Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Browser redirects, URL:Mal2 detected by Avast

  1. #11
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default OTL log part 3

    [2013/10/14 12:53:47 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cbsra.exe
    [2013/10/14 12:47:31 | 000,000,000 | ---D | C] -- C:\03086a4ad6c74b04e539a6d7
    [2013/10/14 11:50:42 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\WindowsUpdate
    [2013/10/14 11:40:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
    [2013/10/14 11:39:24 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
    [2013/10/14 11:37:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
    [2013/10/14 11:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
    [2013/10/14 11:35:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
    [2013/10/14 11:35:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
    [2013/10/14 11:33:34 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
    [2013/10/14 11:32:57 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Microsoft Help
    [2013/10/14 11:32:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
    [2013/10/14 11:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
    [2013/10/14 11:30:57 | 000,000,000 | RH-D | C] -- C:\MSOCache
    [2013/10/13 23:21:05 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
    [2013/10/13 23:21:01 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    [2013/10/13 23:20:57 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
    [2013/10/13 23:20:56 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
    [2013/10/13 23:20:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
    [2013/10/13 23:20:43 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
    [2013/10/13 13:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
    [2013/10/13 13:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
    [2013/10/12 21:46:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Google
    [2013/10/12 21:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\Image Converter
    [2013/10/12 21:23:55 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\HpUpdate
    [2013/10/12 21:23:44 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
    [2013/10/12 19:08:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2013/10/12 19:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2013/10/12 18:56:35 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Desktop\Programs
    [2013/10/12 17:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
    [2013/10/12 17:12:32 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Canneverbe Limited
    [2013/10/12 17:12:27 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
    [2013/10/12 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Macromedia
    [2013/10/12 17:00:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
    [2013/10/12 17:00:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\IrfanView
    [2013/10/12 17:00:20 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
    [2013/10/12 16:49:30 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/10/12 16:49:29 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/10/12 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
    [2013/10/12 16:39:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
    [2013/10/12 16:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
    [2013/10/12 16:36:28 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Adobe
    [2013/10/12 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\ADB49\Documents\My Kindle Content
    [2013/10/12 16:32:58 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
    [2013/10/12 16:32:16 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Amazon
    [2013/10/12 16:28:09 | 000,000,000 | ---D | C] -- C:\Program Files\EasyGPS
    [2013/10/12 16:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
    [2013/10/12 15:43:33 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\FlickrNet
    [2013/10/12 15:19:29 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Macromedia
    [2013/10/12 14:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
    [2013/10/12 03:10:37 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
    [2013/10/12 03:10:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
    [2013/10/12 03:10:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
    [2013/10/12 03:10:36 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
    [2013/10/12 03:10:36 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
    [2013/10/12 03:09:26 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
    [2013/10/12 03:09:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
    [2013/10/12 03:08:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
    [2013/10/12 03:08:35 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
    [2013/10/12 03:07:51 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2013/10/12 03:07:51 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2013/10/12 03:07:50 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2013/10/12 03:07:50 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2013/10/12 03:07:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2013/10/12 03:07:50 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2013/10/12 03:07:49 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2013/10/12 03:07:49 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2013/10/12 03:07:49 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2013/10/12 00:16:32 | 000,000,000 | -HSD | C] -- C:\Boot
    [2013/10/12 00:15:52 | 000,000,000 | ---D | C] -- C:\Windows\PANTHER
    [2013/10/12 00:15:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\OEM
    [2013/10/11 23:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
    [2013/10/11 22:19:22 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Adobe
    [2013/10/11 22:19:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\HP
    [2013/10/11 21:23:29 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
    [2013/10/11 21:22:14 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2013/10/11 21:20:09 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2013/10/11 21:19:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2013/10/11 21:19:44 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2013/10/11 21:19:41 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/10/11 21:19:38 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2013/10/11 21:17:41 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
    [2013/10/11 21:17:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
    [2013/10/11 21:15:26 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
    [2013/10/11 21:15:26 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
    [2013/10/11 21:15:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
    [2013/10/11 21:13:53 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
    [2013/10/11 21:13:53 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
    [2013/10/11 21:13:53 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
    [2013/10/11 21:13:52 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
    [2013/10/11 21:13:52 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
    [2013/10/11 21:13:52 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
    [2013/10/11 21:13:52 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
    [2013/10/11 21:04:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
    [2013/10/11 21:04:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
    [2013/10/11 20:56:04 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
    [2013/10/11 20:56:03 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
    [2013/10/11 20:56:03 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
    [2013/10/11 20:56:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
    [2013/10/11 20:56:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
    [2013/10/11 20:56:02 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
    [2013/10/11 20:44:54 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
    [2013/10/11 20:44:54 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
    [2013/10/11 20:42:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
    [2013/10/11 20:42:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
    [2013/10/11 20:41:45 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
    [2013/10/11 20:39:44 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
    [2013/10/11 20:21:53 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2013/10/11 20:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
    [2013/10/11 20:16:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
    [2013/10/11 20:14:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hcrstco.dll
    [2013/10/11 20:14:42 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hccoin.dll
    [2013/10/11 20:10:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
