View Full Version : System: XP Pro x64 Edition
joselepiu
2014-08-14, 02:41
System: XP Pro x64 Edition
Ver 2003
Service Pack 2
hello, again my comp is infected
the symptoms are that is really really slow when in full mode & the hard drives never stop working even when i have not used it for a long time. the green light never stops blinking also, right now im running it on safe mode
ran avg, spybot & malware but nothing found
here are the Farbar Recovery Scan Tool and aswMBR logs
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014 01
Ran by DJ RAC (administrator) on DJ-RAC-PUTTER on 13-08-2014 17:36:37
Running from C:\Documents and Settings\DJ RAC\Desktop
Platform: Microsoft Windows XP Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-08-03] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-11] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit] userinit, [X]
HKLM\...\Winlogon: [UIHost] C:\Windows\system32\logonui.exe [662016 2007-02-17] ( (Microsoft Corporation))
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain-x32: C:\WINDOWS\SysWOW64\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet-x32: C:\WINDOWS\SysWOW64\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll-x32: C:\WINDOWS\SysWOW64\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy-x32: C:\WINDOWS\SysWOW64\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\EFS-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
Winlogon\Notify\Schedule-x32: wlnotify.dll [X]
Winlogon\Notify\sclgntfy-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Winlogon\Notify\SensLogn-x32: WlNotify.dll [X]
Winlogon\Notify\wlballoon-x32: wlnotify.dll [X]
HKLM\...\Command Processor: <======= ATTENTION
HKLM-x32\...\Command Processor: <======= ATTENTION
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {2d27d8a5-3283-11e3-8e94-00e04d1c5274} - E:\LGAutoRun.exe
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {e39d701f-90fe-11e2-9c15-00e04d1c5274} - D:\LaunchU3.exe -a
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exeC:\PROGRA~2\AVG\AVG2014\avgrsa.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={78CBEA97-1813-44AE-A46F-4CD435A77274}&mid=63957768860347d38e83d1a90bf8bb87-8d758629d5135f4470f57152dc116841b6490bd7&lang=en&ds=AVG&pr=fr&d=2013-05-25 00:51:20&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363890949984
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\SysWow64\mshtml.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\SysWow64\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10508288 2009-02-10] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8360960 2009-02-10] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [233472] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 03 %SystemRoot%\System32\mswsock.dll [492544] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
FireFox:
========
FF ProfilePath: C:\Documents and Settings\DJ RAC\Application Data\Mozilla\Firefox\Profiles\afjw053j.default
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VLC Media Player 2 0 8 win32\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49
FF Extension: AVG SafeGuard toolbar - C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014-01-05]
Chrome:
=======
CHR NewTab: "chrome-extension://dpjamkmjmigaoobjbekmfgabipmfilij/empty_ntp.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files (x86)\Firefox Mozilla Ver 19 0 2\plugins\NPOFFICE.DLL No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Firefox Mozilla Ver 19 0 2\plugins\npwachk.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll (AVG Technologies)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-02]
CHR Extension: (YouTube) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-23]
CHR Extension: (Google Search) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-23]
CHR Extension: (Empty New Tab Page) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2013-12-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AeLookupSvc; C:\Windows\SysWOW64\aelupsvc.dll [26624 2006-03-29] (Microsoft Corporation)
S4 Alerter; C:\Windows\system32\alrsvc.dll [29696 2006-03-29] (Microsoft Corporation)
S3 ALG; C:\Windows\SysWOW64\alg.exe [45056 2006-03-29] (Microsoft Corporation)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
S2 Browser; C:\Windows\SysWOW64\browser.dll [78336 2007-02-18] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2006-03-29] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\SysWOW64\clipsrv.exe [32256 2006-03-29] (Microsoft Corporation)
R2 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-17] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-17] (Microsoft Corporation)
S2 ERSvc; C:\Windows\System32\ersvc.dll [31744 2006-03-29] (Microsoft Corporation)
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-17] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2006-03-29] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2006-03-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-17] (Microsoft Corporation)
S4 Messenger; C:\Windows\System32\msgsvc.dll [57344 2007-02-17] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2006-03-29] (Microsoft Corporation)
S3 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
S3 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
R3 Netman; C:\Windows\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
S3 Nla; C:\Windows\System32\mswsock.dll [492544 2008-06-21] (Microsoft Corporation)
S3 Nla; C:\Windows\SysWOW64\mswsock.dll [233472 2008-06-21] (Microsoft Corporation)
S3 NtLmSsp; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
S2 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-17] (Microsoft Corporation)
S2 NVSvc; C:\Windows\system32\nvsvc64.exe [135680 2006-03-31] (NVIDIA Corporation)
R2 PlugPlay; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
S2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
S3 RasAuto; C:\Windows\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
S3 RasMan; C:\Windows\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-17] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\SysWOW64\locator.exe [71680 2006-03-29] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-17] (Microsoft Corporation)
S2 Schedule; C:\Windows\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S2 seclogon; C:\Windows\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [231424 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-17] (Microsoft Corporation)
S2 TrkWks; C:\Windows\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
S2 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2006-03-29] (Microsoft Corporation)
S2 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\SysWOW64\ups.exe [16896 2006-03-29] (Microsoft Corporation)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [36352 2007-02-17] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1052160 2009-03-19] (Microsoft Corporation)
S3 Wmi; C:\Windows\SysWOW64\advapi32.dll [619008 2009-03-19] (Microsoft Corporation)
S2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2006-03-29] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-17] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-17] (Microsoft Corporation)
S3 xmlprov; C:\Windows\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
R2 Eventlog; [X]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Abiosdsk; No ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2006-03-29] (Microsoft Corporation)
S4 adpu160m; No ImagePath
S4 adpu320; No ImagePath
S3 aec; C:\Windows\System32\drivers\aec.sys [188928 2005-03-24] (Microsoft Corporation)
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S3 ALCXWDM; C:\Windows\System32\drivers\ALCWDM64.SYS [3304448 2006-10-13] (Realtek Semiconductor Corp.)
S4 AliIde; No ImagePath
S4 AmdIde; No ImagePath
S1 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [51200 2006-05-10] (Advanced Micro Devices)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S4 arc; No ImagePath
S4 Atdisk; No ImagePath
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-17] (Microsoft Corporation)
S3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverla.sys [227608 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S1 BIOS; C:\WINDOWS\system32\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
S1 BIOS; C:\WINDOWS\SysWOW64\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
S2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-17] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-17] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2006-03-29] (Microsoft Corporation)
S4 dpti2o; No ImagePath
S1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-17] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-17] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-17] (Microsoft Corporation)
S1 i2omgmt; No ImagePath
S4 iirsp; No ImagePath
R1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2006-03-29] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 Ip6Fw; C:\Windows\System32\drivers\ip6fw.sys [57856 2007-02-17] (Microsoft Corporation)
S3 IpInIp; No ImagePath
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-17] (Microsoft Corporation)
S3 kmixer; C:\Windows\System32\drivers\kmixer.sys [204288 2005-03-24] (Microsoft Corporation)
S1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2006-03-29] (Microsoft Corporation)
S4 mraid35x; No ImagePath
S3 MxlW2k; C:\Windows\SysWow64\Drivers\MxlW2k.sys [28276 2013-03-18] (MusicMatch, Inc.) [File not signed]
S3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [4818944 2006-03-31] (NVIDIA Corporation)
R0 nvata64; C:\Windows\System32\DRIVERS\nvata64.sys [164864 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [52736 2006-02-17] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2006-02-17] (NVIDIA Corporation)
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
R3 PSched; C:\Windows\System32\DRIVERS\psched.sys [106496 2007-02-17] (Microsoft Corporation)
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2006-03-29] (Parallel Technologies, Inc.)
S0 PxHelp64; C:\Windows\SysWOW64\DRIVERS\PxHelp64.sys [47872 2003-07-30] (Sonic Solutions) [File not signed]
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2006-03-29] (Microsoft Corporation)
R1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-17] (Microsoft Corporation)
S4 Simbad; No ImagePath
S3 splitter; C:\Windows\System32\drivers\splitter.sys [10240 2007-02-17] (Microsoft Corporation)
R0 sr; C:\Windows\System32\DRIVERS\sr.sys [123904 2006-03-29] (Microsoft Corporation)
S3 swmidi; C:\Windows\System32\drivers\swmidi.sys [86528 2005-03-24] (Microsoft Corporation)
S4 symc8xx; No ImagePath
S4 symmpi; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
S3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [147456 2007-02-17] (Microsoft Corporation)
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
R3 Update; C:\Windows\System32\DRIVERS\update.sys [81920 2007-02-17] (Microsoft Corporation)
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
S3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [187904 2007-02-17] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll (Microsoft Corporation)
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: DMServer -> C:\Windows\SysWOW64\dmserver.dll ==> No File.
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: HidServ -> C:\Windows\SysWOW64\hidserv.dll ==> No File.
NETSVCx32: Iprip -> No ServiceDLL Path.
NETSVCx32: LanmanWorkstation -> C:\Windows\SysWOW64\wkssvc.dll ==> No File.
NETSVCx32: Messenger -> C:\Windows\SysWOW64\msgsvc.dll ==> No File.
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: wscsvc -> C:\Windows\SysWOW64\wscsvc.dll ==> No File.
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 17:36 - 2014-08-13 17:36 - 00027090 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-13 17:35 - 2014-08-13 17:36 - 00000000 ____D () C:\FRST
2014-08-13 17:30 - 2014-08-13 17:30 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 04057608 _____ () C:\Documents and Settings\DJ RAC\Desktop\tweaking.com_registry_backup_setup.exe
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 17:00 - 2014-08-13 17:00 - 00007451 _____ () C:\Documents and Settings\DJ RAC\Desktop\hijackthis 08 13 14 17 00 PM .log
2014-08-13 14:02 - 2014-08-13 14:02 - 00007451 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 14 02 pm after all scans hijackthis.log
2014-08-13 11:25 - 2014-08-13 11:25 - 00006894 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 11 25 am after malware scan hijackthis.log
2014-08-13 09:32 - 2014-08-13 09:32 - 00006893 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 09 32 am after spy scan hijackthis.log
2014-08-13 08:27 - 2014-06-19 12:47 - 00450613 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140813-082716.backup
2014-08-13 08:12 - 2014-08-13 08:12 - 00006828 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 08 12 am after avg scan hijackthis.log
2014-08-13 07:10 - 2014-08-13 07:10 - 00006828 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 07 09 am b4 scans hijackthis.log
2014-08-13 07:08 - 2014-08-13 16:58 - 00000000 ____D () C:\Program Files (x86)\Trend Micro HijackThis Ver 2 0 2
2014-08-13 07:08 - 2014-08-13 07:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis
2014-08-13 06:51 - 2014-08-13 17:03 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-13 03:18 - 2014-08-13 17:00 - 00005115 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-11 21:22 - 2014-08-13 02:26 - 00000199 _____ () C:\Documents and Settings\DJ RAC\Desktop\major crimes.txt
2014-07-29 22:17 - 2014-07-31 15:16 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\priscillas
2014-07-25 03:02 - 2014-08-13 17:00 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-25 00:48 - 2014-07-26 22:41 - 00002049 _____ () C:\Documents and Settings\DJ RAC\Desktop\disco music mix.txt
2014-07-16 23:18 - 2014-07-19 15:04 - 00000078 _____ () C:\Documents and Settings\DJ RAC\Desktop\baladas 70s.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 17:36 - 2014-08-13 17:36 - 00027090 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-13 17:36 - 2014-08-13 17:35 - 00000000 ____D () C:\FRST
2014-08-13 17:36 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Local Settings\Temp
2014-08-13 17:30 - 2014-08-13 17:30 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 04057608 _____ () C:\Documents and Settings\DJ RAC\Desktop\tweaking.com_registry_backup_setup.exe
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 17:18 - 2006-03-29 06:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-13 17:03 - 2014-08-13 06:51 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-13 17:00 - 2014-08-13 17:00 - 00007451 _____ () C:\Documents and Settings\DJ RAC\Desktop\hijackthis 08 13 14 17 00 PM .log
2014-08-13 17:00 - 2014-08-13 03:18 - 00005115 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-13 17:00 - 2014-07-25 03:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-13 17:00 - 2013-03-20 20:30 - 00000178 ___SH () C:\Documents and Settings\DJ RAC\ntuser.ini
2014-08-13 17:00 - 2013-03-20 12:12 - 00524288 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-08-13 17:00 - 2013-03-19 14:13 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-13 17:00 - 2013-03-18 07:24 - 00032470 _____ () C:\WINDOWS\Tasks\SchedLgU.Txt
2014-08-13 17:00 - 2013-03-18 07:24 - 00000216 _____ () C:\Documents and Settings\LocalService\wiadebug.log
2014-08-13 17:00 - 2013-03-18 07:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-13 16:58 - 2014-08-13 07:08 - 00000000 ____D () C:\Program Files (x86)\Trend Micro HijackThis Ver 2 0 2
2014-08-13 16:08 - 2013-10-09 18:28 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-13 14:39 - 2014-06-18 14:13 - 00000442 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1403122415.job
2014-08-13 14:02 - 2014-08-13 14:02 - 00007451 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 14 02 pm after all scans hijackthis.log
2014-08-13 13:29 - 2014-02-05 23:44 - 00000374 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rmv.job
2014-08-13 13:29 - 2014-02-05 23:44 - 00000372 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rel.job
2014-08-13 13:29 - 2013-10-09 18:28 - 00000894 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 13:29 - 2013-03-20 12:12 - 00000632 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-08-13 13:29 - 2013-03-18 07:35 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2014-08-13 13:28 - 2013-03-18 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-08-13 11:25 - 2014-08-13 11:25 - 00006894 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 11 25 am after malware scan hijackthis.log
2014-08-13 09:32 - 2014-08-13 09:32 - 00006893 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 09 32 am after spy scan hijackthis.log
2014-08-13 08:13 - 2013-03-20 12:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-13 08:12 - 2014-08-13 08:12 - 00006828 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 08 12 am after avg scan hijackthis.log
2014-08-13 07:10 - 2014-08-13 07:10 - 00006828 _____ () C:\Documents and Settings\DJ RAC\Desktop\08 13 14 07 09 am b4 scans hijackthis.log
2014-08-13 07:08 - 2014-08-13 07:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HijackThis
2014-08-13 02:45 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC
2014-08-13 02:26 - 2014-08-11 21:22 - 00000199 _____ () C:\Documents and Settings\DJ RAC\Desktop\major crimes.txt
2014-08-13 00:30 - 2013-03-20 12:12 - 00000628 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-08-12 14:39 - 2014-06-18 14:13 - 00000000 ____D () C:\Program Files (x86)\Opera 22 0 1471 70
2014-08-11 20:41 - 2014-03-15 10:18 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-08-11 20:41 - 2013-05-20 17:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\cache
2014-08-11 20:41 - 2013-03-18 13:31 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-08-11 15:09 - 2013-03-20 20:30 - 00000265 _____ () C:\Documents and Settings\DJ RAC\wiadebug.log
2014-08-11 14:42 - 2014-04-03 13:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 30 0
2014-08-06 15:37 - 2013-03-18 16:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DVD Shrink
2014-08-04 15:12 - 2013-03-20 20:52 - 00000178 ___SH () C:\Documents and Settings\Lety\ntuser.ini
2014-08-04 15:11 - 2013-03-20 20:52 - 00000000 ____D () C:\Documents and Settings\Lety\Local Settings\Temp
2014-08-04 15:03 - 2013-03-24 14:56 - 00000000 ____D () C:\Documents and Settings\Lety\Desktop\SAVE IT HERE
2014-08-04 15:03 - 2013-03-20 20:52 - 00000265 _____ () C:\Documents and Settings\Lety\wiadebug.log
2014-08-04 10:17 - 2014-05-01 09:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2014 Ver 2014 0 4744
2014-08-01 00:30 - 2013-03-20 12:12 - 00000458 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-07-31 15:32 - 2013-03-18 17:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-07-31 15:16 - 2014-07-29 22:17 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\priscillas
2014-07-29 19:22 - 2013-03-23 19:44 - 00000178 ___SH () C:\Documents and Settings\Prisc & Vane\ntuser.ini
2014-07-29 19:12 - 2013-03-23 19:44 - 00000000 ____D () C:\Documents and Settings\Prisc & Vane\Local Settings\Temp
2014-07-26 22:41 - 2014-07-25 00:48 - 00002049 _____ () C:\Documents and Settings\DJ RAC\Desktop\disco music mix.txt
2014-07-25 03:02 - 2013-03-18 13:20 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-25 03:02 - 2013-03-18 13:20 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-25 00:03 - 2013-03-23 03:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
2014-07-19 15:04 - 2014-07-16 23:18 - 00000078 _____ () C:\Documents and Settings\DJ RAC\Desktop\baladas 70s.txt
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
==================== End Of Log
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014 01
Ran by DJ RAC at 2014-08-13 17:37:13
Running from C:\Documents and Settings\DJ RAC\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1-Click YouTube Downloader 9.0 (HKLM-x32\...\1-Click YouTube Downloader_is1) (Version: - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AoA Audio Extractor (HKLM-x32\...\{D1725D54-279A-40C5-A70D-23C1785DB920}_is1) (Version: - AoAMedia.com)
Asoftech Data Recovery (HKLM-x32\...\{1AED6EB7-8FEA-4021-B8FD-EBAA6B21679F}) (Version: 1.00 - )
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 2.5 - Auslogics Software Pty Ltd)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 2.5 - Auslogics Software Pty Ltd)
Auslogics Registry Defrag (HKLM-x32\...\{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1) (Version: 6.5 - Auslogics Software Pty Ltd)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.786 - AVG Technologies)
Brother MFL-Pro Suite MFC-250C (HKLM-x32\...\{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}) (Version: 1.1.8.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDFab 8.2.2.8 (26/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
EaseUS Data Recovery Wizard 5.8.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 5.8.5_is1) (Version: - EaseUS)
Everio MediaBrowser 4 (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 4.00.214 - PIXELA)
FaceFilter Studio Brother Edition (HKLM-x32\...\{F59205C8-E5FB-43F5-AAB2-16C1760D4F59}) (Version: 1.0 - )
FastStone Photo Resizer 3.1 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.1 - FastStone Soft.)
