Good evening.
When I start up I get a box that states 'the file or directory is corrupted and unreadable' of what looks like Windows Updater. So I followed the instructions and have posted two scripts to this message.
However.. I was not successful in using DSS and GMER so I instead used RSIT and HijackThis (although they are both coming up as HijackThis?). The logs are posted below as per instruction.
I can post a photo of the box that appears if this is helpful.
Thank you
Logfile of random's system information tool 1.10 (written by random/random)
Run by charlotte at 2014-10-29 21:11:47
Microsoft Windows 8.1
System drive C: has 311 GB (70%) free of 446 GB
Total RAM: 3971 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:48, on 29/10/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\charlotte\Desktop\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\charlotte\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\charlotte.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microlink â The UKâs Largest Independent Assistive Technology Supplier
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Bho - {609C0837-8DD3-4F9B-AAC5-446F36BC0353} - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking13\Ereg.ini"
O4 - HKLM\..\Run: [BookExpress_B6FU] "C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: flstudio11.exe.lnk = C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
O4 - Global Startup: Device Detector 4.lnk = C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Logger service (DragonLoggerService) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13179 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}]
Dragon Web Extension For Internet Explorer - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2014-07-12 613952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26 626528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2013-04-19 374784]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2011-10-12 2068856]
"DNS7reminder"=C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [2014-05-30 325960]
"BookExpress_B6FU"=C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe [2013-10-18 713216]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"=C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [2007-11-26 274432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Device Detector 4.lnk - C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Users\charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
flstudio11.exe.lnk - C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.pspgru"=pspgru.acm
"msacm.vorbis"=vorbis.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-29 20:49:58 ----D---- C:\rsit
2014-10-29 20:49:58 ----D---- C:\Program Files (x86)\trend micro
2014-10-28 18:51:48 ----D---- C:\Users\charlotte\AppData\Roaming\vlc
2014-10-28 18:46:37 ----D---- C:\Program Files (x86)\VideoLAN
2014-10-28 18:45:00 ----D---- C:\Users\charlotte\AppData\Roaming\Macromedia
2014-10-21 18:56:50 ----A---- C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-10-21 18:56:39 ----A---- C:\Windows\SysWOW64\mfcore.dll
2014-10-21 18:56:34 ----A---- C:\Windows\SysWOW64\Windows.Media.dll
2014-10-21 18:56:31 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\SRH.dll
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\printui.dll
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-10-21 18:56:26 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2014-10-21 18:56:26 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2014-10-21 18:56:25 ----A---- C:\Windows\SysWOW64\mftranscode.dll
2014-10-21 18:56:24 ----A---- C:\Windows\SysWOW64\mfplat.dll
2014-10-21 18:56:23 ----A---- C:\Windows\SysWOW64\SHCore.dll
2014-10-21 18:56:20 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2014-10-21 18:56:18 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2014-10-21 18:56:18 ----A---- C:\Windows\SysWOW64\AppxPackaging.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\puiobj.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\Display.dll
2014-10-21 18:56:13 ----A---- C:\Windows\SysWOW64\storagewmi.dll
2014-10-21 18:56:12 ----A---- C:\Windows\SysWOW64\winmmbase.dll
2014-10-21 18:56:11 ----A---- C:\Windows\SysWOW64\wisp.dll
2014-10-21 18:56:11 ----A---- C:\Windows\SysWOW64\aclui.dll
2014-10-21 18:56:08 ----A---- C:\Windows\SysWOW64\wlanapi.dll
2014-10-21 18:56:08 ----A---- C:\Windows\SysWOW64\bcryptprimitives.dll
2014-10-21 18:56:06 ----A---- C:\Windows\SysWOW64\wsecedit.dll
2014-10-21 18:56:06 ----A---- C:\Windows\SysWOW64\AppxSip.dll
2014-10-21 18:56:04 ----A---- C:\Windows\SysWOW64\prnntfy.dll
2014-10-21 18:56:03 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2014-10-21 18:56:03 ----A---- C:\Windows\SysWOW64\winmm.dll
2014-10-21 18:56:02 ----A---- C:\Windows\SysWOW64\puiapi.dll
2014-10-21 18:56:01 ----A---- C:\Windows\SysWOW64\SndVol.exe
2014-10-21 18:56:00 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2014-10-21 18:56:00 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2014-10-21 18:55:59 ----A---- C:\Windows\SysWOW64\VAN.dll
2014-10-21 18:55:57 ----A---- C:\Windows\SysWOW64\clusapi.dll
2014-10-21 18:55:55 ----A---- C:\Windows\SysWOW64\iasnap.dll
2014-10-21 18:55:55 ----A---- C:\Windows\SysWOW64\gpedit.dll
2014-10-21 18:55:54 ----A---- C:\Windows\SysWOW64\rsaenh.dll
2014-10-21 18:55:53 ----A---- C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-21 18:55:52 ----A---- C:\Windows\SysWOW64\osk.exe
2014-10-21 18:55:52 ----A---- C:\Windows\SysWOW64\mispace.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\Windows.Networking.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\SettingSync.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\DafPrintProvider.dll
2014-10-21 18:55:49 ----A---- C:\Windows\SysWOW64\wshbth.dll
2014-10-21 18:55:49 ----A---- C:\Windows\SysWOW64\stobject.dll
2014-10-21 18:55:48 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2014-10-21 18:55:47 ----A---- C:\Windows\SysWOW64\KBDRUM.DLL
2014-10-21 18:55:47 ----A---- C:\Windows\SysWOW64\GdiPlus.dll
2014-10-21 18:55:46 ----A---- C:\Windows\SysWOW64\schannel.dll
2014-10-21 18:55:45 ----A---- C:\Windows\SysWOW64\user32.dll
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDRU.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-21 18:55:41 ----A---- C:\Windows\SysWOW64\PrintDialogs.dll
2014-10-21 18:55:41 ----A---- C:\Windows\SysWOW64\certcli.dll
2014-10-21 18:55:40 ----A---- C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-21 18:55:39 ----A---- C:\Windows\SysWOW64\BluetoothApis.dll
2014-10-21 18:55:35 ----A---- C:\Windows\SysWOW64\KBDTT102.DLL
2014-10-21 18:47:56 ----D---- C:\Windows\SysWOW64\spool
2014-10-20 21:18:30 ----D---- C:\Program Files (x86)\Evernote
2014-10-17 08:13:54 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2014-10-17 08:13:51 ----A---- C:\Windows\SysWOW64\msxml3.dll
2014-10-17 08:13:51 ----A---- C:\Windows\SysWOW64\dxgi.dll
2014-10-17 08:13:20 ----A---- C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-17 08:13:16 ----A---- C:\Windows\SysWOW64\wusa.exe
2014-10-17 08:13:16 ----A---- C:\Windows\SysWOW64\gdi32.dll
2014-10-17 08:10:35 ----A---- C:\Windows\SysWOW64\adtschema.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wups.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wudriver.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wuapi.dll
2014-10-17 08:10:22 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2014-10-17 08:10:22 ----A---- C:\Windows\SysWOW64\wuapp.exe
2014-10-17 08:10:17 ----A---- C:\Windows\SysWOW64\Wpc.dll
2014-10-17 08:10:07 ----A---- C:\Windows\SysWOW64\twinapi.appcore.dll
2014-10-17 08:09:50 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 08:09:49 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-10-17 08:09:48 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-10-17 08:09:47 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-10-17 08:09:47 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-10-17 08:09:45 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-10-17 08:09:45 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 08:09:44 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-10-17 08:09:34 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 08:09:34 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 08:09:33 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-10-17 08:09:32 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 08:09:32 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 08:08:51 ----A---- C:\Windows\SysWOW64\packager.dll
2014-10-17 08:08:19 ----A---- C:\Windows\SysWOW64\rastls.dll
2014-10-17 08:04:54 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2014-10-17 08:04:53 ----A---- C:\Windows\SysWOW64\twinui.dll
2014-10-17 08:04:52 ----A---- C:\Windows\SysWOW64\UXInit.dll
2014-10-17 08:04:52 ----A---- C:\Windows\SysWOW64\explorer.exe