    [2013/10/11 20:05:13 | 001,808,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
    [2013/10/11 20:05:13 | 001,793,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
    [2013/10/11 20:05:13 | 001,558,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
    [2013/10/11 20:05:13 | 001,411,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
    [2013/10/11 20:05:12 | 005,499,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
    [2013/10/11 20:05:12 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
    [2013/10/11 20:05:12 | 001,782,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
    [2013/10/11 20:05:12 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
    [2013/10/11 20:05:11 | 007,964,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
    [2013/10/11 20:05:10 | 005,791,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
    [2013/10/11 20:05:09 | 006,224,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
    [2013/10/11 20:05:09 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
    [2013/10/11 20:05:08 | 004,981,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
    [2013/10/11 20:05:08 | 003,331,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
    [2013/10/11 20:05:08 | 002,466,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
    [2013/10/11 20:05:07 | 006,781,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
    [2013/10/11 20:05:06 | 011,722,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
    [2013/10/11 20:05:06 | 004,164,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
    [2013/10/11 20:05:06 | 001,452,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
    [2013/10/11 20:05:05 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
    [2013/10/11 20:05:05 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
    [2013/10/11 20:05:04 | 004,093,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
    [2013/10/11 20:05:04 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
    [2013/10/11 20:05:04 | 001,702,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
    [2013/10/11 20:05:03 | 004,045,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
    [2013/10/11 20:05:03 | 001,972,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
    [2013/10/11 20:05:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
    [2013/10/11 20:05:02 | 006,585,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
    [2013/10/11 20:05:02 | 006,014,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
    [2013/10/11 20:04:59 | 006,346,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
    [2013/10/11 20:04:58 | 009,892,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
    [2013/10/11 20:04:58 | 006,237,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
    [2013/10/11 20:04:58 | 001,722,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
    [2013/10/11 20:04:57 | 005,654,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
    [2013/10/11 20:04:57 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
    [2013/10/11 20:04:57 | 004,616,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
    [2013/10/11 20:04:56 | 005,031,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
    [2013/10/11 20:04:55 | 007,042,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
    [2013/10/11 20:04:55 | 005,071,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
    [2013/10/11 20:04:55 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
    [2013/10/11 20:04:54 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
    [2013/10/11 20:04:52 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
    [2013/10/11 20:04:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
    [2013/10/11 20:04:52 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
    [2013/10/11 20:04:51 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
    [2013/10/11 20:04:51 | 002,657,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
    [2013/10/11 20:04:51 | 001,966,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
    [2013/10/11 20:04:51 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
    [2013/10/11 20:04:50 | 003,466,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
    [2013/10/11 20:04:50 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
    [2013/10/11 20:04:50 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
    [2013/10/11 20:04:49 | 004,497,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
    [2013/10/11 20:04:49 | 002,599,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
    [2013/10/11 20:04:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
    [2013/10/11 20:04:49 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
    [2013/10/11 20:04:48 | 002,243,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
    [2013/10/11 20:04:47 | 004,875,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
    [2013/10/11 20:04:46 | 003,104,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
    [2013/10/11 20:04:46 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
    [2013/10/11 20:04:46 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
    [2013/10/11 20:04:46 | 001,801,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
    [2013/10/11 20:04:45 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
    [2013/10/11 20:04:45 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
    [2013/10/11 20:04:44 | 009,847,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
    [2013/10/11 20:04:44 | 002,643,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
    [2013/10/11 20:04:44 | 002,342,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
    [2013/10/11 20:04:43 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
    [2013/10/11 20:04:43 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
    [2013/10/11 20:04:42 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
    [2013/10/11 20:04:42 | 004,495,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
    [2013/10/11 20:04:42 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
    [2013/10/11 20:04:42 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
    [2013/10/11 20:04:41 | 006,917,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
    [2013/10/11 20:04:41 | 001,965,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
    [2013/10/11 19:59:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
    [2013/10/11 19:59:43 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
    [2013/10/11 19:59:42 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
    [2013/10/11 19:59:42 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
    [2013/10/11 19:59:42 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
    [2013/10/11 19:59:42 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
    [2013/10/11 19:59:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
    [2013/10/11 19:59:41 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
    [2013/10/11 19:59:41 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
    [2013/10/11 19:56:47 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
    [2013/10/11 19:56:46 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
    [2013/10/11 19:56:45 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
    [2013/10/11 19:56:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
    [2013/10/11 19:56:45 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
    [2013/10/11 19:56:44 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
    [2013/10/11 19:56:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
    [2013/10/11 19:54:59 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
    [2013/10/11 19:54:59 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
    [2013/10/11 19:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
    [2013/10/11 19:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    [2013/10/11 19:46:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2013/10/11 19:45:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
    [2013/10/11 19:45:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
    [2013/10/11 19:42:04 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
    [2013/10/11 19:42:03 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
    [2013/10/11 19:41:06 | 000,966,656 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hpost_p02c.dll
    [2013/10/11 19:41:06 | 000,315,392 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\hposc_p02a.dll
    [2013/10/11 19:41:05 | 000,712,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hposwia_p02c.dll
    [2013/10/11 19:41:05 | 000,372,736 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppldcoi.dll
    [2013/10/11 19:41:05 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\difxapi.dll
    [2013/10/11 19:40:28 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
    [2013/10/11 19:40:00 | 000,123,904 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpf3l70v.dll
    [2013/10/11 19:39:54 | 000,000,000 | ---D | C] -- C:\Users\ADB49\{ea923793-435b-419d-b4c2-385cf01d320b}