Gamers Unite! Snag Bar (HKCU\...\Gamers Unite! Snag Bar) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.50.5145 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.2 - goldensoft.org)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
InstaCodecs (HKLM-x32\...\InstaCodecs_is1) (Version: 1.0 - )
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.03.20130809 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XML Parser (x32 Version: 8.0.7820.0 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 6.0 Parser (HKLM\...\{633F3A7E-471D-4C08-A643-C184A2EE19AB}) (Version: 6.10.1129.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Opera Stable 23.0.1522.75 (HKLM-x32\...\Opera 23.0.1522.75) (Version: 23.0.1522.75 - Opera Software ASA)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PicaJet Photo Recovery 1.0.1 Beta (HKLM-x32\...\PicaJet Photo Recovery) (Version: 1.0.1 Beta - PicaJet.Com)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Realtek AC'97 Audio (HKLM-x32\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.28 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform)
ScanSoft PaperPort 11 (HKLM-x32\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Sonic RecordNow! (HKLM-x32\...\{9541FED0-327F-4DF0-8B96-EF57EF622F19}) (Version: 6.5.1 - Sonic Solutions)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 5 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) (HKLM\...\9E140F48C9836B9B78539C08FB2B17146BDB3F65) (Version: 04/28/2006 1.3.1.0 - Advanced Micro Devices)
Windows XP Service Pack 2 (HKLM\...\Windows x64 Service Pack) (Version: 20070217.000042 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare Photo Recovery (build 3.0.3) (HKLM-x32\...\Wondershare Photo Recovery_is1) (Version: - Wondershare Software Co., Ltd.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-07-2014 16:19:04 System Checkpoint
24-07-2014 01:20:58 System Checkpoint
26-07-2014 18:42:42 System Checkpoint
29-07-2014 21:09:51 System Checkpoint
01-08-2014 20:54:19 System Checkpoint
06-08-2014 14:18:44 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-03-29 06:00 - 2014-08-13 08:27 - 00450613 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job.bak => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job.bak => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1403122415.job => C:\Program Files (x86)\Opera 22 0 1471 70\launcher.exe
Task: C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Loaded Modules (whitelisted) =============
2014-08-12 14:39 - 2014-08-12 14:39 - 00957048 _____ () C:\Program Files (x86)\Opera 22 0 1471 70\23.0.1522.75\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/13/2014 05:29:55 PM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The Volume Shadow Copy infrastructure cannot be used during Safe Mode.
Error: (08/13/2014 05:02:34 PM) (Source: VSS) (EventID: 8211) (User: )
Description: Volume Shadow Copy Service error: Writer with name WMI Writer and ID {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} attempted to subscribe in safe mode.
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (948) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 367, PgnoRoot: 2441) of database C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb (0 => 2441, wuaueng.dll0).
System errors:
=============
Error: (08/13/2014 05:18:58 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (08/13/2014 05:03:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AmdK8
Avgdiska
AVGIDSDriverl
Avgldx64
BIOS
Fips
Error: (08/13/2014 05:03:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriverl service which failed to start because of the following error:
%%31
Error: (08/13/2014 05:02:36 PM) (Source: 0) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\MxlW2k.SYS
Error: (08/13/2014 04:36:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (08/13/2014 01:29:07 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generate Activation Context failed for C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe.
Reference error message: The referenced assembly is not installed on your system.
.
Error: (08/13/2014 01:29:07 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Resolve Partial Assembly failed for Microsoft.Windows.Common-Controls.
Reference error message: The referenced assembly is not installed on your system.
.
Error: (08/13/2014 01:29:07 PM) (Source: SideBySide) (EventID: 32) (User: )
Description: Dependent Assembly Microsoft.Windows.Common-Controls could not be found and Last Error was The referenced assembly is not installed on your system.
Error: (08/13/2014 01:25:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Automatic Updates service hung on starting.
Error: (08/13/2014 01:23:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053
Microsoft Office Sessions:
=========================
Error: (08/13/2014 05:29:55 PM) (Source: VSS) (EventID: 18) (User: )
Description:
Error: (08/13/2014 05:02:34 PM) (Source: VSS) (EventID: 8211) (User: )
Description: WMI Writer{a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
Error: (08/13/2014 05:00:37 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll948SUS20ClientDataStore: -3383672441C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb02441366
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Percentage of memory in use: 18%
Total physical RAM: 3774.23 MB
Available physical RAM: 3092.71 MB
Total Pagefile: 5578.73 MB
Available Pagefile: 5236.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:279.47 GB) (Free:7.81 GB) NTFS
Drive d: () (Fixed) (Total:465.75 GB) (Free:342.63 GB) NTFS
==================== MBR & Partition Table ==================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 0A210A21)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 279 GB) (Disk ID: 29632963)
Partition 1: (Active) - (Size=279 GB) - (Type=07 NTFS)
==================== End Of Log
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-13 17:39:22
-----------------------------
17:39:22.953 OS Version: Windows x64 5.2.3790 Service Pack 2
17:39:22.953 Number of processors: 2 586 0x2B01
17:39:22.953 ComputerName: DJ-RAC-PUTTER UserName: DJ RAC
17:39:23.750 Initialize success
17:39:23.843 VM: driver load error: 2
17:50:28.109 AVAST engine defs: 14081301
18:01:39.265 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-f
18:01:39.265 Disk 0 Vendor: WDC_WD5000AAKB-00H8A0 05.04E05 Size: 476940MB BusType: 3
18:01:39.281 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-17
18:01:39.296 Disk 1 Vendor: Maxtor_6L300R0 BAH41G10 Size: 286188MB BusType: 3
18:01:39.437 Disk 1 MBR read successfully
18:01:39.437 Disk 1 MBR scan
18:01:39.500 Disk 1 Windows XP default MBR code
18:01:39.515 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 286179 MB offset 63
18:01:39.546 Disk 1 scanning C:\WINDOWS\system32\drivers
18:01:45.890 Service scanning
18:01:58.968 Modules scanning
18:01:59.000 Disk 1 trace - called modules:
18:02:01.750 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS hal.dll
18:02:01.906 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffadfa377b770]
18:02:02.062 3 CLASSPNP.SYS[fffffadf98e0a8c9] -> nt!IofCallDriver -> \Device\00000066[0xfffffadfa377ca30]
18:02:02.218 5 ACPI.sys[fffffadf98fa9e69] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T1L0-17[0xfffffadfa377d060]
18:02:03.000 AVAST engine scan C:\WINDOWS
18:02:05.531 AVAST engine scan C:\WINDOWS\system32
18:03:47.265 AVAST engine scan C:\WINDOWS\system32\drivers
18:04:00.593 AVAST engine scan C:\Documents and Settings\DJ RAC
18:14:20.312 AVAST engine scan C:\Documents and Settings\All Users
18:16:15.843 Scan finished successfully
18:18:25.906 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\DJ RAC\Desktop\New logs frst64\MBR.dat"
18:18:25.921 The log file has been saved successfully to "C:\Documents and Settings\DJ RAC\Desktop\New logs frst64\aswMBR.txt"
ran
System: XP Pro x64 Edition
Ver 2003
Service Pack 2
not sure if i had to turn of or not
please let me know if more info is needed
thanks
Hi joselepiu,
My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
Important information regarding Windows XP
Microsoft will no longer offer support for Windows XP beginning on April 8, 2014
If you are running Windows XP, please take the time to read the information provided at these links.
Windows XP - The Elephant In The Room (http://www.malwareremoval.com/forum/viewtopic.php?p=630064#p630064)[/*]
Windows XP - The end of the road (http://techpageone.dell.com/technology/windows-xp-end-road/?dgc=BA&cid=272099&lid=5049884&acd=12309189674467600#.UxUoP4W9Is3)[/*]
=========================
Please run these tools in Normal Mode unless instructed otherwise.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Uninstall via Add/Remove Programs
Please go to Start > Control Panel > Add Remove Programs.
Locate the following programs: (if present)
AVG Secure Search
AVG SafeGuard toolbar
Click Remove and allow Windows to completely remove each one in turn.
Then reboot your computer to complete this part of the process.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Disable Plug-ins in Google Chrome
Click the Chrome menu http://i1269.photobucket.com/albums/jj590/OCD-WTT/chromebrowsertoolbar.png on the browser toolbar.
Select Settings.
Scroll down to Show advanced settings...
Locate the Privacy Section, select Content Settings
In the pop up window scoll to Plug-Ins, select Disable individual plug-ins...
Locate the following plug-ins and set them to Disable:
AVG SiteSafety plugin
Exit Chrome settings menu.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-11] ()
HKLM\...\Command Processor: <======= ATTENTION
HKLM-x32\...\Command Processor: <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={78CBEA97-1813-44AE-A46F-4CD435A77274}&mid=63957768860347d38e83d1a90bf8bb87-8d758629d5135f4470f57152dc116841b6490bd7&lang=en&ds=AVG&pr=fr&d=2013-05-25 00:51:20&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll (AVG Technologies)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
=========================
In your next post please provide the following:
Fixlog.txt
joselepiu
2014-08-15, 20:02
ok...
i found the avg safeguard toolbar program and i did removed it...
i did not find the avg secure search program there...
i did not find the avg sitesafety plugin, attached is a pic of the plugins listed there...
and here is the FRST log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-08-2014
Ran by DJ RAC at 2014-08-15 11:17:31 Run:2
Running from C:\Documents and Settings\DJ RAC\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-11] ()
HKLM\...\Command Processor: <======= ATTENTION
HKLM-x32\...\Command Processor: <======= ATTENTION
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={78CBEA97-1813-44AE-A46F-4CD435A77274}&mid=63957768860347d38e83d1a90bf8bb87-8d758629d5135f4470f57152dc116841b6490bd7&lang=en&ds=AVG&pr=fr&d=2013-05-25 00:51:20&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll (AVG Technologies)
S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0214b.exe
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => Value not found.
HKLM\Software\Microsoft\Command Processor\\AutoRun => Value not found.
HKLM\Software\Wow6432Node\Microsoft\Command Processor\\AutoRun => Value not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value not found.
"HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol" => Key not found.
"HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll not found.
vToolbarUpdater18.1.9 => Service not found.
"C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!." => File/Directory not found.
"C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!." => File/Directory not found.
"C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!." => File/Directory not found.
C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rel.job => Moved successfully.
C:\WINDOWS\Tasks\AVG-Secure-Search-Update_0214b_rmv.job => Moved successfully.
==== End of Fixlog ====
Hi joselepiu,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) SystemLook
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1 (http://jpshortstuff.247fixes.com/SystemLook.exe)
Download Mirror #2 (http://images.malwareremoval.com/jpshortstuff/SystemLook.exe)
Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
:filefind
wininit.exe
Bootcat.cache
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool
Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
SystemLook.txt
AdwCleaner[S0].txt
JRT.txt
FRST.txt
joselepiu
2014-08-17, 01:42
hello again
i ran the systemLook program & copied the requested text on it...
and it says "" Use SystemLook_x64 for accurate results ""...
ran the adwcleaner v3: Scan & Clean program...
on your instructions it says "" adwcleaner will begin to scan your computer like it did before.""...
it was the 1st time i ran it...
ran the junkware removal tool program...
turn off svg & spybot 2 and reboot comp to turn them on after this scan...
ran the farbar recovery scan tool program again & it updated itself...
i been getting a pop up message that adobe reader needs to update i have not updated it...
avg updated itself could not stop it...
here are all the scan logs (systemlook, adwcleaner, junkware removal tool, farbar recovery scan tool)...
systemlook:
SystemLook 30.07.11 by jpshortstuff
Log created at 15:47 on 16/08/2014 by DJ RAC
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.
========== filefind ==========
Searching for "wininit.exe "
No files found.
Searching for "Bootcat.cache"
No files found.