2014-10-17 08:04:52 ----A---- C:\Windows\explorer.exe
2014-10-17 07:59:59 ----A---- C:\Windows\SysWOW64\WSShared.dll
2014-10-17 07:59:59 ----A---- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\mstscax.dll
2014-10-17 07:59:54 ----A---- C:\Windows\SysWOW64\shell32.dll
2014-10-17 07:59:53 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\propsys.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\ntdll.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2014-10-17 07:59:50 ----A---- C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-17 07:57:15 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-17 07:52:02 ----A---- C:\Windows\SysWOW64\drvinst.exe
2014-10-17 07:51:54 ----A---- C:\Windows\SysWOW64\d3d9.dll
2014-10-17 07:51:52 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2014-10-17 07:51:50 ----A---- C:\Windows\SysWOW64\framedynos.dll
2014-10-17 07:51:50 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2014-10-17 07:51:48 ----A---- C:\Windows\SysWOW64\ncobjapi.dll
2014-10-17 07:51:41 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\framedyn.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\dhcpcsvc.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\d3d8thk.dll
2014-10-17 07:51:24 ----A---- C:\Windows\SysWOW64\DWrite.dll
2014-10-17 07:51:23 ----A---- C:\Windows\SysWOW64\mrt100.dll
2014-10-17 07:51:23 ----A---- C:\Windows\SysWOW64\mrt_map.dll
2014-10-17 07:51:09 ----A---- C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-10-17 07:50:52 ----A---- C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-10-17 07:50:42 ----A---- C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\winmde.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\MFMediaEngine.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-17 07:50:36 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2014-10-17 07:50:36 ----A---- C:\Windows\SysWOW64\mfsvr.dll
2014-10-17 07:50:35 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-17 07:50:35 ----A---- C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\MSVideoDSP.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\gpapi.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\wintrust.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\mf.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\AudioEng.dll
2014-10-17 07:50:28 ----A---- C:\Windows\SysWOW64\resutils.dll
2014-10-17 07:50:27 ----A---- C:\Windows\SysWOW64\tlscsp.dll
2014-10-17 07:50:24 ----A---- C:\Windows\SysWOW64\wlanhlp.dll
2014-10-17 07:50:24 ----A---- C:\Windows\SysWOW64\srclient.dll
2014-10-17 07:49:53 ----A---- C:\Windows\SysWOW64\qedit.dll
2014-10-17 07:49:38 ----A---- C:\Windows\SysWOW64\authui.dll
2014-10-17 07:49:37 ----A---- C:\Windows\SysWOW64\msi.dll
2014-10-17 07:33:39 ----A---- C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-10-17 07:32:15 ----A---- C:\Windows\SysWOW64\msihnd.dll
2014-10-17 07:31:03 ----A---- C:\Windows\SysWOW64\twinui.appcore.dll
2014-10-16 23:01:23 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-16 23:01:23 ----D---- C:\Program Files (x86)\iTunes
2014-10-16 23:00:30 ----D---- C:\Program Files (x86)\Bonjour
2014-10-16 21:07:23 ----D---- C:\Program Files (x86)\SearchProtect
2014-10-16 21:07:21 ----D---- C:\Program Files (x86)\ORBTR
2014-10-16 21:06:46 ----D---- C:\ProgramData\Freemake
2014-10-16 21:06:30 ----D---- C:\Users\charlotte\AppData\Roaming\RHEng
2014-10-16 21:06:27 ----D---- C:\Users\charlotte\AppData\Roaming\OpenCandy
2014-10-16 21:06:27 ----D---- C:\Program Files (x86)\Freemake
2014-10-16 08:02:38 ----A---- C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-10-16 08:02:35 ----A---- C:\Windows\SysWOW64\msftedit.dll
2014-10-16 08:02:30 ----A---- C:\Windows\SysWOW64\msxml6.dll
2014-10-16 08:02:29 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2014-10-16 08:02:29 ----A---- C:\Windows\SysWOW64\d3d11.dll
2014-10-16 08:02:27 ----A---- C:\Windows\SysWOW64\ole32.dll
2014-10-16 08:02:25 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2014-10-16 08:02:25 ----A---- C:\Windows\SysWOW64\kerberos.dll
2014-10-16 08:02:24 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-10-16 08:02:24 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2014-10-16 08:02:22 ----A---- C:\Windows\SysWOW64\wlidprov.dll
2014-10-16 08:02:18 ----A---- C:\Windows\SysWOW64\dcomp.dll
2014-10-16 08:02:17 ----A---- C:\Windows\SysWOW64\rasapi32.dll
2014-10-16 08:02:16 ----A---- C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-10-16 08:02:16 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2014-10-16 08:02:15 ----A---- C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-10-16 08:02:14 ----A---- C:\Windows\SysWOW64\SensorsApi.dll
2014-10-16 08:02:14 ----A---- C:\Windows\SysWOW64\netlogon.dll
2014-10-16 08:02:10 ----A---- C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-10-16 08:02:09 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2014-10-16 08:02:08 ----A---- C:\Windows\SysWOW64\userenv.dll
2014-10-16 08:02:08 ----A---- C:\Windows\SysWOW64\davclnt.dll
2014-10-16 08:02:07 ----A---- C:\Windows\SysWOW64\spp.dll
2014-10-16 08:02:07 ----A---- C:\Windows\SysWOW64\pdh.dll
2014-10-16 08:02:05 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-10-16 08:02:04 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2014-10-16 08:02:04 ----A---- C:\Windows\SysWOW64\w32tm.exe
2014-10-16 08:02:03 ----A---- C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\ReInfo.dll
2014-10-16 08:02:01 ----A---- C:\Windows\SysWOW64\LocationApi.dll
2014-10-16 08:02:00 ----A---- C:\Windows\SysWOW64\sxproxy.dll
2014-10-16 08:02:00 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2014-10-16 08:01:58 ----A---- C:\Windows\SysWOW64\l2gpstore.dll
2014-10-16 07:55:48 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2014-10-16 07:55:40 ----A---- C:\Windows\SysWOW64\glcndFilter.dll
2014-10-16 07:55:19 ----A---- C:\Windows\SysWOW64\wmp.dll
2014-10-16 07:55:12 ----A---- C:\Windows\SysWOW64\combase.dll
2014-10-16 07:55:11 ----A---- C:\Windows\SysWOW64\tquery.dll
2014-10-16 07:55:08 ----A---- C:\Windows\SysWOW64\mssrch.dll
2014-10-16 07:54:55 ----A---- C:\Windows\SysWOW64\dui70.dll
2014-10-16 07:54:49 ----A---- C:\Windows\SysWOW64\Windows.Globalization.dll
2014-10-16 07:54:46 ----A---- C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-10-16 07:54:45 ----A---- C:\Windows\SysWOW64\webservices.dll
2014-10-16 07:54:39 ----A---- C:\Windows\SysWOW64\msctf.dll
2014-10-16 07:54:37 ----A---- C:\Windows\SysWOW64\SettingSyncHost.exe
2014-10-16 07:54:36 ----A---- C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-10-16 07:54:35 ----A---- C:\Windows\SysWOW64\mfnetsrc.dll
2014-10-16 07:54:34 ----A---- C:\Windows\SysWOW64\wer.dll
2014-10-16 07:54:32 ----A---- C:\Windows\SysWOW64\WWAHost.exe
2014-10-16 07:54:32 ----A---- C:\Windows\SysWOW64\mfnetcore.dll
2014-10-16 07:54:30 ----A---- C:\Windows\SysWOW64\SettingSyncCore.dll
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\WMPDMC.exe
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\twinapi.dll
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2014-10-16 07:54:28 ----A---- C:\Windows\SysWOW64\setupapi.dll
2014-10-16 07:54:28 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2014-10-16 07:54:19 ----A---- C:\Windows\SysWOW64\apphelp.dll
2014-10-16 07:54:16 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-16 07:54:09 ----A---- C:\Windows\SysWOW64\scrrun.dll
2014-10-16 07:36:23 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2014-10-16 07:36:23 ----A---- C:\Windows\SysWOW64\Taskmgr.exe
2014-10-16 07:36:22 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2014-10-16 07:36:19 ----A---- C:\Windows\SysWOW64\usercpl.dll
2014-10-16 07:36:15 ----A---- C:\Windows\SysWOW64\WerFault.exe
2014-10-16 07:36:12 ----A---- C:\Windows\SysWOW64\mssph.dll
2014-10-16 07:36:11 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2014-10-16 07:36:08 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2014-10-16 07:36:04 ----A---- C:\Windows\SysWOW64\msctfuimanager.dll
2014-10-16 07:36:03 ----A---- C:\Windows\SysWOW64\tdh.dll
2014-10-16 07:36:02 ----A---- C:\Windows\SysWOW64\msvproc.dll
2014-10-16 07:36:01 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2014-10-16 07:36:00 ----A---- C:\Windows\SysWOW64\slc.dll
2014-10-16 07:35:58 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2014-10-16 07:35:58 ----A---- C:\Windows\SysWOW64\mssvp.dll
2014-10-16 07:35:57 ----A---- C:\Windows\SysWOW64\uxtheme.dll
2014-10-16 07:35:57 ----A---- C:\Windows\SysWOW64\advapi32.dll
2014-10-16 07:35:54 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2014-10-16 07:35:45 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-10-16 07:35:45 ----A---- C:\Windows\SysWOW64\DismApi.dll