    [2013/10/11 19:37:06 | 000,000,000 | -H-D | C] -- C:\Config.Msi
    [2013/10/11 19:32:11 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
    [2013/10/11 19:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\HP
    [2013/10/11 19:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
    [2013/10/11 18:48:37 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
    [2013/10/11 18:48:37 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
    [2013/10/11 18:31:06 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
    [2013/10/11 18:30:37 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
    [2013/10/11 18:30:36 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
    [2013/10/11 18:29:44 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
    [2013/10/11 18:28:57 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
    [2013/10/11 18:27:20 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
    [2013/10/11 18:26:09 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2013/10/11 18:26:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
    [2013/10/11 18:25:26 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
    [2013/10/11 18:24:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
    [2013/10/11 18:24:25 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
    [2013/10/11 18:24:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
    [2013/10/11 18:24:21 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
    [2013/10/11 16:52:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Mozilla
    [2013/10/11 16:52:47 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Mozilla
    [2013/10/11 16:52:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2013/10/11 16:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
    [2013/10/11 16:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/10/11 16:42:54 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2013/10/11 16:42:54 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/10/11 16:42:51 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2013/10/11 16:42:50 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/10/11 16:42:49 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/10/11 16:42:44 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/10/11 16:42:44 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/10/11 16:41:58 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
    [2013/10/11 16:41:33 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/10/11 16:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2013/10/11 16:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
    [2013/10/11 16:12:39 | 000,014,168 | ---- | C] (Zeal SoftStudio) -- C:\Windows\System32\drivers\zntport.sys
    [2013/10/11 16:12:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
    [2013/10/11 16:12:33 | 000,073,728 | ---- | C] (Macrovision Corporation) -- C:\Windows\System32\ISUSPM.cpl
    [2013/10/11 16:12:33 | 000,065,536 | ---- | C] (Zeal SoftStudio) -- C:\Windows\System32\NTPORT.DLL
    [2013/10/11 16:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\FSC
    [2013/10/11 16:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
    [2013/10/11 16:10:30 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\InstallShield
    [2013/10/11 16:08:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
    [2013/10/11 16:08:10 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
    [2013/10/11 16:08:08 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
    [2013/10/11 16:08:08 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
    [2013/10/11 16:08:08 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
    [2013/10/11 16:08:08 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
    [2013/10/11 16:08:04 | 001,191,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd.exe
    [2013/10/11 16:08:04 | 000,532,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
    [2013/10/11 16:08:03 | 000,563,712 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
    [2013/10/11 16:08:03 | 000,017,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
    [2013/10/11 16:08:02 | 004,702,208 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    [2013/10/11 16:08:02 | 002,072,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
    [2013/10/11 16:08:02 | 000,266,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
    [2013/10/11 16:08:02 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
    [2013/10/11 16:08:01 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
    [2013/10/11 16:08:01 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
    [2013/10/11 16:07:48 | 000,520,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
    [2013/10/11 16:07:48 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
    [2013/10/11 16:07:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
    [2013/10/11 16:07:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiS VGA Utilities
    [2013/10/11 16:07:09 | 000,006,656 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSApi.dll
    [2013/10/11 16:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\SiS VGA Utilities
    [2013/10/11 16:05:46 | 004,078,592 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSGlv.dll
    [2013/10/11 16:05:46 | 003,625,984 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SISGRUMD.dll
    [2013/10/11 16:05:46 | 000,655,360 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSClone.dll
    [2013/10/11 16:05:46 | 000,456,568 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISGRKMD.sys
    [2013/10/11 16:05:46 | 000,212,992 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSFunc.dll
    [2013/10/11 16:05:46 | 000,006,656 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSCo.dll
    [2013/10/11 16:05:46 | 000,005,632 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\SiSKrl.dll
    [2013/10/11 16:05:45 | 000,056,184 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\Windows\System32\drivers\SISAGPX.SYS
    [2013/10/11 16:05:13 | 000,022,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\streamci.dll
    [2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Searches
    [2013/10/11 15:47:21 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2013/10/11 15:47:12 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Roaming\Identities
    [2013/10/11 15:47:11 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Contacts
    [2013/10/11 15:47:10 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\VirtualStore
    [2013/10/11 15:47:06 | 000,000,000 | --SD | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Videos
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Saved Games
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Pictures
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Music
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Links
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Favorites
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Downloads
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Documents
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\Desktop
    [2013/10/11 15:47:06 | 000,000,000 | R--D | C] -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\Temporary Internet Files
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Templates
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Start Menu
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\SendTo
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Recent
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\PrintHood
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\NetHood
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Videos
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Pictures
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Documents\My Music
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\My Documents
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Local Settings
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\History
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Cookies
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\Application Data
    [2013/10/11 15:47:06 | 000,000,000 | -HSD | C] -- C:\Users\ADB49\AppData\Local\Application Data
    [2013/10/11 15:47:06 | 000,000,000 | -H-D | C] -- C:\Users\ADB49\AppData
    [2013/10/11 15:47:06 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Temp
    [2013/10/11 15:47:06 | 000,000,000 | ---D | C] -- C:\Users\ADB49\AppData\Local\Microsoft
    [2013/10/11 15:46:56 | 000,516,784 | R--- | C] (Xceed Software Inc (450) 442-2626 support@xceedsoft.com www.xceedsoft.com) -- C:\Windows\System32\XceedCry.dll
    [2013/10/11 15:21:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
    [2013/10/11 15:19:55 | 000,000,000 | ---D | C] -- C:\Windows\Debug
    [2013/10/11 15:18:41 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
    [2013/10/11 15:18:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
    [1 C:\*.tmp files -> C:\*.tmp -> ]
    ========== Files - Modified Within 30 Days ==========