-= EOF =-
================================================
adwcleaner:
# AdwCleaner v3.306 - Report created 16/08/2014 at 15:57:16
# Updated 15/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (64 bits)
# Username : DJ RAC
# Running from : C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Administrator\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Lety\Application Data\AVG SafeGuard toolbar
Folder Deleted : C:\Documents and Settings\Prisc & Vane\Application Data\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij
[!] Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\WINDOWS\System32\GroupPolicy\User\Registry.pol
File Deleted : C:\DOCUME~1\DJRAC~1\LOCALS~1\Temp\Uninstall.exe
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe]
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.5730.13
-\\ Mozilla Firefox v30.0 (en-US)
[ File : C:\Documents and Settings\DJ RAC\Application Data\Mozilla\Firefox\Profiles\afjw053j.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[ File : C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : dpjamkmjmigaoobjbekmfgabipmfilij
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[ File : C:\Documents and Settings\Lety\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[ File : C:\Documents and Settings\Prisc & Vane\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [4024 octets] - [16/08/2014 15:51:57]
AdwCleaner[S0].txt - [4167 octets] - [16/08/2014 15:57:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4227 octets] ##########
================================================
junkware removal tool:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x64
Ran by DJ RAC on Sat 08/16/2014 at 16:06:20.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/16/2014 at 16:12:19.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
================================================
farbar recovery scan tool:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by DJ RAC (administrator) on DJ-RAC-PUTTER on 16-08-2014 16:53:12
Running from C:\Documents and Settings\DJ RAC\Desktop
Platform: Microsoft Windows XP Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-08-03] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit] userinit, [X]
HKLM\...\Winlogon: [UIHost] C:\Windows\system32\logonui.exe [662016 2007-02-17] ( (Microsoft Corporation))
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain-x32: C:\WINDOWS\SysWOW64\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet-x32: C:\WINDOWS\SysWOW64\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll-x32: C:\WINDOWS\SysWOW64\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy-x32: C:\WINDOWS\SysWOW64\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\EFS-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
Winlogon\Notify\Schedule-x32: wlnotify.dll [X]
Winlogon\Notify\sclgntfy-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Winlogon\Notify\SensLogn-x32: WlNotify.dll [X]
Winlogon\Notify\wlballoon-x32: wlnotify.dll [X]
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {2d27d8a5-3283-11e3-8e94-00e04d1c5274} - E:\LGAutoRun.exe
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {e39d701f-90fe-11e2-9c15-00e04d1c5274} - D:\LaunchU3.exe -a
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exeC:\PROGRA~2\AVG\AVG2014\avgrsa.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363890949984
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\SysWow64\mshtml.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\SysWow64\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10508288 2009-02-10] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8360960 2009-02-10] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [233472] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 03 %SystemRoot%\System32\mswsock.dll [492544] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
FireFox:
========
FF ProfilePath: C:\Documents and Settings\DJ RAC\Application Data\Mozilla\Firefox\Profiles\afjw053j.default
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VLC Media Player 2 0 8 win32\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VLC Media Player 2 0 8 win32\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
CHR Extension: (Google Drive) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-02]
CHR Extension: (YouTube) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-23]
CHR Extension: (Google Search) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-23]
CHR Extension: (Google Wallet) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AeLookupSvc; C:\Windows\SysWOW64\aelupsvc.dll [26624 2006-03-29] (Microsoft Corporation)
S4 Alerter; C:\Windows\system32\alrsvc.dll [29696 2006-03-29] (Microsoft Corporation)
R3 ALG; C:\Windows\SysWOW64\alg.exe [45056 2006-03-29] (Microsoft Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
S2 Browser; C:\Windows\SysWOW64\browser.dll [78336 2007-02-18] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2006-03-29] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\SysWOW64\clipsrv.exe [32256 2006-03-29] (Microsoft Corporation)
R2 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-17] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-17] (Microsoft Corporation)
R2 ERSvc; C:\Windows\System32\ersvc.dll [31744 2006-03-29] (Microsoft Corporation)
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-17] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2006-03-29] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2006-03-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-17] (Microsoft Corporation)
S4 Messenger; C:\Windows\System32\msgsvc.dll [57344 2007-02-17] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2006-03-29] (Microsoft Corporation)
S3 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
S3 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
R3 Netman; C:\Windows\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
R3 Nla; C:\Windows\System32\mswsock.dll [492544 2008-06-21] (Microsoft Corporation)
R3 Nla; C:\Windows\SysWOW64\mswsock.dll [233472 2008-06-21] (Microsoft Corporation)
S3 NtLmSsp; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
R2 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-17] (Microsoft Corporation)
R2 NVSvc; C:\Windows\system32\nvsvc64.exe [135680 2006-03-31] (NVIDIA Corporation)
R2 PlugPlay; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
S3 RasAuto; C:\Windows\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
R3 RasMan; C:\Windows\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-17] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\SysWOW64\locator.exe [71680 2006-03-29] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-17] (Microsoft Corporation)
R2 Schedule; C:\Windows\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 seclogon; C:\Windows\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [231424 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-17] (Microsoft Corporation)
R2 TrkWks; C:\Windows\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
R2 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2006-03-29] (Microsoft Corporation)
R2 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\SysWOW64\ups.exe [16896 2006-03-29] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [36352 2007-02-17] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1052160 2009-03-19] (Microsoft Corporation)
S3 Wmi; C:\Windows\SysWOW64\advapi32.dll [619008 2009-03-19] (Microsoft Corporation)
U2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2006-03-29] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-17] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-17] (Microsoft Corporation)
S3 xmlprov; C:\Windows\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
R2 Eventlog; [X]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Abiosdsk; No ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2006-03-29] (Microsoft Corporation)
S4 adpu160m; No ImagePath
S4 adpu320; No ImagePath
R3 aec; C:\Windows\System32\drivers\aec.sys [188928 2005-03-24] (Microsoft Corporation)
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
R3 ALCXWDM; C:\Windows\System32\drivers\ALCWDM64.SYS [3304448 2006-10-13] (Realtek Semiconductor Corp.)
S4 AliIde; No ImagePath
S4 AmdIde; No ImagePath
R1 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [51200 2006-05-10] (Advanced Micro Devices)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S4 arc; No ImagePath
S4 Atdisk; No ImagePath
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-17] (Microsoft Corporation)
R3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverla.sys [227608 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 BIOS; C:\WINDOWS\system32\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
R1 BIOS; C:\WINDOWS\SysWOW64\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
R2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-17] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-17] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2006-03-29] (Microsoft Corporation)
S4 dpti2o; No ImagePath
R1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-17] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-17] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-17] (Microsoft Corporation)
S1 i2omgmt; No ImagePath
S4 iirsp; No ImagePath
R1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2006-03-29] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 Ip6Fw; C:\Windows\System32\drivers\ip6fw.sys [57856 2007-02-17] (Microsoft Corporation)
S3 IpInIp; No ImagePath
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-17] (Microsoft Corporation)
R3 kmixer; C:\Windows\System32\drivers\kmixer.sys [204288 2005-03-24] (Microsoft Corporation)
R1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2006-03-29] (Microsoft Corporation)
S4 mraid35x; No ImagePath
S3 MxlW2k; C:\Windows\SysWow64\Drivers\MxlW2k.sys [28276 2013-03-18] (MusicMatch, Inc.) [File not signed]
R3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [4818944 2006-03-31] (NVIDIA Corporation)
R0 nvata64; C:\Windows\System32\DRIVERS\nvata64.sys [164864 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [52736 2006-02-17] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2006-02-17] (NVIDIA Corporation)
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
R3 PSched; C:\Windows\System32\DRIVERS\psched.sys [106496 2007-02-17] (Microsoft Corporation)
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2006-03-29] (Parallel Technologies, Inc.)
S0 PxHelp64; C:\Windows\SysWOW64\DRIVERS\PxHelp64.sys [47872 2003-07-30] (Sonic Solutions) [File not signed]
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2006-03-29] (Microsoft Corporation)
R1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-17] (Microsoft Corporation)
S4 Simbad; No ImagePath
R3 splitter; C:\Windows\System32\drivers\splitter.sys [10240 2007-02-17] (Microsoft Corporation)
R0 sr; C:\Windows\System32\DRIVERS\sr.sys [123904 2006-03-29] (Microsoft Corporation)
R3 swmidi; C:\Windows\System32\drivers\swmidi.sys [86528 2005-03-24] (Microsoft Corporation)
S4 symc8xx; No ImagePath
S4 symmpi; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
R3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [147456 2007-02-17] (Microsoft Corporation)
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
R3 Update; C:\Windows\System32\DRIVERS\update.sys [81920 2007-02-17] (Microsoft Corporation)
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
R3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [187904 2007-02-17] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll (Microsoft Corporation)
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: DMServer -> C:\Windows\SysWOW64\dmserver.dll ==> No File.
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: HidServ -> C:\Windows\SysWOW64\hidserv.dll ==> No File.
NETSVCx32: Iprip -> No ServiceDLL Path.
NETSVCx32: LanmanWorkstation -> C:\Windows\SysWOW64\wkssvc.dll ==> No File.
NETSVCx32: Messenger -> C:\Windows\SysWOW64\msgsvc.dll ==> No File.
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: wscsvc -> C:\Windows\SysWOW64\wscsvc.dll ==> No File.
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-16 16:53 - 2014-08-16 16:53 - 00024680 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-16 16:52 - 2014-08-16 16:52 - 02101760 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-16 16:15 - 2014-08-16 16:17 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\FRST-OlderVersion
2014-08-16 16:12 - 2014-08-16 16:12 - 00000590 _____ () C:\Documents and Settings\DJ RAC\Desktop\JRT.txt
2014-08-16 16:06 - 2014-08-16 16:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-16 16:04 - 2014-08-16 16:04 - 01016261 _____ (Thisisu) C:\Documents and Settings\DJ RAC\Desktop\JRT.exe
2014-08-16 16:03 - 2014-08-16 16:03 - 00000019 _____ () C:\Documents and Settings\DJ RAC\Desktop\adobe reader update.txt
2014-08-16 16:02 - 2014-08-16 16:02 - 00004291 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner[S0].txt
2014-08-16 15:59 - 2014-08-16 15:59 - 00001286 _____ () C:\WINDOWS\PFRO.log
2014-08-16 15:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-16 15:51 - 2014-08-16 15:57 - 00000000 ____D () C:\AdwCleaner
2014-08-16 15:50 - 2014-08-16 15:51 - 01361203 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner.exe
2014-08-16 15:47 - 2014-08-16 15:48 - 00000696 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook.txt
2014-08-16 15:46 - 2014-08-16 16:29 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-16 15:27 - 2014-08-16 15:27 - 00139264 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook.exe
2014-08-16 14:03 - 2014-08-16 16:27 - 00006005 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-15 11:13 - 2014-08-15 11:13 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\Farbar Recovery Scan Tool - FRST64.exe
2014-08-13 17:35 - 2014-08-16 16:53 - 00000000 ____D () C:\FRST
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 08:27 - 2014-06-19 12:47 - 00450613 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140813-082716.backup
2014-07-25 03:02 - 2014-08-16 16:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-16 16:53 - 2014-08-16 16:53 - 00024680 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-16 16:53 - 2014-08-13 17:35 - 00000000 ____D () C:\FRST
2014-08-16 16:53 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Local Settings\Temp
2014-08-16 16:52 - 2014-08-16 16:52 - 02101760 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-16 16:40 - 2014-06-18 14:13 - 00000442 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1403122415.job
2014-08-16 16:40 - 2013-10-09 18:28 - 00000894 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-16 16:40 - 2013-03-20 12:12 - 00000632 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-08-16 16:40 - 2013-03-18 07:35 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2014-08-16 16:40 - 2013-03-18 07:24 - 00032514 _____ () C:\WINDOWS\Tasks\SchedLgU.Txt
2014-08-16 16:40 - 2006-03-29 06:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-16 16:29 - 2014-08-16 15:46 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-16 16:27 - 2014-08-16 14:03 - 00006005 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-16 16:27 - 2013-03-19 14:13 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-16 16:27 - 2013-03-18 07:24 - 00000157 _____ () C:\Documents and Settings\LocalService\wiadebug.log
2014-08-16 16:27 - 2013-03-18 07:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-16 16:26 - 2013-03-20 12:12 - 00524288 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-08-16 16:25 - 2013-03-20 20:30 - 00000178 ___SH () C:\Documents and Settings\DJ RAC\ntuser.ini
2014-08-16 16:17 - 2014-08-16 16:15 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\FRST-OlderVersion
2014-08-16 16:12 - 2014-08-16 16:12 - 00000590 _____ () C:\Documents and Settings\DJ RAC\Desktop\JRT.txt
2014-08-16 16:07 - 2013-10-09 18:28 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-16 16:06 - 2014-08-16 16:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-16 16:04 - 2014-08-16 16:04 - 01016261 _____ (Thisisu) C:\Documents and Settings\DJ RAC\Desktop\JRT.exe
2014-08-16 16:03 - 2014-08-16 16:03 - 00000019 _____ () C:\Documents and Settings\DJ RAC\Desktop\adobe reader update.txt
2014-08-16 16:02 - 2014-08-16 16:02 - 00004291 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner[S0].txt
2014-08-16 16:02 - 2014-07-25 03:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-16 15:59 - 2014-08-16 15:59 - 00001286 _____ () C:\WINDOWS\PFRO.log
2014-08-16 15:57 - 2014-08-16 15:51 - 00000000 ____D () C:\AdwCleaner
2014-08-16 15:51 - 2014-08-16 15:50 - 01361203 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner.exe
2014-08-16 15:48 - 2014-08-16 15:47 - 00000696 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook.txt
2014-08-16 15:42 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC
2014-08-16 15:27 - 2014-08-16 15:27 - 00139264 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook.exe
2014-08-16 14:15 - 2014-04-03 13:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 30 0
2014-08-16 13:33 - 2013-03-20 20:30 - 00000265 _____ () C:\Documents and Settings\DJ RAC\wiadebug.log
2014-08-16 13:29 - 2013-03-18 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-08-15 12:15 - 2013-09-10 02:18 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Application Data\vlc
2014-08-15 11:13 - 2014-08-15 11:13 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\Farbar Recovery Scan Tool - FRST64.exe
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 08:13 - 2013-03-20 12:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-13 00:30 - 2013-03-20 12:12 - 00000628 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-08-12 14:39 - 2014-06-18 14:13 - 00000000 ____D () C:\Program Files (x86)\Opera 22 0 1471 70
2014-08-11 20:41 - 2013-05-20 17:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\cache
2014-08-04 15:12 - 2013-03-20 20:52 - 00000178 ___SH () C:\Documents and Settings\Lety\ntuser.ini
2014-08-04 15:11 - 2013-03-20 20:52 - 00000000 ____D () C:\Documents and Settings\Lety\Local Settings\Temp
2014-08-04 15:03 - 2013-03-20 20:52 - 00000265 _____ () C:\Documents and Settings\Lety\wiadebug.log
2014-08-04 10:17 - 2014-05-01 09:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2014 Ver 2014 0 4744
2014-08-01 00:30 - 2013-03-20 12:12 - 00000458 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-07-31 15:32 - 2013-03-18 17:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-07-25 03:02 - 2013-03-18 13:20 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-25 03:02 - 2013-03-18 13:20 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Documents and Settings\DJ RAC\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
==================== End Of Log ============================
Hi joselepiu,
i ran the systemLook program & copied the requested text on it...
and it says "" Use SystemLook_x64 for accurate results ""...
Try this version and re-run SystemLook
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) SystemLook
Please download SystemLook (http://images.malwareremoval.com/jpshortstuff/SystemLook_x64.exe) and save it to your Desktop.
Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
:filefind
wininit.exe
Bootcat.cache
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
=========================
In your next post please provide the following:
SystemLook.txt
Any change in performance?
Do you have your XP installation disks?
joselepiu
2014-08-17, 04:50
the performance is still the same i think...
the sound from the hard drives is still there & the green light does not go away...
and yes i do have the original installation disks...
here is the systemlook_x64 scan log:
SystemLook 30.07.11 by jpshortstuff
Log created at 20:42 on 16/08/2014 by DJ RAC
Administrator - Elevation successful
========== filefind ==========
Searching for "wininit.exe "
No files found.
Searching for "Bootcat.cache"
No files found.
-= EOF =-
Hi joselepiu,
You have a few files that are missing. Although I doubt they are causing the issues you are encountering let's see if we can fix the issue. Please have your Windows XP installation CD available when you proceed with this next step, you may be requested to insert a disk in the drive bay.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) System File Checker
Click Start, in the run box:
Type: sfc /scannow (There's a space between sfc and /scannow.)
