AtuZi not completely removed (?)

Status
Not open for further replies.
Hi OCD, :)

I tried to get David Candy's clipboard application and got this error message:

"404 - file or directory not found. "

(In the box below that sentence)
"The reasource you are looking for might have been removed, had its name changed, or is temporarily unavailable".

I did copy NEW STEPS ADDED TO INITIAL POST.

Thank you,

Katy
 
OCD,

Tried again to get David Candy's application. :(

Shall I proceed to the Next Steps you outlined?

Thanks so much. Wish I could be more help.

Katy
 
Hi OCD!


Scan result of Farbar Recovery Scan Tool

(FRST) (x86) Version: 07-02-2015
Ran by Katy (administrator) on D5TBBCB1

on 07-02-2015 10:44:56
Running from C:\Documents and

Settings\Katy\Desktop
Loaded Profiles: Katy (Available profiles:

Katy)
Platform: Microsoft Windows XP Home

Edition Service Pack 3 (X86) OS Language:

English (United States)
Internet Explorer Version 7 (Default browser:

FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

http://www.geekstogo.com/forum/topic/33508

1-frst-tutorial-how-to-use-farbar-recovery-scan

-tool/

==================== Processes

(Whitelisted) =================

(If an entry is included in the fixlist, the

process will be closed. The file will not be

moved.)

(Microsoft Corporation)

C:\WINDOWS\system32\cisvc.exe
(Oracle Corporation) C:\Program

Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program

Files\Common Files\Microsoft

Shared\VS7Debug\mdm.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Safer-Networking Ltd.) C:\Program

Files\Spybot - Search & Destroy

2\SDFSSvc.exe
() C:\Program Files\Dell\Media

Experience\DMXLauncher.exe
(Intel Corporation)

C:\WINDOWS\system32\hkcmd.exe
(Analog Devices, Inc.) C:\Program

Files\Analog Devices\Core\smax4pnp.exe
(Sonic Solutions)

C:\WINDOWS\system32\DLA\DLACTRLW.

EXE
(Oracle Corporation) C:\Program

Files\Common Files\Java\Java

Update\jusched.exe
(Safer-Networking Ltd.) C:\Program

Files\Spybot - Search & Destroy

2\SDTray.exe
(Macrovision Corporation) C:\Program

Files\Common

Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation)

C:\WINDOWS\system32\tcpsvcs.exe
(Microsoft Corporation)

C:\WINDOWS\system32\snmp.exe
(Microsoft Corporation)

C:\WINDOWS\system32\fxssvc.exe
(Safer-Networking Ltd.) C:\Program

Files\Spybot - Search & Destroy

2\SDUpdSvc.exe
(Microsoft Corporation)

C:\WINDOWS\system32\cidaemon.exe
(Mozilla Corporation) C:\Program Files\Mozilla

Firefox\firefox.exe
(WinZip Computing, Inc.)

C:\PROGRA~1\WINZIP\WINZIP32.EXE


==================== Registry

(Whitelisted) ==================

(If an entry is included in the fixlist, the registry

item will be restored to default or removed.

The file will not be moved.)

HKLM\...\Run: [DMXLauncher] =>

C:\Program Files\Dell\Media

Experience\DMXLauncher.exe [98304

2006-05-03] ()
HKLM\...\Run: [igfxhkcmd] =>

C:\WINDOWS\system32\hkcmd.exe [77824

2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] =>

C:\WINDOWS\system32\igfxpers.exe
HKLM\...\Run: [ISUSPM Startup] =>

"c:\Program Files\Common

Files\InstallShield\UpdateService\isuspm.exe"

-startup
HKLM\...\Run: [SoundMAXPnP] =>

C:\Program Files\Analog

Devices\Core\smax4pnp.exe [1404928

2009-05-19] (Analog Devices, Inc.)
HKLM\...\Run: [DLA] =>

C:\WINDOWS\System32\DLA\DLACTRLW.

EXE [122940 2005-11-07] (Sonic Solutions)
HKLM\...\Run: [Adobe ARM] => C:\Program

Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe

[1021128 2014-12-03] (Adobe Systems

Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] =>

C:\Program Files\Common Files\Java\Java

Update\jusched.exe [271744 2014-09-26]

(Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program

Files\Spybot - Search & Destroy

2\SDTray.exe [5624784 2013-07-25]

(Safer-Networking Ltd.)
HKLM\...\Run: [gmsd_us_178] => [X]
HKLM\...\Run: [upgmsd_us_178.exe] =>

C:\Documents and Settings\Katy\Local

Settings\Application

Data\gmsd_us_178\upgmsd_us_178.exe

-runhelper
Winlogon\Notify\avgrsstarter: avgrsstx.dll [X]
Winlogon\Notify\SDWinLogon:

SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\...\Run: [ISUSScheduler] =>

C:\Program Files\Common

Files\InstallShield\UpdateService\issch.exe

[79136 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\...\Run: [Web Companion] =>

C:\Program Files\Lavasoft\Web

Companion\Application\WebCompanion.exe

--minimize
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\...\RunOnce: [Adobe Speed

Launcher] => 1423322036
ShellIconOverlayIdentifiers: [00avast] ->

{472083B0-C522-11CF-8763-00608CC02F24

} => No File
BootExecute: autocheck autochk /r

\??\C:autocheck autochk *

==================== Internet

(Whitelisted) ====================

(If an item is included in the fixlist, if it is a

registry item it will be removed or restored to

default.)

HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

https://www.yahoo.com?fr=hp-avast&type=av

astbcl
HKLM\Software\Microsoft\Internet

Explorer\Main,Local Page =

%SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\Software\Microsoft\Internet

Explorer\Main,Search Page =

https://search.yahoo.com/yhs/search?type=ava

stbcl&hspart=avast&hsimp=yhs-001&p={sear

chTerms}
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\Software\Microsoft\Internet

Explorer\Main,Search Bar =

https://www.yahoo.com?fr=hp-avast&type=av

astbcl
HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://www.bing.com/?pc=COSP&ptag=D020

515-AC44713A88D0B45FFA7F&form=CON

MHP&conlogo=CT3331981
SearchScopes: HKLM -> DefaultScope URL

=
SearchScopes: HKU\.DEFAULT ->

DefaultScope

{0633EE93-D776-472f-A0FF-E1416B8B2E3A

} URL =
SearchScopes: HKU\S-1-5-19 ->

DefaultScope

{0633EE93-D776-472f-A0FF-E1416B8B2E3A

} URL =
SearchScopes: HKU\S-1-5-20 ->

DefaultScope

{0633EE93-D776-472f-A0FF-E1416B8B2E3A

} URL =
SearchScopes:

HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006 -> DefaultScope

{7ad9fd96-42e6-497b-8495-a40df0cc61e2}

URL =

http://www.bing.com/search?pc=COSP&ptag

=D020515-AC44713A88D0B45FFA7F&form

=CONBDF&conlogo=CT3331981&q={searc

hTerms}
SearchScopes:

HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006 ->

{7ad9fd96-42e6-497b-8495-a40df0cc61e2}

URL =

http://www.bing.com/search?pc=COSP&ptag

=D020515-AC44713A88D0B45FFA7F&form

=CONBDF&conlogo=CT3331981&q={searc

hTerms}
BHO: DriveLetterAccess ->

{5CA3D70E-1895-11CF-8E15-001234567890}

->

C:\WINDOWS\System32\DLA\DLASHX_W.

DLL (Sonic Solutions)
BHO: Norton Identity Protection ->

{602ADB0E-4AFF-4217-8AA1-95DAC4DFA

408} -> C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\coIEPlg.dll No File
BHO: Norton Vulnerability Protection ->

{6D53EC84-6AAE-4787-AEEE-F4628F01010

C} -> C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\IPS\IPSBHO.DLL

No File
BHO: Java(tm) Plug-In SSV Helper ->

{761497BB-D6F0-462C-B6EB-D4DAF1D92D

43} -> C:\Program Files\Java\jre7\bin\ssv.dll

(Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper ->

{DBC80044-A445-435b-BC74-9C25C1C588A

9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll

(Oracle Corporation)
Toolbar: HKLM - Norton Toolbar -

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49C

A} - C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\coIEPlg.dll No File
Toolbar:

HKU\S-1-5-21-1226216386-1621485569-12884

77537-1006 -> Norton Toolbar -

{7FEBEFE3-6B19-4349-98D2-FFB09D4B49C

A} - C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\coIEPlg.dll No File
DPF:

{8AD9C840-044E-11D1-B3E9-00805F499D93

}

http://java.sun.com/update/1.7.0/jinstall-1_7_0_

67-windows-i586.cab
DPF:

{CAFEEFAC-0017-0000-0001-ABCDEFFED

CBA}
DPF:

{CAFEEFAC-0017-0000-0067-ABCDEFFED

CBA}

http://java.sun.com/update/1.7.0/jinstall-1_7_0_

67-windows-i586.cab
DPF:

{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFF

EDCBA}

http://java.sun.com/update/1.7.0/jinstall-1_7_0_

67-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search

Namespace Manager -

{56F9679E-7826-4C84-81F3-532071A8BCC5

} - C:\Program Files\Windows Desktop

Search\MSNLNamespaceMgr.dll [304128

2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts.

See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer]

192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and

Settings\Katy\Application

Data\Mozilla\Firefox\Profiles\rwde3gyy.default

-1423158602250
FF Plugin: @adobe.com/FlashPlayer ->

C:\WINDOWS\system32\Macromed\Flash\NP

SWF32_16_0_0_305.dll ()
FF Plugin:

@java.com/DTPlugin,version=10.71.2 ->

C:\Program

Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

(Oracle Corporation)
FF Plugin:

@java.com/JavaPlugin,version=10.71.2 ->

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

(Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5

->

c:\WINDOWS\Microsoft.NET\Framework\v3.

5\Windows Presentation

Foundation\NPWPF.dll (Microsoft

Corporation)
FF Plugin: @staging.google.com/globalUpdate

Update;version=10 -> C:\Program

Files\globalUpdate\Update\1.3.25.0\npGoogle

Update4.dll No File
FF Plugin: @staging.google.com/globalUpdate

Update;version=4 -> C:\Program

Files\globalUpdate\Update\1.3.25.0\npGoogle

Update4.dll No File
FF Plugin: Adobe Reader -> C:\Program

Files\Adobe\Reader

11.0\Reader\AIR\nppdf32.dll (Adobe Systems

Inc.)
FF HKLM\...\Firefox\Extensions:

[{BBDA0591-3099-440a-AA10-41764D9DB4

DB}] - C:\Documents and Settings\All

Users\Application

Data\Norton\{0C55C096-0F1D-4F28-AAA2-8

5EF591126E7}\NIS_21.1.0.18\IPSFF
FF HKLM\...\Firefox\Extensions:

[{2D3F3651-74B9-4795-BDEC-6DA2F431CB

62}] - C:\Documents and Settings\All

Users\Application

Data\Norton\{0C55C096-0F1D-4F28-AAA2-8

5EF591126E7}\NIS_21.1.0.18\coFFPlgn

Chrome:
=======
CHR HKLM\...\Chrome\Extension:

[mkfokfffehpeedafpekjeddnmnjhmcmk] -

C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\Exts\Chrome.crx

[Not Found]

==========================

Services (Whitelisted)

=================

(If an entry is included in the fixlist, the service

will be removed from the registry. The file will

not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll

[100864 2010-02-11] (Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService;

C:\Program

Files\Hp\Common\HPSupportSolutionsFrame

workService.exe [89864 2014-12-11]

(Hewlett-Packard Company)
R2 Iprip; C:\WINDOWS\System32\iprip.dll

[35328 2008-04-13] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program

Files\Java\jre7\bin\jqs.exe [182696 2014-10-18]

(Oracle Corporation)
S3 LPDSVC;

C:\WINDOWS\system32\tcpsvcs.exe [19456

2004-08-04] (Microsoft Corporation)
S3 NetSvc; C:\Program

Files\Intel\PROSetWired\NCS\Sync\NetSvc.ex

e [143360 2003-12-17] (Intel(R) Corporation)

[File not signed]
S3 p2pgasvc;

C:\WINDOWS\system32\p2pgasvc.dll

[105472 2008-04-13] (Microsoft Corporation)
R2 SDScannerService; C:\Program

Files\Spybot - Search & Destroy

2\SDFSSvc.exe [3921880 2013-10-15]

(Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program

Files\Spybot - Search & Destroy

2\SDUpdSvc.exe [1042272 2013-09-20]

(Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot

- Search & Destroy 2\SDWSCSvc.exe

[171416 2013-09-13] (Safer-Networking Ltd.)
S2 globalUpdate; C:\Program

Files\globalUpdate\Update\GoogleUpdate.exe

/svc [X]
S3 globalUpdatem; C:\Program

Files\globalUpdate\Update\GoogleUpdate.exe

/medsvc [X]
S2 NIS; "C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\NIS.exe" /s "NIS"

/m "C:\Program Files\Norton Internet

Security\Engine\21.1.0.18\diMaster.dll"

/prefetch:1
S2 serverjo; C:\Documents and

Settings\Katy\Application

Data\VOPackage\JOSrv.exe [X]
S2 womufoji; C:\Documents and

Settings\Katy\Application

Data\VOPackage\nsx96.tmpfs [X]

==================== Drivers

(Whitelisted) ====================

(If an entry is included in the fixlist, the service

will be removed from the registry. The file will

not be moved unless listed separately.)

S3 6195;

C:\WINDOWS\System32\DRIVERS\6195

[9072 2011-11-18] ()
S4 abp480n5;

C:\WINDOWS\system32\DRIVERS\ABP480

N5.SYS [23552 2001-08-17] (Microsoft

Corporation)
S3 bvrp_pci;

C:\WINDOWS\system32\Drivers\bvrp_pci.sys

[4272 2004-03-24] () [File not signed]
S1 ccSet_NIS;

C:\WINDOWS\system32\drivers\NIS\1501000

.012\ccSetx86.sys [127064 2013-09-25]

(Symantec Corporation)
R2 DLABOIOM;

C:\WINDOWS\System32\DLA\DLABOIOM.

SYS [25628 2005-11-07] (Sonic Solutions)

[File not signed]
R1 DLACDBHM;

C:\WINDOWS\System32\Drivers\DLACDBH

M.SYS [5660 2005-11-18] (Sonic Solutions)

[File not signed]
R2 DLADResN;

C:\WINDOWS\System32\DLA\DLADResN.S

YS [2496 2005-11-07] (Sonic Solutions) [File

not signed]
R2 DLAIFS_M;

C:\WINDOWS\System32\DLA\DLAIFS_M.S

YS [86652 2005-11-07] (Sonic Solutions) [File

not signed]
R2 DLAOPIOM;

C:\WINDOWS\System32\DLA\DLAOPIOM.

SYS [14684 2005-11-07] (Sonic Solutions)

[File not signed]
R2 DLAPoolM;

C:\WINDOWS\System32\DLA\DLAPoolM.S

YS [6364 2005-11-07] (Sonic Solutions) [File

not signed]
R1 DLARTL_N;

C:\WINDOWS\System32\Drivers\DLARTL_

N.SYS [22684 2005-11-18] (Sonic Solutions)

[File not signed]
R2 DLAUDFAM;

C:\WINDOWS\System32\DLA\DLAUDFAM.

SYS [94332 2005-11-07] (Sonic Solutions)

[File not signed]
R2 DLAUDF_M;

C:\WINDOWS\System32\DLA\DLAUDF_M.

SYS [87036 2005-11-07] (Sonic Solutions)

[File not signed]
R0 DRVMCDB;

C:\WINDOWS\System32\Drivers\DRVMCDB

.SYS [89264 2005-09-12] (Sonic Solutions)

[File not signed]
R2 DRVNDDM;

C:\WINDOWS\System32\Drivers\DRVNDDM

.SYS [40544 2005-08-12] (Sonic Solutions)

[File not signed]
R1 eeCtrl; C:\Program Files\Common

Files\Symantec Shared\EENGINE\eeCtrl.sys

[376920 2013-12-31] (Symantec Corporation)
S3 HPZid412;

C:\WINDOWS\System32\DRIVERS\HPZid41

2.sys [49664 2006-04-12] (HP)
S3 HPZipr12;

C:\WINDOWS\System32\DRIVERS\HPZipr1

2.sys [16496 2006-04-12] (HP)
S3 HPZius12;

C:\WINDOWS\System32\DRIVERS\HPZius1

2.sys [21568 2006-04-12] (HP)
S3 netrcacm;

C:\WINDOWS\System32\DRIVERS\netrcacm

.sys [20648 2003-04-02] (Thomson Inc.)
R0 PxHelp20;

C:\WINDOWS\System32\Drivers\PxHelp20.sy

s [46080 2005-08-19] (Sonic Solutions) [File

not signed]
R1 SDHookDriver; C:\Program Files\Spybot -

Search & Destroy 2\SDHookDrv32.sys [46248

2013-10-10] ()
S3 SRTSP;

C:\WINDOWS\system32\drivers\NIS\1501000

.012\SRTSP.SYS [651352 2013-09-26]

(Symantec Corporation)
R1 SRTSPX;

C:\WINDOWS\system32\drivers\NIS\1501000

.012\SRTSPX.SYS [32344 2013-09-09]

(Symantec Corporation)
R0 SymDS;

C:\WINDOWS\System32\drivers\NIS\1501000

.012\SYMDS.SYS [367704 2013-09-09]

(Symantec Corporation)
R0 SymEFA;

C:\WINDOWS\System32\drivers\NIS\1501000

.012\SYMEFA.SYS [935512 2013-09-26]

(Symantec Corporation)
R3 SymEvent;

C:\WINDOWS\system32\Drivers\SYMEVEN

T.SYS [142936 2013-12-14] (Symantec

Corporation)
S1 SymIRON;

C:\WINDOWS\system32\drivers\NIS\1501000

.012\Ironx86.SYS [206936 2013-09-26]

(Symantec Corporation)
S1 SYMTDI;

C:\WINDOWS\system32\drivers\NIS\1501000

.012\SYMTDI.SYS [421592 2013-09-25]

(Symantec Corporation)
R1 Tcpip6;

C:\WINDOWS\System32\DRIVERS\tcpip6.sy

s [226880 2010-02-11] (Microsoft

Corporation)
S3 2980; System32\DRIVERS\2980 [X]
S3 Avgfwdx;

system32\DRIVERS\avgfwdx.sys [X]
S3 Avgfwfd;

system32\DRIVERS\avgfwdx.sys [X]
S1 BHDrvx86; \??\C:\Program Files\Norton

Internet

Security\NortonData\21.1.0.18\Definitions\BA

SHDefs\20140214.001\BHDrvx86.sys [X]
S3 cpuz134;

\??\C:\DOCUME~1\Katy\LOCALS~1\Temp\c

puz134\cpuz134_x32.sys [X]
S3 IDSxpx86; \??\C:\Program Files\Norton

Internet

Security\NortonData\21.1.0.18\Definitions\IPS

Defs\20140219.001\IDSxpx86.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton

Internet

Security\NortonData\21.1.0.18\Definitions\Viru

sDefs\20140220.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton

Internet

Security\NortonData\21.1.0.18\Definitions\Viru

sDefs\20140220.003\NAVEX15.SYS [X]
U5 ScsiPort;

C:\WINDOWS\system32\drivers\scsiport.sys

[96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys

[X]
S1 wpnfd_1_10_0_6;

system32\drivers\wpnfd_1_10_0_6.sys [X]

==================== NetSvcs

(Whitelisted) ===================

(If an item is included in the fixlist, it will be

removed from the registry. Any associated file

could be listed separately to be moved.)


==================== One Month

Created Files and Folders ========

(If an entry is included in the fixlist, the

file\folder will be moved.)

2015-02-07 10:44 - 2015-02-07 10:45 -

00015506 _____ () C:\Documents and

Settings\Katy\Desktop\FRST.txt
2015-02-07 10:42 - 2015-02-07 10:42 -

00000000 ____D () C:\Documents and

Settings\Katy\Desktop\FRST-OlderVersion
2015-02-07 10:30 - 2015-02-07 10:30 -

00004181 _____ () C:\Documents and

Settings\Katy\Desktop\GetOpenClipboardWin

dow.zip
2015-02-06 22:22 - 2015-02-06 22:22 -

00003044 _____ () C:\Documents and

Settings\Katy\Desktop\VolumeC.txt
2015-02-06 18:12 - 2015-02-06 18:12 -

00003433 _____ () C:\Documents and

Settings\Katy\Desktop\ocd 2 6 15 post 39.txt
2015-02-06 08:11 - 2015-02-06 08:11 -

00000240 _____ () C:\Documents and

Settings\Katy\Desktop\xp dell stats.txt
2015-02-05 08:39 - 2015-02-05 08:39 -

00001812 _____ () C:\Documents and

Settings\Katy\Desktop\Tweaking.com -

Windows Repair (All in One).lnk
2015-02-05 08:29 - 2015-02-05 08:29 -

00000000 ____D () C:\Program

Files\Tweaking.com
2015-02-05 08:29 - 2015-02-05 08:29 -

00000000 ____D () C:\Documents and

Settings\Katy\Desktop\Program

Files\Programs\Tweaking.com
2015-02-05 08:28 - 2015-02-05 08:28 -

10318832 _____ () C:\Documents and

Settings\Katy\Desktop\tweaking.com_windows

_repair_aio_setup.exe
2015-02-04 19:42 - 2015-02-07 10:22 -

00001370 _____ ()

C:\WINDOWS\Tasks\PHRDQX.job
2015-02-04 19:42 - 2015-02-04 19:42 -

01513432 _____ (Cinema PlusV04.02)

C:\Documents and Settings\Katy\Application

Data\PHRDQX.exe
2015-02-04 19:41 - 2015-02-07 10:20 -

00001718 _____ ()

C:\WINDOWS\Tasks\SHGGIKJF.job
2015-02-04 19:41 - 2015-02-07 10:13 -

00000956 _____ ()

C:\WINDOWS\Tasks\globalUpdateUpdateTas

kMachineCore.job
2015-02-04 19:41 - 2015-02-06 07:46 -

00000960 _____ ()

C:\WINDOWS\Tasks\globalUpdateUpdateTas

kMachineUA.job
2015-02-04 19:41 - 2015-02-04 19:41 -

02002392 _____ (Cinema PlusV04.02)

C:\Documents and Settings\Katy\Application

Data\SHGGIKJF.exe
2015-02-04 19:41 - 2015-02-04 19:41 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\globalUpdate
2015-02-04 19:37 - 2015-02-04 20:22 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\gmsd_us_178
2015-02-04 19:29 - 2015-02-04 19:29 -

00000000 ____D () C:\Documents and

Settings\LocalService\Local

Settings\Application Data\Mozilla
2015-02-04 19:29 - 2015-02-04 19:29 -

00000000 ____D () C:\Documents and

Settings\LocalService\Application Data\Mozilla
2015-02-04 19:20 - 2015-02-07 10:14 -

00000644 _____ ()

C:\WINDOWS\Tasks\Check for updates

(Spybot - Search & Destroy).job
2015-02-04 19:20 - 2015-02-04 19:20 -

00000616 _____ ()

C:\WINDOWS\Tasks\Refresh immunization

(Spybot - Search & Destroy).job
2015-02-04 19:20 - 2015-02-04 19:20 -

00000446 _____ ()

C:\WINDOWS\Tasks\Scan the system

(Spybot - Search & Destroy).job
2015-02-04 19:19 - 2015-02-04 19:19 -

00001842 _____ () C:\Documents and

Settings\All Users\Start

Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-04 19:19 - 2015-02-04 19:19 -

00001836 _____ () C:\Documents and

Settings\All Users\Desktop\Spybot-S&D Start

Center.lnk
2015-02-04 19:19 - 2015-02-04 19:19 -

00000000 ____D () C:\Documents and

Settings\All Users\Start

Menu\Programs\Spybot - Search & Destroy 2
2015-02-04 19:19 - 2013-09-20 10:49 -

00018968 _____ (Safer Networking Limited)

C:\WINDOWS\system32\sdnclean.exe
2015-02-04 19:16 - 2015-02-04 19:16 -

00004512 _____ ()

C:\WINDOWS\system32\LavasoftTcpService.

ini
2015-02-04 19:16 - 2015-02-04 19:16 -

00002400 _____ ()

C:\WINDOWS\system32\LavasoftTcpService

Off.ini
2015-02-04 19:16 - 2015-01-23 06:39 -

00332216 _____ (Lavasoft Limited)

C:\WINDOWS\system32\LavasoftTcpService.

dll
2015-02-04 18:58 - 2015-02-05 13:30 -

00000000 ____D () C:\Documents and

Settings\Katy\Desktop\ocd atuzi tools
2015-02-04 12:48 - 2015-02-07 10:44 -

00000000 ____D () C:\FRST
2015-02-04 12:48 - 2015-02-04 12:48 -

00000000 ____D () C:\AdwCleaner
2015-02-04 12:29 - 2015-02-04 12:29 -

00000415 _____ ()

C:\WINDOWS\WINNT32.LOG
2015-02-04 12:17 - 2010-07-12 07:55 -

00218112 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD62D.t

mp
2015-02-04 12:17 - 2004-08-04 05:00 -

00041029 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD647.tm

p
2015-02-04 12:17 - 2004-08-04 05:00 -

00036937 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD644.tm

p
2015-02-04 12:17 - 2004-08-04 05:00 -

00029760 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD64D.t

mp
2015-02-04 12:17 - 2004-08-04 05:00 -

00028288 _____ ()

C:\WINDOWS\system32\dllcache\xjis.nls
2015-02-04 12:17 - 2004-08-04 05:00 -

00005632 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD630.tm

p
2015-02-04 12:17 - 2004-08-04 05:00 -

00004677 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD64A.t

mp
2015-02-04 12:16 - 2004-08-04 05:00 -

00119808 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD623.tm

p
2015-02-04 12:15 - 2013-07-16 19:58 -

00060160 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD5E5.tm

p
2015-02-04 12:15 - 2004-08-04 05:00 -

00032339 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD5DF.t

mp
2015-02-04 12:11 - 2008-04-13 19:12 -

00538624 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD573.tm

p
2015-02-04 12:11 - 2004-08-04 05:00 -

00056832 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD561.tm

p
2015-02-04 12:09 - 2004-08-04 05:00 -

02178131 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD519.tm

p
2015-02-04 12:09 - 2004-08-04 05:00 -

00066113 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD516.tm

p
2015-02-04 12:09 - 2004-08-04 05:00 -

00042573 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD51C.t

mp
2015-02-04 12:07 - 2004-08-04 05:00 -

00753236 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD4CC.t

mp
2015-02-04 12:07 - 2004-08-04 05:00 -

00048706 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD4C9.t

mp
2015-02-04 12:07 - 2004-08-04 05:00 -

00042574 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD4CF.t

mp
2015-02-04 12:06 - 2008-04-13 19:12 -

00281088 ____C (Cinematronics)

C:\WINDOWS\system32\dllcache\OLD486.tm

p
2015-02-04 12:06 - 2004-08-04 05:00 -

00083748 _____ ()

C:\WINDOWS\system32\dllcache\prcp.nls
2015-02-04 12:06 - 2004-08-04 05:00 -

00083748 _____ ()

C:\WINDOWS\system32\dllcache\prc.nls
2015-02-04 12:04 - 2013-07-03 21:08 -

02028544 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD43B.t

mp
2015-02-04 12:02 - 2009-12-16 13:43 -

00343040 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD3FC.t

mp
2015-02-04 12:02 - 2004-08-04 05:00 -

00126976 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD3F3.tm

p
2015-02-04 12:00 - 2004-08-04 05:00 -

00047066 _____ ()

C:\WINDOWS\system32\dllcache\ksc.nls
2015-02-04 11:57 - 2004-08-04 05:00 -

01175635 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD30C.t

mp
2015-02-04 11:57 - 2004-08-04 05:00 -

00057409 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD309.tm

p
2015-02-04 11:57 - 2004-08-04 05:00 -

00042573 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD30F.tm

p
2015-02-04 11:56 - 2004-08-04 05:00 -

00605696 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD2D8.t

mp
2015-02-04 11:56 - 2004-08-04 05:00 -

00055296 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD2C3.t

mp
2015-02-04 11:56 - 2001-08-17 12:10 -

00022090 _____ (3Com Corporation)

C:\WINDOWS\system32\dllcache\OLD2B2.t

mp
2015-02-04 11:56 - 2001-08-17 12:10 -

00022090 _____ (3Com Corporation)

C:\WINDOWS\system32\dllcache\OLD2AF.t

mp
2015-02-04 11:54 - 2001-08-17 12:10 -

00019996 _____ (3Com Corporation)

C:\WINDOWS\system32\dllcache\OLD26B.t

mp
2015-02-04 11:54 - 2001-08-17 12:10 -

00019996 _____ (3Com Corporation)

C:\WINDOWS\system32\dllcache\OLD268.tm

p
2015-02-04 11:52 - 2008-04-13 19:12 -

00102912 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD1A2.t

mp
2015-02-04 11:52 - 2004-08-04 05:00 -

01039955 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD1AB.t

mp
2015-02-04 11:52 - 2004-08-04 05:00 -

00780885 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD186.tm

p
2015-02-04 11:52 - 2004-08-04 05:00 -

00217160 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD1A8.t

mp
2015-02-04 11:52 - 2004-08-04 05:00 -

00080384 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD17D.t

mp
2015-02-04 11:52 - 2004-08-04 05:00 -

00042575 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD189.tm

p
2015-02-04 11:52 - 2004-08-04 05:00 -

00040515 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD183.tm

p
2015-02-04 11:51 - 2004-08-04 05:00 -

01817687 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLDD7.tm

p
2015-02-04 11:51 - 2004-08-04 05:00 -

00195618 _____ ()

C:\WINDOWS\system32\dllcache\c_10002.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00189986 _____ ()

C:\WINDOWS\system32\dllcache\c_1361.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00187938 _____ ()

C:\WINDOWS\system32\dllcache\c_20005.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00186402 _____ ()

C:\WINDOWS\system32\dllcache\c_20001.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00185378 _____ ()

C:\WINDOWS\system32\dllcache\c_20003.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00180770 _____ ()

C:\WINDOWS\system32\dllcache\c_20932.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00180258 _____ ()

C:\WINDOWS\system32\dllcache\c_20004.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00180258 _____ ()

C:\WINDOWS\system32\dllcache\c_20000.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00177698 _____ ()

C:\WINDOWS\system32\dllcache\c_20949.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00177698 _____ ()

C:\WINDOWS\system32\dllcache\c_10003.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00173602 _____ ()

C:\WINDOWS\system32\dllcache\c_20936.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00173602 _____ ()

C:\WINDOWS\system32\dllcache\c_20002.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00173602 _____ ()

C:\WINDOWS\system32\dllcache\c_10008.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00162850 _____ ()

C:\WINDOWS\system32\dllcache\c_10001.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00114688 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD14E.tm

p
2015-02-04 11:51 - 2004-08-04 05:00 -

00082501 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLDD4.tm

p
2015-02-04 11:51 - 2004-08-04 05:00 -

00082172 _____ ()

C:\WINDOWS\system32\dllcache\bopomofo.

nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066728 _____ ()

C:\WINDOWS\system32\dllcache\big5.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066594 _____ ()

C:\WINDOWS\system32\dllcache\c_864.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066594 _____ ()

C:\WINDOWS\system32\dllcache\c_862.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066594 _____ ()

C:\WINDOWS\system32\dllcache\c_858.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066594 _____ ()

C:\WINDOWS\system32\dllcache\c_720.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_870.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_708.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_28596.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_21027.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_21025.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20924.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20880.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20871.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20838.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20833.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20424.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20423.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20420.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20297.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20290.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20285.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20284.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20280.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20278.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20277.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20273.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20269.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20108.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20107.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20106.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_20105.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1149.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1148.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1147.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1146.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1145.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1144.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1143.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1142.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1141.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1140.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_1047.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_10005.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00066082 _____ ()

C:\WINDOWS\system32\dllcache\c_10004.nls
2015-02-04 11:51 - 2004-08-04 05:00 -

00042577 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLDDA.tm

p
2015-02-04 11:49 - 2013-07-03 22:03 -

02149888 ____C (Microsoft Corporation)

C:\WINDOWS\system32\dllcache\OLD51.tmp
2015-02-03 11:24 - 2015-02-03 11:24 -

00017025 _____ () C:\Documents and

Settings\Katy\Desktop\stoicism nyt 2 2 15.txt
2015-02-03 11:15 - 2015-02-03 11:20 -

00000092 _____ () C:\Documents and

Settings\Katy\Desktop\stoic.txt
2015-02-02 14:32 - 2015-02-02 14:32 -

00170998 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\ars.cache
2015-02-02 14:32 - 2015-02-02 14:32 -

00150328 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\census.cache
2015-02-02 13:56 - 2015-02-02 13:56 -

00000036 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\housecall.guid.cache
2015-02-02 10:44 - 2015-02-02 10:44 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application

Data\Malwarebytes
2015-02-01 20:09 - 2015-02-03 09:09 -

00018944 _____ () C:\Documents and

Settings\Katy\Desktop\FEBRUARY

SPENDING RECORD 2015.xls
2015-02-01 15:38 - 2015-01-16 09:32 -

00450775 ____R ()

C:\WINDOWS\system32\Drivers\etc\hosts.20

150201-153831.backup
2015-01-29 14:14 - 2015-01-29 14:14 -

00000000 ____D () C:\WINDOWS\ERUNT
2015-01-29 13:46 - 2015-02-06 08:10 -

00053109 _____ () C:\Documents and

Settings\Katy\Desktop\win 7 ultimate guide 1

29 15.txt
2015-01-28 21:28 - 2015-02-07 10:42 -

01124352 _____ (Farbar) C:\Documents and

Settings\Katy\Desktop\FRST.exe
2015-01-26 18:24 - 2015-02-04 12:48 -

00000000 ____D () C:\Program Files\Mozilla

Firefox
2015-01-25 11:12 - 2015-01-25 11:12 -

00002086 _____ () C:\Documents and

Settings\Katy\Application Data\PHRDQX
2015-01-25 11:12 - 2015-01-25 11:12 -

00001248 _____ () C:\Documents and

Settings\Katy\Application Data\SHGGIKJF
2015-01-24 09:23 - 2015-01-24 09:25 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\POT STOX
2015-01-24 08:46 - 2015-01-24 08:46 -

00000331 _____ () C:\Documents and

Settings\Katy\My Documents\be careful.txt
2015-01-23 10:47 - 2015-01-23 10:47 -

00000000 ____D () C:\Documents and

Settings\LocalService\Local

Settings\Application Data\Hewlett-Packard
2015-01-23 10:47 - 2015-01-23 10:47 -

00000000 ____D () C:\Documents and

Settings\All Users\Start Menu\Programs\HP
2015-01-23 10:44 - 2015-01-23 10:44 -

00000000 ____D () C:\Documents and

Settings\All Users\Start Menu\Programs\AdZe

MiXXe
2015-01-23 07:19 - 2015-01-23 07:19 -

00013620 ____C () C:\Documents and

Settings\Katy\My Documents\shais taub the

steps we took etc.txt
2015-01-20 12:32 - 2015-01-18 20:43 -

00104194 ____C ()

C:\WINDOWS\hpoins04.dat.temp
2015-01-20 12:32 - 2004-06-22 10:04 -

00017176 ____C ()

C:\WINDOWS\hpomdl04.dat.temp
2015-01-20 12:32 - 2004-04-13 03:10 -

00581632 _____ (Hewlett-Packard Co.)

C:\WINDOWS\system32\hpotscl.dll
2015-01-20 12:32 - 2004-04-13 03:10 -

00090112 _____ (Hewlett-Packard Co.)

C:\WINDOWS\system32\hpovst08.dll
2015-01-20 12:32 - 2004-03-14 05:32 -

00278528 _____ (Hewlett-Packard)

C:\WINDOWS\system32\hpgwiamd.dll
2015-01-20 12:31 - 2004-04-07 09:34 -

00196608 _____ (HP)

C:\WINDOWS\system32\hpzcoi10.dll
2015-01-20 12:31 - 2004-04-07 09:33 -

00344064 _____ (Hewlett-Packard Company)

C:\WINDOWS\system32\hpzcon10.dll
2015-01-20 12:31 - 2004-03-14 05:43 -

00180315 _____ (HP)

C:\WINDOWS\system32\hpzsnt10.dll
2015-01-20 12:28 - 2015-01-23 10:47 -

00000000 ____D () C:\Program

Files\Hewlett-Packard
2015-01-20 12:28 - 2015-01-23 08:26 -

00000000 ____D () C:\Program Files\Hp
2015-01-20 09:54 - 2015-01-20 09:54 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\ProcAlyzer

Dumps
2015-01-18 21:01 - 2015-02-05 21:01 -

00000302 _____ ()

C:\WINDOWS\Tasks\WebReg officejet 4200

series.job
2015-01-18 21:01 - 2015-01-18 21:01 -

00001053 ____C () C:\_Sid.txt
2015-01-18 20:11 - 2015-01-18 20:11 -

00000000 ____D () C:\Program

Files\Common Files\HP
2015-01-18 20:09 - 2015-01-18 20:09 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application

Data\Hewlett-Packard
2015-01-18 19:58 - 2015-01-20 12:34 -

00102032 _____ ()

C:\WINDOWS\hpoins04.dat
2015-01-18 19:58 - 2004-06-22 06:20 -

00017218 ____C ()

C:\WINDOWS\hpomdl04.dat
2015-01-16 09:32 - 2015-01-09 14:14 -

00450775 ___RC ()

C:\WINDOWS\system32\Drivers\etc\hosts.20

150116-093242.backup
2015-01-13 20:11 - 2015-01-23 08:43 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application

Data\{7477016f-6628-718d-7477-7016f66205b

d}
2015-01-12 20:52 - 2015-01-12 20:53 -

00059328 ____C () C:\Documents and

Settings\Katy\Application

Data\PatchUpdate_HP_CounterReport_Updat

e_HPSU.log
2015-01-12 20:52 - 2015-01-12 20:52 -

00002048 ____C () C:\Documents and

Settings\Katy\Application

Data\HPSU_48BitScanUpdate.log
2015-01-11 10:21 - 2015-01-11 10:21 -

00074143 ____C () C:\Documents and

Settings\Katy\Application

Data\Update_HP_RedboxHprblog_HPSU.log
2015-01-10 16:18 - 2015-01-10 16:18 -

00000000 ____D () C:\Documents and

Settings\Katy\Application Data\Image Zone

Express
2015-01-10 13:23 - 2015-01-10 13:23 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\Hewlett-Packard
2015-01-09 14:14 - 2015-01-06 11:39 -

00450775 ___RC ()

C:\WINDOWS\system32\Drivers\etc\hosts.20

150109-141431.backup

==================== One Month

Modified Files and Folders =======

(If an entry is included in the fixlist, the

file\folder will be moved.)

2015-02-07 10:46 - 2006-07-22 16:51 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Temp
2015-02-07 10:24 - 2012-04-04 07:16 -

00000830 _____ ()

C:\WINDOWS\Tasks\Adobe Flash Player

Updater.job
2015-02-07 10:24 - 2011-02-22 08:01 -

01665244 ____C ()

C:\WINDOWS\WindowsUpdate.log
2015-02-07 10:21 - 2014-07-20 20:09 -

00027363 _____ ()

C:\WINDOWS\setupact.log
2015-02-07 10:16 - 2011-02-22 08:01 -

00000159 ____C ()

C:\WINDOWS\wiadebug.log
2015-02-07 10:16 - 2011-02-22 08:01 -

00000048 ____C ()

C:\WINDOWS\wiaservc.log
2015-02-07 10:13 - 2014-04-03 12:42 -

00000220 _____ ()

C:\WINDOWS\Tasks\Microsoft Windows XP

End of Service Notification Logon.job
2015-02-07 10:13 - 2004-08-10 13:08 -

00000006 ___HC ()

C:\WINDOWS\Tasks\SA.DAT
2015-02-07 10:12 - 2014-08-13 18:38 -

00196608 ____C ()

C:\WINDOWS\system32\config\SpybotSD.ev

t
2015-02-07 10:12 - 2012-08-27 16:05 -

00032546 _____ ()

C:\WINDOWS\SchedLgU.Txt
2015-02-07 10:12 - 2006-07-22 16:51 -

00000278 __SHC () C:\Documents and

Settings\Katy\ntuser.ini
2015-02-07 10:03 - 2009-03-16 09:58 -

00000420 ____H ()

C:\WINDOWS\Tasks\User_Feed_Synchroniz

ation-{FF912A38-04AF-4DEA-99F3-FBFD6C

3CAF34}.job
2015-02-06 15:24 - 2011-12-10 22:39 -

00002489 ____C () C:\Documents and

Settings\All Users\Start

Menu\Programs\Microsoft Word.lnk
2015-02-06 15:23 - 2011-12-09 20:03 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\AA
2015-02-06 07:56 - 2006-07-25 17:56 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\Symantec
2015-02-06 07:52 - 2006-07-22 16:51 -

00000000 ____D () C:\Documents and

Settings\Katy
2015-02-05 17:17 - 2004-08-10 13:04 -

00000175 ____C () C:\WINDOWS\control.ini
2015-02-05 13:24 - 2012-04-04 07:16 -

00701616 ____C (Adobe Systems

Incorporated)

C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 13:24 - 2011-12-09 09:38 -

00071344 ____C (Adobe Systems

Incorporated)

C:\WINDOWS\system32\FlashPlayerCPLApp

.cpl
2015-02-05 13:00 - 2011-11-18 19:18 -

00196608 _____ ()

C:\WINDOWS\system32\config\WindowsPo

werShell.evt
2015-02-05 12:56 - 2011-01-13 16:15 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application Data\Spybot -

Search & Destroy
2015-02-05 12:56 - 2006-07-17 19:17 -

00000254 _____ () C:\boot.ini
2015-02-05 08:59 - 2012-03-21 06:39 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\NA
2015-02-05 08:59 - 2012-01-11 21:34 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\FUN
2015-02-05 07:18 - 2004-08-10 12:51 -

00002206 ____C ()

C:\WINDOWS\system32\wpa.dbl
2015-02-04 20:50 - 2008-04-01 07:21 -

00006848 ____C () C:\WINDOWS\wininit.ini
2015-02-04 20:34 - 2014-02-21 15:08 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application Data\Lavasoft
2015-02-04 19:45 - 2014-08-12 09:15 -

00131072 ____C ()

C:\WINDOWS\system32\config\Spybot -.evt
2015-02-04 19:43 - 2014-07-30 18:48 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\Adobe
2015-02-04 19:41 - 2014-07-30 18:43 -

00002347 _____ () C:\Documents and

Settings\All Users\Start

Menu\Programs\Adobe Reader XI.lnk
2015-02-04 19:40 - 2006-08-01 20:48 -

00000000 ____D () C:\Program

Files\Common Files\Adobe
2015-02-04 19:28 - 2014-08-12 09:14 -

00000000 ____D () C:\Program Files\Spybot -

Search & Destroy 2
2015-02-04 18:59 - 2014-02-24 10:33 -

00000000 ___DC () C:\Documents and

Settings\All Users\Application Data\AVAST

Software
2015-02-04 18:58 - 2006-07-22 16:51 -

00000000 ____D () C:\Documents and

Settings\Katy\Local Settings\Application

Data\Google
2015-02-04 12:57 - 2011-12-10 22:39 -

00002487 ____C () C:\Documents and

Settings\All Users\Start

Menu\Programs\Microsoft Excel.lnk
2015-02-04 12:49 - 2004-08-10 13:08 -

00000000 __SHD () C:\Documents and

Settings\NetworkService
2015-02-04 12:49 - 2004-08-10 13:08 -

00000000 __SHD () C:\Documents and

Settings\LocalService
2015-02-04 12:49 - 2004-08-10 13:02 -

00000000 ____D ()

C:\WINDOWS\Registration
2015-02-04 12:45 - 2011-12-10 22:39 -

00000000 ____D () C:\Documents and

Settings\All Users\Start

Menu\Programs\Microsoft Office Tools
2015-02-04 12:39 - 2014-10-12 17:25 -

00173971 ____C ()

C:\WINDOWS\setupapi.log
2015-02-04 12:37 - 2004-08-10 12:51 -

00001329 ____C () C:\WINDOWS\win.ini
2015-02-04 12:36 - 2011-11-23 14:56 -

00000000 ____D ()

C:\WINDOWS\SHELLNEW
2015-02-04 12:36 - 2004-08-10 12:57 -

00000000 ____D () C:\Program

Files\Common Files\Microsoft Shared
2015-02-04 12:36 - 2004-08-10 12:52 -

00000000 ____D () C:\WINDOWS\Media
2015-02-04 12:35 - 2006-08-05 18:58 -

00000000 ____D () C:\Program

Files\Microsoft Office
2015-02-04 12:34 - 2004-08-10 13:04 -

00000000 ____D () C:\Program

Files\microsoft frontpage
2015-02-04 12:34 - 2004-08-10 12:52 -

00000000 ____D () C:\WINDOWS\system
2015-02-04 12:29 - 2011-12-05 09:57 -

00000853 ____C ()

C:\WINDOWS\DHCPUPG.LOG
2015-02-04 09:29 - 2012-07-03 07:14 -

00000000 ____D () C:\Program Files\Mozilla

Maintenance Service
2015-02-03 10:38 - 2011-12-21 12:30 -

00000000 ___DC ()

C:\8fd3818fadf89c2779d8860803ef0cab
2015-02-03 08:58 - 2004-08-10 13:08 -

00000000 ____D () C:\Documents and

Settings\LocalService\Local Settings\Temp
2015-02-02 10:42 - 2004-08-10 12:52 -

00000000 ____D () C:\WINDOWS\Help
2015-01-27 20:21 - 2006-08-05 19:02 -

00059312 ____C () C:\Documents and

Settings\Katy\Application

Data\GDIPFONTCACHEV1.DAT
2015-01-24 20:25 - 2014-10-18 22:02 -

00000000 ____D () C:\Documents and

Settings\All Users\Start Menu\Programs\Java
2015-01-24 19:50 - 2014-03-27 10:02 -

00002565 ____C () C:\Documents and

Settings\Katy\Desktop\Microsoft Calculator

Plus.lnk
2015-01-24 09:21 - 2011-12-09 20:04 -

00000000 ____D () C:\Documents and

Settings\Katy\My Documents\MONEY
2015-01-23 10:49 - 2008-12-11 09:27 -

00243128 ____C ()

C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-23 10:44 - 2013-08-14 07:20 -

00000000 ____D ()

C:\WINDOWS\system32\MRT
2015-01-23 10:43 - 2006-07-17 19:17 -

00000000 ___DC () C:\dell
2015-01-23 10:43 - 2006-07-17 19:11 -

00000000 ____D () C:\i386
2015-01-23 08:26 - 2011-12-08 21:07 -

00000000 ___DC () C:\unzipped
2015-01-22 09:24 - 2014-10-02 10:36 -

00002027 ____C () C:\Documents and

Settings\Katy\My Documents\swank critical.txt
2015-01-20 13:10 - 2011-12-18 12:21 -

00000000 ____D ()

C:\WINDOWS\system32\FxsTmp
2015-01-20 12:36 - 2004-08-10 12:52 -

00000000 ____D () C:\WINDOWS\twain_32
2015-01-20 12:34 - 2008-12-03 11:55 -

00012964 ____C () C:\Documents and

Settings\All Users\Application

Data\hpzinstall.log
2015-01-20 12:30 - 2006-07-22 19:36 -

00059312 ____C () C:\Documents and

Settings\Katy\Local Settings\Application

Data\GDIPFONTCACHEV1.DAT
2015-01-20 11:31 - 2014-07-20 18:28 -

00000724 ____C () C:\Documents and

Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-01-20 11:31 - 2011-12-08 20:32 -

00000730 ____C () C:\Documents and

Settings\All Users\Start

Menu\Programs\Mozilla Firefox.lnk
2015-01-15 10:14 - 2006-07-23 08:43 -

110348472 ____C (Microsoft Corporation)

C:\WINDOWS\system32\MRT.exe
2015-01-14 12:36 - 2004-08-10 12:52 -

00000000 ____D () C:\WINDOWS\pchealth
2015-01-12 21:00 - 2009-08-15 14:23 -

00000000 ____D () C:\Documents and

Settings\Katy\Application Data\HpUpdate
2015-01-11 11:05 - 2011-12-09 08:41 -

00000000 ____D () C:\Program Files\Savings

Bond Wizard
2015-01-10 13:36 - 2008-12-03 13:12 -

00000000 ____D () C:\Documents and

Settings\Katy\Application Data\HP
2015-01-08 15:00 - 2014-04-03 12:42 -

00000214 _____ ()

C:\WINDOWS\Tasks\Microsoft Windows XP

End of Service Notification Monthly.job

==================== Files in the root

of some directories =======

2006-08-27 16:27 - 2008-07-26 19:15 -

0004096 ____C () C:\Documents and

Settings\Katy\Application Data\dvd.bmk
2015-01-12 20:52 - 2015-01-12 20:52 -

0002048 ____C () C:\Documents and

Settings\Katy\Application

Data\HPSU_48BitScanUpdate.log
2015-01-12 20:52 - 2015-01-12 20:53 -

0059328 ____C () C:\Documents and

Settings\Katy\Application

Data\PatchUpdate_HP_CounterReport_Updat

e_HPSU.log
2006-07-28 06:32 - 2006-07-28 06:32 -

0012358 ____C () C:\Documents and

Settings\Katy\Application

Data\PFP120JCM.{PB
2006-07-28 06:32 - 2006-07-28 06:32 -

0061678 ____C () C:\Documents and

Settings\Katy\Application

Data\PFP120JPR.{PB
2015-01-25 11:12 - 2015-01-25 11:12 -

0002086 _____ () C:\Documents and

Settings\Katy\Application Data\PHRDQX
2015-02-04 19:42 - 2015-02-04 19:42 -

1513432 _____ (Cinema PlusV04.02)

C:\Documents and Settings\Katy\Application

Data\PHRDQX.exe
2015-01-25 11:12 - 2015-01-25 11:12 -

0001248 _____ () C:\Documents and

Settings\Katy\Application Data\SHGGIKJF
2015-02-04 19:41 - 2015-02-04 19:41 -

2002392 _____ (Cinema PlusV04.02)

C:\Documents and Settings\Katy\Application

Data\SHGGIKJF.exe
2015-01-11 10:21 - 2015-01-11 10:21 -

0074143 ____C () C:\Documents and

Settings\Katy\Application

Data\Update_HP_RedboxHprblog_HPSU.log
2015-02-02 14:32 - 2015-02-02 14:32 -

0170998 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\ars.cache
2015-02-02 14:32 - 2015-02-02 14:32 -

0150328 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\census.cache
2008-08-24 17:23 - 2011-01-12 10:24 -

0004608 ____C () C:\Documents and

Settings\Katy\Local Settings\Application

Data\DCBC2A71-70D8-4DAN-EHR8-E0D61D

EA3FDF.ini
2006-07-23 07:45 - 2006-07-23 07:45 -

0000127 ____C () C:\Documents and

Settings\Katy\Local Settings\Application

Data\fusioncache.dat
2015-02-02 13:56 - 2015-02-02 13:56 -

0000036 _____ () C:\Documents and

Settings\Katy\Local Settings\Application

Data\housecall.guid.cache

Some content of TEMP:
====================
C:\Documents and Settings\Katy\Local

Settings\Temp\8594.exe


==================== Bamital &

volsnap Check =================

(There is no automatic fix for files that do not

pass verification.)

C:\WINDOWS\explorer.exe => File is digitally

signed
C:\WINDOWS\system32\winlogon.exe => File

is digitally signed
C:\WINDOWS\system32\svchost.exe => File

is digitally signed
C:\WINDOWS\system32\services.exe => File

is digitally signed
C:\WINDOWS\system32\User32.dll => File is

digitally signed
C:\WINDOWS\system32\userinit.exe => File

is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is

digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys

=> File is digitally signed

==================== End Of Log

============================
..............Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2015
Ran by Katy (administrator) on D5TBBCB1 on 07-02-2015 10:44:56
Running from C:\Documents and Settings\Katy\Desktop
Loaded Profiles: Katy (Available profiles: Katy)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(HP) C:\WINDOWS\system32\HPZipm12.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files\Dell\Media Experience\DMXLauncher.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Sonic Solutions) C:\WINDOWS\system32\DLA\DLACTRLW.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(WinZip Computing, Inc.) C:\PROGRA~1\WINZIP\WINZIP32.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DMXLauncher] => C:\Program Files\Dell\Media Experience\DMXLauncher.exe [98304 2006-05-03] ()
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2005-09-20] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe
HKLM\...\Run: [ISUSPM Startup] => "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1404928 2009-05-19] (Analog Devices, Inc.)
HKLM\...\Run: [DLA] => C:\WINDOWS\System32\DLA\DLACTRLW.EXE [122940 2005-11-07] (Sonic Solutions)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [gmsd_us_178] => [X]
HKLM\...\Run: [upgmsd_us_178.exe] => C:\Documents and Settings\Katy\Local Settings\Application Data\gmsd_us_178\upgmsd_us_178.exe -runhelper
Winlogon\Notify\avgrsstarter: avgrsstx.dll [X]
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\...\RunOnce: [Adobe Speed Launcher] => 1423322036
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk /r \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1226216386-1621485569-1288477537-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D020515-AC44713A88D0B45FFA7F&form=CONMHP&conlogo=CT3331981
SearchScopes: HKLM -> DefaultScope URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1226216386-1621485569-1288477537-1006 -> DefaultScope {7ad9fd96-42e6-497b-8495-a40df0cc61e2} URL = http://www.bing.com/search?pc=COSP&ptag=D020515-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1226216386-1621485569-1288477537-1006 -> {7ad9fd96-42e6-497b-8495-a40df0cc61e2} URL = http://www.bing.com/search?pc=COSP&ptag=D020515-AC44713A88D0B45FFA7F&form=CONBDF&conlogo=CT3331981&q={searchTerms}
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll No File
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll No File
Toolbar: HKU\S-1-5-21-1226216386-1621485569-1288477537-1006 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Katy\Application Data\Mozilla\Firefox\Profiles\rwde3gyy.default-1423158602250
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Iprip; C:\WINDOWS\System32\iprip.dll [35328 2008-04-13] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-18] (Oracle Corporation)
S3 LPDSVC; C:\WINDOWS\system32\tcpsvcs.exe [19456 2004-08-04] (Microsoft Corporation)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [143360 2003-12-17] (Intel(R) Corporation) [File not signed]
S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-13] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /svc [X]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
S2 NIS; "C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe" /s "NIS" /m "C:\Program Files\Norton Internet Security\Engine\21.1.0.18\diMaster.dll" /prefetch:1
S2 serverjo; C:\Documents and Settings\Katy\Application Data\VOPackage\JOSrv.exe [X]
S2 womufoji; C:\Documents and Settings\Katy\Application Data\VOPackage\nsx96.tmpfs [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 6195; C:\WINDOWS\System32\DRIVERS\6195 [9072 2011-11-18] ()
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 bvrp_pci; C:\WINDOWS\system32\Drivers\bvrp_pci.sys [4272 2004-03-24] () [File not signed]
S1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R2 DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [25628 2005-11-07] (Sonic Solutions) [File not signed]
R1 DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [5660 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2496 2005-11-07] (Sonic Solutions) [File not signed]
R2 DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [86652 2005-11-07] (Sonic Solutions) [File not signed]
R2 DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [14684 2005-11-07] (Sonic Solutions) [File not signed]
R2 DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [6364 2005-11-07] (Sonic Solutions) [File not signed]
R1 DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [22684 2005-11-18] (Sonic Solutions) [File not signed]
R2 DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [94332 2005-11-07] (Sonic Solutions) [File not signed]
R2 DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [87036 2005-11-07] (Sonic Solutions) [File not signed]
R0 DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [89264 2005-09-12] (Sonic Solutions) [File not signed]
R2 DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-31] (Symantec Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
S3 netrcacm; C:\WINDOWS\System32\DRIVERS\netrcacm.sys [20648 2003-04-02] (Thomson Inc.)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [46080 2005-08-19] (Sonic Solutions) [File not signed]
R1 SDHookDriver; C:\Program Files\Spybot - Search & Destroy 2\SDHookDrv32.sys [46248 2013-10-10] ()
S3 SRTSP; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-12-14] (Symantec Corporation)
S1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
S1 SYMTDI; C:\WINDOWS\system32\drivers\NIS\1501000.012\SYMTDI.SYS [421592 2013-09-25] (Symantec Corporation)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 2980; System32\DRIVERS\2980 [X]
S3 Avgfwdx; system32\DRIVERS\avgfwdx.sys [X]
S3 Avgfwfd; system32\DRIVERS\avgfwdx.sys [X]
S1 BHDrvx86; \??\C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\Katy\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 IDSxpx86; \??\C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140219.001\IDSxpx86.sys [X]
S3 NAVENG; \??\C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140220.003\NAVEX15.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
S1 wpnfd_1_10_0_6; system32\drivers\wpnfd_1_10_0_6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 10:44 - 2015-02-07 10:45 - 00015506 _____ () C:\Documents and Settings\Katy\Desktop\FRST.txt
2015-02-07 10:42 - 2015-02-07 10:42 - 00000000 ____D () C:\Documents and Settings\Katy\Desktop\FRST-OlderVersion
2015-02-07 10:30 - 2015-02-07 10:30 - 00004181 _____ () C:\Documents and Settings\Katy\Desktop\GetOpenClipboardWindow.zip
2015-02-06 22:22 - 2015-02-06 22:22 - 00003044 _____ () C:\Documents and Settings\Katy\Desktop\VolumeC.txt
2015-02-06 18:12 - 2015-02-06 18:12 - 00003433 _____ () C:\Documents and Settings\Katy\Desktop\ocd 2 6 15 post 39.txt
2015-02-06 08:11 - 2015-02-06 08:11 - 00000240 _____ () C:\Documents and Settings\Katy\Desktop\xp dell stats.txt
2015-02-05 08:39 - 2015-02-05 08:39 - 00001812 _____ () C:\Documents and Settings\Katy\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-02-05 08:29 - 2015-02-05 08:29 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-02-05 08:29 - 2015-02-05 08:29 - 00000000 ____D () C:\Documents and Settings\Katy\Desktop\Program Files\Programs\Tweaking.com
2015-02-05 08:28 - 2015-02-05 08:28 - 10318832 _____ () C:\Documents and Settings\Katy\Desktop\tweaking.com_windows_repair_aio_setup.exe
2015-02-04 19:42 - 2015-02-07 10:22 - 00001370 _____ () C:\WINDOWS\Tasks\PHRDQX.job
2015-02-04 19:42 - 2015-02-04 19:42 - 01513432 _____ (Cinema PlusV04.02) C:\Documents and Settings\Katy\Application Data\PHRDQX.exe
2015-02-04 19:41 - 2015-02-07 10:20 - 00001718 _____ () C:\WINDOWS\Tasks\SHGGIKJF.job
2015-02-04 19:41 - 2015-02-07 10:13 - 00000956 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-02-04 19:41 - 2015-02-06 07:46 - 00000960 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-02-04 19:41 - 2015-02-04 19:41 - 02002392 _____ (Cinema PlusV04.02) C:\Documents and Settings\Katy\Application Data\SHGGIKJF.exe
2015-02-04 19:41 - 2015-02-04 19:41 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\globalUpdate
2015-02-04 19:37 - 2015-02-04 20:22 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\gmsd_us_178
2015-02-04 19:29 - 2015-02-04 19:29 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\Mozilla
2015-02-04 19:29 - 2015-02-04 19:29 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Mozilla
2015-02-04 19:20 - 2015-02-07 10:14 - 00000644 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-02-04 19:20 - 2015-02-04 19:20 - 00000616 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-02-04 19:20 - 2015-02-04 19:20 - 00000446 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-02-04 19:19 - 2015-02-04 19:19 - 00001842 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-04 19:19 - 2015-02-04 19:19 - 00001836 _____ () C:\Documents and Settings\All Users\Desktop\Spybot-S&D Start Center.lnk
2015-02-04 19:19 - 2015-02-04 19:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-04 19:19 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe
2015-02-04 19:16 - 2015-02-04 19:16 - 00004512 _____ () C:\WINDOWS\system32\LavasoftTcpService.ini
2015-02-04 19:16 - 2015-02-04 19:16 - 00002400 _____ () C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-02-04 19:16 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService.dll
2015-02-04 18:58 - 2015-02-05 13:30 - 00000000 ____D () C:\Documents and Settings\Katy\Desktop\ocd atuzi tools
2015-02-04 12:48 - 2015-02-07 10:44 - 00000000 ____D () C:\FRST
2015-02-04 12:48 - 2015-02-04 12:48 - 00000000 ____D () C:\AdwCleaner
2015-02-04 12:29 - 2015-02-04 12:29 - 00000415 _____ () C:\WINDOWS\WINNT32.LOG
2015-02-04 12:17 - 2010-07-12 07:55 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD62D.tmp
2015-02-04 12:17 - 2004-08-04 05:00 - 00041029 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD647.tmp
2015-02-04 12:17 - 2004-08-04 05:00 - 00036937 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD644.tmp
2015-02-04 12:17 - 2004-08-04 05:00 - 00029760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD64D.tmp
2015-02-04 12:17 - 2004-08-04 05:00 - 00028288 _____ () C:\WINDOWS\system32\dllcache\xjis.nls
2015-02-04 12:17 - 2004-08-04 05:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD630.tmp
2015-02-04 12:17 - 2004-08-04 05:00 - 00004677 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD64A.tmp
2015-02-04 12:16 - 2004-08-04 05:00 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD623.tmp
2015-02-04 12:15 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD5E5.tmp
2015-02-04 12:15 - 2004-08-04 05:00 - 00032339 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD5DF.tmp
2015-02-04 12:11 - 2008-04-13 19:12 - 00538624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD573.tmp
2015-02-04 12:11 - 2004-08-04 05:00 - 00056832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD561.tmp
2015-02-04 12:09 - 2004-08-04 05:00 - 02178131 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD519.tmp
2015-02-04 12:09 - 2004-08-04 05:00 - 00066113 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD516.tmp
2015-02-04 12:09 - 2004-08-04 05:00 - 00042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD51C.tmp
2015-02-04 12:07 - 2004-08-04 05:00 - 00753236 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD4CC.tmp
2015-02-04 12:07 - 2004-08-04 05:00 - 00048706 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD4C9.tmp
2015-02-04 12:07 - 2004-08-04 05:00 - 00042574 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD4CF.tmp
2015-02-04 12:06 - 2008-04-13 19:12 - 00281088 ____C (Cinematronics) C:\WINDOWS\system32\dllcache\OLD486.tmp
2015-02-04 12:06 - 2004-08-04 05:00 - 00083748 _____ () C:\WINDOWS\system32\dllcache\prcp.nls
2015-02-04 12:06 - 2004-08-04 05:00 - 00083748 _____ () C:\WINDOWS\system32\dllcache\prc.nls
2015-02-04 12:04 - 2013-07-03 21:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD43B.tmp
2015-02-04 12:02 - 2009-12-16 13:43 - 00343040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD3FC.tmp
2015-02-04 12:02 - 2004-08-04 05:00 - 00126976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD3F3.tmp
2015-02-04 12:00 - 2004-08-04 05:00 - 00047066 _____ () C:\WINDOWS\system32\dllcache\ksc.nls
2015-02-04 11:57 - 2004-08-04 05:00 - 01175635 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD30C.tmp
2015-02-04 11:57 - 2004-08-04 05:00 - 00057409 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD309.tmp
2015-02-04 11:57 - 2004-08-04 05:00 - 00042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD30F.tmp
2015-02-04 11:56 - 2004-08-04 05:00 - 00605696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD2D8.tmp
2015-02-04 11:56 - 2004-08-04 05:00 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD2C3.tmp
2015-02-04 11:56 - 2001-08-17 12:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD2B2.tmp
2015-02-04 11:56 - 2001-08-17 12:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD2AF.tmp
2015-02-04 11:54 - 2001-08-17 12:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD26B.tmp
2015-02-04 11:54 - 2001-08-17 12:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD268.tmp
2015-02-04 11:52 - 2008-04-13 19:12 - 00102912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD1A2.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 01039955 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD1AB.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 00780885 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD186.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 00217160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD1A8.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 00080384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD17D.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 00042575 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD189.tmp
2015-02-04 11:52 - 2004-08-04 05:00 - 00040515 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD183.tmp
2015-02-04 11:51 - 2004-08-04 05:00 - 01817687 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLDD7.tmp
2015-02-04 11:51 - 2004-08-04 05:00 - 00195618 _____ () C:\WINDOWS\system32\dllcache\c_10002.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00189986 _____ () C:\WINDOWS\system32\dllcache\c_1361.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00187938 _____ () C:\WINDOWS\system32\dllcache\c_20005.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00186402 _____ () C:\WINDOWS\system32\dllcache\c_20001.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00185378 _____ () C:\WINDOWS\system32\dllcache\c_20003.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00180770 _____ () C:\WINDOWS\system32\dllcache\c_20932.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20004.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20000.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_20949.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_10003.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20936.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20002.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_10008.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00162850 _____ () C:\WINDOWS\system32\dllcache\c_10001.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD14E.tmp
2015-02-04 11:51 - 2004-08-04 05:00 - 00082501 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLDD4.tmp
2015-02-04 11:51 - 2004-08-04 05:00 - 00082172 _____ () C:\WINDOWS\system32\dllcache\bopomofo.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066728 _____ () C:\WINDOWS\system32\dllcache\big5.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_864.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_862.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_858.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_720.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_870.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_708.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_28596.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21027.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21025.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20924.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20880.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20871.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20838.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20833.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20424.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20423.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20420.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20297.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20290.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20285.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20284.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20280.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20278.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20277.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20273.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20269.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20108.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20107.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20106.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20105.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1149.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1148.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1147.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1146.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1145.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1144.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1143.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1142.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1141.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1140.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1047.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10005.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10004.nls
2015-02-04 11:51 - 2004-08-04 05:00 - 00042577 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLDDA.tmp
2015-02-04 11:49 - 2013-07-03 22:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\OLD51.tmp
2015-02-03 11:24 - 2015-02-03 11:24 - 00017025 _____ () C:\Documents and Settings\Katy\Desktop\stoicism nyt 2 2 15.txt
2015-02-03 11:15 - 2015-02-03 11:20 - 00000092 _____ () C:\Documents and Settings\Katy\Desktop\stoic.txt
2015-02-02 14:32 - 2015-02-02 14:32 - 00170998 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\ars.cache
2015-02-02 14:32 - 2015-02-02 14:32 - 00150328 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\census.cache
2015-02-02 13:56 - 2015-02-02 13:56 - 00000036 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\housecall.guid.cache
2015-02-02 10:44 - 2015-02-02 10:44 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-02-01 20:09 - 2015-02-03 09:09 - 00018944 _____ () C:\Documents and Settings\Katy\Desktop\FEBRUARY SPENDING RECORD 2015.xls
2015-02-01 15:38 - 2015-01-16 09:32 - 00450775 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150201-153831.backup
2015-01-29 14:14 - 2015-01-29 14:14 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-29 13:46 - 2015-02-06 08:10 - 00053109 _____ () C:\Documents and Settings\Katy\Desktop\win 7 ultimate guide 1 29 15.txt
2015-01-28 21:28 - 2015-02-07 10:42 - 01124352 _____ (Farbar) C:\Documents and Settings\Katy\Desktop\FRST.exe
2015-01-26 18:24 - 2015-02-04 12:48 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-25 11:12 - 2015-01-25 11:12 - 00002086 _____ () C:\Documents and Settings\Katy\Application Data\PHRDQX
2015-01-25 11:12 - 2015-01-25 11:12 - 00001248 _____ () C:\Documents and Settings\Katy\Application Data\SHGGIKJF
2015-01-24 09:23 - 2015-01-24 09:25 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\POT STOX
2015-01-24 08:46 - 2015-01-24 08:46 - 00000331 _____ () C:\Documents and Settings\Katy\My Documents\be careful.txt
2015-01-23 10:47 - 2015-01-23 10:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\Hewlett-Packard
2015-01-23 10:47 - 2015-01-23 10:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-01-23 10:44 - 2015-01-23 10:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AdZe MiXXe
2015-01-23 07:19 - 2015-01-23 07:19 - 00013620 ____C () C:\Documents and Settings\Katy\My Documents\shais taub the steps we took etc.txt
2015-01-20 12:32 - 2015-01-18 20:43 - 00104194 ____C () C:\WINDOWS\hpoins04.dat.temp
2015-01-20 12:32 - 2004-06-22 10:04 - 00017176 ____C () C:\WINDOWS\hpomdl04.dat.temp
2015-01-20 12:32 - 2004-04-13 03:10 - 00581632 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl.dll
2015-01-20 12:32 - 2004-04-13 03:10 - 00090112 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst08.dll
2015-01-20 12:32 - 2004-03-14 05:32 - 00278528 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpgwiamd.dll
2015-01-20 12:31 - 2004-04-07 09:34 - 00196608 _____ (HP) C:\WINDOWS\system32\hpzcoi10.dll
2015-01-20 12:31 - 2004-04-07 09:33 - 00344064 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpzcon10.dll
2015-01-20 12:31 - 2004-03-14 05:43 - 00180315 _____ (HP) C:\WINDOWS\system32\hpzsnt10.dll
2015-01-20 12:28 - 2015-01-23 10:47 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-01-20 12:28 - 2015-01-23 08:26 - 00000000 ____D () C:\Program Files\Hp
2015-01-20 09:54 - 2015-01-20 09:54 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\ProcAlyzer Dumps
2015-01-18 21:01 - 2015-02-05 21:01 - 00000302 _____ () C:\WINDOWS\Tasks\WebReg officejet 4200 series.job
2015-01-18 21:01 - 2015-01-18 21:01 - 00001053 ____C () C:\_Sid.txt
2015-01-18 20:11 - 2015-01-18 20:11 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-01-18 20:09 - 2015-01-18 20:09 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2015-01-18 19:58 - 2015-01-20 12:34 - 00102032 _____ () C:\WINDOWS\hpoins04.dat
2015-01-18 19:58 - 2004-06-22 06:20 - 00017218 ____C () C:\WINDOWS\hpomdl04.dat
2015-01-16 09:32 - 2015-01-09 14:14 - 00450775 ___RC () C:\WINDOWS\system32\Drivers\etc\hosts.20150116-093242.backup
2015-01-13 20:11 - 2015-01-23 08:43 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\{7477016f-6628-718d-7477-7016f66205bd}
2015-01-12 20:52 - 2015-01-12 20:53 - 00059328 ____C () C:\Documents and Settings\Katy\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2015-01-12 20:52 - 2015-01-12 20:52 - 00002048 ____C () C:\Documents and Settings\Katy\Application Data\HPSU_48BitScanUpdate.log
2015-01-11 10:21 - 2015-01-11 10:21 - 00074143 ____C () C:\Documents and Settings\Katy\Application Data\Update_HP_RedboxHprblog_HPSU.log
2015-01-10 16:18 - 2015-01-10 16:18 - 00000000 ____D () C:\Documents and Settings\Katy\Application Data\Image Zone Express
2015-01-10 13:23 - 2015-01-10 13:23 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\Hewlett-Packard
2015-01-09 14:14 - 2015-01-06 11:39 - 00450775 ___RC () C:\WINDOWS\system32\Drivers\etc\hosts.20150109-141431.backup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 10:46 - 2006-07-22 16:51 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Temp
2015-02-07 10:24 - 2012-04-04 07:16 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-07 10:24 - 2011-02-22 08:01 - 01665244 ____C () C:\WINDOWS\WindowsUpdate.log
2015-02-07 10:21 - 2014-07-20 20:09 - 00027363 _____ () C:\WINDOWS\setupact.log
2015-02-07 10:16 - 2011-02-22 08:01 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2015-02-07 10:16 - 2011-02-22 08:01 - 00000048 ____C () C:\WINDOWS\wiaservc.log
2015-02-07 10:13 - 2014-04-03 12:42 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-02-07 10:13 - 2004-08-10 13:08 - 00000006 ___HC () C:\WINDOWS\Tasks\SA.DAT
2015-02-07 10:12 - 2014-08-13 18:38 - 00196608 ____C () C:\WINDOWS\system32\config\SpybotSD.evt
2015-02-07 10:12 - 2012-08-27 16:05 - 00032546 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-07 10:12 - 2006-07-22 16:51 - 00000278 __SHC () C:\Documents and Settings\Katy\ntuser.ini
2015-02-07 10:03 - 2009-03-16 09:58 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{FF912A38-04AF-4DEA-99F3-FBFD6C3CAF34}.job
2015-02-06 15:24 - 2011-12-10 22:39 - 00002489 ____C () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2015-02-06 15:23 - 2011-12-09 20:03 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\AA
2015-02-06 07:56 - 2006-07-25 17:56 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\Symantec
2015-02-06 07:52 - 2006-07-22 16:51 - 00000000 ____D () C:\Documents and Settings\Katy
2015-02-05 17:17 - 2004-08-10 13:04 - 00000175 ____C () C:\WINDOWS\control.ini
2015-02-05 13:24 - 2012-04-04 07:16 - 00701616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 13:24 - 2011-12-09 09:38 - 00071344 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-05 13:00 - 2011-11-18 19:18 - 00196608 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-02-05 12:56 - 2011-01-13 16:15 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2015-02-05 12:56 - 2006-07-17 19:17 - 00000254 _____ () C:\boot.ini
2015-02-05 08:59 - 2012-03-21 06:39 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\NA
2015-02-05 08:59 - 2012-01-11 21:34 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\FUN
2015-02-05 07:18 - 2004-08-10 12:51 - 00002206 ____C () C:\WINDOWS\system32\wpa.dbl
2015-02-04 20:50 - 2008-04-01 07:21 - 00006848 ____C () C:\WINDOWS\wininit.ini
2015-02-04 20:34 - 2014-02-21 15:08 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Lavasoft
2015-02-04 19:45 - 2014-08-12 09:15 - 00131072 ____C () C:\WINDOWS\system32\config\Spybot -.evt
2015-02-04 19:43 - 2014-07-30 18:48 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\Adobe
2015-02-04 19:41 - 2014-07-30 18:43 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-04 19:40 - 2006-08-01 20:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-04 19:28 - 2014-08-12 09:14 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-02-04 18:59 - 2014-02-24 10:33 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\AVAST Software
2015-02-04 18:58 - 2006-07-22 16:51 - 00000000 ____D () C:\Documents and Settings\Katy\Local Settings\Application Data\Google
2015-02-04 12:57 - 2011-12-10 22:39 - 00002487 ____C () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Excel.lnk
2015-02-04 12:49 - 2004-08-10 13:08 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-02-04 12:49 - 2004-08-10 13:08 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-02-04 12:49 - 2004-08-10 13:02 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-04 12:45 - 2011-12-10 22:39 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
2015-02-04 12:39 - 2014-10-12 17:25 - 00173971 ____C () C:\WINDOWS\setupapi.log
2015-02-04 12:37 - 2004-08-10 12:51 - 00001329 ____C () C:\WINDOWS\win.ini
2015-02-04 12:36 - 2011-11-23 14:56 - 00000000 ____D () C:\WINDOWS\SHELLNEW
2015-02-04 12:36 - 2004-08-10 12:57 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-04 12:36 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\Media
2015-02-04 12:35 - 2006-08-05 18:58 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-02-04 12:34 - 2004-08-10 13:04 - 00000000 ____D () C:\Program Files\microsoft frontpage
2015-02-04 12:34 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\system
2015-02-04 12:29 - 2011-12-05 09:57 - 00000853 ____C () C:\WINDOWS\DHCPUPG.LOG
2015-02-04 09:29 - 2012-07-03 07:14 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-03 10:38 - 2011-12-21 12:30 - 00000000 ___DC () C:\8fd3818fadf89c2779d8860803ef0cab
2015-02-03 08:58 - 2004-08-10 13:08 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-02-02 10:42 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\Help
2015-01-27 20:21 - 2006-08-05 19:02 - 00059312 ____C () C:\Documents and Settings\Katy\Application Data\GDIPFONTCACHEV1.DAT
2015-01-24 20:25 - 2014-10-18 22:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-01-24 19:50 - 2014-03-27 10:02 - 00002565 ____C () C:\Documents and Settings\Katy\Desktop\Microsoft Calculator Plus.lnk
2015-01-24 09:21 - 2011-12-09 20:04 - 00000000 ____D () C:\Documents and Settings\Katy\My Documents\MONEY
2015-01-23 10:49 - 2008-12-11 09:27 - 00243128 ____C () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-23 10:44 - 2013-08-14 07:20 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-23 10:43 - 2006-07-17 19:17 - 00000000 ___DC () C:\dell
2015-01-23 10:43 - 2006-07-17 19:11 - 00000000 ____D () C:\i386
2015-01-23 08:26 - 2011-12-08 21:07 - 00000000 ___DC () C:\unzipped
2015-01-22 09:24 - 2014-10-02 10:36 - 00002027 ____C () C:\Documents and Settings\Katy\My Documents\swank critical.txt
2015-01-20 13:10 - 2011-12-18 12:21 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-01-20 12:36 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\twain_32
2015-01-20 12:34 - 2008-12-03 11:55 - 00012964 ____C () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-01-20 12:30 - 2006-07-22 19:36 - 00059312 ____C () C:\Documents and Settings\Katy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-01-20 11:31 - 2014-07-20 18:28 - 00000724 ____C () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-01-20 11:31 - 2011-12-08 20:32 - 00000730 ____C () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-15 10:14 - 2006-07-23 08:43 - 110348472 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 12:36 - 2004-08-10 12:52 - 00000000 ____D () C:\WINDOWS\pchealth
2015-01-12 21:00 - 2009-08-15 14:23 - 00000000 ____D () C:\Documents and Settings\Katy\Application Data\HpUpdate
2015-01-11 11:05 - 2011-12-09 08:41 - 00000000 ____D () C:\Program Files\Savings Bond Wizard
2015-01-10 13:36 - 2008-12-03 13:12 - 00000000 ____D () C:\Documents and Settings\Katy\Application Data\HP
2015-01-08 15:00 - 2014-04-03 12:42 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== Files in the root of some directories =======

2006-08-27 16:27 - 2008-07-26 19:15 - 0004096 ____C () C:\Documents and Settings\Katy\Application Data\dvd.bmk
2015-01-12 20:52 - 2015-01-12 20:52 - 0002048 ____C () C:\Documents and Settings\Katy\Application Data\HPSU_48BitScanUpdate.log
2015-01-12 20:52 - 2015-01-12 20:53 - 0059328 ____C () C:\Documents and Settings\Katy\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
2006-07-28 06:32 - 2006-07-28 06:32 - 0012358 ____C () C:\Documents and Settings\Katy\Application Data\PFP120JCM.{PB
2006-07-28 06:32 - 2006-07-28 06:32 - 0061678 ____C () C:\Documents and Settings\Katy\Application Data\PFP120JPR.{PB
2015-01-25 11:12 - 2015-01-25 11:12 - 0002086 _____ () C:\Documents and Settings\Katy\Application Data\PHRDQX
2015-02-04 19:42 - 2015-02-04 19:42 - 1513432 _____ (Cinema PlusV04.02) C:\Documents and Settings\Katy\Application Data\PHRDQX.exe
2015-01-25 11:12 - 2015-01-25 11:12 - 0001248 _____ () C:\Documents and Settings\Katy\Application Data\SHGGIKJF
2015-02-04 19:41 - 2015-02-04 19:41 - 2002392 _____ (Cinema PlusV04.02) C:\Documents and Settings\Katy\Application Data\SHGGIKJF.exe
2015-01-11 10:21 - 2015-01-11 10:21 - 0074143 ____C () C:\Documents and Settings\Katy\Application Data\Update_HP_RedboxHprblog_HPSU.log
2015-02-02 14:32 - 2015-02-02 14:32 - 0170998 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\ars.cache
2015-02-02 14:32 - 2015-02-02 14:32 - 0150328 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\census.cache
2008-08-24 17:23 - 2011-01-12 10:24 - 0004608 ____C () C:\Documents and Settings\Katy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-07-23 07:45 - 2006-07-23 07:45 - 0000127 ____C () C:\Documents and Settings\Katy\Local Settings\Application Data\fusioncache.dat
2015-02-02 13:56 - 2015-02-02 13:56 - 0000036 _____ () C:\Documents and Settings\Katy\Local Settings\Application Data\housecall.guid.cache

Some content of TEMP:
====================
C:\Documents and Settings\Katy\Local Settings\Temp\8594.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

I also defragmented and it wouldn't go above 60%:

Volume (C:)
Volume size = 52.70 GB
Cluster size = 4 KB
Used space = 20.82 GB
Free space = 31.88 GB
Percent free space = 60 %

Volume fragmentation
Total fragmentation = 0 %
File fragmentation = 0 %
Free space fragmentation = 0 %

File fragmentation
Total files = 95,651
Average file size = 508 KB
Total fragmented files = 1
Total excess fragments = 0
Average fragments per file = 0.99

Pagefile fragmentation
Pagefile size = 1.50 GB
Total fragments = 1

Folder fragmentation
Total folders = 6,184
Fragmented folders = 1
Excess folder fragments = 0

Master File Table (MFT) fragmentation
Total MFT size = 122 MB
MFT record count = 103,359
Percent MFT in use = 82 %
Total MFT fragments = 3

--------------------------------------------------------------------------------
Fragments File Size Files that cannot be defragmented
None
......................
Many thanks,
Katy
 
Hi Katy1,

It does not appear that you have run the FRST script from post #36? Please do so at this time and post the Fixlog

I also defragmented and it wouldn't go above 60%:
Click to expand...

The 60% is the amount of "free space" on the hard drive, not the amount of fragmentation.

Re-run Security Check by screen317
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================

In your next post please provide the following:
  • Fixlog.txt
  • new checkup.txt
  • new FRST.txt
 
Hi Katy1,

If you still need help, please post the logs requested in my previous post (#45)
 
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.
 
Last edited by a moderator:
Status
Not open for further replies.
Back
Top