    [2013/10/22 15:34:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ADB49\Desktop\OTL.exe
    [2013/10/22 15:24:28 | 001,033,335 | ---- | M] (Thisisu) -- C:\Users\ADB49\Desktop\JRT.exe
    [2013/10/22 14:44:21 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/10/22 14:44:18 | 000,003,648 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/10/22 14:42:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/10/22 14:42:47 | 802,340,864 | -HS- | M] () -- C:\hiberfil.sys
    [2013/10/22 10:37:39 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/10/22 10:34:33 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\ADB49\Desktop\mbam-setup-1.75.0.1300.exe
    [2013/10/22 10:32:44 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\ADB49\Desktop\GooredFix.exe
    [2013/10/22 10:29:55 | 000,000,096 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\WB.CFG
    [2013/10/22 10:29:44 | 000,000,006 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\WBPU-TTL.DAT
    [2013/10/21 11:58:30 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/10/21 11:58:30 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2013/10/21 11:58:30 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/10/21 11:58:30 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/10/21 11:58:30 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/10/21 11:58:30 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/10/21 11:58:29 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
    [2013/10/21 11:58:29 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/10/21 11:58:26 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/10/21 11:58:26 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/10/21 11:56:03 | 000,002,627 | ---- | M] () -- C:\Users\ADB49\Desktop\Word.lnk
    [2013/10/21 11:53:16 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2013/10/20 18:05:08 | 000,140,848 | ---- | M] () -- C:\Users\ADB49\Documents\Journey North.pdf
    [2013/10/19 17:01:38 | 000,002,585 | ---- | M] () -- C:\Users\ADB49\Desktop\Excel.lnk
    [2013/10/19 16:12:29 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/10/19 16:12:28 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/10/18 22:45:07 | 000,133,062 | ---- | M] () -- C:\Users\ADB49\Documents\From Marvig to Nanaimo.pdf
    [2013/10/17 09:15:47 | 000,000,913 | ---- | M] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/10/16 10:24:15 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    [2013/10/14 22:01:07 | 000,271,264 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2013/10/14 15:08:43 | 000,000,943 | ---- | M] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2013/10/14 13:50:57 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
    [2013/10/14 13:50:38 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
    [2013/10/14 13:38:23 | 000,049,152 | ---- | M] () -- C:\Windows\SPInstall.etl
    [2013/10/14 12:47:46 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPWizUI.dll
    [2013/10/14 12:47:41 | 000,047,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SPReview.exe
    [2013/10/13 23:19:57 | 035,373,056 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
    [2013/10/13 23:19:54 | 000,049,152 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
    [2013/10/13 23:19:54 | 000,016,384 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
    [2013/10/13 16:13:22 | 000,000,355 | ---- | M] () -- C:\Users\ADB49\Desktop\Downloads.lnk
    [2013/10/12 19:08:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\en-US\http.sys.mui
    [2013/10/12 19:08:56 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
    [2013/10/12 18:56:08 | 000,000,104 | ---- | M] () -- C:\Users\ADB49\Desktop\Computer.lnk
    [2013/10/12 18:54:59 | 000,000,373 | ---- | M] () -- C:\Users\ADB49\Desktop\Documents.lnk
    [2013/10/12 18:54:52 | 000,000,370 | ---- | M] () -- C:\Users\ADB49\Desktop\Pictures.lnk
    [2013/10/12 17:00:22 | 000,000,807 | ---- | M] () -- C:\Users\ADB49\Desktop\IrfanView.lnk
    [2013/10/12 16:49:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/10/12 16:49:30 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/10/12 16:32:58 | 000,002,018 | ---- | M] () -- C:\Users\ADB49\Desktop\Kindle.lnk
    [2013/10/12 16:30:03 | 000,000,800 | ---- | M] () -- C:\Users\ADB49\Desktop\EasyGPS.lnk
    [2013/10/12 14:59:56 | 000,174,431 | ---- | M] () -- C:\Windows\hpoins43.dat
    [2013/10/12 03:10:37 | 002,501,921 | ---- | M] () -- C:\Windows\System32\wlan.tmf
    [2013/10/12 03:10:37 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
    [2013/10/12 03:10:37 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
    [2013/10/12 03:10:37 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanhlp.dll
    [2013/10/12 03:10:37 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
    [2013/10/12 03:10:36 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
    [2013/10/12 03:10:36 | 000,015,181 | ---- | M] () -- C:\Windows\System32\gatherWirelessInfo.vbs
    [2013/10/12 03:09:26 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
    [2013/10/12 03:09:26 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshrm.dll
    [2013/10/12 03:08:35 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
    [2013/10/12 03:08:35 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
    [2013/10/12 03:07:51 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
    [2013/10/12 03:07:51 | 000,329,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
    [2013/10/12 03:07:50 | 000,511,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
    [2013/10/12 03:07:50 | 000,472,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
    [2013/10/12 03:07:50 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
    [2013/10/12 03:07:50 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
    [2013/10/12 03:07:50 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
    [2013/10/12 03:07:49 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
    [2013/10/12 03:07:49 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
    [2013/10/12 00:16:34 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
    [2013/10/11 21:33:13 | 000,201,299 | ---- | M] () -- C:\Windows\hpoins43.dat.temp
    [2013/10/11 21:23:29 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
    [2013/10/11 21:20:09 | 002,452,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2013/10/11 21:19:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2013/10/11 21:19:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2013/10/11 21:19:41 | 000,180,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/10/11 21:19:38 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2013/10/11 21:17:41 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\polstore.dll
