04-11 21:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-10-25 10:39 - 2013-07-04 07:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2014-10-25 10:39 - 2011-02-22 23:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys

2014-10-25 10:38 - 2013-08-27 20:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll

2014-10-25 10:38 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2014-10-25 10:38 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2014-10-25 10:38 - 2011-10-15 01:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll

2014-10-25 10:38 - 2011-10-15 00:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll

2014-10-25 10:38 - 2011-08-27 00:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-10-25 10:38 - 2011-08-27 00:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2014-10-25 10:38 - 2011-08-26 23:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-10-25 10:38 - 2011-08-26 23:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2014-10-25 10:34 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-10-25 10:34 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-10-25 10:34 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-10-25 10:34 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-10-25 10:34 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-10-25 10:29 - 2014-10-25 10:29 - 00000353 _____ () C:\Windows\SynInst.log

2014-10-25 10:22 - 2014-10-25 10:22 - 00000000 ____D () C:\Program Files\Elantech

2014-10-25 10:18 - 2014-10-25 10:51 - 00001474 _____ () C:\Windows\Synaptics.log

2014-10-25 10:18 - 2014-10-25 10:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf

2014-10-25 10:18 - 2014-10-25 10:18 - 00000000 ____D () C:\Program Files\Synaptics

2014-10-25 10:11 - 2014-10-25 13:00 - 00000000 ____D () C:\Program Files (x86)\Intel

2014-10-25 10:11 - 2014-10-25 11:02 - 00000000 ____D () C:\Intel

2014-10-25 10:11 - 2010-12-23 11:09 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll

2014-10-25 10:04 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll

2014-10-25 10:04 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll

2014-10-25 10:04 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys

2014-10-25 09:55 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-10-25 09:55 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-10-25 09:55 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-10-25 09:55 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-10-25 09:54 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-10-25 09:54 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-10-25 09:54 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-10-25 09:54 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-10-25 09:54 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-10-25 09:54 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-10-25 09:54 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-10-25 09:54 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-10-25 09:54 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-10-25 09:54 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2014-10-25 09:49 - 2014-10-25 22:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-10-25 09:49 - 2014-10-25 12:41 - 00000000 ____D () C:\Windows\system32\nn-NO

2014-10-25 09:49 - 2014-10-25 12:41 - 00000000 ____D () C:\Program Files (x86)\Atheros

2014-10-25 09:49 - 2011-05-31 16:38 - 00063648 _____ (Atheros) C:\Windows\system32\athihvui.dll

2014-10-25 09:49 - 2011-05-24 00:24 - 02750464 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys

2014-10-25 09:48 - 2014-10-25 13:15 - 00000000 ____D () C:\ProgramData\Atheros

2014-10-25 09:44 - 2014-10-25 09:44 - 00000000 ___HD () C:\Users\Home\AppData\Roaming\Intel

2014-10-25 09:43 - 2014-10-26 01:06 - 00069970 _____ () C:\Windows\DPINST.LOG

2014-10-25 09:43 - 2014-10-25 11:03 - 00000000 ____D () C:\Program Files\Common Files\Intel

2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless

2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 ____D () C:\ProgramData\Intel

2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 ____D () C:\Program Files\Intel

2014-10-25 09:43 - 2014-10-25 09:43 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-10-25 09:29 - 2014-10-25 09:29 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

2014-10-25 04:32 - 2014-10-25 01:40 - 00000000 ____D () C:\Windows\Panther

2014-10-25 03:36 - 2014-10-26 07:58 - 01897910 _____ () C:\Windows\WindowsUpdate.log

2014-10-25 03:35 - 2014-10-25 03:35 - 00001355 _____ () C:\Windows\TSSysprep.log

2014-10-25 03:35 - 2014-10-25 03:35 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

2014-10-25 03:35 - 2014-10-25 03:35 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

2014-10-25 01:41 - 2014-10-25 20:12 - 00001413 ____H () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-10-25 01:40 - 2014-10-25 10:29 - 00000000 ___HD () C:\Users\Home\AppData\Local\VirtualStore

2014-10-25 01:40 - 2014-10-25 09:44 - 00000000 ___HD () C:\Users\Home

2014-10-25 01:40 - 2014-10-25 01:40 - 00000020 ___SH () C:\Users\Home\ntuser.ini

2014-10-25 01:40 - 2014-10-25 01:40 - 00000000 __SHD () C:\Recovery

2014-10-25 01:40 - 2009-07-13 23:54 - 00000000 __RHD () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-25 01:40 - 2009-07-13 23:49 - 00000000 __RHD () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 07:51 - 2010-11-20 22:47 - 00011224 _____ () C:\Windows\PFRO.log

2014-10-26 07:51 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-26 07:51 - 2009-07-13 23:51 - 00026150 _____ () C:\Windows\setupact.log

2014-10-26 07:50 - 2009-07-13 23:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-26 07:50 - 2009-07-13 23:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-26 00:44 - 2009-07-14 00:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-26 00:03 - 2009-07-13 23:45 - 00292456 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-10-25 23:14 - 2011-04-12 03:28 - 00000000 ____D () C:\Windows\ShellNew

2014-10-25 23:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system

2014-10-25 22:09 - 2009-07-13 22:20 - 00000000 __RSD () C:\Windows\Media

2014-10-25 20:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK

2014-10-25 20:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR

2014-10-25 20:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-10-25 20:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-10-25 20:02 - 2011-04-12 03:28 - 00000000 ____D () C:\Program Files\Windows Journal

2014-10-25 20:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\zh-HK

2014-10-25 20:02 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\tr-TR

2014-10-25 20:01 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender

2014-10-25 20:01 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-10-25 20:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-10-25 20:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-10-25 13:08 - 2011-08-02 13:38 - 00246804 _____ () C:\Windows\system32\Drivers\AtherosBt.bin

2014-10-25 13:08 - 2011-08-02 13:38 - 00001242 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x01.dfu

2014-10-25 13:08 - 2011-08-02 13:38 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40_0x02.dfu

2014-10-25 13:08 - 2011-08-02 13:38 - 00001204 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_40.dfu

2014-10-25 13:08 - 2011-08-02 13:38 - 00001198 _____ () C:\Windows\system32\Drivers\ramps_0x01020200_26.dfu

2014-10-25 09:59 - 2009-07-13 22:20 - 00000000 ___RD () C:\Users\Public\Libraries

2014-10-25 09:44 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Default

2014-10-25 09:43 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\system32\restore

2014-10-25 04:32 - 2009-07-14 00:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG

2014-10-25 04:32 - 2009-07-14 00:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

2014-10-25 03:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-10-25 03:35 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-10-25 03:35 - 2009-07-13 23:46 - 00002790 _____ () C:\Windows\DtcInstall.log

2014-10-25 03:35 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-10-25 03:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep

2014-10-25 01:48 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-10-02 15:53 - 2010-11-20 22:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-25 03:33

==================== End Of Log ============================

TyGuy · October 26, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014

Ran by Home at 2014-10-26 07:59:47

Running from C:\Users\Home\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}

AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Norton Security Suite (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)

Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)

Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.02 - Adobe Systems Incorporated)

Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)

Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden

AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)

ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)

ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)

ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)

ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)

ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.23 - asus)

Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0013 - ASUS)

Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)

Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )

Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )

Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )

Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version: - )

Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )

Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )

ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)

Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)

InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.3 - ASUS)

Intel PROSet Wireless (Version: - ) Hidden

Intel PROSet Wireless (x32 Version: - ) Hidden

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)

Quicken 2009 (HKLM-x32\...\{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}) (Version: 18.1.1.29 - Intuit)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)

Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)

Wireless Console 3 (HKLM-x32\...\{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}) (Version: 3.0.23 - ASUS)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

25-10-2014 14:43:06 Installed Intel® PROSet/Wireless WiFi Software.

25-10-2014 14:54:11 Windows Update

25-10-2014 15:08:19 Installed WinFlash

25-10-2014 15:09:28 Installed WinFlash

25-10-2014 16:09:09 Installed Alcor Micro USB Card Reader

25-10-2014 16:12:56 Installed Asmedia ASM104x USB 3.0 Host Controller Driver.

25-10-2014 16:20:51 Windows Update

25-10-2014 17:48:06 Installed Intel® Turbo Boost Technology Monitor.