Allow the scan to complete.
Type: exit to close the command prompt window
Include the findings in your next reply
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
sfc scan results
new FRST.txt
joselepiu
2014-08-17, 07:56
did the system file checker scan...
it did asked me for the disk...
but it closed & reboot the comp by itself...
did not produce any logs...
did not showed where to type ""exit""...
here is the new FRST scan log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by DJ RAC (administrator) on DJ-RAC-PUTTER on 16-08-2014 23:11:34
Running from C:\Documents and Settings\DJ RAC\Desktop
Platform: Microsoft Windows XP Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2006-08-03] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit] userinit, [X]
HKLM\...\Winlogon: [UIHost] C:\Windows\system32\logonui.exe [662016 2007-02-17] ( (Microsoft Corporation))
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain-x32: C:\WINDOWS\SysWOW64\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet-x32: C:\WINDOWS\SysWOW64\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll-x32: C:\WINDOWS\SysWOW64\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy-x32: C:\WINDOWS\SysWOW64\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\EFS-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
Winlogon\Notify\Schedule-x32: wlnotify.dll [X]
Winlogon\Notify\sclgntfy-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
Winlogon\Notify\SensLogn-x32: WlNotify.dll [X]
Winlogon\Notify\wlballoon-x32: wlnotify.dll [X]
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2006-03-29] (Microsoft Corporation)
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {2d27d8a5-3283-11e3-8e94-00e04d1c5274} - E:\LGAutoRun.exe
HKU\S-1-5-21-2799395484-3895304042-2403659751-1002\...\MountPoints2: {e39d701f-90fe-11e2-9c15-00e04d1c5274} - D:\LaunchU3.exe -a
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exeC:\PROGRA~2\AVG\AVG2014\avgrsa.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1363890949984
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\SysWow64\mshtml.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\SysWow64\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10505728 2007-02-17] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8359936 2007-02-18] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\mswsock.dll [233472] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 03 %SystemRoot%\System32\mswsock.dll [492544] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
FireFox:
========
FF ProfilePath: C:\Documents and Settings\DJ RAC\Application Data\Mozilla\Firefox\Profiles\afjw053j.default
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VLC Media Player 2 0 8 win32\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage:
CHR Plugin: (Widevine Content Decryption Module) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VLC Media Player 2 0 8 win32\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
CHR Extension: (Google Drive) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-02]
CHR Extension: (YouTube) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-23]
CHR Extension: (Google Search) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-23]
CHR Extension: (Google Wallet) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Documents and Settings\DJ RAC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AeLookupSvc; C:\Windows\SysWOW64\aelupsvc.dll [26624 2006-03-29] (Microsoft Corporation)
S4 Alerter; C:\Windows\system32\alrsvc.dll [29696 2006-03-29] (Microsoft Corporation)
R3 ALG; C:\Windows\SysWOW64\alg.exe [45056 2006-03-29] (Microsoft Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
S2 Browser; C:\Windows\SysWOW64\browser.dll [78336 2007-02-18] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2006-03-29] (Microsoft Corporation)
S3 ClipSrv; C:\Windows\SysWOW64\clipsrv.exe [32256 2006-03-29] (Microsoft Corporation)
R2 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-17] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-17] (Microsoft Corporation)
R2 ERSvc; C:\Windows\System32\ersvc.dll [31744 2006-03-29] (Microsoft Corporation)
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-17] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2006-03-29] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2006-03-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-17] (Microsoft Corporation)
S4 Messenger; C:\Windows\System32\msgsvc.dll [57344 2007-02-17] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2006-03-29] (Microsoft Corporation)
S3 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
S3 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-17] (Microsoft Corporation)
R3 Netman; C:\Windows\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
R3 Nla; C:\Windows\System32\mswsock.dll [492544 2008-06-21] (Microsoft Corporation)
R3 Nla; C:\Windows\SysWOW64\mswsock.dll [233472 2008-06-21] (Microsoft Corporation)
S3 NtLmSsp; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
R2 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-17] (Microsoft Corporation)
R2 NVSvc; C:\Windows\system32\nvsvc64.exe [135680 2006-03-31] (NVIDIA Corporation)
R2 PlugPlay; C:\Windows\system32\services.exe [227840 2009-03-19] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2006-03-29] (Microsoft Corporation)
S3 RasAuto; C:\Windows\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
R3 RasMan; C:\Windows\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-17] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\SysWOW64\locator.exe [71680 2006-03-29] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-17] (Microsoft Corporation)
R2 Schedule; C:\Windows\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 seclogon; C:\Windows\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [231424 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-17] (Microsoft Corporation)
S2 SysmonLog; C:\Windows\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-17] (Microsoft Corporation)
R2 TrkWks; C:\Windows\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
R2 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2006-03-29] (Microsoft Corporation)
R2 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2006-03-29] (Microsoft Corporation)
S3 UPS; C:\Windows\SysWOW64\ups.exe [16896 2006-03-29] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [36352 2007-02-17] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1052160 2009-03-19] (Microsoft Corporation)
S3 Wmi; C:\Windows\SysWOW64\advapi32.dll [619008 2009-03-19] (Microsoft Corporation)
U2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2006-03-29] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-17] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-17] (Microsoft Corporation)
S3 xmlprov; C:\Windows\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
R2 Eventlog; [X]
S4 HidServ; %SystemRoot%\System32\hidserv.dll [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 Abiosdsk; No ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2006-03-29] (Microsoft Corporation)
S4 adpu160m; No ImagePath
S4 adpu320; No ImagePath
S3 aec; C:\Windows\System32\drivers\aec.sys [188928 2005-03-24] (Microsoft Corporation)
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
R3 ALCXWDM; C:\Windows\System32\drivers\ALCWDM64.SYS [3304448 2006-10-13] (Realtek Semiconductor Corp.)
S4 AliIde; No ImagePath
S4 AmdIde; No ImagePath
R1 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [51200 2006-05-10] (Advanced Micro Devices)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S4 arc; No ImagePath
S4 Atdisk; No ImagePath
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-17] (Microsoft Corporation)
R3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\Windows\System32\DRIVERS\avgidsdriverla.sys [227608 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 BIOS; C:\WINDOWS\system32\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
R1 BIOS; C:\WINDOWS\SysWOW64\drivers\BIOS64.sys [14136 2006-10-31] (BIOSTAR Group)
R2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2006-03-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-17] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-17] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2006-03-29] (Microsoft Corporation)
S4 dpti2o; No ImagePath
R1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-17] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-17] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-17] (Microsoft Corporation)
S1 i2omgmt; No ImagePath
S4 iirsp; No ImagePath
R1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2006-03-29] (Microsoft Corporation)
S4 IntelIde; No ImagePath
S3 Ip6Fw; C:\Windows\System32\drivers\ip6fw.sys [57856 2007-02-17] (Microsoft Corporation)
S3 IpInIp; No ImagePath
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-17] (Microsoft Corporation)
R3 kmixer; C:\Windows\System32\drivers\kmixer.sys [204288 2005-03-24] (Microsoft Corporation)
R1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2006-03-29] (Microsoft Corporation)
S4 mraid35x; No ImagePath
S3 MxlW2k; C:\Windows\SysWow64\Drivers\MxlW2k.sys [28276 2013-03-18] (MusicMatch, Inc.) [File not signed]
R3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [4818944 2006-03-31] (NVIDIA Corporation)
R0 nvata64; C:\Windows\System32\DRIVERS\nvata64.sys [164864 2006-04-24] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [52736 2006-02-17] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2006-02-17] (NVIDIA Corporation)
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
R3 PSched; C:\Windows\System32\DRIVERS\psched.sys [106496 2007-02-17] (Microsoft Corporation)
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2006-03-29] (Parallel Technologies, Inc.)
S0 PxHelp64; C:\Windows\SysWOW64\DRIVERS\PxHelp64.sys [47872 2003-07-30] (Sonic Solutions) [File not signed]
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2006-03-29] (Microsoft Corporation)
R1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-17] (Microsoft Corporation)
S4 Simbad; No ImagePath
S3 splitter; C:\Windows\System32\drivers\splitter.sys [10240 2007-02-17] (Microsoft Corporation)
R0 sr; C:\Windows\System32\DRIVERS\sr.sys [123904 2006-03-29] (Microsoft Corporation)
S3 swmidi; C:\Windows\System32\drivers\swmidi.sys [86528 2005-03-24] (Microsoft Corporation)
S4 symc8xx; No ImagePath
S4 symmpi; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
R3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [147456 2007-02-17] (Microsoft Corporation)
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
R3 Update; C:\Windows\System32\DRIVERS\update.sys [81920 2007-02-17] (Microsoft Corporation)
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
R3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [187904 2007-02-17] (Microsoft Corporation)
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll (Microsoft Corporation)
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: DMServer -> C:\Windows\SysWOW64\dmserver.dll ==> No File.
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: HidServ -> C:\Windows\SysWOW64\hidserv.dll ==> No File.
NETSVCx32: Iprip -> No ServiceDLL Path.
NETSVCx32: LanmanWorkstation -> C:\Windows\SysWOW64\wkssvc.dll ==> No File.
NETSVCx32: Messenger -> C:\Windows\SysWOW64\msgsvc.dll ==> No File.
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: wscsvc -> C:\Windows\SysWOW64\wscsvc.dll ==> No File.
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-16 23:04 - 2007-02-17 01:05 - 00024192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wstcodec.sys
2014-08-16 23:04 - 2007-02-17 01:02 - 00119552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wceusbsh.sys
2014-08-16 23:04 - 2007-02-17 01:02 - 00080896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiamsmud.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winzm.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winsp.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00214528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winpy.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wWINZM.IME
2014-08-16 23:04 - 2006-03-29 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wWINSP.IME
2014-08-16 23:04 - 2006-03-29 06:00 - 00154624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wWINPY.IME
2014-08-16 23:04 - 2006-03-29 06:00 - 00118784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winar30.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wingb.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00097280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winime.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00083456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\w3isapi.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00080384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wamreg.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwinar30.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00073216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wWINGB.IME
2014-08-16 23:04 - 2006-03-29 06:00 - 00066048 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwinime.ime
2014-08-16 23:04 - 2006-03-29 06:00 - 00062464 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ww3isapi.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00055808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwamreg.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ww3dt.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00028288 ____C () C:\Windows\System32\dllcache\xjis.nls
2014-08-16 23:04 - 2006-03-29 06:00 - 00028288 ____C () C:\Windows\System32\dllcache\wxjis.nls
2014-08-16 23:04 - 2006-03-29 06:00 - 00025088 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wam.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwam.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\w3tp.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ww3tp.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwshirda.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wamps.dll
2014-08-16 23:04 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwamps.dll
2014-08-16 23:04 - 2005-03-24 17:35 - 00232448 ____C (Eicon Networks) C:\Windows\System32\dllcache\xlog.exe
2014-08-16 23:04 - 2005-03-24 17:35 - 00214272 ____C (Microsoft) C:\Windows\System32\dllcache\yk51x64.sys
2014-08-16 23:04 - 2005-03-24 17:35 - 00055808 ____C (S2io Inc.) C:\Windows\System32\dllcache\xenamd64.sys
2014-08-16 23:04 - 2005-03-24 17:35 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiacpi.sys
2014-08-16 23:04 - 2005-03-24 17:35 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wshirda.dll
2014-08-16 23:04 - 2005-03-24 17:34 - 00128000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiafbdrv.dll
2014-08-16 23:04 - 2005-03-24 17:34 - 00114816 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\wetn5b64.sys
2014-08-16 23:04 - 2005-03-24 17:34 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wd.sys
2014-08-16 23:03 - 2007-02-17 01:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vfwwdm32.dll
2014-08-16 23:03 - 2007-02-17 01:01 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vidcap.ax
2014-08-16 23:03 - 2007-02-17 01:00 - 00216320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbaudio.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uliagpkx.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uagp35.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbccid.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00032512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbuhci.sys
2014-08-16 23:03 - 2007-02-17 01:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usb8023x.sys
2014-08-16 23:03 - 2007-02-17 00:55 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonyait.sys
2014-08-16 23:03 - 2006-03-29 06:00 - 01413398 ____C () C:\Windows\System32\dllcache\tintlgs.imd
2014-08-16 23:03 - 2006-03-29 06:00 - 00921600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tintlgnt.ime
2014-08-16 23:03 - 2006-03-29 06:00 - 00574464 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wTINTLGNT.IME
2014-08-16 23:03 - 2006-03-29 06:00 - 00455272 ____C () C:\Windows\System32\dllcache\tintlgl.imd
2014-08-16 23:03 - 2006-03-29 06:00 - 00455168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wTINTSETP.EXE
2014-08-16 23:03 - 2006-03-29 06:00 - 00432128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tintsetp.exe
2014-08-16 23:03 - 2006-03-29 06:00 - 00196608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uihelper.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00171484 ____C () C:\Windows\System32\dllcache\tintlgc.imd
2014-08-16 23:03 - 2006-03-29 06:00 - 00118272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uniime.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00114176 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wuihelper.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\unicdime.ime
2014-08-16 23:03 - 2006-03-29 06:00 - 00076800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wuniime.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00073728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wusbui.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00070656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tintlphr.exe
2014-08-16 23:03 - 2006-03-29 06:00 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wunicdime.ime
2014-08-16 23:03 - 2006-03-29 06:00 - 00064512 ____C (Stallion Technologies) C:\Windows\System32\dllcache\wstlncoin.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\svcext.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00057856 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\w3dt.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvfwwdm32.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00046592 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wTINTLPHR.EXE
2014-08-16 23:03 - 2006-03-29 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ssinc.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00033280 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\sparrow.sys
2014-08-16 23:03 - 2006-03-29 06:00 - 00029184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wvidcap.ax
2014-08-16 23:03 - 2006-03-29 06:00 - 00028160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\w3cache.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00026624 ____C (Symbios Logic Inc.) C:\Windows\System32\dllcache\symc810.sys
2014-08-16 23:03 - 2006-03-29 06:00 - 00024660 ____C (Perle Systems Ltd.) C:\Windows\System32\dllcache\wSpxupchk.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wssinc.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ww3cache.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wTMIGRATE.DLL
2014-08-16 23:03 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\w3ctrlps.dll
2014-08-16 23:03 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ww3ctrlps.dll
2014-08-16 23:03 - 2005-03-24 17:34 - 00084992 ____C (LSI Logic) C:\Windows\System32\dllcache\symmpi.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbser.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00041984 ____C (LSI Logic) C:\Windows\System32\dllcache\symc8xx.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00038912 ____C (Promise Technology, Inc.) C:\Windows\System32\dllcache\ultra.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00036608 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\viairda.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00034432 ____C (ULi Electronics Inc.) C:\Windows\System32\dllcache\uli5261.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tandqic.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\viaide.sys
2014-08-16 23:03 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\toside.sys
2014-08-16 23:03 - 2005-03-24 17:25 - 00039936 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_u3.sys
2014-08-16 23:03 - 2005-03-24 17:25 - 00037376 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_hi.sys
2014-08-16 23:03 - 2005-03-24 17:25 - 00028160 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\stcusb.sys
2014-08-16 23:03 - 2005-03-24 17:25 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\streamip.sys
2014-08-16 23:03 - 2005-03-24 17:24 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonymc.sys
2014-08-16 23:03 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snyaitmc.sys
2014-08-16 23:03 - 2005-03-24 17:24 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snprfdll.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00623104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpincl.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00544256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpcl.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00373760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpsmir.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpthrd.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmptrap.exe
2014-08-16 23:02 - 2006-03-29 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wsnmptrap.exe
2014-08-16 23:02 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpstup.dll
2014-08-16 23:02 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snmpmib.dll
2014-08-16 23:02 - 2005-03-24 17:24 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smtpctrs.dll
2014-08-16 23:00 - 2006-03-29 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsm.dll
2014-08-16 23:00 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smtpapi.dll
2014-08-16 23:00 - 2006-03-29 06:00 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wsmtpapi.dll
2014-08-16 23:00 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smimsgif.dll
2014-08-16 23:00 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smierrsy.dll
2014-08-16 22:59 - 2007-02-17 00:55 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smb0w.dll
2014-08-16 22:59 - 2006-03-29 06:00 - 00387584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seo.dll
2014-08-16 22:59 - 2006-03-29 06:00 - 00219136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wseo.dll
2014-08-16 22:59 - 2006-03-29 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\simptcp.dll
2014-08-16 22:59 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wsimptcp.dll
2014-08-16 22:59 - 2005-03-24 17:24 - 00068608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smb3w.dll
2014-08-16 22:59 - 2005-03-24 17:24 - 00046080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sm91w.dll
2014-08-16 22:59 - 2005-03-24 17:24 - 00043008 ____C (SiS Corporation) C:\Windows\System32\dllcache\sisnic.sys
2014-08-16 22:59 - 2005-03-24 17:24 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seos.dll
2014-08-16 22:59 - 2005-03-24 17:24 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sermouse.sys
2014-08-16 22:59 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\slip.sys
2014-08-16 22:59 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seaddsmc.sys
2014-08-16 22:59 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\serscan.sys
2014-08-16 22:58 - 2007-02-17 00:54 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiscan.sys
2014-08-16 22:58 - 2007-02-17 00:53 - 00073728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sbp2port.sys
2014-08-16 22:58 - 2007-02-17 00:53 - 00040576 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmusbm.sys
2014-08-16 22:58 - 2007-02-17 00:51 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rndismpx.sys
2014-08-16 22:58 - 2006-03-29 06:00 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\romanime.ime
2014-08-16 22:58 - 2006-03-29 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wromanime.ime
2014-08-16 22:58 - 2006-03-29 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rwnh.dll
2014-08-16 22:58 - 2006-03-29 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wrwnh.dll
2014-08-16 22:58 - 2006-03-29 06:00 - 00004608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rpcref.dll
2014-08-16 22:58 - 2006-03-29 06:00 - 00004096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wrpcref.dll
2014-08-16 22:58 - 2005-03-24 17:24 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rfcomm.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00059904 ____C (Realtek Semiconductor Corporation) C:\Windows\System32\dllcache\rtl39a64.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00044032 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmn50m.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\regtrace.exe
2014-08-16 22:58 - 2005-03-24 17:24 - 00037888 ____C (Realtek Semiconductor Corporation ) C:\Windows\System32\dllcache\rtl69a64.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00032256 ____C (SCM Microsystems) C:\Windows\System32\dllcache\scr111.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scmstcs.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiprnt.sys
2014-08-16 22:58 - 2005-03-24 17:24 - 00010240 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\rsmgrstr.dll
2014-08-16 22:57 - 2007-02-17 00:51 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rasirda.sys
2014-08-16 22:57 - 2007-02-17 00:51 - 00032256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ramdisk.sys
2014-08-16 22:57 - 2007-02-17 00:50 - 00316928 ____C () C:\Windows\System32\dllcache\psisdecd.dll
2014-08-16 22:57 - 2007-02-17 00:50 - 00271872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusd.dll
2014-08-16 22:57 - 2007-02-17 00:50 - 00025344 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\pscr.sys
2014-08-16 22:57 - 2007-02-17 00:50 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qic157.sys
2014-08-16 22:57 - 2007-02-17 00:44 - 00944640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2psvc.dll
2014-08-16 22:57 - 2007-02-17 00:44 - 00505856 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pgraph.dll
2014-08-16 22:57 - 2007-02-17 00:44 - 00161024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\phildec.sys
2014-08-16 22:57 - 2007-02-17 00:44 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\powerfil.sys
2014-08-16 22:57 - 2007-02-17 00:42 - 00093440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ohci1394.sys
2014-08-16 22:57 - 2006-03-29 06:00 - 10011497 ____C () C:\Windows\System32\dllcache\pintlgs.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 01004904 ____C () C:\Windows\System32\dllcache\pintlgix.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00948656 ____C () C:\Windows\System32\dllcache\pintlgi.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00888832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pintlgnt.ime
2014-08-16 22:57 - 2006-03-29 06:00 - 00867242 ____C () C:\Windows\System32\dllcache\pintlgdx.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00825038 ____C () C:\Windows\System32\dllcache\pintlgd.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00733292 ____C () C:\Windows\System32\dllcache\pintlgr.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00535040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wPINTLGNT.IME
2014-08-16 22:57 - 2006-03-29 06:00 - 00487472 ____C () C:\Windows\System32\dllcache\wPINTLCSK.DIC
2014-08-16 22:57 - 2006-03-29 06:00 - 00487472 ____C () C:\Windows\System32\dllcache\pintlcsk.dic
2014-08-16 22:57 - 2006-03-29 06:00 - 00302080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wp2pgraph.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00208744 ____C () C:\Windows\System32\dllcache\pintlgl.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00202240 ____C () C:\Windows\System32\dllcache\wPsisDecd.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00194048 ____C () C:\Windows\System32\dllcache\pintlcsa.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00188140 ____C () C:\Windows\System32\dllcache\pintlgc.imd
2014-08-16 22:57 - 2006-03-29 06:00 - 00174803 ____C () C:\Windows\System32\dllcache\wPINTLCSD.DIC
2014-08-16 22:57 - 2006-03-29 06:00 - 00174803 ____C () C:\Windows\System32\dllcache\pintlcsd.dic
2014-08-16 22:57 - 2006-03-29 06:00 - 00135680 ____C () C:\Windows\System32\dllcache\wPsisRndr.ax
2014-08-16 22:57 - 2006-03-29 06:00 - 00118784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\phon.ime
2014-08-16 22:57 - 2006-03-29 06:00 - 00117248 ____C () C:\Windows\System32\dllcache\wPINTLCSA.DLL
2014-08-16 22:57 - 2006-03-29 06:00 - 00116736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wp2p.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00116736 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\quick.ime
2014-08-16 22:57 - 2006-03-29 06:00 - 00115712 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pintlphr.exe
2014-08-16 22:57 - 2006-03-29 06:00 - 00088576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wp2pnetsh.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00083748 ____C () C:\Windows\System32\dllcache\wprcp.nls
2014-08-16 22:57 - 2006-03-29 06:00 - 00083748 ____C () C:\Windows\System32\dllcache\wprc.nls
2014-08-16 22:57 - 2006-03-29 06:00 - 00083748 ____C () C:\Windows\System32\dllcache\prcp.nls
2014-08-16 22:57 - 2006-03-29 06:00 - 00083748 ____C () C:\Windows\System32\dllcache\prc.nls
2014-08-16 22:57 - 2006-03-29 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wphon.ime
2014-08-16 22:57 - 2006-03-29 06:00 - 00078336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wquick.ime
2014-08-16 22:57 - 2006-03-29 06:00 - 00075776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wPINTLPHR.EXE
2014-08-16 22:57 - 2006-03-29 06:00 - 00059392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pintlcsd.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wPINTLCSD.DLL
2014-08-16 22:57 - 2006-03-29 06:00 - 00048640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpnrpNsp.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\quser.exe
2014-08-16 22:57 - 2006-03-29 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\padrs411.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\padrs804.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\padrs404.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wquser.exe
2014-08-16 22:57 - 2006-03-29 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpadrs411.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpadrs804.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00016896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\padrs412.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wPADRS404.DLL
2014-08-16 22:57 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpadrs412.dll
2014-08-16 22:57 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\query.exe
2014-08-16 22:57 - 2006-03-29 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wquery.exe
2014-08-16 22:57 - 2005-03-24 17:23 - 00057344 ____C () C:\Windows\System32\dllcache\psisrndr.ax
2014-08-16 22:57 - 2005-03-24 17:22 - 00186880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2p.dll
2014-08-16 22:57 - 2005-03-24 17:22 - 00135680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pnetsh.dll
2014-08-16 22:57 - 2005-03-24 17:22 - 00132608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pgasvc.dll
2014-08-16 22:57 - 2005-03-24 17:22 - 00077824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrpnsp.dll
2014-08-16 22:57 - 2005-03-24 17:22 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrmc.sys
2014-08-16 22:56 - 2007-02-17 00:41 - 00124416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nv_agp.sys
2014-08-16 22:56 - 2007-02-17 00:39 - 00103680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nabtsfec.sys
2014-08-16 22:56 - 2007-02-17 00:39 - 00062976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstape.sys
2014-08-16 22:56 - 2007-02-17 00:39 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msircomm.sys
2014-08-16 22:56 - 2007-02-17 00:39 - 00008064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstee.sys
2014-08-16 22:56 - 2007-02-17 00:38 - 00094720 ____C () C:\Windows\System32\dllcache\msdvbnp.ax
2014-08-16 22:56 - 2007-02-17 00:38 - 00071680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdv.sys
2014-08-16 22:56 - 2006-03-29 06:00 - 01875968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmsir3jp.lex
2014-08-16 22:56 - 2006-03-29 06:00 - 01875968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.lex
2014-08-16 22:56 - 2006-03-29 06:00 - 00431104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msiprov.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00136192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msir3jp.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00106496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nextlink.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmsir3jp.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wNEXTLINK.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00058368 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msiregmv.exe
2014-08-16 22:56 - 2006-03-29 06:00 - 00057856 ____C () C:\Windows\System32\dllcache\wMSDvbNP.ax
2014-08-16 22:56 - 2006-03-29 06:00 - 00038400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmsiregmv.exe
2014-08-16 22:56 - 2006-03-29 06:00 - 00022016 ____C (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\wmxicfg.dll
2014-08-16 22:56 - 2006-03-29 06:00 - 00013824 ____C (Moxa Technologies Co., Ltd) C:\Windows\System32\dllcache\wmxport.dll
2014-08-16 22:56 - 2005-03-24 17:21 - 00185344 ____C (NVIDIA Corporation) C:\Windows\System32\dllcache\nvenet.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00092160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nic1394.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00042240 ____C (National Semiconductor Corporation) C:\Windows\System32\dllcache\nscirda.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00036352 ____C (LSI Logic Corporation) C:\Windows\System32\dllcache\mraid35x.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00028672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\modemcsa.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ne2000.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndisip.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nsmmc.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\miniqic.sys
2014-08-16 22:56 - 2005-03-24 17:21 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msmpu401.sys
2014-08-16 22:55 - 2007-02-17 00:36 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ltotape.sys
2014-08-16 22:55 - 2007-02-17 00:35 - 00138752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kswdmcap.ax
2014-08-16 22:55 - 2007-02-17 00:35 - 00088064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kstvtune.ax
2014-08-16 22:55 - 2007-02-17 00:35 - 00026112 ____C (Litronic Industries) C:\Windows\System32\dllcache\lit220p.sys
2014-08-16 22:55 - 2007-02-17 00:34 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdhid.sys
2014-08-16 22:55 - 2007-02-17 00:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdjpn.dll
2014-08-16 22:55 - 2007-02-17 00:34 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkor.dll
2014-08-16 22:55 - 2007-02-17 00:31 - 00043008 ____C (SigmaTel, Inc.) C:\Windows\System32\dllcache\irstusb.sys
2014-08-16 22:55 - 2007-02-17 00:31 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irsir.sys
2014-08-16 22:55 - 2006-03-29 06:00 - 01158818 ____C () C:\Windows\System32\dllcache\wkorwbrkr.lex
2014-08-16 22:55 - 2006-03-29 06:00 - 01158818 ____C () C:\Windows\System32\dllcache\korwbrkr.lex
2014-08-16 22:55 - 2006-03-29 06:00 - 00116756 ____C () C:\Windows\System32\dllcache\wksc.nls
2014-08-16 22:55 - 2006-03-29 06:00 - 00116756 ____C () C:\Windows\System32\dllcache\ksc.nls
2014-08-16 22:55 - 2006-03-29 06:00 - 00091136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkswdmcap.ax
2014-08-16 22:55 - 2006-03-29 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\korwbrkr.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkstvtune.ax
2014-08-16 22:55 - 2006-03-29 06:00 - 00052224 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\lmmib2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00050688 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkorwbrkr.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wksxbar.ax
2014-08-16 22:55 - 2006-03-29 06:00 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wlmmib2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00031744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\logscrpt.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\lprmon.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00028160 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iscomlog.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wlogscrpt.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiscomlog.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wlprmon.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\lonsint.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wlonsint.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecat.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\isapips.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdnecAT.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnecnt.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdnecNT.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wisapips.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdnec95.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlk41j.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdlk41a.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdibm02.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdax2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106n.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdnec95.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdibm02.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinmar.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdindev.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbda3.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdlk41j.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdlk41a.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdax2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd106n.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd106.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd101c.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd101b.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd101a.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdvntc.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdusa.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth3.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdth0.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsyr2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdsyr1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdintel.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinpun.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinkan.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinhin.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdinguj.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbddiv2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbddiv1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbda2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbda1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101a.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdusa.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdth3.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdth2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdsyr2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdinpun.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdinmar.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdinkan.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdinhin.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdindev.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbddiv2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbda3.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbda2.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd103.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbd101.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdurdu.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdintam.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdheb.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdfa.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdarmw.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdarme.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdvntc.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdurdu.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdth1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdth0.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdsyr1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdintel.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdintam.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdinguj.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdheb.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdfa.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbddiv1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdarmw.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdarme.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbda1.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdgeo.dll
2014-08-16 22:55 - 2006-03-29 06:00 - 00005632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wkbdgeo.dll
2014-08-16 22:55 - 2005-03-24 17:20 - 00569344 ____C (Agere Systems) C:\Windows\System32\dllcache\ltmdm64.sys
2014-08-16 22:55 - 2005-03-24 17:20 - 00074752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksxbar.ax
2014-08-16 22:55 - 2005-03-24 17:20 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mammoth.sys
2014-08-16 22:55 - 2005-03-24 17:20 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\loop.sys
2014-08-16 22:55 - 2005-03-24 17:20 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106.dll
2014-08-16 22:55 - 2005-03-24 17:20 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101c.dll
2014-08-16 22:55 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd103.dll
2014-08-16 22:55 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101b.dll
2014-08-16 22:55 - 2005-03-24 17:19 - 00070784 ____C (Intel Corporation) C:\Windows\System32\dllcache\ixg5132e.sys
2014-08-16 22:55 - 2005-03-24 17:19 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irmon.dll
2014-08-16 22:54 - 2007-02-17 00:31 - 00237056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irftp.exe
2014-08-16 22:54 - 2007-02-17 00:31 - 00152576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irda.sys
2014-08-16 22:54 - 2007-02-17 00:28 - 00385024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpojwia.dll
2014-08-16 22:54 - 2007-02-17 00:24 - 00239616 ____C (Windows (R) Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudbus.sys
2014-08-16 22:54 - 2006-03-29 06:00 - 14694768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpst.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 10660216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpnm.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 09206120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpzp.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00993672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpln.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00854376 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjptk.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00815104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpgn.grm
2014-08-16 22:54 - 2006-03-29 06:00 - 00695808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjp81k.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00647168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpcus.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00606208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\getuname.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00605696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wgetuname.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00400384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imskdic.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00394240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimskdic.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00372824 ____C (Xircom) C:\Windows\System32\dllcache\wiconf32.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00342016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpcic.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00331264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjp81.ime
2014-08-16 22:54 - 2006-03-29 06:00 - 00276992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imskf.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00234496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjputyc.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00195584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimskf.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00179712 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjputy.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00141312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdsvr.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00137584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpsb.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00134339 ____C () C:\Windows\System32\dllcache\imekr.lex
2014-08-16 22:54 - 2006-03-29 06:00 - 00123392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisres.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00122880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiisres.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00113152 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjprw.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00112128 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iislog.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00109056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimekrcic.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00107520 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpmig.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpcd.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00105984 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisclex4.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00100864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imkrinst.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00100864 ____C () C:\Windows\System32\dllcache\imscinst.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimekr61.ime
2014-08-16 22:54 - 2006-03-29 06:00 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpcd.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00078336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpdsvr.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00076288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiislog.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00069120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imekrmig.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00066560 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\httpodbc.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00060121 ____C () C:\Windows\System32\dllcache\iisftp.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00059904 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hostmib.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00055704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpch.dic
2014-08-16 22:54 - 2006-03-29 06:00 - 00055296 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpinst.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00052093 ____C () C:\Windows\System32\dllcache\iiscnfg.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00050900 ____C () C:\Windows\System32\dllcache\iisweb.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00048640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\whttpodbc.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00047104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iprip.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00037888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\i2omp.sys
2014-08-16 22:54 - 2006-03-29 06:00 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\gzip.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiprip.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imepadsm.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00035074 ____C () C:\Windows\System32\dllcache\iisback.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00034604 ____C () C:\Windows\System32\dllcache\iisvdir.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00034518 ____C () C:\Windows\System32\dllcache\iisext.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irbus.sys
2014-08-16 22:54 - 2006-03-29 06:00 - 00032887 ____C () C:\Windows\System32\dllcache\iisftpdr.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\httpmib.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00025600 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wgzip.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\whidserv.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00020992 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpdct.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00020480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimepadsm.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\whttpmib.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00016384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wipsink.ax
2014-08-16 22:54 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imlang.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00013877 ____C () C:\Windows\System32\dllcache\iisapp.vbs
2014-08-16 22:54 - 2006-03-29 06:00 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\i2omgmt.sys
2014-08-16 22:54 - 2006-03-29 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\infoctrs.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00009759 ____C (Conexant) C:\Windows\System32\dllcache\whsf_inst.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpdadm.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimlang.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00009216 ____C (IBM Corporation) C:\Windows\System32\dllcache\wibmsgnet.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winfoctrs.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpdadm.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\whccoin.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00006144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\imjpuex.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wimjpuex.exe
2014-08-16 22:54 - 2006-03-29 06:00 - 00003584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iismui.dll
2014-08-16 22:54 - 2006-03-29 06:00 - 00003072 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiismui.dll
2014-08-16 22:54 - 2005-03-24 17:19 - 00048128 ____C (Intel Corp./ICP vortex GmbH) C:\Windows\System32\dllcache\iirsp.sys
2014-08-16 22:54 - 2005-03-24 17:19 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ipsink.ax
2014-08-16 22:54 - 2005-03-24 17:19 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\intelide.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 01080832 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsf_dp4.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 01038048 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmnt5.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00885760 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdd5.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00804352 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfcnxt4.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00244992 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdev5.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00241664 ____C (Windows (R) Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudio.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00236032 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfbs4.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00136704 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdnt5.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00080896 ____C (Windows (R) Server 2003 DDK provider) C:\Windows\System32\dllcache\hdashcut.exe
2014-08-16 22:54 - 2005-03-24 17:18 - 00063872 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\get5a64.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00055296 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmrnt5.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00044544 ____C (Gemplus) C:\Windows\System32\dllcache\grserial.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidbth.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00037402 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfc4.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00033280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpsjmcro.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00030720 ____C (Gemplus) C:\Windows\System32\dllcache\gpr400.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00028672 ____C (Windows (R) Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaprop.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidserv.dll
2014-08-16 22:54 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidir.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidgame.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpt4qic.sys
2014-08-16 22:54 - 2005-03-24 17:18 - 00006144 ____C (Windows (R) Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudres.dll
2014-08-16 22:53 - 2007-02-17 00:22 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\gagp30kx.sys
2014-08-16 22:53 - 2007-02-17 00:17 - 00182784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4.sys
2014-08-16 22:53 - 2007-02-17 00:09 - 00260096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\csamsp.dll
2014-08-16 22:53 - 2007-02-17 00:09 - 00031360 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\cmbp0wdm.sys
2014-08-16 22:53 - 2007-02-17 00:09 - 00021120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cmbatt.sys
2014-08-16 22:53 - 2006-03-29 06:00 - 00737792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsres.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00737280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxsres.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00573952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsst.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00514587 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wedb500.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00419328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxscomex.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00398336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxsxp32.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00305664 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxst30.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00286720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxscomex.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00212992 ____C (Digi International Inc.) C:\Windows\System32\dllcache\wdgconfig.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00162816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\evntwin.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00129024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsclntr.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00118272 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dayi.ime
2014-08-16 22:53 - 2006-03-29 06:00 - 00102400 ____C (Digi International Inc.) C:\Windows\System32\dllcache\wdigiinf.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00098304 ____C (Digi International Inc.) C:\Windows\System32\dllcache\wdigirlpt.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00095232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxscom.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00079360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdayi.ime
2014-08-16 22:53 - 2006-03-29 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxscom.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00072704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsroute.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00047616 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsevent.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00045056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\davcdata.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00038400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxssend.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsmon.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00034304 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\evntcmd.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00031744 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcyycoins.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcyzports.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcyzcoins.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcyyports.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cprofile.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsdrv.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdavcdata.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00026624 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcplexe.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dac960nt.sys
2014-08-16 22:53 - 2006-03-29 06:00 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\flattemp.exe
2014-08-16 22:53 - 2006-03-29 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxsext32.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\exstrace.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00020992 ____C (Digi International Inc.) C:\Windows\System32\dllcache\wdgsetup.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00018944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\f3ahvoas.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wexstrace.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\fxsperf.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ftpctrs2.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wfxsperf.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ftpmib.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\davcprox.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wftpctrs2.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wf3ahvoas.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wftlx041e.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00006686 ____C (Eicon Networks) C:\Windows\System32\dllcache\wdisrvci.dll
2014-08-16 22:53 - 2006-03-29 06:00 - 00006656 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wdavcprox.dll
2014-08-16 22:53 - 2005-03-24 17:19 - 00001844 ____C () C:\Windows\System32\dllcache\IIS_clusweb.vbs
2014-08-16 22:53 - 2005-03-24 17:17 - 00652288 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcibase.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00643072 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcmbase.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00232960 ____C (Intel Corporation) C:\Windows\System32\dllcache\e1g5132e.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00191744 ____C (Intel Corporation) C:\Windows\System32\dllcache\efe5b32e.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00103936 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucm.dll
2014-08-16 22:53 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunib.dll
2014-08-16 22:53 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuni.dll
2014-08-16 22:53 - 2005-03-24 17:17 - 00076800 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimg.dll
2014-08-16 22:53 - 2005-03-24 17:17 - 00062848 ____C (VIA Technologies, Inc. ) C:\Windows\System32\dllcache\fet5a64.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\elmsmc.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\exabyte2.sys
2014-08-16 22:53 - 2005-03-24 17:17 - 00011264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\enum1394.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00491520 ____C (Eicon Networks) C:\Windows\System32\dllcache\diwansrv.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00462336 ____C (Eicon Networks) C:\Windows\System32\dllcache\dimaint.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00404480 ____C (Eicon Networks) C:\Windows\System32\dllcache\ditrace.exe
2014-08-16 22:53 - 2005-03-24 17:16 - 00310784 ____C (Eicon Networks) C:\Windows\System32\dllcache\dicapi.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00045056 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvsu.dll
2014-08-16 22:53 - 2005-03-24 17:16 - 00038400 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvpp.dll
2014-08-16 22:53 - 2005-03-24 17:16 - 00035328 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\dpti2o.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00032768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4usb.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4prt.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4scan.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlttape.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ddsmc.sys
2014-08-16 22:53 - 2005-03-24 17:16 - 00006144 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvci.dll
2014-08-16 22:53 - 2005-03-24 17:15 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzport.sys
2014-08-16 22:53 - 2005-03-24 17:15 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyport.sys
2014-08-16 22:53 - 2005-03-24 17:15 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyycoins.dll
2014-08-16 22:53 - 2005-03-24 17:15 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzcoins.dll
2014-08-16 22:53 - 2005-03-24 17:15 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzports.dll
2014-08-16 22:53 - 2005-03-24 17:15 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyports.dll
2014-08-16 22:53 - 2005-03-24 17:15 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclad-z.sys
2014-08-16 22:53 - 2005-03-24 17:15 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclom-y.sys
2014-08-16 22:53 - 2005-03-24 17:15 - 00013824 ____C (CMD Technology, Inc.) C:\Windows\System32\dllcache\cmdide.sys
2014-08-16 22:52 - 2007-02-17 00:05 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ccdecode.sys
2014-08-16 22:52 - 2006-03-29 06:00 - 01701888 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chsbrkr.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 01682432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchsbrkr.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00850944 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chtbrkr.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00841728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchtbrkr.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00543708 ____C () C:\Windows\System32\dllcache\cintlgb.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00535552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cintsetp.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00480256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wCINTSETP.EXE
2014-08-16 22:52 - 2006-03-29 06:00 - 00462929 ____C () C:\Windows\System32\dllcache\wCHTSKDIC.DIC
2014-08-16 22:52 - 2006-03-29 06:00 - 00462929 ____C () C:\Windows\System32\dllcache\chtskdic.dic
2014-08-16 22:52 - 2006-03-29 06:00 - 00427138 ____C () C:\Windows\System32\dllcache\cintlgie.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00409168 ____C () C:\Windows\System32\dllcache\cintlgu.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00362496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cintime.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00279894 ____C () C:\Windows\System32\dllcache\cintlgd.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00249856 ____C () C:\Windows\System32\dllcache\chtskf.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00221184 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\c_g18030.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00199680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wCINTIME.DLL
2014-08-16 22:52 - 2006-03-29 06:00 - 00189986 ____C () C:\Windows\System32\dllcache\wc_1361.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00189986 ____C () C:\Windows\System32\dllcache\c_1361.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00187938 ____C () C:\Windows\System32\dllcache\wc_20005.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00187938 ____C () C:\Windows\System32\dllcache\c_20005.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00186402 ____C () C:\Windows\System32\dllcache\wc_20001.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00186402 ____C () C:\Windows\System32\dllcache\c_20001.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00185378 ____C () C:\Windows\System32\dllcache\wc_20003.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00185378 ____C () C:\Windows\System32\dllcache\c_20003.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180770 ____C () C:\Windows\System32\dllcache\wc_20932.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180770 ____C () C:\Windows\System32\dllcache\c_20932.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180258 ____C () C:\Windows\System32\dllcache\wc_20004.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180258 ____C () C:\Windows\System32\dllcache\wc_20000.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180258 ____C () C:\Windows\System32\dllcache\c_20004.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00180258 ____C () C:\Windows\System32\dllcache\c_20000.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00177698 ____C () C:\Windows\System32\dllcache\wc_20949.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00177698 ____C () C:\Windows\System32\dllcache\c_20949.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\wc_20936.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\wc_20002.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\c_20936.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\c_20002.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00173568 ____C () C:\Windows\System32\dllcache\wCHTSKF.DLL
2014-08-16 22:52 - 2006-03-29 06:00 - 00147968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\clipbrd.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00139264 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\certobj.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00117760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\charmap.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00117760 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chajei.ime
2014-08-16 22:52 - 2006-03-29 06:00 - 00102304 ____C () C:\Windows\System32\dllcache\cintlguc.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00102304 ____C () C:\Windows\System32\dllcache\cintlgsi.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00101376 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wclipbrd.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00085504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcharmap.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00082432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wcertobj.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00078848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchajei.ime
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\wc_864.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\wc_862.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\wc_858.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\wc_720.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\c_864.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\c_862.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\c_858.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066594 ____C () C:\Windows\System32\dllcache\c_720.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_870.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_708.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wC_28596.NLS
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_21027.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_21025.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20924.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20880.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20871.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20838.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20833.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20424.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20423.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20420.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20297.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20290.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20285.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20284.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20280.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20278.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20277.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20273.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20269.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20108.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20107.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20106.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_20105.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1149.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1148.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1147.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1146.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1145.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1144.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1143.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1142.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1141.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_870.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_708.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_28596.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_21027.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_21025.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20924.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20880.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20871.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20838.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20833.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20424.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20423.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20420.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20297.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20290.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20285.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20284.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20280.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20278.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20277.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20273.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20269.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20108.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20107.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20106.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_20105.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1149.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1148.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1147.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1146.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1145.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1144.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1143.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1142.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1141.nls
2014-08-16 22:52 - 2006-03-29 06:00 - 00063488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chtskdic.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wCHTSKDIC.DLL
2014-08-16 22:52 - 2006-03-29 06:00 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chgport.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cintlgnt.ime
2014-08-16 22:52 - 2006-03-29 06:00 - 00024080 ____C () C:\Windows\System32\dllcache\cintlgl.imd
2014-08-16 22:52 - 2006-03-29 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chgusr.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\chglogon.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00021504 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wCINTLGNT.IME
2014-08-16 22:52 - 2006-03-29 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchgusr.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchglogon.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\change.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\c_iscii.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wchange.exe
2014-08-16 22:52 - 2006-03-29 06:00 - 00010240 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\c_is2022.dll
2014-08-16 22:52 - 2006-03-29 06:00 - 00001380 ____C () C:\Windows\System32\dllcache\cintlgs.imd
2014-08-16 22:52 - 2005-03-24 17:19 - 00001849 ____C () C:\Windows\System32\dllcache\IIS_clusftp.vbs
2014-08-16 22:52 - 2005-03-24 17:16 - 00023552 ____C (Eicon Networks Corporation) C:\Windows\System32\dllcache\diapi264.dll
2014-08-16 22:52 - 2005-03-24 17:14 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\changer.sys
2014-08-16 22:52 - 2005-03-24 17:12 - 00018432 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmc2064.dll
2014-08-16 22:51 - 2007-02-17 00:05 - 00196608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthpan.sys
2014-08-16 22:51 - 2007-02-17 00:05 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthmodem.sys
2014-08-16 22:51 - 2007-02-17 00:05 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthprint.sys
2014-08-16 22:51 - 2007-02-17 00:05 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthenum.sys
2014-08-16 22:51 - 2007-02-17 00:03 - 01452544 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2mtag.sys
2014-08-16 22:51 - 2007-02-17 00:03 - 00342016 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2dvag.dll
2014-08-16 22:51 - 2007-02-17 00:03 - 00111104 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\arp1394.sys
2014-08-16 22:51 - 2007-02-17 00:03 - 00067968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avc.sys
2014-08-16 22:51 - 2007-02-17 00:03 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agp440.sys
2014-08-16 22:51 - 2007-02-17 00:03 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax
2014-08-16 22:51 - 2007-02-17 00:03 - 00020864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys
2014-08-16 22:51 - 2006-03-29 06:00 - 00195618 ____C () C:\Windows\System32\dllcache\wc_10002.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00195618 ____C () C:\Windows\System32\dllcache\c_10002.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00177698 ____C () C:\Windows\System32\dllcache\wc_10003.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00177698 ____C () C:\Windows\System32\dllcache\c_10003.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\wc_10008.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00173602 ____C () C:\Windows\System32\dllcache\c_10008.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00162850 ____C () C:\Windows\System32\dllcache\wc_10001.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00162850 ____C () C:\Windows\System32\dllcache\c_10001.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00126976 ____C (Sierra Wireless Inc.) C:\Windows\System32\dllcache\wair300pp.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00087552 ____C (AVM GmbH) C:\Windows\System32\dllcache\wavmcoxp.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00082172 ____C () C:\Windows\System32\dllcache\wbopomofo.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00082172 ____C () C:\Windows\System32\dllcache\bopomofo.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066728 ____C () C:\Windows\System32\dllcache\wbig5.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066728 ____C () C:\Windows\System32\dllcache\big5.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1140.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_1047.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_10021.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_10005.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\wc_10004.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1140.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_1047.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_10021.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_10005.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00066082 ____C () C:\Windows\System32\dllcache\c_10004.nls
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt0804.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt0412.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt0411.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt040d.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt0404.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wagt0401.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt0804.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt0412.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt0411.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt040d.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt0404.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agt0401.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wBdaPlgIn.ax
2014-08-16 22:51 - 2006-03-29 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wbatt.dll
2014-08-16 22:51 - 2006-03-29 06:00 - 00004096 ____C (Agere Systems) C:\Windows\System32\dllcache\agrmco64.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00480256 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\bcmwl564.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\brmfcwia.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00082944 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmflpt.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00068608 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfusb.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00063488 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfrsmg.exe
2014-08-16 22:51 - 2005-03-24 17:14 - 00059904 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brserwdm.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00041984 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparwdm.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00037376 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brevif.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00036352 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfbidi.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00035840 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brbidiif.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthusb.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bulltlp3.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00022016 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltlo.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00019968 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbmdm.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbscn.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brcoinst.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00015360 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brserif.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00008192 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltup.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries,Ltd.) C:\Windows\System32\dllcache\brscnrsm.dll
2014-08-16 22:51 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparimg.sys
2014-08-16 22:51 - 2005-03-24 17:14 - 00006656 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brfilt.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 03036032 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ati3duag.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00568416 ____C (ATI Technologies Inc. ) C:\Windows\System32\dllcache\ativvaxx.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00340480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ati2cqag.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00264704 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinevxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00192768 ____C (AVM GmbH) C:\Windows\System32\dllcache\b1cbase.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00191488 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\b57amd64.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00188416 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcoxp.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00168960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmenum.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00104960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcowan.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00101888 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinesxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00084992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinraxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00080896 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinbtxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00073728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atineuxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00040960 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinxbxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00036864 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinsnxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00036352 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmxx.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00033280 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmww.dll
2014-08-16 22:51 - 2005-03-24 17:12 - 00031744 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvxx.ax
2014-08-16 22:51 - 2005-03-24 17:12 - 00030720 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmunet.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00023552 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvww.ax
2014-08-16 22:51 - 2005-03-24 17:12 - 00022144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avcstrm.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00020992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinpdxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00020480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinmdxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00018944 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinttxx.sys
2014-08-16 22:51 - 2005-03-24 17:12 - 00013824 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaxx.ax
2014-08-16 22:51 - 2005-03-24 17:12 - 00009728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaww.ax
2014-08-16 22:51 - 2005-03-24 17:11 - 01127424 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsm64.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00120832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78xx.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00117248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78u2.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00062464 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\arc.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00059392 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aqadmin.dll
2014-08-16 22:51 - 2005-03-24 17:11 - 00053248 ____C (AMD) C:\Windows\System32\dllcache\amdac97.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00031744 ____C (Advanced Micro Devices (AMD), Inc.) C:\Windows\System32\dllcache\amd64n5.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adsiisex.dll
2014-08-16 22:51 - 2005-03-24 17:11 - 00009216 ____C (Acer Laboratories Inc.) C:\Windows\System32\dllcache\aliide.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\amdide.sys
2014-08-16 22:51 - 2005-03-24 17:11 - 00004608 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsco64.dll
2014-08-16 22:50 - 2007-02-17 00:02 - 00078080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\61883.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00246784 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\adpu320.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00182272 ____C (Intel Corporation) C:\Windows\System32\dllcache\ac97intc.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00160256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adpu160m.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00108032 ____C (Color Flatbed Scanner) C:\Windows\System32\dllcache\acerscad.dll
2014-08-16 22:50 - 2005-03-24 17:11 - 00093696 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\ac97via.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00059392 ____C (Adaptec, Inc ) C:\Windows\System32\dllcache\adptsf50.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\4mmdat.sys
2014-08-16 22:50 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicvls.sys
2014-08-16 22:49 - 2007-02-17 00:02 - 00080384 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\1394bus.sys
2014-08-16 22:49 - 2006-03-29 06:00 - 00292864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nntpadm.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00230400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisrtl.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00141824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiisrtl.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00102400 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\logui.ocx
2014-08-16 22:49 - 2006-03-29 06:00 - 00072192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\isatq.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00067584 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wlogui.ocx
2014-08-16 22:49 - 2006-03-29 06:00 - 00040448 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisrstas.exe
2014-08-16 22:49 - 2006-03-29 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\inetmgr.exe
2014-08-16 22:49 - 2006-03-29 06:00 - 00022016 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisreset.exe
2014-08-16 22:49 - 2006-03-29 06:00 - 00019456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winetmgr.exe
2014-08-16 22:49 - 2006-03-29 06:00 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\infoadmn.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiisreset.exe
2014-08-16 22:49 - 2006-03-29 06:00 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\winfoadmn.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\staxmem.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wamregps.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wstaxmem.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wwamrgps.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iisrstap.dll
2014-08-16 22:49 - 2006-03-29 06:00 - 00005632 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiisrstap.dll
2014-08-16 20:44 - 2014-08-16 20:44 - 00000532 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook64.txt
2014-08-16 20:42 - 2014-08-16 20:42 - 00165376 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook_x64.exe
2014-08-16 17:32 - 2014-08-16 23:03 - 00002093 _____ () C:\WINDOWS\setupapi.log
2014-08-16 16:53 - 2014-08-16 23:11 - 00024680 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-16 16:52 - 2014-08-16 16:52 - 02101760 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-16 16:15 - 2014-08-16 16:17 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\FRST-OlderVersion
2014-08-16 16:12 - 2014-08-16 16:12 - 00000590 _____ () C:\Documents and Settings\DJ RAC\Desktop\JRT.txt
2014-08-16 16:06 - 2014-08-16 16:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-16 16:04 - 2014-08-16 16:04 - 01016261 _____ (Thisisu) C:\Documents and Settings\DJ RAC\Desktop\JRT.exe
2014-08-16 16:02 - 2014-08-16 16:02 - 00004291 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner[S0].txt
2014-08-16 15:59 - 2014-08-16 15:59 - 00001286 _____ () C:\WINDOWS\PFRO.log
2014-08-16 15:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-08-16 15:51 - 2014-08-16 15:57 - 00000000 ____D () C:\AdwCleaner
2014-08-16 15:50 - 2014-08-16 15:51 - 01361203 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner.exe
2014-08-16 15:47 - 2014-08-16 15:48 - 00000696 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook32.txt
2014-08-16 15:46 - 2014-08-16 23:11 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-16 15:27 - 2014-08-16 15:27 - 00139264 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook32.exe
2014-08-16 14:03 - 2014-08-16 23:08 - 00010862 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-15 11:13 - 2014-08-15 11:13 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\Farbar Recovery Scan Tool - FRST64.exe
2014-08-13 17:35 - 2014-08-16 23:11 - 00000000 ____D () C:\FRST
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 08:27 - 2014-06-19 12:47 - 00450613 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140813-082716.backup
2014-07-25 03:02 - 2014-08-16 23:00 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-16 23:11 - 2014-08-16 16:53 - 00024680 _____ () C:\Documents and Settings\DJ RAC\Desktop\FRST.txt
2014-08-16 23:11 - 2014-08-16 15:46 - 00000000 _____ () C:\WINDOWS\0.log
2014-08-16 23:11 - 2014-08-13 17:35 - 00000000 ____D () C:\FRST
2014-08-16 23:11 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Local Settings\Temp
2014-08-16 23:09 - 2014-06-18 14:13 - 00000442 _____ () C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1403122415.job
2014-08-16 23:09 - 2013-03-18 07:35 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2014-08-16 23:08 - 2014-08-16 14:03 - 00010862 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-16 23:08 - 2013-10-09 18:28 - 00000894 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-16 23:08 - 2013-03-20 12:12 - 00000632 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-08-16 23:08 - 2013-03-19 14:13 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-16 23:08 - 2013-03-18 07:24 - 00000159 _____ () C:\Documents and Settings\LocalService\wiadebug.log
2014-08-16 23:08 - 2013-03-18 07:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-16 23:08 - 2006-03-29 06:00 - 00002422 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-16 23:07 - 2013-03-20 12:12 - 00524288 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-08-16 23:06 - 2013-03-20 20:30 - 00000178 ___SH () C:\Documents and Settings\DJ RAC\ntuser.ini
2014-08-16 23:06 - 2013-03-18 07:24 - 00032514 _____ () C:\WINDOWS\Tasks\SchedLgU.Txt
2014-08-16 23:03 - 2014-08-16 17:32 - 00002093 _____ () C:\WINDOWS\setupapi.log
2014-08-16 23:00 - 2014-07-25 03:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-16 20:44 - 2014-08-16 20:44 - 00000532 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook64.txt
2014-08-16 20:42 - 2014-08-16 20:42 - 00165376 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook_x64.exe
2014-08-16 20:37 - 2013-03-18 13:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-08-16 17:07 - 2013-10-09 18:28 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-16 16:52 - 2014-08-16 16:52 - 02101760 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\FRST64.exe
2014-08-16 16:17 - 2014-08-16 16:15 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Desktop\FRST-OlderVersion
2014-08-16 16:12 - 2014-08-16 16:12 - 00000590 _____ () C:\Documents and Settings\DJ RAC\Desktop\JRT.txt
2014-08-16 16:06 - 2014-08-16 16:06 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-16 16:04 - 2014-08-16 16:04 - 01016261 _____ (Thisisu) C:\Documents and Settings\DJ RAC\Desktop\JRT.exe
2014-08-16 16:02 - 2014-08-16 16:02 - 00004291 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner[S0].txt
2014-08-16 15:59 - 2014-08-16 15:59 - 00001286 _____ () C:\WINDOWS\PFRO.log
2014-08-16 15:57 - 2014-08-16 15:51 - 00000000 ____D () C:\AdwCleaner
2014-08-16 15:51 - 2014-08-16 15:50 - 01361203 _____ () C:\Documents and Settings\DJ RAC\Desktop\AdwCleaner.exe
2014-08-16 15:48 - 2014-08-16 15:47 - 00000696 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook32.txt
2014-08-16 15:42 - 2013-03-20 20:30 - 00000000 ____D () C:\Documents and Settings\DJ RAC
2014-08-16 15:27 - 2014-08-16 15:27 - 00139264 _____ () C:\Documents and Settings\DJ RAC\Desktop\SystemLook32.exe
2014-08-16 14:15 - 2014-04-03 13:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 30 0
2014-08-16 13:33 - 2013-03-20 20:30 - 00000265 _____ () C:\Documents and Settings\DJ RAC\wiadebug.log
2014-08-15 12:15 - 2013-09-10 02:18 - 00000000 ____D () C:\Documents and Settings\DJ RAC\Application Data\vlc
2014-08-15 11:13 - 2014-08-15 11:13 - 02100224 _____ (Farbar) C:\Documents and Settings\DJ RAC\Desktop\Farbar Recovery Scan Tool - FRST64.exe
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\RegBackup
2014-08-13 17:29 - 2014-08-13 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-08-13 17:27 - 2014-08-13 17:27 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-08-13 08:13 - 2013-03-20 12:12 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-13 00:30 - 2013-03-20 12:12 - 00000628 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-08-12 14:39 - 2014-06-18 14:13 - 00000000 ____D () C:\Program Files (x86)\Opera 22 0 1471 70
2014-08-11 20:41 - 2013-05-20 17:57 - 00000000 ____D () C:\WINDOWS\SysWOW64\cache
2014-08-04 15:12 - 2013-03-20 20:52 - 00000178 ___SH () C:\Documents and Settings\Lety\ntuser.ini
2014-08-04 15:11 - 2013-03-20 20:52 - 00000000 ____D () C:\Documents and Settings\Lety\Local Settings\Temp
2014-08-04 15:03 - 2013-03-20 20:52 - 00000265 _____ () C:\Documents and Settings\Lety\wiadebug.log
2014-08-04 10:17 - 2014-05-01 09:12 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2014 Ver 2014 0 4744
2014-08-01 00:30 - 2013-03-20 12:12 - 00000458 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-07-31 15:32 - 2013-03-18 17:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TEMP
2014-07-25 03:02 - 2013-03-18 13:20 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-25 03:02 - 2013-03-18 13:20 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Documents and Settings\DJ RAC\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
==================== End Of Log ============================
Hi joselepiu,
I was hoping that would replace the missing files, but it did not. Let's continue to make sure there is no malware on your system then we can redirect our efforts to correcting the file issue.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Scan tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)
Select type of scan to perform:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMScanTab_zps2c5e74bd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMScanTab_zps2c5e74bd.gif.html)
Threat Scan < --- Select this type of scan
Custom Scan
Hyper Scan
Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner
*Note:
It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".
= = = = = = = = = = = = = = = = = = = =
Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)
(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply
Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.
=========================
In your next post please provide the following:
MBAM log
ESET's log.txt
How's the computer running?
joselepiu
2014-08-17, 23:21
should i disable avg & spybot before running Malwarebytes Anti-Malware?...
Hi joselepiu,
should i disable avg & spybot before running Malwarebytes Anti-Malware?...
It's not necessary for MBAM, but it is for the ESET scan. :bigthumb:
joselepiu
2014-08-18, 03:36
scanning now...
joselepiu
2014-08-18, 05:03
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/17/2014
Scan Time: 7:30:34 PM
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.08.17.05
Rootkit Database: v2014.08.16.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows XP Service Pack 2
CPU: x64
File System: NTFS
User: DJ RAC
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 388343
Time Elapsed: 12 min, 36 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
================================================
ESET Online Scanner scan log:
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\1-Click YouTube Downloader Ver 9 0 Setup.exe Win32/DownWare.W potentially unwanted application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\AoA Audio Extractor Basic Ver 2 3 6 Setup.exe Win32/InstallMonetizer.AU potentially unwanted application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\Auslogics Duplicate File Finder Ver 2 5 1 0 Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\Auslogics Registry Cleaner Ver 2 5 1 0 Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\Auslogics Registry Defrag Ver 6 5 1 0 Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\CCleaner Ver 3 28 1913 Setup.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Installed\recuva 1 46 setup146.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Not Installed\FormatFactory Video Converter Ver 3 0 1 1 Setup.zip a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Documents and Settings\DJ RAC\Desktop\Files & Folders\Tools\Not Installed\Media Player Codec Pack Ver 4 2 5 Setup.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\System Volume Information\_restore{1F140895-6C24-408C-96C4-86D1960E9760}\RP159\A0174964.dll Win32/Bundled.Toolbar.Ask.B potentially unsafe application deleted - quarantined
joselepiu
2014-08-20, 06:57
hello, ocd are you still helping me?...,
Hi joselepiu,
I apologize. I didn't get a notification that you replied to the thread.
Both MBAM & ESET scans look good. How does the computer seem to be running?
joselepiu
2014-08-20, 11:24
still the same...
very slow & sluggish...
the hard drives noises & the green light are the same. ...