    [2013/10/11 21:17:41 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FwRemoteSvr.dll
    [2013/10/11 21:15:26 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
    [2013/10/11 21:15:26 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
    [2013/10/11 21:15:26 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
    [2013/10/11 21:13:53 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
    [2013/10/11 21:13:53 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
    [2013/10/11 21:13:53 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
    [2013/10/11 21:13:52 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
    [2013/10/11 21:13:52 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
    [2013/10/11 21:13:52 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
    [2013/10/11 21:13:52 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
    [2013/10/11 21:04:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
    [2013/10/11 21:04:47 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6r.dll
    [2013/10/11 20:56:04 | 002,868,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
    [2013/10/11 20:56:03 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
    [2013/10/11 20:56:03 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
    [2013/10/11 20:56:03 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
    [2013/10/11 20:56:03 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
    [2013/10/11 20:56:02 | 002,386,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
    [2013/10/11 20:44:54 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
    [2013/10/11 20:44:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
    [2013/10/11 20:42:49 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
    [2013/10/11 20:42:49 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
    [2013/10/11 20:41:45 | 000,303,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
    [2013/10/11 20:39:44 | 000,714,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
    [2013/10/11 20:26:09 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    [2013/10/11 20:21:53 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    [2013/10/11 20:05:13 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0046.dll
    [2013/10/11 20:05:13 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0045.dll
    [2013/10/11 20:05:13 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0049.dll
    [2013/10/11 20:05:13 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0047.dll
    [2013/10/11 20:05:12 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0022.dll
    [2013/10/11 20:05:12 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0021.dll
    [2013/10/11 20:05:12 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0039.dll
    [2013/10/11 20:05:12 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0020.dll
    [2013/10/11 20:05:11 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0024.dll
    [2013/10/11 20:05:11 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0026.dll
    [2013/10/11 20:05:10 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0027.dll
    [2013/10/11 20:05:09 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0010.dll
    [2013/10/11 20:05:08 | 004,981,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0013.dll
    [2013/10/11 20:05:08 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0018.dll
    [2013/10/11 20:05:08 | 002,466,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0011.dll
    [2013/10/11 20:05:07 | 011,722,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0001.dll
    [2013/10/11 20:05:07 | 006,781,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0019.dll
    [2013/10/11 20:05:06 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0002.dll
    [2013/10/11 20:05:06 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0003.dll
    [2013/10/11 20:05:05 | 012,240,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
    [2013/10/11 20:05:05 | 002,644,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
    [2013/10/11 20:05:04 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004c.dll
    [2013/10/11 20:05:04 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004a.dll
    [2013/10/11 20:05:04 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004b.dll
    [2013/10/11 20:05:03 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001a.dll
    [2013/10/11 20:05:03 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons003e.dll
    [2013/10/11 20:05:03 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons004e.dll
    [2013/10/11 20:05:03 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons002a.dll
    [2013/10/11 20:05:02 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001b.dll
    [2013/10/11 20:05:01 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons001d.dll
    [2013/10/11 20:04:59 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000a.dll
    [2013/10/11 20:04:58 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000c.dll
    [2013/10/11 20:04:58 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000f.dll
    [2013/10/11 20:04:58 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons000d.dll
    [2013/10/11 20:04:57 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0416.dll
    [2013/10/11 20:04:57 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0414.dll
    [2013/10/11 20:04:56 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons081a.dll
    [2013/10/11 20:04:56 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0816.dll
    [2013/10/11 20:04:55 | 005,071,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsModels0011.dll
    [2013/10/11 20:04:55 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0046.dll
    [2013/10/11 20:04:55 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0045.dll
    [2013/10/11 20:04:54 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0047.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0049.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0039.dll
    [2013/10/11 20:04:53 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0020.dll
    [2013/10/11 20:04:52 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0024.dll
    [2013/10/11 20:04:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0022.dll
    [2013/10/11 20:04:52 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0021.dll
    [2013/10/11 20:04:51 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0010.dll
    [2013/10/11 20:04:51 | 002,657,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0011.dll