2014-10-16 07:35:44 ----A---- C:\Windows\SysWOW64\WSClient.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\themeui.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\ncryptsslp.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\MrmIndexer.dll
2014-10-16 07:35:41 ----A---- C:\Windows\SysWOW64\Dism.exe
2014-10-16 07:35:40 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2014-10-16 07:35:40 ----A---- C:\Windows\SysWOW64\InputSwitch.dll
2014-10-16 07:35:34 ----A---- C:\Windows\SysWOW64\sppc.dll
2014-10-16 07:35:31 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2014-10-16 07:35:29 ----A---- C:\Windows\SysWOW64\WlanMM.dll
2014-10-16 07:35:29 ----A---- C:\Windows\SysWOW64\WinTypes.dll
2014-10-16 07:35:27 ----A---- C:\Windows\SysWOW64\authz.dll
2014-10-16 07:35:25 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\mdmregistration.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\clrhost.dll
2014-10-16 07:35:23 ----A---- C:\Windows\SysWOW64\ninput.dll
2014-10-16 07:35:19 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2014-10-16 07:35:17 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2014-10-16 07:35:13 ----A---- C:\Windows\SysWOW64\fsutil.exe
2014-10-16 07:35:13 ----A---- C:\Windows\SysWOW64\CloudNotifications.exe
2014-10-16 07:35:12 ----A---- C:\Windows\SysWOW64\wscapi.dll
2014-10-16 07:35:11 ----A---- C:\Windows\SysWOW64\imm32.dll
2014-10-16 07:35:10 ----A---- C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-10-16 07:35:10 ----A---- C:\Windows\SysWOW64\gameux.dll
2014-10-16 07:35:09 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2014-10-16 07:35:07 ----A---- C:\Windows\SysWOW64\wermgr.exe
2014-10-16 07:35:04 ----A---- C:\Windows\SysWOW64\powrprof.dll
2014-10-16 07:35:04 ----A---- C:\Windows\SysWOW64\PlayToManager.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\WLanConn.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\rasgcw.dll
2014-10-16 07:35:02 ----A---- C:\Windows\SysWOW64\RestoreOptIn.exe
2014-10-16 07:35:01 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2014-10-16 07:35:01 ----A---- C:\Windows\SysWOW64\UserAccountBroker.exe
2014-10-16 07:35:00 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2014-10-16 07:35:00 ----A---- C:\Windows\SysWOW64\newdev.dll
2014-10-16 07:34:59 ----A---- C:\Windows\SysWOW64\wscinterop.dll
2014-10-16 07:34:58 ----A---- C:\Windows\SysWOW64\bcd.dll
2014-10-16 07:34:54 ----A---- C:\Windows\SysWOW64\cleanmgr.exe
2014-10-16 07:34:50 ----A---- C:\Windows\SysWOW64\taskeng.exe
2014-10-16 07:34:48 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2014-10-16 07:34:48 ----A---- C:\Windows\SysWOW64\netid.dll
2014-10-16 07:34:47 ----A---- C:\Windows\SysWOW64\dmvdsitf.dll
2014-10-16 07:34:47 ----A---- C:\Windows\SysWOW64\BioCredProv.dll
2014-10-16 07:34:45 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2014-10-16 07:34:45 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2014-10-16 07:34:42 ----A---- C:\Windows\SysWOW64\dmdskmgr.dll
2014-10-16 07:34:41 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2014-10-16 07:34:39 ----A---- C:\Windows\SysWOW64\samlib.dll
2014-10-16 07:34:39 ----A---- C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-10-16 07:34:38 ----A---- C:\Windows\SysWOW64\MbaeApiPublic.dll
2014-10-16 07:34:38 ----A---- C:\Windows\SysWOW64\deviceaccess.dll
2014-10-16 07:34:37 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2014-10-16 07:34:37 ----A---- C:\Windows\SysWOW64\acppage.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\wlidcredprov.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\scrobj.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\provsvc.dll
2014-10-16 07:34:32 ----A---- C:\Windows\SysWOW64\slpts.dll
2014-10-16 07:34:32 ----A---- C:\Windows\SysWOW64\PkgMgr.exe
2014-10-16 07:34:31 ----A---- C:\Windows\SysWOW64\winbrand.dll
2014-10-16 07:34:31 ----A---- C:\Windows\SysWOW64\autofmt.exe
2014-10-16 07:34:30 ----A---- C:\Windows\SysWOW64\autochk.exe
2014-10-16 07:34:29 ----A---- C:\Windows\SysWOW64\untfs.dll
2014-10-16 07:34:29 ----A---- C:\Windows\SysWOW64\autoconv.exe
2014-10-16 07:34:25 ----A---- C:\Windows\SysWOW64\DWWIN.EXE
2014-10-16 07:34:25 ----A---- C:\Windows\SysWOW64\AuthBroker.dll
2014-10-16 07:34:23 ----A---- C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-10-16 07:34:23 ----A---- C:\Windows\SysWOW64\StorageContextHandler.dll
2014-10-16 07:34:22 ----A---- C:\Windows\SysWOW64\mssprxy.dll
2014-10-16 07:34:21 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2014-10-16 07:34:20 ----A---- C:\Windows\SysWOW64\WimBootCompress.ini
2014-10-16 07:34:20 ----A---- C:\Windows\SysWOW64\spbcd.dll
2014-10-16 07:34:12 ----A---- C:\Windows\SysWOW64\sud.dll
2014-10-16 07:34:10 ----A---- C:\Windows\SysWOW64\wlidcli.dll
2014-10-16 07:34:09 ----A---- C:\Windows\SysWOW64\SettingMonitor.dll
2014-10-16 07:34:06 ----A---- C:\Windows\SysWOW64\offreg.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\winsku.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\SSShim.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\CloudStorageWizard.exe
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\PlayToDevice.dll
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\IdCtrls.dll
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\deviceassociation.dll
2014-10-16 07:34:03 ----A---- C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-10-16 07:34:03 ----A---- C:\Windows\SysWOW64\powercfg.exe
2014-10-16 07:34:02 ----A---- C:\Windows\SysWOW64\werui.dll
2014-10-16 07:34:01 ----A---- C:\Windows\SysWOW64\migisol.dll
2014-10-16 07:34:00 ----A---- C:\Windows\SysWOW64\ReAgentc.exe
2014-10-16 07:33:59 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2014-10-16 07:33:58 ----A---- C:\Windows\SysWOW64\easwrt.dll
2014-10-16 07:33:56 ----A---- C:\Windows\SysWOW64\diskpart.exe
2014-10-16 07:33:55 ----A---- C:\Windows\SysWOW64\cscript.exe
2014-10-16 07:33:54 ----A---- C:\Windows\SysWOW64\sxshared.dll
2014-10-16 07:33:54 ----A---- C:\Windows\SysWOW64\msshooks.dll
2014-10-16 07:33:53 ----A---- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-10-16 07:33:53 ----A---- C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2014-10-16 07:33:46 ----AH---- C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-10-16 07:33:44 ----A---- C:\Windows\SysWOW64\wincorlib.dll
2014-10-16 07:33:44 ----A---- C:\Windows\SysWOW64\setupugc.exe
2014-10-16 07:33:36 ----A---- C:\Windows\SysWOW64\finger.exe
2014-10-16 07:33:34 ----A---- C:\Windows\SysWOW64\themecpl.dll
2014-10-16 07:33:34 ----A---- C:\Windows\SysWOW64\SettingSyncPolicy.dll
2014-10-16 07:33:31 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2014-10-16 07:33:31 ----A---- C:\Windows\SysWOW64\GlobCollationHost.dll
2014-10-16 07:33:29 ----A---- C:\Windows\SysWOW64\korwbrkr.dll
2014-10-16 07:33:28 ----AH---- C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-10-16 07:33:25 ----A---- C:\Windows\SysWOW64\dataclen.dll
2014-10-16 07:33:22 ----AH---- C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-10-16 07:33:21 ----AH---- C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-10-16 07:33:21 ----AH---- C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-10-16 07:33:21 ----A---- C:\Windows\SysWOW64\occache.dll
2014-10-16 07:33:20 ----A---- C:\Windows\SysWOW64\f3ahvoas.dll
2014-10-15 13:22:49 ----D---- C:\Program Files (x86)\Common Files\Java
2014-10-15 13:22:48 ----A---- C:\Windows\SysWOW64\javaws.exe
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\javaw.exe
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\java.exe
2014-10-14 21:31:48 ----A---- C:\Windows\LENDIG.sys
2014-10-14 21:15:56 ----N---- C:\Windows\Updreg.EXE
2014-10-14 21:13:55 ----D---- C:\Windows\SysWOW64\Data
2014-10-14 21:13:55 ----A---- C:\Windows\SysWOW64\INRES.DLL
2014-10-14 21:13:51 ----D---- C:\Program Files (x86)\Creative Professional
2014-10-14 20:54:37 ----D---- C:\Program Files (x86)\DriverToolkit
2014-10-14 20:10:38 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2014-10-14 20:10:08 ----D---- C:\Users\charlotte\AppData\Roaming\Image-Line
2014-10-14 20:09:50 ----D---- C:\Users\charlotte\AppData\Roaming\FlowStone
2014-10-14 20:09:50 ----D---- C:\Program Files (x86)\DSPRobotics
2014-10-14 20:04:50 ----D---- C:\Program Files (x86)\Image-Line
2014-10-06 15:54:11 ----D---- C:\Program Files (x86)\VstPlugins
2014-10-06 15:54:11 ----A---- C:\Windows\SysWOW64\rewire.dll
2014-10-06 15:53:55 ----D---- C:\Program Files (x86)\Outsim
2014-10-06 15:38:18 ----D---- C:\Users\charlotte\AppData\Roaming\WinRAR
2014-10-06 14:56:17 ----RD---- C:\Windows\BrowserChoice
2014-10-06 14:41:48 ----D---- C:\ProgramData\RosettaStoneLtdBackup
2014-10-06 14:39:50 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2014-10-06 14:39:40 ----D---- C:\ProgramData\Rosetta Stone
2014-10-06 14:39:40 ----D---- C:\Program Files (x86)\Rosetta Stone
2014-10-06 14:35:26 ----D---- C:\Users\charlotte\AppData\Roaming\uTorrent
2014-10-06 13:57:44 ----D---- C:\Program Files (x86)\WinRAR
2014-10-06 11:20:56 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-06 11:20:45 ----A---- C:\Windows\SysWOW64\mfds.dll
2014-10-06 11:20:44 ----A---- C:\Windows\SysWOW64\Windows.Graphics.dll
2014-10-06 11:20:42 ----A---- C:\Windows\SysWOW64\msieftp.dll
2014-10-06 11:18:59 ----A---- C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-10-06 11:18:58 ----A---- C:\Windows\SysWOW64\sti.dll
2014-10-06 11:18:58 ----A---- C:\Windows\SysWOW64\OEMLicense.dll
2014-10-06 11:09:54 ----A---- C:\Windows\SysWOW64\msdrm.dll
2014-10-06 11:04:46 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-10-06 11:04:46 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-06 11:04:43 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-10-06 11:04:42 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-10-06 11:04:41 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-10-06 11:01:49 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2014-10-06 10:57:28 ----A---- C:\Windows\SysWOW64\d2d1.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2014-10-06 10:41:41 ----A---- C:\Windows\SysWOW64\poqexec.exe
2014-10-06 10:36:22 ----A---- C:\Windows\SysWOW64\pcaui.exe
2014-10-06 10:35:04 ----D---- C:\Program Files (x86)\Google
2014-10-06 10:31:46 ----D---- C:\ProgramData\ClassicShell
======List of files/folders modified in the last 1 month======
2014-10-29 21:06:54 ----D---- C:\Users\charlotte\AppData\Roaming\ClassicShell
2014-10-29 21:06:18 ----D---- C:\Windows\System32
2014-10-29 21:06:18 ----D---- C:\Windows\Inf
2014-10-29 21:05:59 ----D---- C:\Windows\Prefetch
2014-10-29 21:01:09 ----D---- C:\Windows\Temp
2014-10-29 21:01:09 ----D---- C:\Windows\SysWOW64
2014-10-29 20:49:58 ----RD---- C:\Program Files (x86)
2014-10-28 20:38:11 ----SHD---- C:\System Volume Information
2014-10-28 17:15:48 ----D---- C:\Windows\Microsoft.NET
2014-10-28 09:32:13 ----D---- C:\Windows\AppReadiness
2014-10-27 22:55:34 ----SHD---- C:\Windows\Installer
2014-10-27 22:55:34 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-27 22:55:05 ----RSD---- C:\Windows\assembly
2014-10-27 22:54:55 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2014-10-24 07:35:35 ----D---- C:\Windows\rescache
2014-10-23 07:13:48 ----D---- C:\Windows
2014-10-23 07:13:47 ----D---- C:\Windows\WinSxS
2014-10-23 01:29:32 ----RD---- C:\Windows\ToastData
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\wbem
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\setup
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\en-US
2014-10-23 01:29:18 ----RD---- C:\Windows\ImmersiveControlPanel
2014-10-23 01:29:13 ----RSD---- C:\Windows\Fonts
2014-10-23 01:29:12 ----D---- C:\Windows\apppatch
2014-10-23 01:29:11 ----D---- C:\Windows\SysWOW64\InputMethod
2014-10-22 21:23:40 ----D---- C:\Windows\Tasks
2014-10-21 19:35:39 ----D---- C:\Windows\CbsTemp
2014-10-21 19:11:03 ----D---- C:\Users\charlotte\AppData\Roaming\Adobe
2014-10-21 19:00:46 ----D---- C:\ProgramData\FLEXnet
2014-10-21 18:52:25 ----D---- C:\Program Files (x86)\Adobe
2014-10-21 18:51:51 ----D---- C:\ProgramData\Adobe
2014-10-21 18:51:24 ----D---- C:\Program Files (x86)\Common Files\Adobe
2014-10-21 00:02:39 ----D---- C:\Windows\MediaViewer
2014-10-21 00:02:38 ----D---- C:\Windows\FileManager
2014-10-21 00:02:38 ----D---- C:\Windows\Camera
2014-10-21 00:02:37 ----D---- C:\Program Files (x86)\Windows Defender
2014-10-21 00:02:25 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-21 00:02:24 ----D---- C:\Windows\PolicyDefinitions
2014-10-21 00:02:15 ----D---- C:\Windows\WinStore
2014-10-21 00:02:09 ----D---- C:\Windows\SysWOW64\migration
2014-10-17 11:05:08 ----D---- C:\Users\charlotte\AppData\Roaming\Apple Computer
2014-10-17 07:56:40 ----D---- C:\Windows\Logs
2014-10-17 00:47:32 ----D---- C:\Windows\servicing
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-17 00:47:31 ----D---- C:\Windows\SysWOW64\oobe
2014-10-17 00:47:31 ----D---- C:\Windows\SysWOW64\Dism
2014-10-17 00:47:28 ----D---- C:\Windows\en-US
2014-10-16 23:05:34 ----SD---- C:\Users\charlotte\AppData\Roaming\Microsoft
2014-10-16 23:01:25 ----RD---- C:\Program Files
2014-10-16 23:01:24 ----D---- C:\Program Files (x86)\Common Files\Apple
2014-10-16 23:01:23 ----HD---- C:\ProgramData
2014-10-16 23:01:23 ----D---- C:\ProgramData\Apple Computer
2014-10-16 23:00:42 ----D---- C:\ProgramData\Apple
2014-10-15 13:22:56 ----D---- C:\ProgramData\Oracle
2014-10-15 13:22:49 ----D---- C:\Program Files (x86)\Common Files
2014-10-15 13:22:45 ----D---- C:\Program Files (x86)\Java
2014-10-14 21:13:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-06 15:54:41 ----SD---- C:\ProgramData\Microsoft
2014-10-06 14:57:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-06 11:23:39 ----SHD---- C:\$Recycle.Bin
2014-10-06 10:56:51 ----D---- C:\ProgramData\CanonIJPLM
2014-10-06 10:31:17 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys []
R0 tos_sps64;@oem14.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys []
R0 TVALZ;@oem6.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem12.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
R3 athr;@oem23.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys []
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys []
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys []
R3 MEIx64;@oem1.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys []
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys []
R3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;@oem32.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 Thotkey;@oem3.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys []
R3 tosrfec;@oem22.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys []
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 emusba10;@oem27.inf,%EMUSBA10.Driver.DisplayName%;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys []
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 USBAAPL64;@oem28.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WDC_SAM;@oem26.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-22 312448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-09-25 2436280]
R2 CltMngSvc;Search Protect Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-10-02 3015128]
R2 DragonLoggerService;Dragon Logger service; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [2014-07-12 137280]
R2 DragonSvc;Dragon Service; C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2014-07-12 339008]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 emaudsv;@oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service; C:\Windows\system32\emaudsv.exe []
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 Orbiter;Orbiter; C:\Windows\System32\svchost.exe [2013-08-22 31552]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-09 328544]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-10 279024]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-06 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S3 Olympus DVR Service;Olympus DVR Service; C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [2012-11-08 174592]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-25 150600]
-----------------EOF-----------------
---------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:09:19, on 29/10/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\charlotte\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microlink â The UKâs Largest Independent Assistive Technology Supplier
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Bho - {609C0837-8DD3-4F9B-AAC5-446F36BC0353} - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking13\Ereg.ini"
O4 - HKLM\..\Run: [BookExpress_B6FU] "C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: flstudio11.exe.lnk = C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
O4 - Global Startup: Device Detector 4.lnk = C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Logger service (DragonLoggerService) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13030 bytes
When I start up I get a box that states 'the file or directory is corrupted and unreadable' of what looks like Windows Updater. So I followed the instructions and have posted two scripts to this message.
However.. I was not successful in using DSS and GMER so I instead used RSIT and HijackThis (although they are both coming up as HijackThis?). The logs are posted below as per instruction.
I can post a photo of the box that appears if this is helpful.
Thank you
Logfile of random's system information tool 1.10 (written by random/random)
Run by charlotte at 2014-10-29 21:11:47
Microsoft Windows 8.1
System drive C: has 311 GB (70%) free of 446 GB
Total RAM: 3971 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:48, on 29/10/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\charlotte\Desktop\HijackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\charlotte\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\charlotte.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microlink â The UKâs Largest Independent Assistive Technology Supplier
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Bho - {609C0837-8DD3-4F9B-AAC5-446F36BC0353} - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking13\Ereg.ini"
O4 - HKLM\..\Run: [BookExpress_B6FU] "C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: flstudio11.exe.lnk = C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
O4 - Global Startup: Device Detector 4.lnk = C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Logger service (DragonLoggerService) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13179 bytes
======Scheduled tasks folder======
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}]
Dragon Web Extension For Internet Explorer - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [2014-07-12 613952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-08-26 626528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2013-04-19 374784]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2011-10-12 2068856]
"DNS7reminder"=C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [2014-05-30 325960]
"BookExpress_B6FU"=C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe [2013-10-18 713216]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"E-MU USB Audio Control Panel"=C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe [2007-11-26 274432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Device Detector 4.lnk - C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Users\charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
flstudio11.exe.lnk - C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.pspgru"=pspgru.acm
"msacm.vorbis"=vorbis.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-10-29 20:49:58 ----D---- C:\rsit
2014-10-29 20:49:58 ----D---- C:\Program Files (x86)\trend micro
2014-10-28 18:51:48 ----D---- C:\Users\charlotte\AppData\Roaming\vlc
2014-10-28 18:46:37 ----D---- C:\Program Files (x86)\VideoLAN
2014-10-28 18:45:00 ----D---- C:\Users\charlotte\AppData\Roaming\Macromedia
2014-10-21 18:56:50 ----A---- C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-10-21 18:56:39 ----A---- C:\Windows\SysWOW64\mfcore.dll
2014-10-21 18:56:34 ----A---- C:\Windows\SysWOW64\Windows.Media.dll
2014-10-21 18:56:31 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\SRH.dll
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\printui.dll
2014-10-21 18:56:28 ----A---- C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-10-21 18:56:26 ----A---- C:\Windows\SysWOW64\wlanmsm.dll
2014-10-21 18:56:26 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2014-10-21 18:56:25 ----A---- C:\Windows\SysWOW64\mftranscode.dll
2014-10-21 18:56:24 ----A---- C:\Windows\SysWOW64\mfplat.dll
2014-10-21 18:56:23 ----A---- C:\Windows\SysWOW64\SHCore.dll
2014-10-21 18:56:20 ----A---- C:\Windows\SysWOW64\comdlg32.dll
2014-10-21 18:56:18 ----A---- C:\Windows\SysWOW64\netcfgx.dll
2014-10-21 18:56:18 ----A---- C:\Windows\SysWOW64\AppxPackaging.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\puiobj.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\mfreadwrite.dll
2014-10-21 18:56:14 ----A---- C:\Windows\SysWOW64\Display.dll
2014-10-21 18:56:13 ----A---- C:\Windows\SysWOW64\storagewmi.dll
2014-10-21 18:56:12 ----A---- C:\Windows\SysWOW64\winmmbase.dll
2014-10-21 18:56:11 ----A---- C:\Windows\SysWOW64\wisp.dll
2014-10-21 18:56:11 ----A---- C:\Windows\SysWOW64\aclui.dll
2014-10-21 18:56:08 ----A---- C:\Windows\SysWOW64\wlanapi.dll
2014-10-21 18:56:08 ----A---- C:\Windows\SysWOW64\bcryptprimitives.dll
2014-10-21 18:56:06 ----A---- C:\Windows\SysWOW64\wsecedit.dll
2014-10-21 18:56:06 ----A---- C:\Windows\SysWOW64\AppxSip.dll
2014-10-21 18:56:04 ----A---- C:\Windows\SysWOW64\prnntfy.dll
2014-10-21 18:56:03 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2014-10-21 18:56:03 ----A---- C:\Windows\SysWOW64\winmm.dll
2014-10-21 18:56:02 ----A---- C:\Windows\SysWOW64\puiapi.dll
2014-10-21 18:56:01 ----A---- C:\Windows\SysWOW64\SndVol.exe
2014-10-21 18:56:00 ----A---- C:\Windows\SysWOW64\WebClnt.dll
2014-10-21 18:56:00 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2014-10-21 18:55:59 ----A---- C:\Windows\SysWOW64\VAN.dll
2014-10-21 18:55:57 ----A---- C:\Windows\SysWOW64\clusapi.dll
2014-10-21 18:55:55 ----A---- C:\Windows\SysWOW64\iasnap.dll
2014-10-21 18:55:55 ----A---- C:\Windows\SysWOW64\gpedit.dll
2014-10-21 18:55:54 ----A---- C:\Windows\SysWOW64\rsaenh.dll
2014-10-21 18:55:53 ----A---- C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2014-10-21 18:55:52 ----A---- C:\Windows\SysWOW64\osk.exe
2014-10-21 18:55:52 ----A---- C:\Windows\SysWOW64\mispace.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\Windows.Networking.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\SettingSync.dll
2014-10-21 18:55:51 ----A---- C:\Windows\SysWOW64\DafPrintProvider.dll
2014-10-21 18:55:49 ----A---- C:\Windows\SysWOW64\wshbth.dll
2014-10-21 18:55:49 ----A---- C:\Windows\SysWOW64\stobject.dll
2014-10-21 18:55:48 ----A---- C:\Windows\SysWOW64\ActionCenter.dll
2014-10-21 18:55:47 ----A---- C:\Windows\SysWOW64\KBDRUM.DLL
2014-10-21 18:55:47 ----A---- C:\Windows\SysWOW64\GdiPlus.dll
2014-10-21 18:55:46 ----A---- C:\Windows\SysWOW64\schannel.dll
2014-10-21 18:55:45 ----A---- C:\Windows\SysWOW64\user32.dll
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDRU.DLL
2014-10-21 18:55:44 ----A---- C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-21 18:55:41 ----A---- C:\Windows\SysWOW64\PrintDialogs.dll
2014-10-21 18:55:41 ----A---- C:\Windows\SysWOW64\certcli.dll
2014-10-21 18:55:40 ----A---- C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-21 18:55:39 ----A---- C:\Windows\SysWOW64\BluetoothApis.dll
2014-10-21 18:55:35 ----A---- C:\Windows\SysWOW64\KBDTT102.DLL
2014-10-21 18:47:56 ----D---- C:\Windows\SysWOW64\spool
2014-10-20 21:18:30 ----D---- C:\Program Files (x86)\Evernote
2014-10-17 08:13:54 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2014-10-17 08:13:51 ----A---- C:\Windows\SysWOW64\msxml3.dll
2014-10-17 08:13:51 ----A---- C:\Windows\SysWOW64\dxgi.dll
2014-10-17 08:13:20 ----A---- C:\Windows\SysWOW64\MrmCoreR.dll
2014-10-17 08:13:16 ----A---- C:\Windows\SysWOW64\wusa.exe
2014-10-17 08:13:16 ----A---- C:\Windows\SysWOW64\gdi32.dll
2014-10-17 08:10:35 ----A---- C:\Windows\SysWOW64\adtschema.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wups.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wudriver.dll
2014-10-17 08:10:23 ----A---- C:\Windows\SysWOW64\wuapi.dll
2014-10-17 08:10:22 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2014-10-17 08:10:22 ----A---- C:\Windows\SysWOW64\wuapp.exe
2014-10-17 08:10:17 ----A---- C:\Windows\SysWOW64\Wpc.dll
2014-10-17 08:10:07 ----A---- C:\Windows\SysWOW64\twinapi.appcore.dll
2014-10-17 08:09:50 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 08:09:49 ----A---- C:\Windows\SysWOW64\urlmon.dll
2014-10-17 08:09:48 ----A---- C:\Windows\SysWOW64\mshtml.dll
2014-10-17 08:09:47 ----A---- C:\Windows\SysWOW64\iertutil.dll
2014-10-17 08:09:47 ----A---- C:\Windows\SysWOW64\ieframe.dll
2014-10-17 08:09:45 ----A---- C:\Windows\SysWOW64\jscript9.dll
2014-10-17 08:09:45 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 08:09:44 ----A---- C:\Windows\SysWOW64\wininet.dll
2014-10-17 08:09:34 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 08:09:34 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 08:09:33 ----A---- C:\Windows\SysWOW64\vbscript.dll
2014-10-17 08:09:32 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 08:09:32 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\iesetup.dll
2014-10-17 08:09:31 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 08:08:51 ----A---- C:\Windows\SysWOW64\packager.dll
2014-10-17 08:08:19 ----A---- C:\Windows\SysWOW64\rastls.dll
2014-10-17 08:04:54 ----A---- C:\Windows\SysWOW64\actxprxy.dll
2014-10-17 08:04:53 ----A---- C:\Windows\SysWOW64\twinui.dll
2014-10-17 08:04:52 ----A---- C:\Windows\SysWOW64\UXInit.dll
2014-10-17 08:04:52 ----A---- C:\Windows\SysWOW64\explorer.exe
2014-10-17 08:04:52 ----A---- C:\Windows\explorer.exe
2014-10-17 07:59:59 ----A---- C:\Windows\SysWOW64\WSShared.dll
2014-10-17 07:59:59 ----A---- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\SkyDriveShell.dll
2014-10-17 07:59:58 ----A---- C:\Windows\SysWOW64\mstscax.dll
2014-10-17 07:59:54 ----A---- C:\Windows\SysWOW64\shell32.dll
2014-10-17 07:59:53 ----A---- C:\Windows\SysWOW64\SearchFolder.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\Wldap32.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\propsys.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\ntdll.dll
2014-10-17 07:59:52 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2014-10-17 07:59:50 ----A---- C:\Windows\SysWOW64\rdvidcrl.dll
2014-10-17 07:57:15 ----A---- C:\Windows\SysWOW64\TsWpfWrp.exe
2014-10-17 07:52:02 ----A---- C:\Windows\SysWOW64\drvinst.exe
2014-10-17 07:51:54 ----A---- C:\Windows\SysWOW64\d3d9.dll
2014-10-17 07:51:52 ----A---- C:\Windows\SysWOW64\dhcpcore.dll
2014-10-17 07:51:50 ----A---- C:\Windows\SysWOW64\framedynos.dll
2014-10-17 07:51:50 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2014-10-17 07:51:48 ----A---- C:\Windows\SysWOW64\ncobjapi.dll
2014-10-17 07:51:41 ----A---- C:\Windows\SysWOW64\Robocopy.exe
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\framedyn.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\dhcpcsvc.dll
2014-10-17 07:51:40 ----A---- C:\Windows\SysWOW64\d3d8thk.dll
2014-10-17 07:51:24 ----A---- C:\Windows\SysWOW64\DWrite.dll
2014-10-17 07:51:23 ----A---- C:\Windows\SysWOW64\mrt100.dll
2014-10-17 07:51:23 ----A---- C:\Windows\SysWOW64\mrt_map.dll
2014-10-17 07:51:09 ----A---- C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-10-17 07:50:52 ----A---- C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-10-17 07:50:42 ----A---- C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\winmde.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\MFMediaEngine.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-10-17 07:50:38 ----A---- C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-17 07:50:36 ----A---- C:\Windows\SysWOW64\rdpencom.dll
2014-10-17 07:50:36 ----A---- C:\Windows\SysWOW64\mfsvr.dll
2014-10-17 07:50:35 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-17 07:50:35 ----A---- C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\MSVideoDSP.dll
2014-10-17 07:50:34 ----A---- C:\Windows\SysWOW64\gpapi.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\wintrust.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\mf.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\AudioSes.dll
2014-10-17 07:50:33 ----A---- C:\Windows\SysWOW64\AudioEng.dll
2014-10-17 07:50:28 ----A---- C:\Windows\SysWOW64\resutils.dll
2014-10-17 07:50:27 ----A---- C:\Windows\SysWOW64\tlscsp.dll
2014-10-17 07:50:24 ----A---- C:\Windows\SysWOW64\wlanhlp.dll
2014-10-17 07:50:24 ----A---- C:\Windows\SysWOW64\srclient.dll
2014-10-17 07:49:53 ----A---- C:\Windows\SysWOW64\qedit.dll
2014-10-17 07:49:38 ----A---- C:\Windows\SysWOW64\authui.dll
2014-10-17 07:49:37 ----A---- C:\Windows\SysWOW64\msi.dll
2014-10-17 07:33:39 ----A---- C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-10-17 07:32:15 ----A---- C:\Windows\SysWOW64\msihnd.dll
2014-10-17 07:31:03 ----A---- C:\Windows\SysWOW64\twinui.appcore.dll
2014-10-16 23:01:23 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-16 23:01:23 ----D---- C:\Program Files (x86)\iTunes
2014-10-16 23:00:30 ----D---- C:\Program Files (x86)\Bonjour
2014-10-16 21:07:23 ----D---- C:\Program Files (x86)\SearchProtect
2014-10-16 21:07:21 ----D---- C:\Program Files (x86)\ORBTR
2014-10-16 21:06:46 ----D---- C:\ProgramData\Freemake
2014-10-16 21:06:30 ----D---- C:\Users\charlotte\AppData\Roaming\RHEng
2014-10-16 21:06:27 ----D---- C:\Users\charlotte\AppData\Roaming\OpenCandy
2014-10-16 21:06:27 ----D---- C:\Program Files (x86)\Freemake
2014-10-16 08:02:38 ----A---- C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-10-16 08:02:35 ----A---- C:\Windows\SysWOW64\msftedit.dll
2014-10-16 08:02:30 ----A---- C:\Windows\SysWOW64\msxml6.dll
2014-10-16 08:02:29 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2014-10-16 08:02:29 ----A---- C:\Windows\SysWOW64\d3d11.dll
2014-10-16 08:02:27 ----A---- C:\Windows\SysWOW64\ole32.dll
2014-10-16 08:02:25 ----A---- C:\Windows\SysWOW64\ReAgent.dll
2014-10-16 08:02:25 ----A---- C:\Windows\SysWOW64\kerberos.dll
2014-10-16 08:02:24 ----A---- C:\Windows\SysWOW64\kernel32.dll
2014-10-16 08:02:24 ----A---- C:\Windows\SysWOW64\dnsapi.dll
2014-10-16 08:02:22 ----A---- C:\Windows\SysWOW64\wlidprov.dll
2014-10-16 08:02:18 ----A---- C:\Windows\SysWOW64\dcomp.dll
2014-10-16 08:02:17 ----A---- C:\Windows\SysWOW64\rasapi32.dll
2014-10-16 08:02:16 ----A---- C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-10-16 08:02:16 ----A---- C:\Windows\SysWOW64\SessEnv.dll
2014-10-16 08:02:15 ----A---- C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-10-16 08:02:14 ----A---- C:\Windows\SysWOW64\SensorsApi.dll
2014-10-16 08:02:14 ----A---- C:\Windows\SysWOW64\netlogon.dll
2014-10-16 08:02:10 ----A---- C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-10-16 08:02:09 ----A---- C:\Windows\SysWOW64\WsmSvc.dll
2014-10-16 08:02:08 ----A---- C:\Windows\SysWOW64\userenv.dll
2014-10-16 08:02:08 ----A---- C:\Windows\SysWOW64\davclnt.dll
2014-10-16 08:02:07 ----A---- C:\Windows\SysWOW64\spp.dll
2014-10-16 08:02:07 ----A---- C:\Windows\SysWOW64\pdh.dll
2014-10-16 08:02:05 ----A---- C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-10-16 08:02:04 ----A---- C:\Windows\SysWOW64\wlangpui.dll
2014-10-16 08:02:04 ----A---- C:\Windows\SysWOW64\w32tm.exe
2014-10-16 08:02:03 ----A---- C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2014-10-16 08:02:02 ----A---- C:\Windows\SysWOW64\ReInfo.dll
2014-10-16 08:02:01 ----A---- C:\Windows\SysWOW64\LocationApi.dll
2014-10-16 08:02:00 ----A---- C:\Windows\SysWOW64\sxproxy.dll
2014-10-16 08:02:00 ----A---- C:\Windows\SysWOW64\nshwfp.dll
2014-10-16 08:01:58 ----A---- C:\Windows\SysWOW64\l2gpstore.dll
2014-10-16 07:55:48 ----A---- C:\Windows\SysWOW64\OobeFldr.dll
2014-10-16 07:55:40 ----A---- C:\Windows\SysWOW64\glcndFilter.dll
2014-10-16 07:55:19 ----A---- C:\Windows\SysWOW64\wmp.dll
2014-10-16 07:55:12 ----A---- C:\Windows\SysWOW64\combase.dll
2014-10-16 07:55:11 ----A---- C:\Windows\SysWOW64\tquery.dll
2014-10-16 07:55:08 ----A---- C:\Windows\SysWOW64\mssrch.dll
2014-10-16 07:54:55 ----A---- C:\Windows\SysWOW64\dui70.dll
2014-10-16 07:54:49 ----A---- C:\Windows\SysWOW64\Windows.Globalization.dll
2014-10-16 07:54:46 ----A---- C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-10-16 07:54:45 ----A---- C:\Windows\SysWOW64\webservices.dll
2014-10-16 07:54:39 ----A---- C:\Windows\SysWOW64\msctf.dll
2014-10-16 07:54:37 ----A---- C:\Windows\SysWOW64\SettingSyncHost.exe
2014-10-16 07:54:36 ----A---- C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-10-16 07:54:35 ----A---- C:\Windows\SysWOW64\mfnetsrc.dll
2014-10-16 07:54:34 ----A---- C:\Windows\SysWOW64\wer.dll
2014-10-16 07:54:32 ----A---- C:\Windows\SysWOW64\WWAHost.exe
2014-10-16 07:54:32 ----A---- C:\Windows\SysWOW64\mfnetcore.dll
2014-10-16 07:54:30 ----A---- C:\Windows\SysWOW64\SettingSyncCore.dll
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\WMPDMC.exe
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\twinapi.dll
2014-10-16 07:54:29 ----A---- C:\Windows\SysWOW64\StructuredQuery.dll
2014-10-16 07:54:28 ----A---- C:\Windows\SysWOW64\setupapi.dll
2014-10-16 07:54:28 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2014-10-16 07:54:19 ----A---- C:\Windows\SysWOW64\apphelp.dll
2014-10-16 07:54:16 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-16 07:54:09 ----A---- C:\Windows\SysWOW64\scrrun.dll
2014-10-16 07:36:23 ----A---- C:\Windows\SysWOW64\wimgapi.dll
2014-10-16 07:36:23 ----A---- C:\Windows\SysWOW64\Taskmgr.exe
2014-10-16 07:36:22 ----A---- C:\Windows\SysWOW64\RacEngn.dll
2014-10-16 07:36:19 ----A---- C:\Windows\SysWOW64\usercpl.dll
2014-10-16 07:36:15 ----A---- C:\Windows\SysWOW64\WerFault.exe
2014-10-16 07:36:12 ----A---- C:\Windows\SysWOW64\mssph.dll
2014-10-16 07:36:11 ----A---- C:\Windows\SysWOW64\MMDevAPI.dll
2014-10-16 07:36:08 ----A---- C:\Windows\SysWOW64\SearchIndexer.exe
2014-10-16 07:36:04 ----A---- C:\Windows\SysWOW64\msctfuimanager.dll
2014-10-16 07:36:03 ----A---- C:\Windows\SysWOW64\tdh.dll
2014-10-16 07:36:02 ----A---- C:\Windows\SysWOW64\msvproc.dll
2014-10-16 07:36:01 ----A---- C:\Windows\SysWOW64\Faultrep.dll
2014-10-16 07:36:00 ----A---- C:\Windows\SysWOW64\slc.dll
2014-10-16 07:35:58 ----A---- C:\Windows\SysWOW64\thumbcache.dll
2014-10-16 07:35:58 ----A---- C:\Windows\SysWOW64\mssvp.dll
2014-10-16 07:35:57 ----A---- C:\Windows\SysWOW64\uxtheme.dll
2014-10-16 07:35:57 ----A---- C:\Windows\SysWOW64\advapi32.dll
2014-10-16 07:35:54 ----A---- C:\Windows\SysWOW64\ntshrui.dll
2014-10-16 07:35:45 ----A---- C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-10-16 07:35:45 ----A---- C:\Windows\SysWOW64\DismApi.dll
2014-10-16 07:35:44 ----A---- C:\Windows\SysWOW64\WSClient.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\themeui.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\ncryptsslp.dll
2014-10-16 07:35:43 ----A---- C:\Windows\SysWOW64\MrmIndexer.dll
2014-10-16 07:35:41 ----A---- C:\Windows\SysWOW64\Dism.exe
2014-10-16 07:35:40 ----A---- C:\Windows\SysWOW64\mssphtb.dll
2014-10-16 07:35:40 ----A---- C:\Windows\SysWOW64\InputSwitch.dll
2014-10-16 07:35:34 ----A---- C:\Windows\SysWOW64\sppc.dll
2014-10-16 07:35:31 ----A---- C:\Windows\SysWOW64\SyncCenter.dll
2014-10-16 07:35:29 ----A---- C:\Windows\SysWOW64\WlanMM.dll
2014-10-16 07:35:29 ----A---- C:\Windows\SysWOW64\WinTypes.dll
2014-10-16 07:35:27 ----A---- C:\Windows\SysWOW64\authz.dll
2014-10-16 07:35:25 ----A---- C:\Windows\SysWOW64\rdpcore.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\mdmregistration.dll
2014-10-16 07:35:24 ----A---- C:\Windows\SysWOW64\clrhost.dll
2014-10-16 07:35:23 ----A---- C:\Windows\SysWOW64\ninput.dll
2014-10-16 07:35:19 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2014-10-16 07:35:17 ----A---- C:\Windows\SysWOW64\sqmapi.dll
2014-10-16 07:35:13 ----A---- C:\Windows\SysWOW64\fsutil.exe
2014-10-16 07:35:13 ----A---- C:\Windows\SysWOW64\CloudNotifications.exe
2014-10-16 07:35:12 ----A---- C:\Windows\SysWOW64\wscapi.dll
2014-10-16 07:35:11 ----A---- C:\Windows\SysWOW64\imm32.dll
2014-10-16 07:35:10 ----A---- C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2014-10-16 07:35:10 ----A---- C:\Windows\SysWOW64\gameux.dll
2014-10-16 07:35:09 ----A---- C:\Windows\SysWOW64\SndVolSSO.dll
2014-10-16 07:35:07 ----A---- C:\Windows\SysWOW64\wermgr.exe
2014-10-16 07:35:04 ----A---- C:\Windows\SysWOW64\powrprof.dll
2014-10-16 07:35:04 ----A---- C:\Windows\SysWOW64\PlayToManager.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\WSDApi.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\WLanConn.dll
2014-10-16 07:35:03 ----A---- C:\Windows\SysWOW64\rasgcw.dll
2014-10-16 07:35:02 ----A---- C:\Windows\SysWOW64\RestoreOptIn.exe
2014-10-16 07:35:01 ----A---- C:\Windows\SysWOW64\zipfldr.dll
2014-10-16 07:35:01 ----A---- C:\Windows\SysWOW64\UserAccountBroker.exe
2014-10-16 07:35:00 ----A---- C:\Windows\SysWOW64\srchadmin.dll
2014-10-16 07:35:00 ----A---- C:\Windows\SysWOW64\newdev.dll
2014-10-16 07:34:59 ----A---- C:\Windows\SysWOW64\wscinterop.dll
2014-10-16 07:34:58 ----A---- C:\Windows\SysWOW64\bcd.dll
2014-10-16 07:34:54 ----A---- C:\Windows\SysWOW64\cleanmgr.exe
2014-10-16 07:34:50 ----A---- C:\Windows\SysWOW64\taskeng.exe
2014-10-16 07:34:48 ----A---- C:\Windows\SysWOW64\WerFaultSecure.exe
2014-10-16 07:34:48 ----A---- C:\Windows\SysWOW64\netid.dll
2014-10-16 07:34:47 ----A---- C:\Windows\SysWOW64\dmvdsitf.dll
2014-10-16 07:34:47 ----A---- C:\Windows\SysWOW64\BioCredProv.dll
2014-10-16 07:34:45 ----A---- C:\Windows\SysWOW64\SearchFilterHost.exe
2014-10-16 07:34:45 ----A---- C:\Windows\SysWOW64\netiohlp.dll
2014-10-16 07:34:42 ----A---- C:\Windows\SysWOW64\dmdskmgr.dll
2014-10-16 07:34:41 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2014-10-16 07:34:39 ----A---- C:\Windows\SysWOW64\samlib.dll
2014-10-16 07:34:39 ----A---- C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2014-10-16 07:34:38 ----A---- C:\Windows\SysWOW64\MbaeApiPublic.dll
2014-10-16 07:34:38 ----A---- C:\Windows\SysWOW64\deviceaccess.dll
2014-10-16 07:34:37 ----A---- C:\Windows\SysWOW64\netplwiz.dll
2014-10-16 07:34:37 ----A---- C:\Windows\SysWOW64\acppage.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\wlidcredprov.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\scrobj.dll
2014-10-16 07:34:35 ----A---- C:\Windows\SysWOW64\provsvc.dll
2014-10-16 07:34:32 ----A---- C:\Windows\SysWOW64\slpts.dll
2014-10-16 07:34:32 ----A---- C:\Windows\SysWOW64\PkgMgr.exe
2014-10-16 07:34:31 ----A---- C:\Windows\SysWOW64\winbrand.dll
2014-10-16 07:34:31 ----A---- C:\Windows\SysWOW64\autofmt.exe
2014-10-16 07:34:30 ----A---- C:\Windows\SysWOW64\autochk.exe
2014-10-16 07:34:29 ----A---- C:\Windows\SysWOW64\untfs.dll
2014-10-16 07:34:29 ----A---- C:\Windows\SysWOW64\autoconv.exe
2014-10-16 07:34:25 ----A---- C:\Windows\SysWOW64\DWWIN.EXE
2014-10-16 07:34:25 ----A---- C:\Windows\SysWOW64\AuthBroker.dll
2014-10-16 07:34:23 ----A---- C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-10-16 07:34:23 ----A---- C:\Windows\SysWOW64\StorageContextHandler.dll
2014-10-16 07:34:22 ----A---- C:\Windows\SysWOW64\mssprxy.dll
2014-10-16 07:34:21 ----A---- C:\Windows\SysWOW64\spwizeng.dll
2014-10-16 07:34:20 ----A---- C:\Windows\SysWOW64\WimBootCompress.ini
2014-10-16 07:34:20 ----A---- C:\Windows\SysWOW64\spbcd.dll
2014-10-16 07:34:12 ----A---- C:\Windows\SysWOW64\sud.dll
2014-10-16 07:34:10 ----A---- C:\Windows\SysWOW64\wlidcli.dll
2014-10-16 07:34:09 ----A---- C:\Windows\SysWOW64\SettingMonitor.dll
2014-10-16 07:34:06 ----A---- C:\Windows\SysWOW64\offreg.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\winsku.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\SSShim.dll
2014-10-16 07:34:05 ----A---- C:\Windows\SysWOW64\CloudStorageWizard.exe
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\PlayToDevice.dll
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\IdCtrls.dll
2014-10-16 07:34:04 ----A---- C:\Windows\SysWOW64\deviceassociation.dll
2014-10-16 07:34:03 ----A---- C:\Windows\SysWOW64\UserLanguagesCpl.dll
2014-10-16 07:34:03 ----A---- C:\Windows\SysWOW64\powercfg.exe
2014-10-16 07:34:02 ----A---- C:\Windows\SysWOW64\werui.dll
2014-10-16 07:34:01 ----A---- C:\Windows\SysWOW64\migisol.dll
2014-10-16 07:34:00 ----A---- C:\Windows\SysWOW64\ReAgentc.exe
2014-10-16 07:33:59 ----A---- C:\Windows\SysWOW64\dfrgui.exe
2014-10-16 07:33:58 ----A---- C:\Windows\SysWOW64\easwrt.dll
2014-10-16 07:33:56 ----A---- C:\Windows\SysWOW64\diskpart.exe
2014-10-16 07:33:55 ----A---- C:\Windows\SysWOW64\cscript.exe
2014-10-16 07:33:54 ----A---- C:\Windows\SysWOW64\sxshared.dll
2014-10-16 07:33:54 ----A---- C:\Windows\SysWOW64\msshooks.dll
2014-10-16 07:33:53 ----A---- C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-10-16 07:33:53 ----A---- C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2014-10-16 07:33:46 ----AH---- C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2014-10-16 07:33:44 ----A---- C:\Windows\SysWOW64\wincorlib.dll
2014-10-16 07:33:44 ----A---- C:\Windows\SysWOW64\setupugc.exe
2014-10-16 07:33:36 ----A---- C:\Windows\SysWOW64\finger.exe
2014-10-16 07:33:34 ----A---- C:\Windows\SysWOW64\themecpl.dll
2014-10-16 07:33:34 ----A---- C:\Windows\SysWOW64\SettingSyncPolicy.dll
2014-10-16 07:33:31 ----A---- C:\Windows\SysWOW64\ocsetapi.dll
2014-10-16 07:33:31 ----A---- C:\Windows\SysWOW64\GlobCollationHost.dll
2014-10-16 07:33:29 ----A---- C:\Windows\SysWOW64\korwbrkr.dll
2014-10-16 07:33:28 ----AH---- C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2014-10-16 07:33:25 ----A---- C:\Windows\SysWOW64\dataclen.dll
2014-10-16 07:33:22 ----AH---- C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2014-10-16 07:33:21 ----AH---- C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2014-10-16 07:33:21 ----AH---- C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-10-16 07:33:21 ----A---- C:\Windows\SysWOW64\occache.dll
2014-10-16 07:33:20 ----A---- C:\Windows\SysWOW64\f3ahvoas.dll
2014-10-15 13:22:49 ----D---- C:\Program Files (x86)\Common Files\Java
2014-10-15 13:22:48 ----A---- C:\Windows\SysWOW64\javaws.exe
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\javaw.exe
2014-10-15 13:22:46 ----A---- C:\Windows\SysWOW64\java.exe
2014-10-14 21:31:48 ----A---- C:\Windows\LENDIG.sys
2014-10-14 21:15:56 ----N---- C:\Windows\Updreg.EXE
2014-10-14 21:13:55 ----D---- C:\Windows\SysWOW64\Data
2014-10-14 21:13:55 ----A---- C:\Windows\SysWOW64\INRES.DLL
2014-10-14 21:13:51 ----D---- C:\Program Files (x86)\Creative Professional
2014-10-14 20:54:37 ----D---- C:\Program Files (x86)\DriverToolkit
2014-10-14 20:10:38 ----D---- C:\Program Files (x86)\ASIO4ALL v2
2014-10-14 20:10:08 ----D---- C:\Users\charlotte\AppData\Roaming\Image-Line
2014-10-14 20:09:50 ----D---- C:\Users\charlotte\AppData\Roaming\FlowStone
2014-10-14 20:09:50 ----D---- C:\Program Files (x86)\DSPRobotics
2014-10-14 20:04:50 ----D---- C:\Program Files (x86)\Image-Line
2014-10-06 15:54:11 ----D---- C:\Program Files (x86)\VstPlugins
2014-10-06 15:54:11 ----A---- C:\Windows\SysWOW64\rewire.dll
2014-10-06 15:53:55 ----D---- C:\Program Files (x86)\Outsim
2014-10-06 15:38:18 ----D---- C:\Users\charlotte\AppData\Roaming\WinRAR
2014-10-06 14:56:17 ----RD---- C:\Windows\BrowserChoice
2014-10-06 14:41:48 ----D---- C:\ProgramData\RosettaStoneLtdBackup
2014-10-06 14:39:50 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2014-10-06 14:39:40 ----D---- C:\ProgramData\Rosetta Stone
2014-10-06 14:39:40 ----D---- C:\Program Files (x86)\Rosetta Stone
2014-10-06 14:35:26 ----D---- C:\Users\charlotte\AppData\Roaming\uTorrent
2014-10-06 13:57:44 ----D---- C:\Program Files (x86)\WinRAR
2014-10-06 11:20:56 ----A---- C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-06 11:20:45 ----A---- C:\Windows\SysWOW64\mfds.dll
2014-10-06 11:20:44 ----A---- C:\Windows\SysWOW64\Windows.Graphics.dll
2014-10-06 11:20:42 ----A---- C:\Windows\SysWOW64\msieftp.dll
2014-10-06 11:18:59 ----A---- C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-10-06 11:18:58 ----A---- C:\Windows\SysWOW64\sti.dll
2014-10-06 11:18:58 ----A---- C:\Windows\SysWOW64\OEMLicense.dll
2014-10-06 11:09:54 ----A---- C:\Windows\SysWOW64\msdrm.dll
2014-10-06 11:04:46 ----A---- C:\Windows\SysWOW64\iernonce.dll
2014-10-06 11:04:46 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-06 11:04:43 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2014-10-06 11:04:42 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2014-10-06 11:04:41 ----A---- C:\Windows\SysWOW64\msrating.dll
2014-10-06 11:01:49 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2014-10-06 10:57:28 ----A---- C:\Windows\SysWOW64\d2d1.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\tsgqec.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\dbghelp.dll
2014-10-06 10:54:47 ----A---- C:\Windows\SysWOW64\dbgeng.dll
2014-10-06 10:41:41 ----A---- C:\Windows\SysWOW64\poqexec.exe
2014-10-06 10:36:22 ----A---- C:\Windows\SysWOW64\pcaui.exe
2014-10-06 10:35:04 ----D---- C:\Program Files (x86)\Google
2014-10-06 10:31:46 ----D---- C:\ProgramData\ClassicShell
======List of files/folders modified in the last 1 month======
2014-10-29 21:06:54 ----D---- C:\Users\charlotte\AppData\Roaming\ClassicShell
2014-10-29 21:06:18 ----D---- C:\Windows\System32
2014-10-29 21:06:18 ----D---- C:\Windows\Inf
2014-10-29 21:05:59 ----D---- C:\Windows\Prefetch
2014-10-29 21:01:09 ----D---- C:\Windows\Temp
2014-10-29 21:01:09 ----D---- C:\Windows\SysWOW64
2014-10-29 20:49:58 ----RD---- C:\Program Files (x86)
2014-10-28 20:38:11 ----SHD---- C:\System Volume Information
2014-10-28 17:15:48 ----D---- C:\Windows\Microsoft.NET
2014-10-28 09:32:13 ----D---- C:\Windows\AppReadiness
2014-10-27 22:55:34 ----SHD---- C:\Windows\Installer
2014-10-27 22:55:34 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-10-27 22:55:05 ----RSD---- C:\Windows\assembly
2014-10-27 22:54:55 ----D---- C:\Program Files (x86)\Common Files\Microsoft Shared
2014-10-24 07:35:35 ----D---- C:\Windows\rescache
2014-10-23 07:13:48 ----D---- C:\Windows
2014-10-23 07:13:47 ----D---- C:\Windows\WinSxS
2014-10-23 01:29:32 ----RD---- C:\Windows\ToastData
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\wbem
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\setup
2014-10-23 01:29:22 ----D---- C:\Windows\SysWOW64\en-US
2014-10-23 01:29:18 ----RD---- C:\Windows\ImmersiveControlPanel
2014-10-23 01:29:13 ----RSD---- C:\Windows\Fonts
2014-10-23 01:29:12 ----D---- C:\Windows\apppatch
2014-10-23 01:29:11 ----D---- C:\Windows\SysWOW64\InputMethod
2014-10-22 21:23:40 ----D---- C:\Windows\Tasks
2014-10-21 19:35:39 ----D---- C:\Windows\CbsTemp
2014-10-21 19:11:03 ----D---- C:\Users\charlotte\AppData\Roaming\Adobe
2014-10-21 19:00:46 ----D---- C:\ProgramData\FLEXnet
2014-10-21 18:52:25 ----D---- C:\Program Files (x86)\Adobe
2014-10-21 18:51:51 ----D---- C:\ProgramData\Adobe
2014-10-21 18:51:24 ----D---- C:\Program Files (x86)\Common Files\Adobe
2014-10-21 00:02:39 ----D---- C:\Windows\MediaViewer
2014-10-21 00:02:38 ----D---- C:\Windows\FileManager
2014-10-21 00:02:38 ----D---- C:\Windows\Camera
2014-10-21 00:02:37 ----D---- C:\Program Files (x86)\Windows Defender
2014-10-21 00:02:25 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-21 00:02:24 ----D---- C:\Windows\PolicyDefinitions
2014-10-21 00:02:15 ----D---- C:\Windows\WinStore
2014-10-21 00:02:09 ----D---- C:\Windows\SysWOW64\migration
2014-10-17 11:05:08 ----D---- C:\Users\charlotte\AppData\Roaming\Apple Computer
2014-10-17 07:56:40 ----D---- C:\Windows\Logs
2014-10-17 00:47:32 ----D---- C:\Windows\servicing
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Portable Devices
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2014-10-17 00:47:32 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-17 00:47:31 ----D---- C:\Windows\SysWOW64\oobe
2014-10-17 00:47:31 ----D---- C:\Windows\SysWOW64\Dism
2014-10-17 00:47:28 ----D---- C:\Windows\en-US
2014-10-16 23:05:34 ----SD---- C:\Users\charlotte\AppData\Roaming\Microsoft
2014-10-16 23:01:25 ----RD---- C:\Program Files
2014-10-16 23:01:24 ----D---- C:\Program Files (x86)\Common Files\Apple
2014-10-16 23:01:23 ----HD---- C:\ProgramData
2014-10-16 23:01:23 ----D---- C:\ProgramData\Apple Computer
2014-10-16 23:00:42 ----D---- C:\ProgramData\Apple
2014-10-15 13:22:56 ----D---- C:\ProgramData\Oracle
2014-10-15 13:22:49 ----D---- C:\Program Files (x86)\Common Files
2014-10-15 13:22:45 ----D---- C:\Program Files (x86)\Java
2014-10-14 21:13:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-06 15:54:41 ----SD---- C:\ProgramData\Microsoft
2014-10-06 14:57:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-06 11:23:39 ----SHD---- C:\$Recycle.Bin
2014-10-06 10:56:51 ----D---- C:\ProgramData\CanonIJPLM
2014-10-06 10:31:17 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys []
R0 tos_sps64;@oem14.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys []
R0 TVALZ;@oem6.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R3 AmUStor;@oem12.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
R3 athr;@oem23.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys []
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys []
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys []
R3 MEIx64;@oem1.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys []
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys []
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys []
R3 SPPD;SPPD; \??\C:\Windows\system32\drivers\SPPD.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;@oem32.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 Thotkey;@oem3.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys []
R3 tosrfec;@oem22.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys []
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys []
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 emusba10;@oem27.inf,%EMUSBA10.Driver.DisplayName%;E-MU USB-Audio 1.0 Driver; C:\Windows\system32\DRIVERS\emusba10.sys []
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys []
S3 USBAAPL64;@oem28.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WDC_SAM;@oem26.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys []
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-22 312448]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-09-25 2436280]
R2 CltMngSvc;Search Protect Service; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-10-02 3015128]
R2 DragonLoggerService;Dragon Logger service; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [2014-07-12 137280]
R2 DragonSvc;Dragon Service; C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2014-07-12 339008]
R2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
R2 emaudsv;@oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service; C:\Windows\system32\emaudsv.exe []
R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
R2 Orbiter;Orbiter; C:\Windows\System32\svchost.exe [2013-08-22 31552]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-09 328544]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-10-10 279024]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-10-06 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
S3 Olympus DVR Service;Olympus DVR Service; C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [2012-11-08 174592]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-09-25 150600]
-----------------EOF-----------------
---------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:09:19, on 29/10/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe
C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\charlotte\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microlink â The UKâs Largest Independent Assistive Technology Supplier
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Bho - {609C0837-8DD3-4F9B-AAC5-446F36BC0353} - C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [DNS7reminder] "C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking13\Ereg.ini"
O4 - HKLM\..\Run: [BookExpress_B6FU] "C:\Program Files (x86)\Plustek\Plustek OpticBook 3800\book express.exe"
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [E-MU USB Audio Control Panel] "C:\Program Files (x86)\Creative Professional\E-MU USB Audio\EmuUsbAudioCP.exe"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: flstudio11.exe.lnk = C:\Users\charlotte\Documents\WindowsUpdates\flstudio11.exe
O4 - Global Startup: Device Detector 4.lnk = C:\Program Files (x86)\OLYMPUS\DeviceDetector\DeviceDetector4.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Search Protect Service (CltMngSvc) - Client Connect LTD - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Logger service (DragonLoggerService) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem27.inf,%EMAUD.Win32.DisplayName%;E-MU Audio Service (emaudsv) - Unknown owner - C:\Windows\system32\emaudsv.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files (x86)\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13030 bytes