25-10-2014 17:58:00 Installed Intel® PROSet/Wireless Software for Bluetooth® Technology

25-10-2014 18:01:13 Installed Bluetooth Win7 Suite (64).

25-10-2014 18:24:55 Installed ASUS LifeFrame3

25-10-2014 18:29:08 Windows Update

26-10-2014 01:15:55 Installed ATK Package

26-10-2014 01:21:18 Installed ASUS FancyStart

26-10-2014 01:26:48 Installed Fast Boot

26-10-2014 01:31:26 Installed InstantOn for NB

26-10-2014 01:48:40 Installed ASUS Power4Gear Hybrid

26-10-2014 01:59:56 Installed ASUS SmartLogon

26-10-2014 02:04:40 Installed ASUS Splendid Video Enhancement Technology

26-10-2014 02:09:16 Installed ASUS Virtual Camera

26-10-2014 02:15:34 Installed Wireless Console 3

26-10-2014 02:19:50 Installed ASUS Live Update

26-10-2014 02:51:13 Windows Update

26-10-2014 03:21:08 Installed Adobe Photoshop Elements 8.0.

26-10-2014 03:32:17 Installed Adobe Reader 9.

26-10-2014 04:09:44 Installed Microsoft Office Standard Edition 2003

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {035897F6-3438-409F-BC1A-6E636F4D131E} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21] (ASUS)

Task: {17FF92DF-49C1-4CED-BB7B-7D1DF45F4AA2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)

Task: {2AFC35E4-9887-45B6-B56C-588B2FD6B496} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)

Task: {8AA26737-638B-4075-B239-433CBE51DE9C} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {A1F0B7B2-7A79-45D5-8562-7B596C5CC33C} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-05-31] (ASUS)

Task: {B768BB6A-5AFE-45C0-B78E-3A20996221E0} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {DD4D37B1-4817-4A6F-ACDA-55320F8ADE36} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)

Task: {DDD156D4-EAF7-4AC8-90DC-C2D90D238284} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)

==================== Loaded Modules (whitelisted) =============

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2014-10-25 22:10 - 2010-04-05 14:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2011-05-05 20:30 - 2011-05-05 20:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll

2011-04-10 10:40 - 2011-04-10 10:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll

2011-09-08 22:10 - 2011-09-08 22:10 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll

2011-05-30 13:48 - 2011-05-30 13:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

2011-08-31 15:33 - 2011-08-31 15:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-739086126-2961081159-2114223383-500 - Administrator - Disabled)

Guest (S-1-5-21-739086126-2961081159-2114223383-501 - Limited - Disabled)

Home (S-1-5-21-739086126-2961081159-2114223383-1000 - Administrator - Enabled) => C:\Users\Home

HomeGroupUser$ (S-1-5-21-739086126-2961081159-2114223383-1003 - Limited - Enabled)

Main User (S-1-5-21-739086126-2961081159-2114223383-1001 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Ethernet Controller

Description: Ethernet Controller

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (10/26/2014 07:51:27 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 01:31:11 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 01:18:18 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 01:10:39 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 01:03:49 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: LaunchU3.exe, version: 0.0.0.0, time stamp: 0x471da2a4

Faulting module name: LaunchU3.exe, version: 0.0.0.0, time stamp: 0x471da2a4

Exception code: 0xc0000005

Fault offset: 0x000cd972

Faulting process id: 0x13b8

Faulting application start time: 0xLaunchU3.exe0

Faulting application path: LaunchU3.exe1

Faulting module path: LaunchU3.exe2

Report Id: LaunchU3.exe3

Error: (10/26/2014 00:35:39 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 00:09:24 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 00:03:35 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2014 10:52:56 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2014 10:35:54 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:

=============

Error: (10/26/2014 01:16:15 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (10/26/2014 01:16:13 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (10/26/2014 01:15:53 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (10/26/2014 01:15:51 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (10/26/2014 01:14:28 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/26/2014 01:14:27 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/26/2014 01:14:27 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/26/2014 01:14:26 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (10/26/2014 01:11:14 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (10/26/2014 01:11:11 AM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Microsoft Office Sessions:

=========================