    [2013/10/11 20:04:51 | 001,966,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0027.dll
    [2013/10/11 20:04:51 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0026.dll
    [2013/10/11 20:04:50 | 003,466,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0013.dll
    [2013/10/11 20:04:50 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0018.dll
    [2013/10/11 20:04:50 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0000.dll
    [2013/10/11 20:04:49 | 004,497,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0019.dll
    [2013/10/11 20:04:49 | 002,599,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0001.dll
    [2013/10/11 20:04:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0003.dll
    [2013/10/11 20:04:49 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0002.dll
    [2013/10/11 20:04:48 | 004,875,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0009.dll
    [2013/10/11 20:04:48 | 002,243,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0007.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004c.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004b.dll
    [2013/10/11 20:04:47 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004a.dll
    [2013/10/11 20:04:46 | 003,104,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData004e.dll
    [2013/10/11 20:04:46 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001a.dll
    [2013/10/11 20:04:46 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData003e.dll
    [2013/10/11 20:04:46 | 001,801,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData002a.dll
    [2013/10/11 20:04:45 | 009,847,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000a.dll
    [2013/10/11 20:04:45 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001d.dll
    [2013/10/11 20:04:45 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData001b.dll
    [2013/10/11 20:04:44 | 002,643,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000c.dll
    [2013/10/11 20:04:44 | 002,342,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000d.dll
    [2013/10/11 20:04:43 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0416.dll
    [2013/10/11 20:04:43 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0414.dll
    [2013/10/11 20:04:43 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData000f.dll
    [2013/10/11 20:04:42 | 004,495,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0816.dll
    [2013/10/11 20:04:42 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData081a.dll
    [2013/10/11 20:04:42 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
    [2013/10/11 20:04:41 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0c1a.dll
    [2013/10/11 20:04:41 | 001,965,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NlsData0c1a.dll
    [2013/10/11 19:59:47 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
    [2013/10/11 19:59:43 | 000,927,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
    [2013/10/11 19:59:42 | 000,988,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
    [2013/10/11 19:59:42 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
    [2013/10/11 19:59:42 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
    [2013/10/11 19:59:42 | 000,019,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
    [2013/10/11 19:59:42 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
    [2013/10/11 19:59:41 | 000,615,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
    [2013/10/11 19:59:41 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
    [2013/10/11 19:56:47 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
    [2013/10/11 19:56:46 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
    [2013/10/11 19:56:45 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
    [2013/10/11 19:56:45 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
    [2013/10/11 19:56:45 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
    [2013/10/11 19:56:44 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
    [2013/10/11 19:56:44 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
    [2013/10/11 19:54:59 | 000,220,672 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
    [2013/10/11 19:54:59 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
    [2013/10/11 19:46:55 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
    [2013/10/11 19:45:04 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
    [2013/10/11 19:45:04 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
    [2013/10/11 19:42:04 | 000,425,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
    [2013/10/11 19:42:03 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
    [2013/10/11 19:32:11 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
    [2013/10/11 18:48:37 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
    [2013/10/11 18:48:37 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
    [2013/10/11 18:31:06 | 001,695,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
    [2013/10/11 18:30:37 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
    [2013/10/11 18:30:36 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
    [2013/10/11 18:29:44 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
    [2013/10/11 18:28:57 | 001,645,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
    [2013/10/11 18:27:20 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
    [2013/10/11 18:26:09 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
    [2013/10/11 18:26:09 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
    [2013/10/11 18:25:26 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
    [2013/10/11 18:24:25 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
    [2013/10/11 18:24:24 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
    [2013/10/11 18:24:21 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
    [2013/10/11 16:52:22 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/10/11 16:37:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
    [2013/10/11 16:12:33 | 000,000,707 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WirelessSelector.lnk
    [2013/10/11 16:11:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
    [2013/10/11 16:08:11 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
    [2013/10/11 16:07:48 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
    [2013/10/11 16:07:37 | 000,000,680 | ---- | M] () -- C:\Users\ADB49\AppData\Local\d3d9caps.dat
    [2013/10/11 15:22:35 | 000,041,176 | ---- | M] () -- C:\Windows\System32\license.rtf
    [1 C:\*.tmp files -> C:\*.tmp -> ]