Hi joselepiu,
Some of your performance issues could be a result of the age of your machine. Although I am not well versed in the hardware area of the computer here is some information you might need to take into account.
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+
http://en.wikipedia.org/wiki/Athlon_64_X2
http://www.cpubenchmark.net/cpu.php?cpu=AMD+Athlon+64+X2+Dual+Core+3800%2B
Random Access Memory
Total physical RAM: 3774.23 MB
Available physical RAM: 3092.71 MB
Minimal by today's standards.
Primary Hard Drive
Drive c: () (Fixed) (Total:279.47 GB) (Free:7.81 GB) NTFS
It is recommended that you keep a minimum of 20% free space on your primary hard drive.
= = = = = = = = = = = = = = = = = = = =
Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
= = = = = = = = = = = = = = = = = = = =
In your next post please provide the following:
checkup.txt
Thoughts on the information I provided.
joselepiu
2014-08-20, 19:20
thanks for the links...
very interesting info...
did not realized its that old & may be obsolete by todays standars...
here is the checkup scan log:...
Results of screen317's Security Check version 0.99.87
Windows XP x64
Out of date service pack!! (http://windows.microsoft.com/en-us/windows/help/learn-how-to-install-windows-xp-service-pack-3-sp3)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
A
V
G
ECHO is off.
A
n
t
i
V
i
r
u
s
ECHO is off.
F
r
e
ECHO is off.
E
d
i
t
i
o
n
ECHO is off.
2
0
1
4
ECHO is off.
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Out of date HijackThis installed!
Spybot - Search & Destroy
HijackThis 2.0.2
Auslogics Registry Cleaner
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Google Chrome 36.0.1985.125
Google Chrome 36.0.1985.143
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
Malwarebytes Anti-Malware 2 0 2 1012 mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Hi joselepiu,
Windows XP x64 - Out of date service pack!!
Internet Explorer 7 - Out of date!
As you can see by the above from the Security Check scan you need to update Windows XP and Internet Explorer.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Windows Automatic Updates
Open Windows Update by clicking the Start button http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html), clicking All Programs, and then clicking Windows Update.
Download and Install the Important Updates.
In the left pane, click Change settings.
Choose the option that you want.
Under Recommended updates, select the Include recommended updates when downloading, installing, or notifying me about updates check box, and then click OK. http://i1269.photobucket.com/albums/jj590/OCD-WTT/windowsshield_zps565f3936.png (http://s1269.photobucket.com/user/OCD-WTT/media/windowsshield_zps565f3936.png.html) Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot & test
joselepiu
2014-08-21, 07:14
every time i clicked on an option the comp frezees and it takes up to 4 mins to open the next page...
please reference pics...
start ==> all programs ==> windows update
http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us
then on this page with these 2 options:
==> [ ] express: Get high-priority updates (recommended)
==> [ ] custom: Select from optional and high-priority updates for Windows and other programs
it dont matter what i pick it takes me to another page with these options:
==> [ ] Register or reinstall the files for me now (Recommended)
==> [ ] Let me read about more steps that might be required to solve the problem
[ continue ]
if a pick [ ] Register or reinstall the files for me now (Recommended) it takes me to:(http://update.microsoft.com/windowsupdate/v6/default.aspx?ln=en-us)
and it shows this:
[X] The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.
For self-help options:
Frequently Asked Questions
Find Solutions
Windows Update Newsgroup
For assisted support options:
Microsoft Online Assisted Support (no-cost for Windows Update issues)
[Error number: 0x80070420]
if a pick [ ] Let me read about more steps that might be required to solve the problem
it takes me to:
[X] HTTP Error 404 - File or directory not found.
Cannot find the page you are looking for. It might have been removed, had its name changed, or is temporarily unavailable.
Please try the following:
Ensure that the Web site address displayed in the address bar of your browser is spelled and formatted correctly.
If you reached this page by clicking a link, contact the Web site administrator to alert them that the link is incorrectly formatted.
Click the Back button to try another link.
[Error number: 0x8DDD000F]
Hi joselepiu,
I can't say for certain but, being that you are running Windows XP (which is no longer supported by Microsoft) that might be contributing to the issues you are encountering.
=========================
Let's check the hard drive for issues:
Click the Start menu http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html), in the search box type "cmd" (without the quotes)
Next you will see a menu that has a small black DOS icon http://i1269.photobucket.com/albums/jj590/OCD-WTT/Dosicon_zps3944e344.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Dosicon_zps3944e344.gif.html) with the text cmd next to it.
Double click on the DOS icon to run, OR
Right click on the DOS icon and select "Run as Administrator".
Select Yes if presented with the UAC prompt.
Next the larger DOS window will open with c:windows\system32>
Type or copy and paste (if it will allow) chkdsk /r, then hit Enter (make sure there is space between chkdsk and the /r)
You will see a warning:
Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)
Press the Y key, then hit Enter
You will see the following:
This volume will be checked the next time the system restarts.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/chkdskgui_zps1cc21043.gif (http://s1269.photobucket.com/user/OCD-WTT/media/chkdskgui_zps1cc21043.gif.html)
Close the window, or type Exit, then press Enter.
Now restart your computer to allow the chkdsk scan to be performed.
In your next post please provide the following:
Report back with the results.
joselepiu
2014-08-21, 15:20
after typing "cmd" (no quotes) i get this:
Hi joselepiu,
Try this method instead:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) chkdsk scan
Click Start and My Computer.
Right-click the hard drive you want to check, and click Properties.
Select the Tools tab in the Error Checking section click Check Now. Check both boxes. Click Start.
You'll get a message that the computer must be rebooted to run a complete check.
Click Yes and reboot. Chkdsk will take a while, so run it when you don't need to use the computer for something else.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) To view results log:
Go to Start - Run and type in eventvwr.msc, and hit enter.
When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up.
This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.
=========================
In your next post please provide the following:
chkdsk results
joselepiu
2014-08-22, 00:02
all 24,385 are the same...
joselepiu
2014-08-22, 00:05
forgot to mention that there was no "Winlogon"...
Hi joselepiu,
Hmmm ... OK then let's try another approach.
Download Tweaking.com Windows Repair from here (http://www.bleepingcomputer.com/download/windows-repair-all-in-one/) or here (http://www.tweaking.com/files/setups/tweaking.com_windows_repair_aio_setup.exe) and save it to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Once the program opens you will be at the Welcome tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/TweakingMainGUI_zps5a2aae6e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/TweakingMainGUI_zps5a2aae6e.gif.html)
=========================
Step 3: Check File System
http://i1269.photobucket.com/albums/jj590/OCD-WTT/Tweeking/TweakingStep3chkdsk_zpsc9039974.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Tweeking/TweakingStep3chkdsk_zpsc9039974.gif.html)
Check File System:
Select the Do It button (option #3) to scan and repair the system files.
Follow the onscreen instructions.
Reboot when finished
=========================
In your next post please provide the following:
System File Check results
joselepiu
2014-08-22, 16:59
do i do steps 1 & 2?...
or just step 3?...
joselepiu
Only the highlighted step. (Step #3)
joselepiu
2014-08-22, 17:44
i got this after clicking:
2. check disk (if needed)...
should i restart manually?...
joselepiu
2014-08-22, 18:46
here is the log of the step 1 of step 3...
i did restart the comp manually by closing the message window by clicking on the X...
the restart the comp by ===> start ===> turn off computer ===> restart ...
step 2 did not produce a log...
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\DJ RAC\Desktop>CD /D C:\
C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
WARNING! F parameter not specified.
Running CHKDSK in read-only mode.
CHKDSK is verifying files (stage 1 of 3)...
9 percent complete. (87772 of 91968 file records processed)
109196891968
91968 file records processed.
File verification completed.
10 percent complete. (1 of 1363 large file records processed)
1013631363
1363 large file records processed.
1000
0 bad file records processed.
1000
0 EA records processed.
1022
2 reparse records processed.
CHKDSK is verifying indexes (stage 2 of 3)...
55 percent complete. (304875 of 305163 index entries processed)
55305163305163
305163 index entries processed.
Index verification completed.
5555
5 unindexed files processed.
CHKDSK is verifying security descriptors (stage 3 of 3)...
59 percent complete. (89943 of 91968 descriptors processed)
599196891968
91968 security descriptors processed.
Security descriptor verification completed.
5965906590
6590 data files processed.
CHKDSK is verifying Usn Journal...
100 percent complete. (9166848 of 9170704 USN bytes processed)
10091707049170704
9170704 USN bytes processed.
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.
293048248 KB total disk space.
281098396 KB in 70829 files.
30072 KB in 6591 indexes.
4 KB in bad sectors.
179968 KB in use by the system.
65536 KB occupied by the log file.
11739808 KB available on disk.
4096 bytes in each allocation unit.
73262062 total allocation units on disk.
2934952 allocation units available on disk.
C:\>
Hi joselepiu,
Windows found problems with the file system.
You stated that when you previously tried this step you encountered the path below:
C:\WINDOWS\$NtServicePackUninstall$>
What you will need to do is change directories before you can enter the correct command to have check disk complete.
Click the Start menu http://i1269.photobucket.com/albums/jj590/OCD-WTT/start.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/start.jpg.html), in the search box type "cmd" (without the quotes)
Next you will see a menu that has a small black DOS icon http://i1269.photobucket.com/albums/jj590/OCD-WTT/Dosicon_zps3944e344.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Dosicon_zps3944e344.gif.html) with the text cmd next to it.
Double click on the DOS icon to run, OR
Right click on the DOS icon and select "Run as Administrator".
Select Yes if presented with the UAC prompt.
Next the larger DOS window will open with C:\WINDOWS\$NtServicePackUninstall$>
Here is where you will have to change directories:
Next to the above entry type: cd.. >> Enter
You should see in the DOS windows that the line now reads C:\WINDOWS\
Next type: cd system32 >> Enter
You should now see C:\WINDOWS\system32>
Next we will type our check disk command (shown below)
Type or copy and paste (if it will allow) chkdsk /f, then hit Enter (make sure there is space between chkdsk and the /r)
You will see a warning:
Chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)
Press the Y key, then hit Enter
You will see the following:
This volume will be checked the next time the system restarts.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/chkdskgui_zps1cc21043.gif (http://s1269.photobucket.com/user/OCD-WTT/media/chkdskgui_zps1cc21043.gif.html)
Close the window, or type Exit, then press Enter.
Now restart your computer to allow the chkdsk scan to be performed.
Post the results when completed.
joselepiu
2014-08-23, 09:21
i ran the check scan but did bo produce any logs...
you asked me to do this:
""To view results log:
Go to Start - Run and type in eventvwr.msc, and hit enter.
When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up.
This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.""
i did not find the ""Winlogon"" there...
i posted some pics of what i found there on my post ""??? 14-08-21, 16:02...
bit ill run the ""chkdsk /f"" comand again...
joselepiu
2014-08-23, 09:54
i just noticed that in your institutions there is a confusing typo...
Type or copy and paste (if it will allow) ===chkdsk /f=== , then hit Enter (make sure there is space between === chkdsk and the /r===)
which one is the correct one?...
i just noticed that in your institutions there is a confusing typo...
Type or copy and paste (if it will allow) ===chkdsk /f=== , then hit Enter (make sure there is space between === chkdsk and the /r===)
which one is the correct one?...
My oversite, chkdsk /r is the correct entry.
Go to Start - Run and type in eventvwr.msc, and hit enter.
When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up.
This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.""
Double click "Application" to expand the menu.
joselepiu
2014-08-24, 04:32
i get this again...
start ===> run ===> type: "eventvwr.msc" ===> click "OK" ===>
11748
and after clicking on "Application" i get this:...
11749
when i try to scroll down all disappears...
11750
but at the top of the window it still shows 24,385 events...
???...
joselepiu
2014-08-24, 04:34
in another note...
by error i clicked on security instead of application...
and i saw this...
11751
are those anonymous logons normal?...
joselepiu
2014-08-24, 04:42
here is another pic of those ""anonymous logons"" with todays date...
11752 ...
Hi joselepiu,
Please do not attach the images, it makes it time consuming to review your answers. :bigthumb:
We have removed all the malware that was found on your computer.
As far as the errors messages and the anonymous logons contained within the event viewer are concerned, unfortunately, this is not my area of expertise. My primary focus is on malware removal, and as stated in my opening introduction " I will be working on your Malware issues, this may or may not, solve other issues you have with your machine."
We may have come to the point where you best course of action would be to either reformat and reinstall the current version of your OS. Or option two, which would be to upgrade to a newer version. I would strongly recommend the second option since Microsoft no longer offers support for Windows XP.
Either option would resolve the current missing or corrupt files that are present on your computer and may be contributing to the problems we are encountering.
Please let me know how you would like to proceed.
joselepiu
2014-08-24, 06:22
sorry about the pics...
just try to do what you did...
tried to include the pics with the text but it did not work out...
could not edit it after posted (do not think is even possible in this site)...
thought it would be easier for you to understand what i meant...
a pic is worth more than 1,000 words... and all that...
in regards to the anonymous logons...
i think that that says that my computer is indeed infected with something unless that is normal...
Hi joselepiu,
in regards to the anonymous logons...
i think that that says that my computer is indeed infected with something unless that is normal...
Could you cut and paste an anonymous logon message (click the little copy button after double clicking the event)
Are you on a network?
"Some network applications use the ANONYMOUS LOGON process to create a communication channel with your computer. Anonymous logon means that it is a null session. NT Auth/Anonymous is just a pseudonym for a Null Session. The NTAuth/Anonymous isn't really an account; it just means that no credentials were supplied. There are many conditions known to cause a null session connection which makes it difficult to tell the exact cause of these particular events. "
joselepiu
2014-08-24, 08:36
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 540
Date: 8/23/2014
Time: 7:58:50 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DJ-RAC-PUTTER
Description:
Successful Network Logon:
User Name:
Domain:
Logon ID: (0x0,0x1437E)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name:
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
joselepiu
2014-08-24, 08:39
forgot to answer your question...
im not in any network...
forgot to answer your question...
im not in any network...
How do you connect to the internet?
Who is you ISP?
joselepiu
2014-08-24, 19:15
my isp provider is century link...
and i get dsl...
Hi joselepiu,
Event Type: Success Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 540
Date: 8/23/2014
Time: 7:58:50 PM
User: NT AUTHORITY\ANONYMOUS LOGON
Computer: DJ-RAC-PUTTER
Description:
Successful Network Logon:
User Name:
Domain:
Logon ID: (0x0,0x1437E)
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name:
Logon GUID: -
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: -
Source Port: -
An excerpt from the information I previously provided:
"The NTAuth/Anonymous isn't really an account; it just means that no credentials were supplied."
my isp provider is century link...
and i get dsl...
This type of connection is considered a network.
So these entries appear to be legitimate, and not malware related as you suspected.
joselepiu
2014-08-27, 05:52
ok thanks...
is there any other place i can get help for the problem?...
what do you recommend?...
Hi joselepiu,
There is another forum that I volunteer at that has a Tech Team that might be able to help with your issues.
Go to WhatTheTech.com (http://forums.whatthetech.com/index.php?) you will need to create an account, the start a new thread in the General Hardware Forum.
Give a brief description of the problem along with a link to this thread so the Tech Team helper can see what we have done already.
Also, let them know that the thread is at Safer-Networking Forum (http://www.safer-networking.org/)
Include this link in your post:http://forums.spybot.info/showthread.php?70963-System-XP-Pro-x64-Edition
joselepiu
2014-08-28, 16:58
i will do that...
thanks for all your help...
You're very welcome. Glad I was able to help. :bigthumb:
Since this issue appears to be resolved ... this Topic has been closed.
If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.