Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Unexpected Adobe Flash plugin install including malware
Message
<blockquote data-quote="birdman" data-source="post: 136177" data-attributes="member: 12898"><p>Here is the log from the scan:</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01</p><p>Ran by SYSTEM on MININT-CP2PM86 on 20-09-2013 07:50:12</p><p>Running from M:\</p><p>Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)</p><p>Internet Explorer Version 9</p><p>Boot Mode: Recovery</p><p></p><p>The current controlset is ControlSet001</p><p><strong>ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.</strong></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64</p><p>HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-29] (Realtek Semiconductor)</p><p>HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)</p><p>HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)</p><p>HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [289600 2011-02-14] (NTI Corporation)</p><p>HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)</p><p>HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1370624 2010-08-06] (Creative Technology Ltd)</p><p>HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)</p><p>HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)</p><p>HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()</p><p>HKLM-x32\...\Run: [PivotSoftware] - C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] ()</p><p>HKLM-x32\...\Run: [DT ACR] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-06-30] ()</p><p>HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)</p><p>HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)</p><p>HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)</p><p>HKLM-x32\...\Run: [] - [x]</p><p>HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [HotSync] - "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers [x]</p><p>HKLM-x32\...\Run: [NPSStartup] - [x]</p><p>HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)</p><p>HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation)</p><p>HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [154144 2010-07-29] ()</p><p>HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [154144 2010-07-29] ()</p><p>HKU\Tom Demler\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)</p><p>HKU\Tom Demler\...\Run: [PDHookServer] - C:\Program Files (x86)\Avanquest\PowerDesk\PDHookServer.exe [60416 2012-12-14] ()</p><p>AppInit_DLLs: C:\Users\Tom Demler\AppData\Roaming\Avanquest\PowerDesk\FileMonitor64.dll [129024 2012-12-14] ()</p><p>Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk</p><p>ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)</p><p>Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk</p><p>ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)</p><p>Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.lnk</p><p>ShortcutTarget: taskmgr.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation)</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-04] (Adobe Systems)</p><p>S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-06-30] ()</p><p>S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)</p><p>S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)</p><p>S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)</p><p>S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)</p><p>S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [257344 2011-02-14] (NTI Corporation)</p><p>S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)</p><p>S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)</p><p>S2 x10nets; C:\PROGRA~2\COMMON~1\X10\Common\X10nets.exe [20480 2010-11-01] (X10)</p><p>S2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [x]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>S2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID)</p><p>S3 MosIrUsb; C:\Windows\System32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] ()</p><p>S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)</p><p>S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)</p><p>S3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.)</p><p>S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation)</p><p>S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)</p><p>S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)</p><p>S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)</p><p>S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [x]</p><p>S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [x]</p><p>S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]</p><p>S3 tsusbhub; system32\drivers\tsusbhub.sys [x]</p><p>S3 VGPU; System32\drivers\rdvgkmd.sys [x]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p></p><p>==================== One Month Created Files and Folders ========</p><p></p><p>2013-09-20 07:49 - 2013-09-20 07:49 - 00000000 ____D C:\FRST</p><p>2013-09-19 15:54 - 2013-09-19 15:54 - 01950622 _____ (Farbar) C:\Users\Tom Demler\Downloads\FRST64.exe</p><p>2013-09-19 04:43 - 2013-09-19 04:43 - 00001563 _____ C:\Users\Tom Demler\Downloads\aswMBR.txt</p><p>2013-09-19 04:43 - 2013-09-19 04:43 - 00000512 _____ C:\Users\Tom Demler\Downloads\MBR.dat</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 04745728 _____ (AVAST Software) C:\Users\Tom Demler\Downloads\aswMBR.exe</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 00126770 _____ C:\Users\Tom Demler\Downloads\OTL.Txt</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 00112430 _____ C:\Users\Tom Demler\Downloads\Extras.Txt</p><p>2013-09-19 04:34 - 2013-09-19 04:34 - 00602112 _____ (OldTimer Tools) C:\Users\Tom Demler\Downloads\OTL.exe</p><p>2013-09-18 15:48 - 2013-09-18 16:18 - 277320808 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_IA64.exe</p><p>2013-09-18 15:33 - 2013-09-18 15:40 - 00000000 ____D C:\AdwCleaner</p><p>2013-09-18 15:32 - 2013-09-18 15:32 - 01039554 _____ C:\Users\Tom Demler\Downloads\adwcleaner.exe</p><p>2013-09-18 13:33 - 2013-09-18 13:33 - 00003266 _____ C:\Windows\System32\Tasks\{A3BA27F5-B0A4-40FA-B3F4-B3B13D5955D7}</p><p>2013-09-18 13:17 - 2013-09-18 13:17 - 00000242 _____ C:\Windows\wininit.ini</p><p>2013-09-18 13:05 - 2013-09-18 13:16 - 507567168 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for UNIX-based Applications_IA64.exe</p><p>2013-09-18 13:01 - 2013-09-18 13:01 - 00000884 __RSH C:\Users\Tom Demler\ntuser.pol</p><p>2013-09-18 12:51 - 2013-09-18 12:51 - 00000000 ____D C:\Windows\SUA</p><p>2013-09-18 12:47 - 2013-09-18 12:50 - 265716328 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_X86.exe</p><p>2013-09-17 07:14 - 2013-09-17 07:14 - 00000000 ____D C:\Users\Tom Demler\MediaEspresso</p><p>2013-09-17 06:58 - 2013-09-17 06:59 - 00000000 ____D C:\Users\Tom Demler\Documents\Sounds</p><p>2013-09-16 06:47 - 2013-09-16 06:47 - 02276888 _____ (Sony Corporation) C:\Users\Tom Demler\Downloads\PMHOME_2003DL.EXE</p><p>2013-09-16 06:32 - 2013-09-16 06:32 - 06892672 _____ C:\Users\Tom Demler\Downloads\PMBP_WIN57_Upgrade1208a.exe</p><p>2013-09-15 07:08 - 2013-07-31 06:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl</p><p>2013-09-15 07:08 - 2013-07-31 05:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\System32\url.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe</p><p>2013-09-15 07:08 - 2013-07-31 05:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll</p><p>2013-09-15 07:08 - 2013-07-31 05:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb</p><p>2013-09-15 07:08 - 2013-07-31 05:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll</p><p>2013-09-15 07:08 - 2013-07-31 02:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2013-09-15 07:08 - 2013-07-31 02:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2013-09-15 07:08 - 2013-07-31 02:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2013-09-15 07:08 - 2013-07-31 01:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe</p><p>2013-09-15 07:08 - 2013-07-31 01:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2013-09-15 07:08 - 2013-07-31 01:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2013-09-15 07:08 - 2013-07-31 01:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe</p><p>2013-09-15 07:05 - 2013-08-01 18:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe</p><p>2013-09-15 07:05 - 2013-08-01 17:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe</p><p>2013-09-15 07:05 - 2013-08-01 17:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe</p><p>2013-09-15 07:05 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe</p><p>2013-09-15 07:05 - 2013-08-01 16:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe</p><p>2013-09-15 07:05 - 2013-08-01 16:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll</p><p>2013-09-15 07:05 - 2013-08-01 16:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe</p><p>2013-09-15 07:05 - 2013-08-01 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe</p><p>2013-09-15 07:05 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll</p><p>2013-09-15 07:05 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll</p><p>2013-09-15 07:04 - 2013-08-07 17:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys</p><p>2013-09-15 07:04 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys</p><p>2013-09-15 07:04 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll</p><p>2013-09-15 07:04 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll</p><p>2013-09-15 07:04 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll</p><p>2013-09-05 07:51 - 2013-09-05 07:51 - 00007029 _____ C:\Users\Tom Demler\Downloads\18120147_09052013.qfx</p><p>2013-09-04 12:53 - 2013-09-04 12:53 - 00005180 _____ C:\Users\Tom Demler\Downloads\CabinetofCuriositiesPendergastSeriesB9781611139372.odm</p><p>2013-09-04 08:39 - 2013-09-04 08:39 - 00144505 _____ C:\Users\Tom Demler\Downloads\Kohler_1053195_7_c.dxf</p><p>2013-08-31 07:11 - 2013-08-31 07:11 - 00763904 _____ C:\Users\Tom Demler\Downloads\MicrosoftFixit50485.msi</p><p>2013-08-31 06:35 - 2013-08-31 06:35 - 00159144 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\WindowsActivationUpdate.exe</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00001945 _____ C:\Windows\epplauncher.mif</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files\Microsoft Security Client</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client</p><p>2013-08-31 06:25 - 2013-08-31 06:26 - 13813944 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\mseinstall.exe</p><p>2013-08-22 05:42 - 2013-08-22 05:42 - 06919823 _____ C:\Users\Tom Demler\Downloads\com.sony.tvsideview.tablet_20130313.apk</p><p>2013-08-22 05:37 - 2013-08-22 05:37 - 06919823 _____ C:\Users\Tom Demler\Downloads\Apkboys.com - TV SideView for Tablet.apk</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iTunes</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iPod</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes</p><p>2013-08-21 12:35 - 2012-08-21 09:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Common Files\Apple</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Bonjour</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files (x86)\Bonjour</p><p>2013-08-21 12:33 - 2013-08-21 12:33 - 90889040 _____ (Apple Inc.) C:\Users\Tom Demler\Downloads\iTunes64Setup.exe</p><p>2013-08-21 11:17 - 2013-08-21 11:17 - 03949064 _____ C:\Users\Tom Demler\Downloads\com.sony.seconddisplay.tabletview.apk</p><p></p><p>==================== One Month Modified Files and Folders =======</p><p></p><p>2013-09-20 07:49 - 2013-09-20 07:49 - 00000000 ____D C:\FRST</p><p>2013-09-20 03:45 - 2011-11-18 19:40 - 01141179 _____ C:\Windows\WindowsUpdate.log</p><p>2013-09-20 03:45 - 2009-07-13 21:13 - 00872406 _____ C:\Windows\System32\PerfStringBackup.INI</p><p>2013-09-20 03:38 - 2012-07-16 14:43 - 00000000 ____D C:\Users\Tom Demler\Documents\Outlook Files</p><p>2013-09-20 03:30 - 2012-01-12 05:05 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2013-09-19 15:54 - 2013-09-19 15:54 - 01950622 _____ (Farbar) C:\Users\Tom Demler\Downloads\FRST64.exe</p><p>2013-09-19 14:57 - 2012-01-12 05:05 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2013-09-19 10:20 - 2013-06-11 10:13 - 00000402 _____ C:\Windows\Tasks\FinalTorrent Update Checker.job</p><p>2013-09-19 10:15 - 2013-06-11 10:13 - 00000000 ____D C:\Program Files (x86)\File Type Assistant</p><p>2013-09-19 09:46 - 2009-06-18 12:46 - 00000000 ____D C:\Users\Tom Demler\Documents\Excel</p><p>2013-09-19 04:43 - 2013-09-19 04:43 - 00001563 _____ C:\Users\Tom Demler\Downloads\aswMBR.txt</p><p>2013-09-19 04:43 - 2013-09-19 04:43 - 00000512 _____ C:\Users\Tom Demler\Downloads\MBR.dat</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 04745728 _____ (AVAST Software) C:\Users\Tom Demler\Downloads\aswMBR.exe</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 00126770 _____ C:\Users\Tom Demler\Downloads\OTL.Txt</p><p>2013-09-19 04:38 - 2013-09-19 04:38 - 00112430 _____ C:\Users\Tom Demler\Downloads\Extras.Txt</p><p>2013-09-19 04:34 - 2013-09-19 04:34 - 00602112 _____ (OldTimer Tools) C:\Users\Tom Demler\Downloads\OTL.exe</p><p>2013-09-19 03:52 - 2009-07-13 20:45 - 00022112 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2013-09-19 03:52 - 2009-07-13 20:45 - 00022112 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2013-09-19 03:45 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT</p><p>2013-09-19 03:45 - 2009-07-13 20:51 - 00085386 _____ C:\Windows\setupact.log</p><p>2013-09-18 16:18 - 2013-09-18 15:48 - 277320808 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_IA64.exe</p><p>2013-09-18 15:40 - 2013-09-18 15:33 - 00000000 ____D C:\AdwCleaner</p><p>2013-09-18 15:32 - 2013-09-18 15:32 - 01039554 _____ C:\Users\Tom Demler\Downloads\adwcleaner.exe</p><p>2013-09-18 14:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache</p><p>2013-09-18 13:54 - 2010-11-20 19:47 - 01422726 _____ C:\Windows\PFRO.log</p><p>2013-09-18 13:33 - 2013-09-18 13:33 - 00003266 _____ C:\Windows\System32\Tasks\{A3BA27F5-B0A4-40FA-B3F4-B3B13D5955D7}</p><p>2013-09-18 13:28 - 2011-11-19 07:32 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Notepad++</p><p>2013-09-18 13:28 - 2011-11-19 07:32 - 00000000 ____D C:\Program Files (x86)\Notepad++</p><p>2013-09-18 13:17 - 2013-09-18 13:17 - 00000242 _____ C:\Windows\wininit.ini</p><p>2013-09-18 13:16 - 2013-09-18 13:05 - 507567168 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for UNIX-based Applications_IA64.exe</p><p>2013-09-18 13:01 - 2013-09-18 13:01 - 00000884 __RSH C:\Users\Tom Demler\ntuser.pol</p><p>2013-09-18 13:01 - 2011-11-18 17:14 - 00000000 ____D C:\users\Tom Demler</p><p>2013-09-18 13:01 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy</p><p>2013-09-18 13:00 - 2012-04-12 17:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2013-09-18 13:00 - 2011-11-28 15:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2013-09-18 13:00 - 2011-04-15 01:34 - 00000000 ____D C:\ProgramData\Adobe</p><p>2013-09-18 12:51 - 2013-09-18 12:51 - 00000000 ____D C:\Windows\SUA</p><p>2013-09-18 12:50 - 2013-09-18 12:47 - 265716328 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_X86.exe</p><p>2013-09-18 11:32 - 2012-08-11 05:30 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\CrashDumps</p><p>2013-09-18 09:40 - 2010-01-31 04:57 - 00000000 ____D C:\Users\Tom Demler\Documents\PDF's</p><p>2013-09-17 07:21 - 2012-08-25 06:52 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Audacity</p><p>2013-09-17 07:14 - 2013-09-17 07:14 - 00000000 ____D C:\Users\Tom Demler\MediaEspresso</p><p>2013-09-17 06:59 - 2013-09-17 06:58 - 00000000 ____D C:\Users\Tom Demler\Documents\Sounds</p><p>2013-09-16 06:51 - 2012-12-16 10:15 - 00000000 ____D C:\ProgramData\Sony Corporation</p><p>2013-09-16 06:51 - 2011-04-15 01:31 - 00001718 _____ C:\Windows\DirectX.log</p><p>2013-09-16 06:47 - 2013-09-16 06:47 - 02276888 _____ (Sony Corporation) C:\Users\Tom Demler\Downloads\PMHOME_2003DL.EXE</p><p>2013-09-16 06:32 - 2013-09-16 06:32 - 06892672 _____ C:\Users\Tom Demler\Downloads\PMBP_WIN57_Upgrade1208a.exe</p><p>2013-09-15 07:25 - 2011-11-20 15:24 - 00000000 ___RD C:\Users\Tom Demler\Podcasts</p><p>2013-09-15 07:22 - 2009-07-13 20:45 - 00412096 _____ C:\Windows\System32\FNTCACHE.DAT</p><p>2013-09-15 07:10 - 2013-07-12 04:42 - 00000000 ____D C:\Windows\System32\MRT</p><p>2013-09-15 07:09 - 2011-12-17 11:23 - 00000000 ____D C:\ProgramData\Microsoft Help</p><p>2013-09-15 07:09 - 2011-11-18 17:47 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe</p><p>2013-09-06 04:08 - 2011-11-20 08:30 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\ID Vault</p><p>2013-09-06 04:08 - 2011-11-20 08:29 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\ID Vault</p><p>2013-09-06 04:08 - 2011-11-20 08:28 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite</p><p>2013-09-05 07:51 - 2013-09-05 07:51 - 00007029 _____ C:\Users\Tom Demler\Downloads\18120147_09052013.qfx</p><p>2013-09-04 12:53 - 2013-09-04 12:53 - 00005180 _____ C:\Users\Tom Demler\Downloads\CabinetofCuriositiesPendergastSeriesB9781611139372.odm</p><p>2013-09-04 08:39 - 2013-09-04 08:39 - 00144505 _____ C:\Users\Tom Demler\Downloads\Kohler_1053195_7_c.dxf</p><p>2013-08-31 07:20 - 2011-11-19 15:42 - 00221529 _____ C:\Windows\hpoins19.dat</p><p>2013-08-31 07:20 - 2011-11-19 15:42 - 00016089 _____ C:\ProgramData\hpzinstall.log</p><p>2013-08-31 07:19 - 2013-03-04 14:08 - 00229044 _____ C:\Windows\hpwins23.dat</p><p>2013-08-31 07:17 - 2013-03-04 14:12 - 00000697 _____ C:\Users\Tom Demler\AppData\Roaming\ConvAPIPlugin.log</p><p>2013-08-31 07:13 - 2009-07-13 18:34 - 00000513 _____ C:\Windows\win.ini</p><p>2013-08-31 07:11 - 2013-08-31 07:11 - 00763904 _____ C:\Users\Tom Demler\Downloads\MicrosoftFixit50485.msi</p><p>2013-08-31 06:35 - 2013-08-31 06:35 - 00159144 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\WindowsActivationUpdate.exe</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00001945 _____ C:\Windows\epplauncher.mif</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files\Microsoft Security Client</p><p>2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client</p><p>2013-08-31 06:26 - 2013-08-31 06:25 - 13813944 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\mseinstall.exe</p><p>2013-08-31 06:11 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries</p><p>2013-08-31 06:09 - 2012-11-26 08:14 - 00000000 ____D C:\Program Files (x86)\Hard Disk Sentinel</p><p>2013-08-31 06:08 - 2011-04-15 01:35 - 00000000 ____D C:\ProgramData\Norton</p><p>2013-08-22 05:42 - 2013-08-22 05:42 - 06919823 _____ C:\Users\Tom Demler\Downloads\com.sony.tvsideview.tablet_20130313.apk</p><p>2013-08-22 05:37 - 2013-08-22 05:37 - 06919823 _____ C:\Users\Tom Demler\Downloads\Apkboys.com - TV SideView for Tablet.apk</p><p>2013-08-21 12:41 - 2011-11-20 06:44 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Apple Computer</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iTunes</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iPod</p><p>2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes</p><p>2013-08-21 12:35 - 2013-07-23 13:10 - 00000000 ____D C:\ProgramData\Apple Computer</p><p>2013-08-21 12:35 - 2012-08-03 10:41 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\Apple Computer</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Common Files\Apple</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Bonjour</p><p>2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files (x86)\Bonjour</p><p>2013-08-21 12:34 - 2011-11-19 17:03 - 00000000 ____D C:\ProgramData\Apple</p><p>2013-08-21 12:33 - 2013-08-21 12:33 - 90889040 _____ (Apple Inc.) C:\Users\Tom Demler\Downloads\iTunes64Setup.exe</p><p>2013-08-21 11:17 - 2013-08-21 11:17 - 03949064 _____ C:\Users\Tom Demler\Downloads\com.sony.seconddisplay.tabletview.apk</p><p></p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\Tom Demler\AppData\Local\Temp\setup.exe</p><p></p><p></p><p>==================== Known DLLs (Whitelisted) ================</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>C:\Windows\System32\winlogon.exe => MD5 is legit</p><p>C:\Windows\System32\wininit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\wininit.exe => MD5 is legit</p><p>C:\Windows\explorer.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\explorer.exe => MD5 is legit</p><p>C:\Windows\System32\svchost.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\svchost.exe => MD5 is legit</p><p>C:\Windows\System32\services.exe => MD5 is legit</p><p>C:\Windows\System32\User32.dll => MD5 is legit</p><p>C:\Windows\SysWOW64\User32.dll => MD5 is legit</p><p>C:\Windows\System32\userinit.exe => MD5 is legit</p><p>C:\Windows\SysWOW64\userinit.exe => MD5 is legit</p><p>C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit</p><p></p><p>==================== EXE ASSOCIATION =====================</p><p></p><p>HKLM\...\.exe: exefile => OK</p><p>HKLM\...\exefile\DefaultIcon: %1 => OK</p><p>HKLM\...\exefile\open\command: "%1" %* => OK</p><p></p><p>==================== Restore Points =========================</p><p></p><p>12</p><p>Restore point made on: 2013-08-29 05:27:13</p><p>Restore point made on: 2013-08-31 07:11:44</p><p>Restore point made on: 2013-09-02 04:20:38</p><p>Restore point made on: 2013-09-06 03:12:30</p><p>Restore point made on: 2013-09-15 04:12:40</p><p>Restore point made on: 2013-09-15 07:05:32</p><p>Restore point made on: 2013-09-16 06:51:22</p><p>Restore point made on: 2013-09-17 07:56:12</p><p>Restore point made on: 2013-09-17 09:15:17</p><p>Restore point made on: 2013-09-18 04:07:51</p><p>Restore point made on: 2013-09-18 08:16:08</p><p>Restore point made on: 2013-09-18 12:51:09</p><p></p><p>==================== Memory info =========================== </p><p></p><p>Percentage of memory in use: 11%</p><p>Total physical RAM: 8174.5 MB</p><p>Available physical RAM: 7249.37 MB</p><p>Total Pagefile: 8172.7 MB</p><p>Available Pagefile: 7246.27 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.88 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (System) (Fixed) (Total:238.47 GB) (Free:103.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]</p><p>Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive e: (Gateway) (Fixed) (Total:1377.17 GB) (Free:1042.47 GB) NTFS</p><p>Drive f: (PQSERVICE) (Fixed) (Total:20 GB) (Free:9.43 GB) NTFS</p><p>Drive h: (MyBook) (Fixed) (Total:465.76 GB) (Free:204.88 GB) NTFS</p><p>Drive m: (WDO_Media64) (Removable) (Total:29.87 GB) (Free:20.01 GB) NTFS</p><p>Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: AF0B95BF)</p><p>Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 622AC0EB)</p><p>Partition 1: (Not Active) - (Size=20 GB) - (Type=27)</p><p>Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=-720303554560) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 44FDFE06)</p><p>Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)</p><p></p><p>========================================================</p><p>Disk: 7 (MBR Code: Windows 7 or 8) (Size: 30 GB) (Disk ID: C3072E18)</p><p>Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS)</p><p></p><p></p><p>LastRegBack: 2013-09-15 04:19</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="birdman, post: 136177, member: 12898"] Here is the log from the scan: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by SYSTEM on MININT-CP2PM86 on 20-09-2013 07:50:12 Running from M:\ Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-29] (Realtek Semiconductor) HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation) HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation) HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [289600 2011-02-14] (NTI Corporation) HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation) HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1370624 2010-08-06] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] () HKLM-x32\...\Run: [PivotSoftware] - C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [110192 2010-05-13] () HKLM-x32\...\Run: [DT ACR] - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [121456 2010-06-30] () HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [HotSync] - "C:\Program Files\PalmSource\Desktop\HotSync.exe" -AllUsers [x] HKLM-x32\...\Run: [NPSStartup] - [x] HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [154144 2010-07-29] () HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Gateway\Screensaver\run_Gateway.exe [154144 2010-07-29] () HKU\Tom Demler\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\Tom Demler\...\Run: [PDHookServer] - C:\Program Files (x86)\Avanquest\PowerDesk\PDHookServer.exe [60416 2012-12-14] () AppInit_DLLs: C:\Users\Tom Demler\AppData\Roaming\Avanquest\PowerDesk\FileMonitor64.dll [129024 2012-12-14] () Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Tom Demler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.lnk ShortcutTarget: taskmgr.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation) ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-04] (Adobe Systems) S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [121456 2010-06-30] () S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation) S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation) S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation) S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [257344 2011-02-14] (NTI Corporation) S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation) S2 x10nets; C:\PROGRA~2\COMMON~1\X10\Common\X10nets.exe [20480 2010-11-01] (X10) S2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [x] ==================== Drivers (Whitelisted) ==================== S2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID) S3 MosIrUsb; C:\Windows\System32\DRIVERS\MosIrUsb.sys [27648 2007-10-11] () S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation) S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation) S3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2010-04-16] (Portrait Displays, Inc.) S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation) S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation) S3 VSPerfDrv100; C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation) S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [x] S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-20 07:49 - 2013-09-20 07:49 - 00000000 ____D C:\FRST 2013-09-19 15:54 - 2013-09-19 15:54 - 01950622 _____ (Farbar) C:\Users\Tom Demler\Downloads\FRST64.exe 2013-09-19 04:43 - 2013-09-19 04:43 - 00001563 _____ C:\Users\Tom Demler\Downloads\aswMBR.txt 2013-09-19 04:43 - 2013-09-19 04:43 - 00000512 _____ C:\Users\Tom Demler\Downloads\MBR.dat 2013-09-19 04:38 - 2013-09-19 04:38 - 04745728 _____ (AVAST Software) C:\Users\Tom Demler\Downloads\aswMBR.exe 2013-09-19 04:38 - 2013-09-19 04:38 - 00126770 _____ C:\Users\Tom Demler\Downloads\OTL.Txt 2013-09-19 04:38 - 2013-09-19 04:38 - 00112430 _____ C:\Users\Tom Demler\Downloads\Extras.Txt 2013-09-19 04:34 - 2013-09-19 04:34 - 00602112 _____ (OldTimer Tools) C:\Users\Tom Demler\Downloads\OTL.exe 2013-09-18 15:48 - 2013-09-18 16:18 - 277320808 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_IA64.exe 2013-09-18 15:33 - 2013-09-18 15:40 - 00000000 ____D C:\AdwCleaner 2013-09-18 15:32 - 2013-09-18 15:32 - 01039554 _____ C:\Users\Tom Demler\Downloads\adwcleaner.exe 2013-09-18 13:33 - 2013-09-18 13:33 - 00003266 _____ C:\Windows\System32\Tasks\{A3BA27F5-B0A4-40FA-B3F4-B3B13D5955D7} 2013-09-18 13:17 - 2013-09-18 13:17 - 00000242 _____ C:\Windows\wininit.ini 2013-09-18 13:05 - 2013-09-18 13:16 - 507567168 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for UNIX-based Applications_IA64.exe 2013-09-18 13:01 - 2013-09-18 13:01 - 00000884 __RSH C:\Users\Tom Demler\ntuser.pol 2013-09-18 12:51 - 2013-09-18 12:51 - 00000000 ____D C:\Windows\SUA 2013-09-18 12:47 - 2013-09-18 12:50 - 265716328 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_X86.exe 2013-09-17 07:14 - 2013-09-17 07:14 - 00000000 ____D C:\Users\Tom Demler\MediaEspresso 2013-09-17 06:58 - 2013-09-17 06:59 - 00000000 ____D C:\Users\Tom Demler\Documents\Sounds 2013-09-16 06:47 - 2013-09-16 06:47 - 02276888 _____ (Sony Corporation) C:\Users\Tom Demler\Downloads\PMHOME_2003DL.EXE 2013-09-16 06:32 - 2013-09-16 06:32 - 06892672 _____ C:\Users\Tom Demler\Downloads\PMBP_WIN57_Upgrade1208a.exe 2013-09-15 07:08 - 2013-07-31 06:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-09-15 07:08 - 2013-07-31 05:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-09-15 07:08 - 2013-07-31 05:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-09-15 07:08 - 2013-07-31 05:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-09-15 07:08 - 2013-07-31 05:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-09-15 07:08 - 2013-07-31 05:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-09-15 07:08 - 2013-07-31 05:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\System32\url.dll 2013-09-15 07:08 - 2013-07-31 05:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-09-15 07:08 - 2013-07-31 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-09-15 07:08 - 2013-07-31 05:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-09-15 07:08 - 2013-07-31 05:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-09-15 07:08 - 2013-07-31 05:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-09-15 07:08 - 2013-07-31 05:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-09-15 07:08 - 2013-07-31 05:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-09-15 07:08 - 2013-07-31 05:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-09-15 07:08 - 2013-07-31 05:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-09-15 07:08 - 2013-07-31 02:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-15 07:08 - 2013-07-31 02:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-15 07:08 - 2013-07-31 02:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-15 07:08 - 2013-07-31 01:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-15 07:08 - 2013-07-31 01:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-09-15 07:08 - 2013-07-31 01:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-15 07:08 - 2013-07-31 01:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-09-15 07:08 - 2013-07-31 01:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-15 07:08 - 2013-07-31 01:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-15 07:08 - 2013-07-31 01:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-09-15 07:08 - 2013-07-31 01:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-09-15 07:08 - 2013-07-31 01:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-15 07:08 - 2013-07-31 01:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-15 07:08 - 2013-07-31 01:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-15 07:08 - 2013-07-31 01:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-09-15 07:08 - 2013-07-31 01:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-15 07:05 - 2013-08-01 18:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-09-15 07:05 - 2013-08-01 18:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2013-09-15 07:05 - 2013-08-01 18:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll 2013-09-15 07:05 - 2013-08-01 18:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll 2013-09-15 07:05 - 2013-08-01 18:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll 2013-09-15 07:05 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2013-09-15 07:05 - 2013-08-01 18:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll 2013-09-15 07:05 - 2013-08-01 18:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-09-15 07:05 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-15 07:05 - 2013-08-01 17:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-15 07:05 - 2013-08-01 17:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-15 07:05 - 2013-08-01 17:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-15 07:05 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-15 07:05 - 2013-08-01 17:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe 2013-09-15 07:05 - 2013-08-01 16:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-09-15 07:05 - 2013-08-01 16:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-15 07:05 - 2013-08-01 16:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-15 07:05 - 2013-08-01 16:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-15 07:05 - 2013-08-01 16:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-15 07:05 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-15 07:05 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-15 07:05 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-09-15 07:04 - 2013-08-07 17:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-09-15 07:04 - 2013-08-04 18:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys 2013-09-15 07:04 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-09-15 07:04 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-15 07:04 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-09-05 07:51 - 2013-09-05 07:51 - 00007029 _____ C:\Users\Tom Demler\Downloads\18120147_09052013.qfx 2013-09-04 12:53 - 2013-09-04 12:53 - 00005180 _____ C:\Users\Tom Demler\Downloads\CabinetofCuriositiesPendergastSeriesB9781611139372.odm 2013-09-04 08:39 - 2013-09-04 08:39 - 00144505 _____ C:\Users\Tom Demler\Downloads\Kohler_1053195_7_c.dxf 2013-08-31 07:11 - 2013-08-31 07:11 - 00763904 _____ C:\Users\Tom Demler\Downloads\MicrosoftFixit50485.msi 2013-08-31 06:35 - 2013-08-31 06:35 - 00159144 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\WindowsActivationUpdate.exe 2013-08-31 06:27 - 2013-08-31 06:27 - 00001945 _____ C:\Windows\epplauncher.mif 2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-08-31 06:25 - 2013-08-31 06:26 - 13813944 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\mseinstall.exe 2013-08-22 05:42 - 2013-08-22 05:42 - 06919823 _____ C:\Users\Tom Demler\Downloads\com.sony.tvsideview.tablet_20130313.apk 2013-08-22 05:37 - 2013-08-22 05:37 - 06919823 _____ C:\Users\Tom Demler\Downloads\Apkboys.com - TV SideView for Tablet.apk 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iTunes 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iPod 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-21 12:35 - 2012-08-21 09:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Bonjour 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-08-21 12:33 - 2013-08-21 12:33 - 90889040 _____ (Apple Inc.) C:\Users\Tom Demler\Downloads\iTunes64Setup.exe 2013-08-21 11:17 - 2013-08-21 11:17 - 03949064 _____ C:\Users\Tom Demler\Downloads\com.sony.seconddisplay.tabletview.apk ==================== One Month Modified Files and Folders ======= 2013-09-20 07:49 - 2013-09-20 07:49 - 00000000 ____D C:\FRST 2013-09-20 03:45 - 2011-11-18 19:40 - 01141179 _____ C:\Windows\WindowsUpdate.log 2013-09-20 03:45 - 2009-07-13 21:13 - 00872406 _____ C:\Windows\System32\PerfStringBackup.INI 2013-09-20 03:38 - 2012-07-16 14:43 - 00000000 ____D C:\Users\Tom Demler\Documents\Outlook Files 2013-09-20 03:30 - 2012-01-12 05:05 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-19 15:54 - 2013-09-19 15:54 - 01950622 _____ (Farbar) C:\Users\Tom Demler\Downloads\FRST64.exe 2013-09-19 14:57 - 2012-01-12 05:05 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-19 10:20 - 2013-06-11 10:13 - 00000402 _____ C:\Windows\Tasks\FinalTorrent Update Checker.job 2013-09-19 10:15 - 2013-06-11 10:13 - 00000000 ____D C:\Program Files (x86)\File Type Assistant 2013-09-19 09:46 - 2009-06-18 12:46 - 00000000 ____D C:\Users\Tom Demler\Documents\Excel 2013-09-19 04:43 - 2013-09-19 04:43 - 00001563 _____ C:\Users\Tom Demler\Downloads\aswMBR.txt 2013-09-19 04:43 - 2013-09-19 04:43 - 00000512 _____ C:\Users\Tom Demler\Downloads\MBR.dat 2013-09-19 04:38 - 2013-09-19 04:38 - 04745728 _____ (AVAST Software) C:\Users\Tom Demler\Downloads\aswMBR.exe 2013-09-19 04:38 - 2013-09-19 04:38 - 00126770 _____ C:\Users\Tom Demler\Downloads\OTL.Txt 2013-09-19 04:38 - 2013-09-19 04:38 - 00112430 _____ C:\Users\Tom Demler\Downloads\Extras.Txt 2013-09-19 04:34 - 2013-09-19 04:34 - 00602112 _____ (OldTimer Tools) C:\Users\Tom Demler\Downloads\OTL.exe 2013-09-19 03:52 - 2009-07-13 20:45 - 00022112 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-19 03:52 - 2009-07-13 20:45 - 00022112 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-19 03:45 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-19 03:45 - 2009-07-13 20:51 - 00085386 _____ C:\Windows\setupact.log 2013-09-18 16:18 - 2013-09-18 15:48 - 277320808 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_IA64.exe 2013-09-18 15:40 - 2013-09-18 15:33 - 00000000 ____D C:\AdwCleaner 2013-09-18 15:32 - 2013-09-18 15:32 - 01039554 _____ C:\Users\Tom Demler\Downloads\adwcleaner.exe 2013-09-18 14:19 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-09-18 13:54 - 2010-11-20 19:47 - 01422726 _____ C:\Windows\PFRO.log 2013-09-18 13:33 - 2013-09-18 13:33 - 00003266 _____ C:\Windows\System32\Tasks\{A3BA27F5-B0A4-40FA-B3F4-B3B13D5955D7} 2013-09-18 13:28 - 2011-11-19 07:32 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Notepad++ 2013-09-18 13:28 - 2011-11-19 07:32 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-09-18 13:17 - 2013-09-18 13:17 - 00000242 _____ C:\Windows\wininit.ini 2013-09-18 13:16 - 2013-09-18 13:05 - 507567168 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for UNIX-based Applications_IA64.exe 2013-09-18 13:01 - 2013-09-18 13:01 - 00000884 __RSH C:\Users\Tom Demler\ntuser.pol 2013-09-18 13:01 - 2011-11-18 17:14 - 00000000 ____D C:\users\Tom Demler 2013-09-18 13:01 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy 2013-09-18 13:00 - 2012-04-12 17:49 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-18 13:00 - 2011-11-28 15:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-18 13:00 - 2011-04-15 01:34 - 00000000 ____D C:\ProgramData\Adobe 2013-09-18 12:51 - 2013-09-18 12:51 - 00000000 ____D C:\Windows\SUA 2013-09-18 12:50 - 2013-09-18 12:47 - 265716328 _____ C:\Users\Tom Demler\Downloads\Utilities and SDK for Subsystem for UNIX-based Applications_X86.exe 2013-09-18 11:32 - 2012-08-11 05:30 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\CrashDumps 2013-09-18 09:40 - 2010-01-31 04:57 - 00000000 ____D C:\Users\Tom Demler\Documents\PDF's 2013-09-17 07:21 - 2012-08-25 06:52 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Audacity 2013-09-17 07:14 - 2013-09-17 07:14 - 00000000 ____D C:\Users\Tom Demler\MediaEspresso 2013-09-17 06:59 - 2013-09-17 06:58 - 00000000 ____D C:\Users\Tom Demler\Documents\Sounds 2013-09-16 06:51 - 2012-12-16 10:15 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-16 06:51 - 2011-04-15 01:31 - 00001718 _____ C:\Windows\DirectX.log 2013-09-16 06:47 - 2013-09-16 06:47 - 02276888 _____ (Sony Corporation) C:\Users\Tom Demler\Downloads\PMHOME_2003DL.EXE 2013-09-16 06:32 - 2013-09-16 06:32 - 06892672 _____ C:\Users\Tom Demler\Downloads\PMBP_WIN57_Upgrade1208a.exe 2013-09-15 07:25 - 2011-11-20 15:24 - 00000000 ___RD C:\Users\Tom Demler\Podcasts 2013-09-15 07:22 - 2009-07-13 20:45 - 00412096 _____ C:\Windows\System32\FNTCACHE.DAT 2013-09-15 07:10 - 2013-07-12 04:42 - 00000000 ____D C:\Windows\System32\MRT 2013-09-15 07:09 - 2011-12-17 11:23 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-15 07:09 - 2011-11-18 17:47 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-09-06 04:08 - 2011-11-20 08:30 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\ID Vault 2013-09-06 04:08 - 2011-11-20 08:29 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\ID Vault 2013-09-06 04:08 - 2011-11-20 08:28 - 00000000 ____D C:\Program Files (x86)\Constant Guard Protection Suite 2013-09-05 07:51 - 2013-09-05 07:51 - 00007029 _____ C:\Users\Tom Demler\Downloads\18120147_09052013.qfx 2013-09-04 12:53 - 2013-09-04 12:53 - 00005180 _____ C:\Users\Tom Demler\Downloads\CabinetofCuriositiesPendergastSeriesB9781611139372.odm 2013-09-04 08:39 - 2013-09-04 08:39 - 00144505 _____ C:\Users\Tom Demler\Downloads\Kohler_1053195_7_c.dxf 2013-08-31 07:20 - 2011-11-19 15:42 - 00221529 _____ C:\Windows\hpoins19.dat 2013-08-31 07:20 - 2011-11-19 15:42 - 00016089 _____ C:\ProgramData\hpzinstall.log 2013-08-31 07:19 - 2013-03-04 14:08 - 00229044 _____ C:\Windows\hpwins23.dat 2013-08-31 07:17 - 2013-03-04 14:12 - 00000697 _____ C:\Users\Tom Demler\AppData\Roaming\ConvAPIPlugin.log 2013-08-31 07:13 - 2009-07-13 18:34 - 00000513 _____ C:\Windows\win.ini 2013-08-31 07:11 - 2013-08-31 07:11 - 00763904 _____ C:\Users\Tom Demler\Downloads\MicrosoftFixit50485.msi 2013-08-31 06:35 - 2013-08-31 06:35 - 00159144 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\WindowsActivationUpdate.exe 2013-08-31 06:27 - 2013-08-31 06:27 - 00001945 _____ C:\Windows\epplauncher.mif 2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-08-31 06:27 - 2013-08-31 06:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-08-31 06:26 - 2013-08-31 06:25 - 13813944 _____ (Microsoft Corporation) C:\Users\Tom Demler\Downloads\mseinstall.exe 2013-08-31 06:11 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-08-31 06:09 - 2012-11-26 08:14 - 00000000 ____D C:\Program Files (x86)\Hard Disk Sentinel 2013-08-31 06:08 - 2011-04-15 01:35 - 00000000 ____D C:\ProgramData\Norton 2013-08-22 05:42 - 2013-08-22 05:42 - 06919823 _____ C:\Users\Tom Demler\Downloads\com.sony.tvsideview.tablet_20130313.apk 2013-08-22 05:37 - 2013-08-22 05:37 - 06919823 _____ C:\Users\Tom Demler\Downloads\Apkboys.com - TV SideView for Tablet.apk 2013-08-21 12:41 - 2011-11-20 06:44 - 00000000 ____D C:\Users\Tom Demler\AppData\Roaming\Apple Computer 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iTunes 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files\iPod 2013-08-21 12:35 - 2013-08-21 12:35 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-08-21 12:35 - 2013-07-23 13:10 - 00000000 ____D C:\ProgramData\Apple Computer 2013-08-21 12:35 - 2012-08-03 10:41 - 00000000 ____D C:\Users\Tom Demler\AppData\Local\Apple Computer 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Common Files\Apple 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files\Bonjour 2013-08-21 12:34 - 2013-08-21 12:34 - 00000000 ____D C:\Program Files (x86)\Bonjour 2013-08-21 12:34 - 2011-11-19 17:03 - 00000000 ____D C:\ProgramData\Apple 2013-08-21 12:33 - 2013-08-21 12:33 - 90889040 _____ (Apple Inc.) C:\Users\Tom Demler\Downloads\iTunes64Setup.exe 2013-08-21 11:17 - 2013-08-21 11:17 - 03949064 _____ C:\Users\Tom Demler\Downloads\com.sony.seconddisplay.tabletview.apk Some content of TEMP: ==================== C:\Users\Tom Demler\AppData\Local\Temp\setup.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= 12 Restore point made on: 2013-08-29 05:27:13 Restore point made on: 2013-08-31 07:11:44 Restore point made on: 2013-09-02 04:20:38 Restore point made on: 2013-09-06 03:12:30 Restore point made on: 2013-09-15 04:12:40 Restore point made on: 2013-09-15 07:05:32 Restore point made on: 2013-09-16 06:51:22 Restore point made on: 2013-09-17 07:56:12 Restore point made on: 2013-09-17 09:15:17 Restore point made on: 2013-09-18 04:07:51 Restore point made on: 2013-09-18 08:16:08 Restore point made on: 2013-09-18 12:51:09 ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 8174.5 MB Available physical RAM: 7249.37 MB Total Pagefile: 8172.7 MB Available Pagefile: 7246.27 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:238.47 GB) (Free:103.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Gateway) (Fixed) (Total:1377.17 GB) (Free:1042.47 GB) NTFS Drive f: (PQSERVICE) (Fixed) (Total:20 GB) (Free:9.43 GB) NTFS Drive h: (MyBook) (Fixed) (Total:465.76 GB) (Free:204.88 GB) NTFS Drive m: (WDO_Media64) (Removable) (Total:29.87 GB) (Free:20.01 GB) NTFS Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: AF0B95BF) Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 622AC0EB) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=-720303554560) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 44FDFE06) Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 7 (MBR Code: Windows 7 or 8) (Size: 30 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=30 GB) - (Type=07 NTFS) LastRegBack: 2013-09-15 04:19 ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top