  2. #12
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default OTL log part 4, Extras.txt

    ========== Files Created - No Company Name ==========

    [2013/10/22 10:37:39 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/10/20 17:39:02 | 000,140,848 | ---- | C] () -- C:\Users\ADB49\Documents\Journey North.pdf
    [2013/10/18 22:44:59 | 000,133,062 | ---- | C] () -- C:\Users\ADB49\Documents\From Marvig to Nanaimo.pdf
    [2013/10/17 09:45:27 | 802,340,864 | -HS- | C] () -- C:\hiberfil.sys
    [2013/10/17 09:15:47 | 000,000,913 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2013/10/16 12:30:51 | 000,001,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    [2013/10/16 10:24:15 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    [2013/10/14 21:01:22 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2013/10/14 21:01:22 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2013/10/14 21:01:07 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
    [2013/10/14 20:23:40 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
    [2013/10/14 20:23:29 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
    [2013/10/14 20:23:29 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
    [2013/10/14 13:07:13 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
    [2013/10/14 13:05:27 | 000,080,047 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
    [2013/10/14 13:05:06 | 000,261,163 | ---- | C] () -- C:\Windows\System32\onex.tmf
    [2013/10/14 13:05:00 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
    [2013/10/14 13:04:50 | 000,009,987 | ---- | C] () -- C:\Windows\System32\RacUR.xml
    [2013/10/14 13:04:50 | 000,000,150 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
    [2013/10/14 13:04:04 | 000,289,467 | ---- | C] () -- C:\Windows\System32\dot3.tmf
    [2013/10/14 13:04:02 | 000,206,830 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
    [2013/10/14 13:02:54 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
    [2013/10/14 13:02:47 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
    [2013/10/14 13:02:39 | 000,175,508 | ---- | C] () -- C:\Windows\System32\WFP.TMF
    [2013/10/14 13:01:37 | 000,132,148 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
    [2013/10/14 12:49:21 | 000,049,152 | ---- | C] () -- C:\Windows\SPInstall.etl
    [2013/10/14 12:04:45 | 000,002,627 | ---- | C] () -- C:\Users\ADB49\Desktop\Word.lnk
    [2013/10/14 12:04:36 | 000,002,585 | ---- | C] () -- C:\Users\ADB49\Desktop\Excel.lnk
    [2013/10/13 16:13:20 | 000,000,355 | ---- | C] () -- C:\Users\ADB49\Desktop\Downloads.lnk
    [2013/10/12 22:53:09 | 000,000,006 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\WBPU-TTL.DAT
    [2013/10/12 22:53:08 | 000,000,096 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\WB.CFG
    [2013/10/12 18:56:08 | 000,000,104 | ---- | C] () -- C:\Users\ADB49\Desktop\Computer.lnk
    [2013/10/12 18:54:59 | 000,000,373 | ---- | C] () -- C:\Users\ADB49\Desktop\Documents.lnk
    [2013/10/12 18:54:52 | 000,000,370 | ---- | C] () -- C:\Users\ADB49\Desktop\Pictures.lnk
    [2013/10/12 17:12:32 | 000,001,684 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
    [2013/10/12 17:00:22 | 000,000,807 | ---- | C] () -- C:\Users\ADB49\Desktop\IrfanView.lnk
    [2013/10/12 16:41:26 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2013/10/12 16:32:58 | 000,002,018 | ---- | C] () -- C:\Users\ADB49\Desktop\Kindle.lnk
    [2013/10/12 16:30:03 | 000,000,800 | ---- | C] () -- C:\Users\ADB49\Desktop\EasyGPS.lnk
    [2013/10/12 16:28:11 | 000,000,800 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyGPS.lnk
    [2013/10/12 14:46:58 | 000,201,299 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
    [2013/10/12 14:46:58 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
    [2013/10/12 03:10:37 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
    [2013/10/12 03:10:36 | 000,015,181 | ---- | C] () -- C:\Windows\System32\gatherWirelessInfo.vbs
    [2013/10/12 00:16:34 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
    [2013/10/12 00:16:32 | 000,333,203 | RHS- | C] () -- C:\bootmgr
    [2013/10/12 00:15:52 | 000,057,656 | R--- | C] () -- C:\Windows\System32\OEMLOGO.BMP
    [2013/10/12 00:15:52 | 000,057,656 | R--- | C] () -- C:\Windows\FSC_LOGO_POSITIVE_JPG_MIDDLE.BMP
    [2013/10/12 00:15:52 | 000,005,658 | R--- | C] () -- C:\Windows\System32\OEMLOGO.PNG
    [2013/10/11 20:26:09 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    [2013/10/11 19:30:23 | 000,174,431 | ---- | C] () -- C:\Windows\hpoins43.dat
    [2013/10/11 19:30:23 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
    [2013/10/11 18:51:47 | 000,049,152 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
    [2013/10/11 18:51:47 | 000,016,384 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
    [2013/10/11 18:51:46 | 035,373,056 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
    [2013/10/11 16:52:22 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/10/11 16:52:22 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/10/11 16:45:01 | 000,000,943 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2013/10/11 16:42:48 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/10/11 16:42:47 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/10/11 16:12:33 | 000,000,707 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WirelessSelector.lnk
    [2013/10/11 16:11:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
    [2013/10/11 16:06:27 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2013/10/11 15:47:22 | 000,000,949 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    [2013/10/11 15:47:20 | 000,000,944 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    [2013/10/11 15:47:11 | 000,000,915 | ---- | C] () -- C:\Users\ADB49\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
    [2013/10/11 15:47:08 | 000,000,680 | ---- | C] () -- C:\Users\ADB49\AppData\Local\d3d9caps.dat
    [2013/10/11 15:47:06 | 000,000,258 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2013/10/11 15:47:06 | 000,000,240 | ---- | C] () -- C:\Users\ADB49\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

    ========== ZeroAccess Check ==========

    [2006/11/02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2013/10/11 19:56:46 | 000,615,424 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2013/10/21 12:48:47 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\AVAST Software
    [2013/10/12 17:12:32 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\Canneverbe Limited
    [2013/10/12 17:00:22 | 000,000,000 | ---D | M] -- C:\Users\ADB49\AppData\Roaming\IrfanView

    ========== Purity Check ==========



    < End of report >

    OTL Extras logfile created on: 22/10/2013 15:37:28 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADB49\Desktop
    Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.6001.18000)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    764.46 Mb Total Physical Memory | 307.47 Mb Available Physical Memory | 40.22% Memory free
    1.75 Gb Paging File | 1.06 Gb Available in Paging File | 60.84% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 149.05 Gb Total Space | 107.22 Gb Free Space | 71.93% Space Free | Partition Type: NTFS

    Computer Name: ADB | User Name: ADB49 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_USERS\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
    "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{7B7253AE-A8C7-4CD4-9000-534D79CADD24}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01E05ED4-E1D3-46ED-A032-31C0CBD89C8F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{1DA282F0-C3B6-4B02-A1A4-9CA6D1A51B0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
    "{23A62794-8DD8-4921-9888-8D81533D472F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
    "{813D5129-F9B3-44B8-B281-CCD9BA9C745A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{94757533-30ED-4573-922E-8019C2A4A1A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
    "{AAC9D887-158A-46C5-B516-2EE4E2074A5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
    "{BA1D08A3-111F-4832-8799-8CC42DBBC16C}" = dir=in | app=d:\setup\hpznui01.exe |
    "{BBCE9B16-2EA8-4E71-9EF8-0C1C99D257C6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
    "{BBF67163-EEA0-429C-81FC-876D6B113F57}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
    "{C84941D4-1F3C-439C-B84B-C02834A700E4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
    "{DD6D1D5E-3769-4648-B98D-205E4F8EFC20}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{FAF15AF7-70EB-403E-BF0F-3F05A45F1FA2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
    "TCP Query User{023387D9-363D-4377-9DA8-3C38B4458DE6}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
    "UDP Query User{1955DB26-9037-4190-B5B0-3AA9C205D097}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{003CD4FD-DB3E-4D12-9A34-8C00FA8A680F}" = WirelessControl
    "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
    "{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
    "{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
    "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{3E789BE5-3DE0-498C-8F74-35010DACA2ED}" = Wireless LAN Driver
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
    "{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
    "{8A9FC225-75F6-4B5D-911C-0ED230565643}" = HP Product Detection
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
    "{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DB457913-028D-460E-BB4C-D9A6369752CA}" = TouchPad HotKey Utility
    "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "avast" = avast! Free Antivirus
    "EasyGPS_is1" = EasyGPS 4.93.0.0
    "ERUNT_is1" = ERUNT 1.1j
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Print Projects" = HP Print Projects 1.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.5
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "IrfanView" = IrfanView (remove only)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Recuva" = Recuva
    "Shop for HP Supplies" = Shop for HP Supplies
    "SiS VGA Utilities" = SiS VGA Utilities
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3740713769-1093254276-2860028584-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Amazon Kindle" = Amazon Kindle

    < End of report >

  3. #13
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Everything running ok ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  4. #14
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default

    So far so good.
    I'll keep the thread open for the time being, just in case anything crops up.

  5. #15
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Good.

    If you like post back in a few days with an update on how things are running. Threads are closed if no response in 3 days so if its closed send me a PM and i will reopen it for you.


    We need to update your Java to keep you more secure
    1. Go to your Control Panel and click on the Java Icon ( looks like a little coffee cup ) click on About and you should have Version 7 Update 45, if not proceed with the instructions.
    2. Go to the update Tab and update it
    3. Important, during the upgrade UNCHECK ASK TOOL BAR. ( you do not need or want this )
    4. Then go to your Add Remove Programs (WIN XP) or Programs and Features (Vista / Win 7) in the Control Panel and uninstall all previous versions.


    You can verify the installation Here





    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.


    Malwarebytes is the free version and yours to keep and will not be removed


    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  6. #16
    Member
    Join Date
    Mar 2007
    Posts
    60

    Default

    Everything is running fine, at least no problems with malware. Thank you very much for your help :-)

  7. #17
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Wonderful, thanks for getting back to me and letting me know.

    Any problems in the future just start a new topic

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •