Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Intenet connection being hijacked & my computer & download speed slow


  • This topic is locked This topic is locked
15 replies to this topic

#1 summersa

summersa

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 13 February 2014 - 12:59 PM

Hi,
I have an HP laptop and am running XP Service pack 3, default browser is Firefox which is up to date.
My computer becomes very slow when I connect and download from the internet.
When using Process Hacker and clicking on the Network Tab, I find up to a dozen Firefox entries. I am able to close most of these entries, but they then just open up immediately, repeatedly.
In addition, when using Task manager, my CPU graph will show usage of say 50%, but when I look at the processes and the cpu usage there, it cold be as low as 2%.
Your assistance would be greatly appreciated.

Regards
summers

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 13 February 2014 - 04:06 PM

Hello summersa,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 summersa

summersa
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 15 February 2014 - 10:37 AM

Hi fireman4it,

Many thanks for your prompt response andassistance.

i will endeavour to follow the instructions diligently and hopefully get it right.

 

See attched files after runing FRST.

FRST file -

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by SummersA (administrator) on SUMMERSA-LAP on 15-02-2014 03:45:04
Running from C:\Documents and Settings\SummersA\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

() C:\Program Files\8 Utils\Zentimo\ZentimoService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\windows\System32\SCardSvr.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Sierra Wireless Inc.) C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\8 Utils\Zentimo\Zentimo.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [57344 2007-05-03] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.)
Winlogon\Notify\AtiExtEvent: C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-23267018-518795612-518595180-10698\...\Run: [Zentimo xStorage Manager] - C:\Program Files\8 Utils\Zentimo\Zentimo.exe [1696080 2010-10-28] ()
HKU\S-1-5-21-23267018-518795612-518595180-10698\...\Policies\Explorer: [NoSimpleStartMenu] 1
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet
SearchScopes: HKCU - DefaultScope {1E604647-CB20-4C47-8885-D1268F26AD6B} URL = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=english
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1E604647-CB20-4C47-8885-D1268F26AD6B} URL = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=english
SearchScopes: HKCU - {5D3DF6C1-38FD-4BB0-B02D-243C358C2322} URL = http://rates.besthotelrate.info/Search.aspx?search={searchTerms}&languageCode=EN&brandId=23639&label=BHRHome-IE&src={referrer:source?}
SearchScopes: HKCU - {6FFAC7F5-378A-40D9-BFF3-B937312B7A8C} URL = http://www.ilike.com/artist/search?artist_qp={searchTerms}
SearchScopes: HKCU - {75C96338-5413-45F3-A1CF-F19875FB7CB9} URL = http://www.tripadvisor.com/Search?q={searchTerms}
SearchScopes: HKCU - {D078D3A7-9975-4E16-9911-795F6625A584} URL = https://duckduckgo.com/?q={searchTerms}
SearchScopes: HKCU - {F0F4E4E7-AE58-4416-AAB4-EC2FA05413BC} URL = http://www.foodnetwork.com/search/delegate.do?fnSearchString={searchTerms}&fnSearchType=recipe
SearchScopes: HKCU - {F4DCA57A-6313-463F-9C89-C3A986884ED1} URL = http://www.bigoven.com/private/searchrecipes.aspx?title={searchTerms}&source=IE
BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\3 Internet\FDM\iefdm2.dll ()
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\6 Security\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Homepage: hxxp://intranet/portal/site/intranet/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "autoconfig_url", "http://intranet2k.sabc.co.za/proxyconf/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\1 Aud_Vid\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\altavista.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\expediacom.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\lonely-planet-online.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\pdf-ebook-searches.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\startpage-ssl.xml
FF Extension: Click&Clean - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\clickclean@hotcleaner.com [2013-11-01]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\donottrackplus@abine.com [2014-01-06]
FF Extension: Whois Lookup & Hosting & DNS & Site Flags Firefox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\myipms@myip.ms [2014-01-06]
FF Extension: Super Start - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\superstart@enjoyfreeware.org [2014-02-10]
FF Extension: Flagfox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: EPUBReader - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-02]
FF Extension: WOT - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: ReminderFox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-02-11]
FF Extension: Jökulsárlón Download Manager - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\dlman@kairo.at.xpi [2014-02-10]
FF Extension: Startpage24 incl. Video Downloader professional - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\ffext_basicchromeext@startpage24.xpi [2013-11-04]
FF Extension: Self-Destructing Cookies - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-11-01]
FF Extension: NoTrace - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\notrace@unisa.it.xpi [2014-01-06]
FF Extension: Test Pilot - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-10-31]
FF Extension: FlashGot - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-11-01]
FF Extension: Gmail Manager - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2014-02-10]
FF Extension: Speed Dial - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-11-01]
FF Extension: Bluhell Firewall - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-10]
FF Extension: NoScript - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-31]
FF Extension: ImTranslator - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-11-01]
FF Extension: Adblock Plus - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-31]
FF Extension: Tab Mix Plus - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-31]
FF Extension: DownThemAll! - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-10]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF [2014-01-07]
FF HKLM\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files\Steganos Privacy Suite 14\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files\Steganos Privacy Suite 14\spmplugin3 [2013-11-23]

========================== Services (Whitelisted) =================

S3 !SASCORE; C:\Program Files\6 Security\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
S3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777016 2013-07-18] (Acronis)
S3 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3873784 2013-12-12] (Acronis)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-05-01] (Intel Corporation)
S3 Backupper Service; C:\Program Files\2 HDD\AO Backup\ABService.exe [29912 2013-08-26] (AOMEI Tech Co., Ltd.)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-06-19] (Cisco Systems, Inc.)
S3 EaseUS Agent; C:\Program Files\2 HDD\EASE Todo Backup\bin\Agent.exe [69192 2013-10-11] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FBAgent; C:\Program Files\5 Recovery\FTR\EFB\FBAgent.exe [73064 2013-05-15] ()
S3 FSDcSvc; C:\Program Files\2 HDD\F DC\Files\FsSvcExe.exe [344392 2013-09-22] (FarStone Inc.)
S3 Guard Agent; C:\Program Files\2 HDD\EASE Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()
S3 PSEXESVC; C:\windows\System32\PSEXESVC.EXE [61440 2014-02-05] (Sysinternals)
S2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [987136 2007-06-01] (Intel Corporation )
R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2014-01-06] (Symantec Corporation)
R3 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe [1746576 2014-01-06] (Symantec Corporation)
S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe [288656 2014-01-06] (Symantec Corporation)
S3 Steganos Volatile Disk; C:\WINDOWS\system32\STGRAMDiskHandler32.exe [349184 2010-07-08] (Softwareentwicklung Remus - ArchiCrypt)
R2 SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [292384 2006-12-04] (Sierra Wireless Inc.)
S3 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7142320 2013-10-22] (Acronis)
S3 Tran_Process_Proc; C:\Program Files\5 Recovery\FTR\EFB\DCNTranProc.exe [71024 2012-11-14] ()
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [1489688 2007-05-01] (Intel Corporation)
R2 Wuser32; C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe [251256 2007-04-13] (Microsoft Corporation)
R2 ZentimoService; C:\Program Files\8 Utils\Zentimo\ZentimoService.exe [240976 2010-10-28] ()

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [21393 2007-09-17] (Cisco Systems, Inc.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [26424 2013-05-07] ()
S3 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [129720 2013-05-07] ()
S3 ampa; C:\WINDOWS\system32\ampa.sys [10936 2011-12-26] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [14392 2013-02-06] ()
R3 ATSWPDRV; C:\windows\System32\DRIVERS\ATSwpDrv.sys [140808 2007-04-10] (AuthenTec, Inc.)
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys [1098968 2014-01-14] (Symantec Corporation)
R0 BootDefragDriver; C:\windows\System32\drivers\BootDefragDriver.sys [13504 2014-01-06] (Glarysoft Ltd)
R3 btaudio; C:\windows\System32\drivers\btaudio.sys [530861 2007-02-14] (Broadcom Corporation.)
R3 BTDriver; C:\windows\System32\DRIVERS\btport.sys [30459 2007-02-14] (Broadcom Corporation.)
R3 BTKRNL; C:\windows\System32\DRIVERS\btkrnl.sys [868298 2007-02-14] (Broadcom Corporation.)
S3 BTWDNDIS; C:\windows\System32\DRIVERS\btwdndis.sys [149123 2007-02-14] (Broadcom Corporation.)
S3 BTWUSB; C:\windows\System32\Drivers\btwusb.sys [67960 2007-02-14] (Broadcom Corporation.)
R1 ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450}; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys [134744 2013-12-04] (Symantec Corporation)
S3 CVirtA; C:\windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306299 2008-06-19] (Cisco Systems, Inc.)
R3 DNE; C:\windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 eabfiltr; C:\windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-01-27] (Symantec Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2011-03-24] ()
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-01-06] (Symantec Corporation)
R0 EUBAKUP; C:\windows\System32\drivers\eubakup.sys [52040 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\windows\System32\drivers\EUBKMON.sys [40776 2013-09-04] ()
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [14920 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [185800 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-03-24] ()
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24800 2013-04-11] ()
R3 HdAudAddService; C:\windows\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
R0 hotcore3; C:\windows\System32\drivers\hotcore3.sys [38448 2008-01-17] (Paragon Software Group)
S3 HP24X; C:\windows\System32\DRIVERS\HP24X.sys [33024 2006-10-19] (Hewlett Packard)
R3 HSFHWAZL; C:\windows\System32\DRIVERS\HSFHWAZL.sys [210816 2007-04-26] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\windows\System32\DRIVERS\HSF_DPV.sys [988032 2007-04-27] (Conexant Systems, Inc.)
R3 idisw2km; C:\windows\System32\DRIVERS\idisw2km.sys [8992 2005-11-28] (Microsoft Corporation)
R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140213.013\IDSxpx86.sys [383120 2014-01-17] (Symantec Corporation)
R3 IFXTPM; C:\windows\System32\DRIVERS\IFXTPM.SYS [36608 2007-01-23] (Infineon Technologies AG)
R3 kbstuff; C:\windows\System32\DRIVERS\kbstuff5.sys [11744 2005-11-28] (Microsoft Corporation)
R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVENG.SYS [93272 2014-02-10] (Symantec Corporation)
R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVEX15.SYS [1612376 2014-02-10] (Symantec Corporation)
S3 NETw4x32; C:\windows\System32\DRIVERS\NETw4x32.sys [2208512 2007-06-29] (Intel Corporation)
R3 NETwLx32; C:\windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
R3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2010-04-09] ()
R3 rismc32; C:\windows\System32\DRIVERS\rismc32.sys [47616 2006-12-20] (RICOH Company, Ltd.)
R1 SASDIFSV; C:\Program Files\6 Security\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\6 Security\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\windows\system32\Drivers\SCDEmu.sys [112096 2011-11-15] (Power Software Ltd)
R1 SLEE_18_DRIVER; C:\WINDOWS\system32\drivers\Sleen18.sys [91112 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2013-12-11] ()
R1 SRTSP; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS [603224 2014-01-06] (Symantec Corporation)
R1 SRTSPX; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS [32344 2014-01-06] (Symantec Corporation)
R1 STGMFEngine32; C:\WINDOWS\system32\drivers\STGMFEngine32.sys [16384 2010-07-08] (Softwareentwicklung Remus - ArchiCrypt.com)
S3 SyDvCtrl; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SyDvCtrl32.sys [28576 2014-01-06] (Symantec Corporation)
R0 SymDS; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS [367704 2014-01-06] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS [935512 2014-01-06] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2014-01-24] (Symantec Corporation)
R1 SymIRON; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS [175192 2014-01-06] (Symantec Corporation)
R1 SYMTDI; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS [396888 2014-01-06] (Symantec Corporation)
R1 SysPlant; C:\windows\System32\Drivers\SysPlant.sys [126440 2014-01-24] (Symantec Corporation)
S3 tdrpman; C:\windows\System32\DRIVERS\tdrpman.sys [889888 2013-12-12] (Acronis International GmbH)
R3 Teefer2; C:\windows\System32\DRIVERS\teefer.sys [150040 2014-01-06] (Symantec Corporation)
R0 tib; C:\windows\System32\DRIVERS\tib.sys [736192 2013-12-12] (Acronis International GmbH)
R0 tib_mounter; C:\windows\System32\DRIVERS\tib_mounter.sys [143648 2013-12-12] (Acronis International GmbH)
R0 TWZDISK; C:\windows\System32\Drivers\TWZDISK.sys [66704 2013-12-05] (Toolwiz.com)
R1 TWZFILE; C:\WINDOWS\system32\Drivers\TWZFILE.sys [33040 2013-12-05] (Toolwiz.com)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [32352 2008-01-17] (Windows ® 2000 DDK provider)
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [131456 2008-01-17] (Paragon)
S1 Uim_Vim; C:\windows\System32\Drivers\Uim_Vim.sys [283472 2012-10-31] (Paragon)
R0 vididr; C:\windows\System32\DRIVERS\vididr.sys [116000 2013-12-12] (Acronis International GmbH)
R0 vidsflt; C:\windows\System32\DRIVERS\vidsflt.sys [85280 2013-12-12] (Acronis International GmbH)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [280344 2005-01-26] (Zone Labs LLC)
R2 WinisoCDBus; C:\windows\System32\drivers\WinisoCDBus.sys [121600 2012-05-17] (WinISO.com)
R0 xssflt; C:\windows\system32\Drivers\xssflt.sys [55752 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
S3 catchme; \??\C:\DOCUME~1\SummersA\LOCALS~1\Temp\catchme.sys [X]
U2 CertPropSvc;
S4 IntelIde; No ImagePath
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-14] (Microsoft Corporation)
U1 RCHelp;
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U2 WinDefend;

========================== Drivers MD5 =======================

C:\windows\System32\DRIVERS\Accelerometer.sys 558A0039F0EF634397E1F61055504478
C:\windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\windows\System32\DRIVERS\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\windows\System32\drivers\ADIHdAud.sys AA77F63A33244FD94ED2BC66F710024D
C:\windows\System32\drivers\AEAudio.sys 358063AB6C1C4173B735525CDFA65F94
C:\windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\windows\System32\DRIVERS\AegisP.sys A1AD1A4A9F18D900CA9C93FA3EFDCB56
C:\windows\System32\DRIVERS\afcdp.sys DF139E5866C19E0B3217EF210198D875
C:\windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\windows\System32\ambakdrv.sys DEB88D6B0D7CE5FB78FC4AB88E6B0C43
C:\WINDOWS\system32\ammntdrv.sys 9059308FD5FE4317B6C489CA570567CB
C:\WINDOWS\system32\ampa.sys FE62E9711285DC2002DEF9B2BC2FB220
C:\WINDOWS\system32\amwrtdrv.sys 9D6956A382EE791013B3FE4B7206D8C7
C:\windows\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\windows\System32\DRIVERS\ati2mtag.sys E41250655174BCF82B3874BA928D9D3D
C:\windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\windows\System32\DRIVERS\ATSwpDrv.sys 293E8CC3C246A89F4CCA75B024AD757F
C:\windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\windows\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys B7150272AADDCC6F0EFDB8BEF1CD7376
C:\windows\System32\drivers\BootDefragDriver.sys 3722F97E33CACAB1D08B76ABFCCC2966
C:\windows\System32\drivers\btaudio.sys 3AA4BF555C00C5B87FD48DD7BDBD4E97
C:\windows\System32\DRIVERS\btport.sys 07F0A66CFA550B13AD0674AE09E3CBA0
C:\windows\System32\DRIVERS\btkrnl.sys BA57F31EAB93DC597D772F6F5B9ED54F
C:\windows\System32\DRIVERS\btwdndis.sys B1D350F3F13CF340FCE93912D2BA1EBF
C:\windows\System32\Drivers\btwusb.sys 57E91E9925976BBC98984EEBAAF1D84C
C:\windows\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys 0D38EFACCEE90AD18740D28D1AE765CC
C:\windows\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\windows\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\windows\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\windows\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\windows\System32\DRIVERS\CVirtA.sys B5ECADF7708960F1818C7FA015F4C239
C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 465CED77E7C4F9D71B81BA600EDAFAC1
C:\windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\windows\System32\DRIVERS\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\windows\system32\Drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\windows\System32\DRIVERS\dne2000.sys 86D52C32A308F84BBC626BFF7C1FB710
C:\windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\windows\System32\DRIVERS\e1e5132.sys ED91F1042071A36F54E7C430E130E4CD
C:\windows\System32\DRIVERS\eabfiltr.sys E88B0CFCECF745211BBA87F44F85D0DD
C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 08EE8892FD19A6A951F40254E97F6EF3
C:\WINDOWS\system32\epmntdrv.sys F07BA56B0235F15EFF8F10DC6389C42E
C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 050D136C61DBCF36C257206ADBBEC009
C:\windows\System32\drivers\eubakup.sys F8EFD04DB94B1DA2568C53A546613E43
C:\windows\System32\drivers\EUBKMON.sys 4CD0B4D145CF39F8221765952301941B
C:\WINDOWS\system32\drivers\eudskacs.sys 8D980D175E17C88AA07ECAB23E38C70D
C:\WINDOWS\system32\drivers\EuFdDisk.sys F8EF4F17D136DA000AE15333376F4CBF
C:\WINDOWS\system32\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013
C:\windows\System32\DRIVERS\ewusbnet.sys FB54F67974D13D73BE3E2F1DF042D295
C:\windows\System32\DRIVERS\ew_hwusbdev.sys 57C171EA22F0A7F068FCB0CAEDD1E8E7
c:\windows\system32\drivers\farmntio.sys F405662B88A33896D166478F0DB204E3
C:\windows\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\windows\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\windows\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\windows\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\windows\System32\DRIVERS\fltsrv.sys 25A6A4FE918BE28B75C5CD3F32A46B3C
C:\windows\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\windows\System32\DRIVERS\cpqbttn.sys DE15777902A5D9121857D155873A1D1B
C:\windows\System32\drivers\AtiHdAud.sys 56BF27D7A539F9E6BBC1DE201ABA0EDF
C:\windows\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\windows\System32\DRIVERS\HECI.sys 66FED3EEABDCE17829EDF4C68702ED22
C:\windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\windows\System32\drivers\hotcore3.sys 4BAB16AFC2B0029E09C67DAA8EC722A2
C:\windows\System32\DRIVERS\HP24X.sys 04EBEFE45B300A4EDEE5A38DC2791291
C:\windows\System32\DRIVERS\hpdskflt.sys 5953C0952E4DD2B25B9ADEF05AB0285C
C:\windows\System32\DRIVERS\HSFHWAZL.sys F2C5AAAE6403584FBC53053AF0844411
C:\windows\System32\DRIVERS\HSF_DPV.sys DAAB917EEC9849840A13353198D48CC5
C:\windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\windows\System32\DRIVERS\ew_jubusenum.sys F44461E66F1B7DD267957FE9BAA63ED0
C:\windows\System32\DRIVERS\ewusbmdm.sys F547F862B8907F1BCBD9B72A72A6449E
C:\windows\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\windows\System32\DRIVERS\iaStor.sys 997E8F5939F2D12CD9F2E6B395724C16
C:\windows\System32\DRIVERS\idisw2km.sys E9CCE03BCE0585226DA5B2AB2A3E342E
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140213.013\IDSxpx86.sys 53380A4F623C73F10DF809D273AB092B
C:\windows\System32\DRIVERS\IFXTPM.SYS 2CDF483F8FC2BF3F7B93E3BDD734CFBD
C:\windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\windows\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99
C:\windows\System32\DRIVERS\kbstuff5.sys 5CB887962A98B4E11D62858B75D87580
C:\windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\windows\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\windows\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\windows\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\windows\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\windows\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\windows\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVENG.SYS 81E928EE3751FAF725C87CC17726C05D
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVEX15.SYS E0C39FA6C76AE8ED53ABF043F35ECDFF
C:\windows\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\windows\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\windows\System32\DRIVERS\NETw4x32.sys A9574F52E2FD5C1C1B4807A326E0488F
C:\windows\System32\DRIVERS\NETwLx32.sys 72062B53186E4A3F5FCBC41EBB62B905
C:\windows\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\windows\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\windows\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\windows\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\windows\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\windows\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\windows\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\windows\System32\DRIVERS\pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\windows\System32\Drivers\pcouffin.sys 5B6C11DE7E839C05248CED8825470FEF
C:\windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\system32\CCM\prepdrv.sys 19505C4134F3181FC2203E087140C192
C:\windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\system32\pwdrvio.sys 297E2746DF41528A0950F3AF80CEDB2D
C:\WINDOWS\system32\pwdspio.sys BC7D54CDBE3BBFE52F09CB7B20C3D365
C:\windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\windows\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\windows\System32\DRIVERS\revoflt.sys 8B5B8A11306190C6963D3473F052D3C8
C:\windows\System32\DRIVERS\rimmptsk.sys 355AAC141B214BEF1DBC1483AFD9BD50
C:\windows\System32\DRIVERS\rismc32.sys 7C21554942BEF51CBD84FD7D4E62CB9A
C:\Program Files\6 Security\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\6 Security\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\windows\system32\Drivers\SCDEmu.sys 9A8925F0E6919272A768D7C42232AA3A
C:\windows\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\windows\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\system32\drivers\Sleen18.sys 7E199E1A31ADC632420D13A06346640E
C:\windows\System32\DRIVERS\snapman.sys AF0C80CBC0A2C29462F84FBF74BE59BD
C:\windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS D52D335CEF10FA933141863100226610
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS FE9BD381778A344F0E39AE2D5E607D7F
C:\windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\system32\drivers\STGMFEngine32.sys E5D761276CBF76155BEBEF33A9DA0590
C:\windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SyDvCtrl32.sys FBB45518D08A7010E804234188D8CB3F
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS 5A193E5E0F0A776430E5D62A051C1E16
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS 68762EF9ED8A8D4A07112B3E3590EA29
C:\WINDOWS\system32\Drivers\SYMEVENT.SYS E987A9CB539147527F56943BB34B7375
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS 34A34E3E3B37E36DA570489ABE7A9AE0
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS D71A2027DDDA3ACA597D98654C26EA0F
C:\windows\System32\DRIVERS\SynTP.sys 5876072999220EF2FBA1DDEC86D2B97E
C:\windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\windows\System32\Drivers\SysPlant.sys 5A9A5CE08168E6D23BED96B97E002DF9
C:\windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\windows\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\windows\System32\DRIVERS\tdrpman.sys D6755D59F40B082AD04109F34C909E04
C:\windows\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\windows\System32\DRIVERS\teefer.sys 3DDE85472A50B4D51DA59219DB4F9F2D
C:\windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\windows\System32\DRIVERS\tib.sys D8101E21C746F8234B3DB6AACC3A55BB
C:\windows\System32\DRIVERS\tib_mounter.sys 02CF2A181BC2DEF83166CFF678575185
C:\windows\System32\Drivers\TWZDISK.sys B1B8952FB9E9116B08EF71DD2FF4F41A
C:\WINDOWS\system32\Drivers\TWZFILE.sys ADE25CC20986A4615E2934A8BD4F0463
C:\windows\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\windows\System32\DRIVERS\UimBus.sys E3CFD4FCE555784869A9243A71EFCB22
C:\windows\System32\Drivers\Uim_IM.sys 5237BB4B8390325936A38B55D72C23B4
C:\windows\System32\Drivers\Uim_Vim.sys 25EB385F490E24D87D009337C12CFAAA
C:\windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\windows\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\windows\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\windows\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\windows\System32\DRIVERS\vididr.sys 32CE9263994A4C714FBA8AA5408741CD
C:\windows\System32\DRIVERS\vidsflt.sys 1DD53BB11BDAB317E065FFE429831751
C:\windows\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\system32\vsdatant.sys 27B3DD12A19EEC50220DF15B64913DDA
C:\windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\windows\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC
C:\windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\windows\System32\DRIVERS\wimmount.sys 05FB36A51E04A6C6B3A5F125FA692E6B
C:\windows\System32\DRIVERS\HSF_CNXT.sys BE3A842C2F2E87E7C840D36BCF13E8E0
C:\windows\System32\drivers\WinisoCDBus.sys 2E099C98A64F891DE47A28FB8B9455FC
C:\windows\System32\DRIVERS\wmiacpi.sys C42584FD66CE9E17403AEBCA199F7BDB
C:\windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\windows\system32\Drivers\xssflt.sys A88E94A029DF359F0147CA1AA1D08191

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 03:45 - 2014-02-15 03:45 - 00040566 _____ () C:\Documents and Settings\SummersA\Desktop\FRST.txt
2014-02-15 02:39 - 2013-12-10 13:41 - 277419827 _____ (Aimersoft Software ) C:\Documents and Settings\SummersA\Desktop\aimer-pdf-converter-pro_full1113.exe
2014-02-15 02:39 - 2013-11-12 16:50 - 29409368 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_snap_6_6.0.10_14853.exe
2014-02-15 02:39 - 2013-10-16 21:37 - 14550370 _____ () C:\Documents and Settings\SummersA\Desktop\EasyArchiveRecovery20.zip
2014-02-15 02:37 - 2014-02-14 14:04 - 01141248 _____ (Farbar) C:\Documents and Settings\SummersA\Desktop\FRST.exe
2014-02-14 15:14 - 2014-02-14 15:17 - 00023095 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:14 - 2014-02-14 15:14 - 00000165 ____H () C:\Documents and Settings\SummersA\Desktop\~$Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-13 16:29 - 2014-02-15 03:18 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\Free Download Manager
2014-02-13 16:29 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Free DL Man
2014-02-12 11:56 - 2014-02-12 11:56 - 01712640 _____ () C:\Documents and Settings\SummersA\Desktop\SABC Streams Consolidated_12 02 14_frans_as_26.mpp
2014-02-12 10:17 - 2014-02-14 14:04 - 00020558 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 12 02 14.xlsx
2014-02-12 02:27 - 2014-02-12 09:02 - 01719296 _____ () C:\Documents and Settings\SummersA\Desktop\Clean Audit 2014_12 02 14_to_1.mpp
2014-02-11 19:00 - 2003-05-21 19:18 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.tmp
2014-02-11 19:00 - 2003-05-21 19:18 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\msxml3a.tmp
2014-02-11 19:00 - 2002-12-19 22:06 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.tmp
2014-02-08 00:58 - 2014-02-08 00:58 - 00008192 _____ () C:\Documents and Settings\SummersA\Desktop\Webmail.shb
2014-02-07 09:43 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-05 15:16 - 2014-02-04 21:34 - 01243588 _____ () C:\Documents and Settings\SummersA\Desktop\ProcessExplorer OLD.zip
2014-02-05 10:39 - 2014-02-05 10:39 - 00061440 _____ (Sysinternals) C:\windows\system32\PSEXESVC.EXE
2014-02-05 09:20 - 2014-02-05 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-02-05 09:19 - 2014-02-05 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2014-02-03 12:08 - 2014-02-03 12:08 - 00002438 ___RH () C:\farstone_pe.letter
2014-02-03 10:11 - 2014-02-03 11:23 - 00001598 _____ () C:\Documents and Settings\SummersA\Desktop\System Restore.lnk
2014-01-30 17:39 - 2014-01-30 17:39 - 00030274 _____ () C:\ComboFix.txt
2014-01-30 17:07 - 2014-01-30 17:39 - 00000000 ____D () C:\DoboF-1
2014-01-30 17:07 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-01-30 17:07 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-01-30 17:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-01-30 16:45 - 2014-02-15 03:45 - 00000000 ____D () C:\FRST
2014-01-30 12:36 - 2014-01-30 12:37 - 00000000 ____D () C:\ZomboFix
2014-01-30 12:33 - 2014-01-30 17:39 - 00000000 ____D () C:\Qoobox
2014-01-30 11:01 - 2014-01-30 07:24 - 102090009 _____ () C:\Documents and Settings\SummersA\Desktop\vdf_fusebundle.zip
2014-01-29 10:45 - 2014-01-29 10:45 - 16862376 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_uninstaller_4_4.30_14540_2.exe
2014-01-28 15:35 - 2014-02-05 13:34 - 01574985 _____ () C:\Documents and Settings\SummersA\Desktop\licensecrawler(1).zip
2014-01-28 11:39 - 2014-01-28 18:17 - 215842816 _____ () C:\Documents and Settings\SummersA\Desktop\WindowsBootGeniusFull.exe
2014-01-22 15:23 - 2014-01-22 15:23 - 00000372 _____ () C:\Documents and Settings\SummersA\Desktop\2014.lnk
2014-01-21 15:44 - 2014-01-30 13:32 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\New Folder
2014-01-21 15:44 - 2014-01-21 15:44 - 00000687 _____ () C:\Documents and Settings\SummersA\Start Menu\Everything.lnk
2014-01-21 10:58 - 2014-01-06 10:38 - 00101664 _____ (Glarysoft Ltd) C:\windows\system32\BootDefrag.exe
2014-01-21 10:58 - 2014-01-06 05:28 - 00013504 _____ (Glarysoft Ltd) C:\windows\system32\Drivers\BootDefragDriver.sys
2014-01-21 09:27 - 2014-01-21 09:27 - 00000000 ____D () C:\Program Files\NetChecker
2014-01-20 03:36 - 2014-02-13 20:25 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\CA 2014
2014-01-20 03:30 - 2014-01-20 03:30 - 00000022 _____ () C:\windows\cmm.dat
2014-01-20 03:22 - 2014-01-30 17:35 - 00000000 ____D () C:\windows\erdnt
2014-01-20 03:21 - 2014-01-20 03:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-01-20 03:20 - 2014-02-15 03:36 - 00000258 _____ () C:\windows\Tasks\Clean System Memory.job
2014-01-20 03:20 - 2014-01-20 03:20 - 00000000 ____D () C:\windows\CleanMem
2014-01-20 02:42 - 2014-01-20 03:18 - 00000016 _____ () C:\InjectIntoProcess crash
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB951376-v2$
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2868626$
2014-01-19 02:20 - 2014-01-19 02:21 - 00048257 _____ () C:\windows\KB951376-v2.log
2014-01-19 02:20 - 2014-01-19 02:20 - 00000000 __HDC () C:\windows\$NtUninstallKB952954$
2014-01-19 02:19 - 2014-01-19 02:19 - 00000000 __HDC () C:\windows\$NtUninstallKB959426$
2014-01-19 02:18 - 2014-01-19 02:18 - 00047886 _____ () C:\windows\KB946648.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00000000 __HDC () C:\windows\$NtUninstallKB946648$
2014-01-19 02:17 - 2014-01-19 02:18 - 00049243 _____ () C:\windows\KB2387149.log
2014-01-19 02:17 - 2014-01-19 02:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2387149$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB960859$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2712808$
2014-01-19 02:15 - 2014-01-19 02:15 - 00044661 _____ () C:\windows\KB2659262.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2659262$
2014-01-19 02:14 - 2014-01-19 02:15 - 00044932 _____ () C:\windows\KB2564958.log
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2758857$
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2564958$
2014-01-19 02:13 - 2014-01-19 02:13 - 00000000 __HDC () C:\windows\$NtUninstallKB2544893-v2$
2014-01-19 02:12 - 2014-01-19 02:12 - 00042255 _____ () C:\windows\KB2834886.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2834886$
2014-01-19 02:11 - 2014-01-19 02:12 - 00045815 _____ () C:\windows\KB2536276-v2.log
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2585542$
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2536276-v2$
2014-01-19 02:10 - 2014-01-19 02:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2631813$
2014-01-19 02:09 - 2014-01-19 02:09 - 00043005 _____ () C:\windows\KB2296011.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2296011$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2900986$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2691442$
2014-01-19 02:07 - 2014-01-19 02:08 - 00041556 _____ () C:\windows\KB2900986.log
2014-01-19 02:07 - 2014-01-19 02:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2115168$
2014-01-19 02:06 - 2014-01-19 02:07 - 00043789 _____ () C:\windows\KB975558.log
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB975558_WM8$
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB955759$
2014-01-19 02:05 - 2014-01-19 02:06 - 00046472 _____ () C:\windows\KB955759.log
2014-01-19 02:05 - 2014-01-19 02:05 - 00000000 __HDC () C:\windows\$NtUninstallKB2847311$
2014-01-19 02:04 - 2014-01-19 02:04 - 00041609 _____ () C:\windows\KB2378111.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00000000 __HDC () C:\windows\$NtUninstallKB2378111_WM9$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB974318$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB951978$
2014-01-19 02:02 - 2014-01-19 02:02 - 00000000 __HDC () C:\windows\$NtUninstallKB969059$
2014-01-19 02:01 - 2014-01-19 02:01 - 00000000 __HDC () C:\windows\$NtUninstallKB2443105$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2802968$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2655992$
2014-01-19 01:59 - 2014-01-19 01:59 - 00042710 _____ () C:\windows\KB2229593.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00000000 __HDC () C:\windows\$NtUninstallKB2229593$
2014-01-19 01:57 - 2014-01-19 01:59 - 00053620 _____ () C:\windows\KB2898785-IE8.log
2014-01-19 01:57 - 2014-01-19 01:57 - 00000000 __HDC () C:\windows\$NtUninstallKB950974$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2898715$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2481109$
2014-01-19 01:55 - 2014-01-19 01:55 - 00000000 __HDC () C:\windows\$NtUninstallKB975713$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2686509$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2598479$
2014-01-19 01:53 - 2014-01-19 01:54 - 00035524 _____ () C:\windows\KB2686509.log
2014-01-19 01:53 - 2014-01-19 01:53 - 00000000 __HDC () C:\windows\$NtUninstallKB982132$
2014-01-19 01:52 - 2014-01-19 01:53 - 00034312 _____ () C:\windows\KB2862335.log
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB971657$
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB2862335$
2014-01-19 01:51 - 2014-01-19 01:51 - 00000000 __HDC () C:\windows\$NtUninstallKB978338$
2014-01-19 01:50 - 2014-01-19 01:51 - 00032497 _____ () C:\windows\KB954155.log
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB954155_WM9$
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB2507938$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB972270$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2780091$
2014-01-19 01:48 - 2014-01-19 01:48 - 00000000 __HDC () C:\windows\$NtUninstallKB2845187$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB974112$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB956572$
2014-01-19 01:46 - 2014-01-19 01:47 - 00042700 _____ () C:\windows\KB956572.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00029711 _____ () C:\windows\KB2904266.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00006696 _____ () C:\windows\system32\TZLog.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00000000 __HDC () C:\windows\$NtUninstallKB2904266$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2876217$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2347290$
2014-01-19 01:44 - 2014-01-19 01:44 - 00031731 _____ () C:\windows\KB956844.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB979687$
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB956844$
2014-01-19 01:43 - 2014-01-19 01:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2864063$
2014-01-19 01:42 - 2014-01-19 01:43 - 00030680 _____ () C:\windows\KB973869.log
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB975025$
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB973869$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB952004$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB2719985$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB974571$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB2862152$
2014-01-19 01:39 - 2014-01-19 01:39 - 00029377 _____ () C:\windows\KB2592799.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00000000 __HDC () C:\windows\$NtUninstallKB2592799$
2014-01-19 01:38 - 2014-01-19 01:38 - 00000000 __HDC () C:\windows\$NtUninstallKB975560$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB973507$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB2770660$
2014-01-19 01:36 - 2014-01-28 18:20 - 00000000 __HDC () C:\windows\$NtUninstallKB977816$
2014-01-19 01:36 - 2014-01-19 01:36 - 00028966 _____ () C:\windows\KB2535512.log
2014-01-19 01:36 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2535512$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB950762$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB2850869$
2014-01-19 01:34 - 2014-01-19 01:35 - 00028552 _____ () C:\windows\KB950762.log
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2876331$
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2859537$
2014-01-19 01:33 - 2014-01-19 01:33 - 00028703 _____ () C:\windows\KB2807986.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00027120 _____ () C:\windows\KB2570947.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2807986$
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2570947$
2014-01-19 01:32 - 2014-01-19 01:32 - 00027671 _____ () C:\windows\KB952287.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00024636 _____ () C:\windows\KB978695.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB978695_WM9$
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB952287$
2014-01-19 01:31 - 2014-01-19 01:31 - 00026780 _____ () C:\windows\KB2603381.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2820917$
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2603381$
2014-01-19 01:30 - 2014-01-19 01:31 - 00030574 _____ () C:\windows\KB973904.log
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB973904$
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2014-01-19 01:29 - 2014-01-21 09:20 - 00001913 _____ () C:\windows\spupdsvc.log
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB973540_WM9$
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2014-01-19 01:28 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2419632$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB974392$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2653956$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB971029$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2014-01-19 01:26 - 2014-01-19 01:26 - 00013090 _____ () C:\windows\KB2803821-v2.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2893984$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2803821-v2_WM9$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2506212$
2014-01-19 01:25 - 2014-01-19 01:25 - 00017621 _____ () C:\windows\KB952069.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB977914$
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB952069_WM9$
2014-01-19 01:24 - 2014-01-19 01:24 - 00020653 _____ () C:\windows\KB2698365.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2698365$
2014-01-19 01:23 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2619339$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB979309$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB978542$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2705219-v2$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB979482$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB978706$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2014-01-19 01:21 - 2014-01-19 01:21 - 00017019 _____ () C:\windows\KB2723135-v2.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00016243 _____ () C:\windows\KB981997.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB981997$
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2723135-v2$
2014-01-19 01:20 - 2014-01-19 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB960803$
2014-01-19 01:19 - 2014-01-19 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB973815$
2014-01-19 01:17 - 2014-01-19 01:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2014-01-19 01:15 - 2014-01-19 01:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2014-01-19 01:15 - 2014-01-19 01:15 - 00309116 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-01-19 01:15 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2676562$
2014-01-19 01:14 - 2014-01-19 01:58 - 00000000 ____D () C:\windows\ie8updates
2014-01-19 01:14 - 2014-01-19 01:14 - 00315756 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-01-19 01:14 - 2014-01-19 01:14 - 00017153 _____ () C:\windows\KB2510531-IE8.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\system32\MRT
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-01-19 01:13 - 2014-01-06 16:20 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-19 01:12 - 2014-01-19 01:12 - 00016767 _____ () C:\windows\KB923561.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB982665$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB923561$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2620712$
2014-01-19 01:11 - 2014-01-19 01:12 - 00014166 _____ () C:\windows\KB2566454.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00013807 _____ () C:\windows\KB2661637.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00011678 _____ () C:\windows\KB2914368.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2661637$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2566454$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB975467$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2584146$
2014-01-19 01:09 - 2014-01-19 02:21 - 00027292 _____ () C:\windows\updspapi.log
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB968389$
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2423089$
2014-01-19 01:08 - 2014-01-19 01:09 - 00012123 _____ () C:\windows\KB2423089.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000159 _____ () C:\windows\wiadebug.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000049 _____ () C:\windows\wiaservc.log
2014-01-16 15:44 - 2014-01-19 02:22 - 00067358 _____ () C:\windows\KB2868626.log
2014-01-16 15:44 - 2014-01-19 02:20 - 00069043 _____ () C:\windows\KB952954.log
2014-01-16 15:44 - 2014-01-19 02:19 - 00067997 _____ () C:\windows\KB959426.log
2014-01-16 15:44 - 2014-01-19 02:17 - 00068317 _____ () C:\windows\KB2712808.log
2014-01-16 15:44 - 2008-06-13 13:05 - 00272128 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-01-16 15:44 - 2008-06-13 13:05 - 00272128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\bthport.sys
2014-01-16 15:43 - 2014-01-19 02:16 - 00068536 _____ () C:\windows\KB960859.log
2014-01-16 15:43 - 2014-01-19 02:14 - 00065709 _____ () C:\windows\KB2758857.log
2014-01-16 15:43 - 2014-01-19 02:13 - 00065431 _____ () C:\windows\KB2544893-v2.log
2014-01-16 15:43 - 2014-01-19 02:11 - 00066586 _____ () C:\windows\KB2585542.log
2014-01-16 15:43 - 2014-01-19 02:10 - 00065409 _____ () C:\windows\KB2631813.log
2014-01-16 15:43 - 2014-01-19 02:09 - 00065138 _____ () C:\windows\KB2691442.log
2014-01-16 15:43 - 2014-01-19 02:05 - 00061711 _____ () C:\windows\KB2847311.log
2014-01-16 15:43 - 2014-01-19 01:56 - 00055561 _____ () C:\windows\KB2898715.log
2014-01-16 15:43 - 2013-10-29 09:57 - 11113472 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ieframe.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 02006016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\iertutil.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00743424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\iedvtool.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00630272 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msfeeds.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00522240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\jsdbgui.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00247808 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ieproxy.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00055296 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msfeedsbs.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00012800 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xpshims.dll
2014-01-16 15:42 - 2014-01-19 02:07 - 00063900 _____ () C:\windows\KB2115168.log
2014-01-16 15:42 - 2014-01-19 02:04 - 00063588 _____ () C:\windows\KB974318.log
2014-01-16 15:42 - 2014-01-19 02:03 - 00065889 _____ () C:\windows\KB951978.log
2014-01-16 15:42 - 2014-01-19 02:02 - 00061967 _____ () C:\windows\KB969059.log
2014-01-16 15:42 - 2014-01-19 02:01 - 00063761 _____ () C:\windows\KB2655992.log
2014-01-16 15:42 - 2014-01-19 02:00 - 00062854 _____ () C:\windows\KB2802968.log
2014-01-16 15:42 - 2014-01-19 01:57 - 00058705 _____ () C:\windows\KB2481109.log
2014-01-16 15:42 - 2014-01-19 01:57 - 00057556 _____ () C:\windows\KB950974.log
2014-01-16 15:42 - 2014-01-19 01:55 - 00055732 _____ () C:\windows\KB975713.log
2014-01-16 15:41 - 2014-01-19 02:01 - 00061757 _____ () C:\windows\KB2443105.log
2014-01-16 15:41 - 2014-01-19 01:55 - 00055935 _____ () C:\windows\KB2598479.log
2014-01-16 15:41 - 2014-01-19 01:53 - 00054336 _____ () C:\windows\KB982132.log
2014-01-16 15:41 - 2014-01-19 01:52 - 00054266 _____ () C:\windows\KB971657.log
2014-01-16 15:41 - 2014-01-19 01:51 - 00054897 _____ () C:\windows\KB978338.log
2014-01-16 15:41 - 2014-01-19 01:49 - 00055068 _____ () C:\windows\KB2780091.log
2014-01-16 15:41 - 2014-01-19 01:45 - 00048844 _____ () C:\windows\KB2876217.log
2014-01-16 15:41 - 2014-01-19 01:43 - 00047842 _____ () C:\windows\KB2864063.log
2014-01-16 15:41 - 2014-01-19 01:34 - 00047789 _____ () C:\windows\KB2859537.log
2014-01-16 15:41 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidparse.sys
2014-01-16 15:41 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbscan.sys
2014-01-16 15:41 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usb8023x.sys
2014-01-16 15:40 - 2014-01-19 01:50 - 00053660 _____ () C:\windows\KB2507938.log
2014-01-16 15:40 - 2014-01-19 01:48 - 00051454 _____ () C:\windows\KB2845187.log
2014-01-16 15:40 - 2014-01-19 01:40 - 00045807 _____ () C:\windows\KB2862152.log
2014-01-16 15:40 - 2014-01-19 01:35 - 00043998 _____ () C:\windows\KB2850869.log
2014-01-16 15:40 - 2014-01-19 01:32 - 00046430 _____ () C:\windows\KB2820917.log
2014-01-16 15:40 - 2014-01-19 01:30 - 00045520 _____ () C:\windows\KB2757638.log
2014-01-16 15:40 - 2014-01-19 01:30 - 00043352 _____ () C:\windows\KB2893294.log
2014-01-16 15:40 - 2014-01-19 01:27 - 00039226 _____ () C:\windows\KB2749655.log
2014-01-16 15:40 - 2014-01-19 01:26 - 00035738 _____ () C:\windows\KB2893984.log
2014-01-16 15:40 - 2014-01-19 01:24 - 00033685 _____ () C:\windows\KB2892075.log
2014-01-16 15:39 - 2014-01-19 01:48 - 00053575 _____ () C:\windows\KB974112.log
2014-01-16 15:39 - 2014-01-19 01:42 - 00048315 _____ () C:\windows\KB975025.log
2014-01-16 15:39 - 2014-01-19 01:41 - 00052393 _____ () C:\windows\KB952004.log
2014-01-16 15:39 - 2014-01-19 01:27 - 00038820 _____ () C:\windows\KB971029.log
2014-01-16 15:38 - 2014-01-19 01:44 - 00051059 _____ () C:\windows\KB979687.log
2014-01-16 15:38 - 2014-01-19 01:42 - 00048394 _____ () C:\windows\KB2719985.log
2014-01-16 15:38 - 2014-01-19 01:40 - 00046953 _____ () C:\windows\KB974571.log
2014-01-16 15:38 - 2014-01-19 01:38 - 00046520 _____ () C:\windows\KB973507.log
2014-01-16 15:38 - 2014-01-19 01:36 - 00046832 _____ () C:\windows\KB977816.log
2014-01-16 15:38 - 2014-01-19 01:29 - 00051627 _____ () C:\windows\KB2419632.log
2014-01-16 15:38 - 2014-01-19 01:28 - 00038908 _____ () C:\windows\KB974392.log
2014-01-16 15:37 - 2014-01-19 01:34 - 00043037 _____ () C:\windows\KB2876331.log
2014-01-16 15:37 - 2014-01-19 01:28 - 00038981 _____ () C:\windows\KB2653956.log
2014-01-16 15:37 - 2014-01-19 01:26 - 00037806 _____ () C:\windows\KB2506212.log
2014-01-16 15:37 - 2014-01-19 01:25 - 00039955 _____ () C:\windows\KB977914.log
2014-01-16 15:37 - 2014-01-19 01:24 - 00033980 _____ () C:\windows\KB2619339.log
2014-01-16 15:37 - 2014-01-19 01:23 - 00033148 _____ () C:\windows\KB978542.log
2014-01-16 15:36 - 2014-01-19 01:23 - 00035113 _____ () C:\windows\KB2705219-v2.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00033221 _____ () C:\windows\KB978706.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00033079 _____ () C:\windows\KB2727528.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00032928 _____ () C:\windows\KB979482.log
2014-01-16 15:36 - 2014-01-19 01:21 - 00032867 _____ () C:\windows\KB960803.log
2014-01-16 15:36 - 2014-01-19 01:20 - 00032167 _____ () C:\windows\KB973815.log
2014-01-16 15:36 - 2014-01-19 01:16 - 00033933 _____ () C:\windows\KB2813345.log
2014-01-16 15:36 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2014-01-16 15:36 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2014-01-16 15:36 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2014-01-16 15:35 - 2014-01-19 01:15 - 00039272 _____ () C:\windows\KB2676562.log
2014-01-16 15:35 - 2014-01-19 01:13 - 00030752 _____ () C:\windows\KB982665.log
2014-01-16 15:34 - 2014-01-19 01:12 - 00030112 _____ () C:\windows\KB2620712.log
2014-01-16 15:34 - 2012-01-11 21:06 - 00003072 ____N () C:\windows\system32\iacenc.dll
2014-01-16 15:34 - 2012-01-11 21:06 - 00003072 ____C () C:\windows\system32\dllcache\iacenc.dll
2014-01-16 15:33 - 2014-01-19 01:23 - 00032081 _____ () C:\windows\KB979309.log
2014-01-16 15:32 - 2014-01-19 01:11 - 00029634 _____ () C:\windows\KB2584146.log
2014-01-16 15:31 - 2014-01-19 01:10 - 00030622 _____ () C:\windows\KB975467.log
2014-01-16 15:31 - 2014-01-19 01:09 - 00033488 _____ () C:\windows\KB968389.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00787377 _____ () C:\windows\iis6.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00735763 _____ () C:\windows\FaxSetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00351764 _____ () C:\windows\ocgen.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00335556 _____ () C:\windows\tsoc.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00244253 _____ () C:\windows\comsetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00222214 _____ () C:\windows\msmqinst.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00147894 _____ () C:\windows\ntdtcsetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00128877 _____ () C:\windows\netfxocm.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00050575 _____ () C:\windows\MedCtrOC.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00040698 _____ () C:\windows\ocmsn.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00036931 _____ () C:\windows\tabletoc.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00036771 _____ () C:\windows\msgsocm.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00001374 _____ () C:\windows\imsins.log
2014-01-16 15:30 - 2014-01-19 02:21 - 00001374 _____ () C:\windows\imsins.BAK
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 __HDC () C:\windows\$NtUninstallKB898461$
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 ____D () C:\windows\system32\PreInstall
2014-01-16 15:29 - 2014-01-16 15:30 - 00019943 _____ () C:\windows\KB898461.log
2014-01-16 11:27 - 2014-01-16 11:27 - 00001892 _____ () C:\sc-cleaner.txt
2014-01-16 11:25 - 2014-02-15 03:32 - 00000480 _____ () C:\windows\Tasks\Malwarebytes Anti-Exploit.job
2014-01-16 11:25 - 2014-01-16 11:25 - 00000838 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Exploit.lnk
2014-01-16 11:25 - 2013-07-16 03:41 - 01498960 _____ (Microsoft Corporation) C:\windows\system32\msvcr100d.dll
2014-01-16 11:25 - 2013-07-16 03:41 - 00743248 _____ (Microsoft Corporation) C:\windows\system32\msvcp100d.dll

==================== One Month Modified Files and Folders =======

2014-02-15 03:45 - 2014-02-15 03:45 - 00040566 _____ () C:\Documents and Settings\SummersA\Desktop\FRST.txt
2014-02-15 03:45 - 2014-01-30 16:45 - 00000000 ____D () C:\FRST
2014-02-15 03:36 - 2014-01-20 03:20 - 00000258 _____ () C:\windows\Tasks\Clean System Memory.job
2014-02-15 03:35 - 2007-09-18 07:37 - 00000467 _____ () C:\windows\SMSCFG.ini
2014-02-15 03:35 - 2007-09-14 21:07 - 01850550 _____ () C:\windows\WindowsUpdate.log
2014-02-15 03:34 - 2014-01-15 15:44 - 00000334 _____ () C:\windows\Tasks\GlaryInitialize 4.job
2014-02-15 03:32 - 2014-01-16 11:25 - 00000480 _____ () C:\windows\Tasks\Malwarebytes Anti-Exploit.job
2014-02-15 03:32 - 2007-09-17 08:16 - 00000000 __SHD () C:\windows\CSC
2014-02-15 03:32 - 2007-09-14 21:14 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-15 03:18 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\Free Download Manager
2014-02-14 16:06 - 2007-09-17 12:21 - 00000440 _____ () C:\windows\system32\config\netlogon.ftl
2014-02-14 15:34 - 2007-09-14 13:39 - 00000000 ____D () C:\windows\security
2014-02-14 15:20 - 2014-01-14 16:55 - 00000422 _____ () C:\windows\Tasks\SyncBackFree Gus.job
2014-02-14 15:17 - 2014-02-14 15:14 - 00023095 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:14 - 2014-02-14 15:14 - 00000165 ____H () C:\Documents and Settings\SummersA\Desktop\~$Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:10 - 2014-01-14 16:53 - 00000440 _____ () C:\windows\Tasks\SyncBackFree 2014 My Docs.job
2014-02-14 14:04 - 2014-02-15 02:37 - 01141248 _____ (Farbar) C:\Documents and Settings\SummersA\Desktop\FRST.exe
2014-02-14 14:04 - 2014-02-12 10:17 - 00020558 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 12 02 14.xlsx
2014-02-14 12:06 - 2007-09-14 21:14 - 00032506 _____ () C:\windows\SchedLgU.Txt
2014-02-14 12:05 - 2013-10-31 17:31 - 00000000 ____D () C:\Program Files\8 Utils
2014-02-14 11:28 - 2007-09-18 14:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-02-14 11:25 - 2014-02-07 09:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 20:35 - 2013-10-31 09:54 - 00131072 _____ () C:\windows\system32\config\OAlerts.evt
2014-02-13 20:35 - 2013-10-29 14:26 - 02949120 _____ () C:\windows\system32\config\Symantec.evt
2014-02-13 20:34 - 2013-10-30 12:36 - 00000178 ___SH () C:\Documents and Settings\SummersA\ntuser.ini
2014-02-13 20:34 - 2013-10-30 12:35 - 00000000 ____D () C:\Documents and Settings\SummersA
2014-02-13 20:25 - 2014-01-20 03:36 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\CA 2014
2014-02-13 20:00 - 2013-11-28 17:03 - 00000510 _____ () C:\windows\Tasks\Auslogics Disk Defrag Prof Task {00000001-BF28-44E1-9E64-C2FC22645762} for SummersA.job
2014-02-13 20:00 - 2013-10-31 14:12 - 00000000 ____D () C:\windows\system32\VPCache
2014-02-13 19:17 - 2013-10-31 09:15 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\6 Security
2014-02-13 16:29 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Free DL Man
2014-02-13 16:26 - 2013-11-28 21:59 - 00000000 ____D () C:\Program Files\3 Internet
2014-02-13 16:17 - 2013-11-06 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\6 Security
2014-02-13 16:12 - 2007-09-11 09:17 - 00002206 _____ () C:\windows\system32\wpa.dbl
2014-02-12 12:16 - 2013-11-04 14:34 - 00008372 _____ () C:\windows\Q-Dir.ini
2014-02-12 11:56 - 2014-02-12 11:56 - 01712640 _____ () C:\Documents and Settings\SummersA\Desktop\SABC Streams Consolidated_12 02 14_frans_as_26.mpp
2014-02-12 09:02 - 2014-02-12 02:27 - 01719296 _____ () C:\Documents and Settings\SummersA\Desktop\Clean Audit 2014_12 02 14_to_1.mpp
2014-02-12 05:01 - 2011-01-11 03:23 - 00000187 _____ () C:\windows\system32\CleanMem.ini
2014-02-12 04:56 - 2013-11-05 19:40 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\vlc
2014-02-11 16:18 - 2013-12-05 17:33 - 00353461 _____ () C:\windows\setupapi.log
2014-02-11 14:51 - 2013-12-02 11:19 - 00000000 ____D () C:\Program Files\6 Security
2014-02-11 14:51 - 2013-10-29 15:48 - 2113249280 _____ () C:\windows\MEMORY.DMP
2014-02-11 12:13 - 2013-11-06 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\3 Internet
2014-02-10 16:17 - 2007-09-14 21:14 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-02-08 12:50 - 2013-10-31 08:53 - 00002433 _____ () C:\Documents and Settings\SummersA\Desktop\VPN Client.lnk
2014-02-08 00:58 - 2014-02-08 00:58 - 00008192 _____ () C:\Documents and Settings\SummersA\Desktop\Webmail.shb
2014-02-07 14:41 - 2013-10-31 13:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-06 15:00 - 2013-11-07 18:56 - 00000440 _____ () C:\windows\Tasks\SyncBackFree 2013 My Docs.job
2014-02-06 14:04 - 2007-09-18 14:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-02-06 14:02 - 2013-10-29 13:40 - 00002315 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-02-05 15:58 - 2013-10-29 15:11 - 00000000 ____D () C:\Angus Summers
2014-02-05 13:39 - 2013-10-31 09:15 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\8 Utils
2014-02-05 13:38 - 2013-10-31 09:09 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Esot
2014-02-05 13:34 - 2014-01-28 15:35 - 01574985 _____ () C:\Documents and Settings\SummersA\Desktop\licensecrawler(1).zip
2014-02-05 10:39 - 2014-02-05 10:39 - 00061440 _____ (Sysinternals) C:\windows\system32\PSEXESVC.EXE
2014-02-05 09:20 - 2014-02-05 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-02-05 09:19 - 2014-02-05 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2014-02-04 21:34 - 2014-02-05 15:16 - 01243588 _____ () C:\Documents and Settings\SummersA\Desktop\ProcessExplorer OLD.zip
2014-02-03 12:08 - 2014-02-03 12:08 - 00002438 ___RH () C:\farstone_pe.letter
2014-02-03 12:08 - 2013-12-08 19:26 - 00000106 _____ () C:\boot.ini
2014-02-03 11:23 - 2014-02-03 10:11 - 00001598 _____ () C:\Documents and Settings\SummersA\Desktop\System Restore.lnk
2014-01-31 16:23 - 2007-09-14 13:47 - 00477368 _____ () C:\windows\system32\PerfStringBackup.INI
2014-01-30 17:39 - 2014-01-30 17:39 - 00030274 _____ () C:\ComboFix.txt
2014-01-30 17:39 - 2014-01-30 17:07 - 00000000 ____D () C:\DoboF-1
2014-01-30 17:39 - 2014-01-30 12:33 - 00000000 ____D () C:\Qoobox
2014-01-30 17:35 - 2014-01-20 03:22 - 00000000 ____D () C:\windows\erdnt
2014-01-30 17:34 - 2007-09-11 09:17 - 00000227 _____ () C:\windows\system.ini
2014-01-30 16:47 - 2013-12-05 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Startup (Disabled by AnVir)
2014-01-30 13:32 - 2014-01-21 15:44 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\New Folder
2014-01-30 12:37 - 2014-01-30 12:36 - 00000000 ____D () C:\ZomboFix
2014-01-30 07:24 - 2014-01-30 11:01 - 102090009 _____ () C:\Documents and Settings\SummersA\Desktop\vdf_fusebundle.zip
2014-01-29 17:19 - 2013-11-04 14:35 - 00001433 _____ () C:\Documents and Settings\SummersA\Start Menu\Q-Dir.lnk
2014-01-29 17:17 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\5 Recover
2014-01-29 10:45 - 2014-01-29 10:45 - 16862376 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_uninstaller_4_4.30_14540_2.exe
2014-01-29 09:01 - 2013-12-05 17:32 - 00000000 ____D () C:\Documents and Settings\All Users\GlarySoft
2014-01-28 18:20 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB977816$
2014-01-28 18:17 - 2014-01-28 11:39 - 215842816 _____ () C:\Documents and Settings\SummersA\Desktop\WindowsBootGeniusFull.exe
2014-01-28 11:15 - 2013-12-31 00:50 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Photo Supp
2014-01-24 10:22 - 2013-10-29 14:25 - 00142936 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT.SYS
2014-01-24 10:22 - 2013-10-29 14:25 - 00008194 _____ () C:\windows\system32\Drivers\SYMEVENT.CAT
2014-01-24 10:22 - 2013-10-29 14:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Symantec Endpoint Protection
2014-01-24 10:21 - 2013-10-29 14:25 - 00420752 _____ (Symantec Corporation) C:\windows\system32\SymVPN.dll
2014-01-24 10:21 - 2013-10-29 14:25 - 00136080 _____ (Symantec Corporation) C:\windows\system32\FwsVpn.dll
2014-01-24 10:21 - 2013-10-29 14:25 - 00126440 _____ (Symantec Corporation) C:\windows\system32\Drivers\SysPlant.sys
2014-01-24 10:21 - 2013-10-29 14:25 - 00033264 _____ (Symantec Corporation) C:\windows\system32\Drivers\WGX.SYS
2014-01-24 10:08 - 2013-10-29 13:31 - 00000000 ____D () C:\windows\system32\appmgmt
2014-01-22 16:00 - 2013-11-14 13:40 - 00000000 ____D () C:\windows\Minidump
2014-01-22 15:23 - 2014-01-22 15:23 - 00000372 _____ () C:\Documents and Settings\SummersA\Desktop\2014.lnk
2014-01-22 14:31 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\3 Internet
2014-01-22 14:14 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\1 Aud_Vid
2014-01-22 13:52 - 2014-01-13 10:42 - 00000000 ____D () C:\Documents and Settings\SummersA\Start Menu\Programs\3 Internet
2014-01-22 13:52 - 2013-12-04 11:41 - 00000000 ____D () C:\Documents and Settings\SummersA\Start Menu\Programs\6 Security
2014-01-22 13:52 - 2013-11-06 16:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\1 Aud_Vid
2014-01-22 09:31 - 2013-12-10 12:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CDRWIN 10
2014-01-22 09:25 - 2013-11-06 09:55 - 00000000 ____D () C:\Documents and Settings\SummersA\Local Settings\Application Data\privazer
2014-01-21 15:44 - 2014-01-21 15:44 - 00000687 _____ () C:\Documents and Settings\SummersA\Start Menu\Everything.lnk
2014-01-21 09:27 - 2014-01-21 09:27 - 00000000 ____D () C:\Program Files\NetChecker
2014-01-21 09:26 - 2013-12-10 12:01 - 00047024 _____ () C:\windows\wmsetup.log
2014-01-21 09:26 - 2007-09-14 21:08 - 00316640 _____ () C:\windows\WMSysPr9.prx
2014-01-21 09:20 - 2014-01-19 01:29 - 00001913 _____ () C:\windows\spupdsvc.log
2014-01-21 09:18 - 2013-11-07 08:31 - 00267008 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-20 05:37 - 2007-09-17 08:52 - 00000000 ____D () C:\windows\system32\NtmsData
2014-01-20 05:15 - 2013-10-30 12:36 - 00064512 _____ () C:\Documents and Settings\SummersA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-20 04:16 - 2013-12-07 08:10 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Factory
2014-01-20 03:30 - 2014-01-20 03:30 - 00000022 _____ () C:\windows\cmm.dat
2014-01-20 03:21 - 2014-01-20 03:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-01-20 03:20 - 2014-01-20 03:20 - 00000000 ____D () C:\windows\CleanMem
2014-01-20 03:18 - 2014-01-20 02:42 - 00000016 _____ () C:\InjectIntoProcess crash
2014-01-19 02:22 - 2014-01-16 15:44 - 00067358 _____ () C:\windows\KB2868626.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00787377 _____ () C:\windows\iis6.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00735763 _____ () C:\windows\FaxSetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00351764 _____ () C:\windows\ocgen.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00335556 _____ () C:\windows\tsoc.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00244253 _____ () C:\windows\comsetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00222214 _____ () C:\windows\msmqinst.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00147894 _____ () C:\windows\ntdtcsetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00128877 _____ () C:\windows\netfxocm.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00050575 _____ () C:\windows\MedCtrOC.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00040698 _____ () C:\windows\ocmsn.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00036931 _____ () C:\windows\tabletoc.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00036771 _____ () C:\windows\msgsocm.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00001374 _____ () C:\windows\imsins.log
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB951376-v2$
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2868626$
2014-01-19 02:21 - 2014-01-19 02:20 - 00048257 _____ () C:\windows\KB951376-v2.log
2014-01-19 02:21 - 2014-01-19 01:09 - 00027292 _____ () C:\windows\updspapi.log
2014-01-19 02:21 - 2014-01-16 15:30 - 00001374 _____ () C:\windows\imsins.BAK
2014-01-19 02:20 - 2014-01-19 02:20 - 00000000 __HDC () C:\windows\$NtUninstallKB952954$
2014-01-19 02:20 - 2014-01-16 15:44 - 00069043 _____ () C:\windows\KB952954.log
2014-01-19 02:20 - 2013-10-29 14:54 - 00000000 ___HD () C:\windows\$hf_mig$
2014-01-19 02:19 - 2014-01-19 02:19 - 00000000 __HDC () C:\windows\$NtUninstallKB959426$
2014-01-19 02:19 - 2014-01-16 15:44 - 00067997 _____ () C:\windows\KB959426.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00047886 _____ () C:\windows\KB946648.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00000000 __HDC () C:\windows\$NtUninstallKB946648$
2014-01-19 02:18 - 2014-01-19 02:17 - 00049243 _____ () C:\windows\KB2387149.log
2014-01-19 02:18 - 2007-09-14 21:05 - 00000000 ____D () C:\Program Files\Messenger
2014-01-19 02:17 - 2014-01-19 02:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2387149$
2014-01-19 02:17 - 2014-01-16 15:44 - 00068317 _____ () C:\windows\KB2712808.log
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB960859$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2712808$
2014-01-19 02:16 - 2014-01-16 15:43 - 00068536 _____ () C:\windows\KB960859.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00044661 _____ () C:\windows\KB2659262.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2659262$
2014-01-19 02:15 - 2014-01-19 02:14 - 00044932 _____ () C:\windows\KB2564958.log
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2758857$
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2564958$
2014-01-19 02:14 - 2014-01-16 15:43 - 00065709 _____ () C:\windows\KB2758857.log
2014-01-19 02:13 - 2014-01-19 02:13 - 00000000 __HDC () C:\windows\$NtUninstallKB2544893-v2$
2014-01-19 02:13 - 2014-01-16 15:43 - 00065431 _____ () C:\windows\KB2544893-v2.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00042255 _____ () C:\windows\KB2834886.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2834886$
2014-01-19 02:12 - 2014-01-19 02:11 - 00045815 _____ () C:\windows\KB2536276-v2.log
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2585542$
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2536276-v2$
2014-01-19 02:11 - 2014-01-16 15:43 - 00066586 _____ () C:\windows\KB2585542.log
2014-01-19 02:10 - 2014-01-19 02:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2631813$
2014-01-19 02:10 - 2014-01-16 15:43 - 00065409 _____ () C:\windows\KB2631813.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00043005 _____ () C:\windows\KB2296011.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2296011$
2014-01-19 02:09 - 2014-01-16 15:43 - 00065138 _____ () C:\windows\KB2691442.log
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2900986$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2691442$
2014-01-19 02:08 - 2014-01-19 02:07 - 00041556 _____ () C:\windows\KB2900986.log
2014-01-19 02:07 - 2014-01-19 02:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2115168$
2014-01-19 02:07 - 2014-01-19 02:06 - 00043789 _____ () C:\windows\KB975558.log
2014-01-19 02:07 - 2014-01-16 15:42 - 00063900 _____ () C:\windows\KB2115168.log
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB975558_WM8$
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB955759$
2014-01-19 02:06 - 2014-01-19 02:05 - 00046472 _____ () C:\windows\KB955759.log
2014-01-19 02:05 - 2014-01-19 02:05 - 00000000 __HDC () C:\windows\$NtUninstallKB2847311$
2014-01-19 02:05 - 2014-01-16 15:43 - 00061711 _____ () C:\windows\KB2847311.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00041609 _____ () C:\windows\KB2378111.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00000000 __HDC () C:\windows\$NtUninstallKB2378111_WM9$
2014-01-19 02:04 - 2014-01-16 15:42 - 00063588 _____ () C:\windows\KB974318.log
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB974318$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB951978$
2014-01-19 02:03 - 2014-01-16 15:42 - 00065889 _____ () C:\windows\KB951978.log
2014-01-19 02:02 - 2014-01-19 02:02 - 00000000 __HDC () C:\windows\$NtUninstallKB969059$
2014-01-19 02:02 - 2014-01-16 15:42 - 00061967 _____ () C:\windows\KB969059.log
2014-01-19 02:01 - 2014-01-19 02:01 - 00000000 __HDC () C:\windows\$NtUninstallKB2443105$
2014-01-19 02:01 - 2014-01-16 15:42 - 00063761 _____ () C:\windows\KB2655992.log
2014-01-19 02:01 - 2014-01-16 15:41 - 00061757 _____ () C:\windows\KB2443105.log
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2802968$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2655992$
2014-01-19 02:00 - 2014-01-16 15:42 - 00062854 _____ () C:\windows\KB2802968.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00042710 _____ () C:\windows\KB2229593.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00000000 __HDC () C:\windows\$NtUninstallKB2229593$
2014-01-19 01:59 - 2014-01-19 01:57 - 00053620 _____ () C:\windows\KB2898785-IE8.log
2014-01-19 01:58 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\ie8updates
2014-01-19 01:57 - 2014-01-19 01:57 - 00000000 __HDC () C:\windows\$NtUninstallKB950974$
2014-01-19 01:57 - 2014-01-16 15:42 - 00058705 _____ () C:\windows\KB2481109.log
2014-01-19 01:57 - 2014-01-16 15:42 - 00057556 _____ () C:\windows\KB950974.log
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2898715$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2481109$
2014-01-19 01:56 - 2014-01-16 15:43 - 00055561 _____ () C:\windows\KB2898715.log
2014-01-19 01:55 - 2014-01-19 01:55 - 00000000 __HDC () C:\windows\$NtUninstallKB975713$
2014-01-19 01:55 - 2014-01-16 15:42 - 00055732 _____ () C:\windows\KB975713.log
2014-01-19 01:55 - 2014-01-16 15:41 - 00055935 _____ () C:\windows\KB2598479.log
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2686509$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2598479$
2014-01-19 01:54 - 2014-01-19 01:53 - 00035524 _____ () C:\windows\KB2686509.log
2014-01-19 01:53 - 2014-01-19 01:53 - 00000000 __HDC () C:\windows\$NtUninstallKB982132$
2014-01-19 01:53 - 2014-01-19 01:52 - 00034312 _____ () C:\windows\KB2862335.log
2014-01-19 01:53 - 2014-01-16 15:41 - 00054336 _____ () C:\windows\KB982132.log
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB971657$
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB2862335$
2014-01-19 01:52 - 2014-01-16 15:41 - 00054266 _____ () C:\windows\KB971657.log
2014-01-19 01:51 - 2014-01-19 01:51 - 00000000 __HDC () C:\windows\$NtUninstallKB978338$
2014-01-19 01:51 - 2014-01-19 01:50 - 00032497 _____ () C:\windows\KB954155.log
2014-01-19 01:51 - 2014-01-16 15:41 - 00054897 _____ () C:\windows\KB978338.log
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB954155_WM9$
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB2507938$
2014-01-19 01:50 - 2014-01-16 15:40 - 00053660 _____ () C:\windows\KB2507938.log
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB972270$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2780091$
2014-01-19 01:49 - 2014-01-16 15:41 - 00055068 _____ () C:\windows\KB2780091.log
2014-01-19 01:48 - 2014-01-19 01:48 - 00000000 __HDC () C:\windows\$NtUninstallKB2845187$
2014-01-19 01:48 - 2014-01-16 15:40 - 00051454 _____ () C:\windows\KB2845187.log
2014-01-19 01:48 - 2014-01-16 15:39 - 00053575 _____ () C:\windows\KB974112.log
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB974112$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB956572$
2014-01-19 01:47 - 2014-01-19 01:46 - 00042700 _____ () C:\windows\KB956572.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00029711 _____ () C:\windows\KB2904266.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00006696 _____ () C:\windows\system32\TZLog.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00000000 __HDC () C:\windows\$NtUninstallKB2904266$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2876217$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2347290$
2014-01-19 01:45 - 2014-01-16 15:41 - 00048844 _____ () C:\windows\KB2876217.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00031731 _____ () C:\windows\KB956844.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB979687$
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB956844$
2014-01-19 01:44 - 2014-01-16 15:38 - 00051059 _____ () C:\windows\KB979687.log
2014-01-19 01:43 - 2014-01-19 01:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2864063$
2014-01-19 01:43 - 2014-01-19 01:42 - 00030680 _____ () C:\windows\KB973869.log
2014-01-19 01:43 - 2014-01-16 15:41 - 00047842 _____ () C:\windows\KB2864063.log
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB975025$
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB973869$
2014-01-19 01:42 - 2014-01-16 15:39 - 00048315 _____ () C:\windows\KB975025.log
2014-01-19 01:42 - 2014-01-16 15:38 - 00048394 _____ () C:\windows\KB2719985.log
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB952004$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB2719985$
2014-01-19 01:41 - 2014-01-16 15:39 - 00052393 _____ () C:\windows\KB952004.log
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB974571$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB2862152$
2014-01-19 01:40 - 2014-01-16 15:40 - 00045807 _____ () C:\windows\KB2862152.log
2014-01-19 01:40 - 2014-01-16 15:38 - 00046953 _____ () C:\windows\KB974571.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00029377 _____ () C:\windows\KB2592799.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00000000 __HDC () C:\windows\$NtUninstallKB2592799$
2014-01-19 01:38 - 2014-01-19 01:38 - 00000000 __HDC () C:\windows\$NtUninstallKB975560$
2014-01-19 01:38 - 2014-01-16 15:38 - 00046520 _____ () C:\windows\KB973507.log
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB973507$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB2770660$
2014-01-19 01:36 - 2014-01-19 01:36 - 00028966 _____ () C:\windows\KB2535512.log
2014-01-19 01:36 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2535512$
2014-01-19 01:36 - 2014-01-16 15:38 - 00046832 _____ () C:\windows\KB977816.log
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB950762$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB2850869$
2014-01-19 01:35 - 2014-01-19 01:34 - 00028552 _____ () C:\windows\KB950762.log
2014-01-19 01:35 - 2014-01-16 15:40 - 00043998 _____ () C:\windows\KB2850869.log
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2876331$
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2859537$
2014-01-19 01:34 - 2014-01-16 15:41 - 00047789 _____ () C:\windows\KB2859537.log
2014-01-19 01:34 - 2014-01-16 15:37 - 00043037 _____ () C:\windows\KB2876331.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00028703 _____ () C:\windows\KB2807986.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00027120 _____ () C:\windows\KB2570947.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2807986$
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2570947$
2014-01-19 01:32 - 2014-01-19 01:32 - 00027671 _____ () C:\windows\KB952287.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00024636 _____ () C:\windows\KB978695.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB978695_WM9$
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB952287$
2014-01-19 01:32 - 2014-01-16 15:40 - 00046430 _____ () C:\windows\KB2820917.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00026780 _____ () C:\windows\KB2603381.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2820917$
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2603381$
2014-01-19 01:31 - 2014-01-19 01:30 - 00030574 _____ () C:\windows\KB973904.log
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB973904$
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2014-01-19 01:30 - 2014-01-16 15:40 - 00045520 _____ () C:\windows\KB2757638.log
2014-01-19 01:30 - 2014-01-16 15:40 - 00043352 _____ () C:\windows\KB2893294.log
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB973540_WM9$
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2014-01-19 01:29 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2419632$
2014-01-19 01:29 - 2014-01-16 15:38 - 00051627 _____ () C:\windows\KB2419632.log
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB974392$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2653956$
2014-01-19 01:28 - 2014-01-16 15:38 - 00038908 _____ () C:\windows\KB974392.log
2014-01-19 01:28 - 2014-01-16 15:37 - 00038981 _____ () C:\windows\KB2653956.log
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB971029$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2014-01-19 01:27 - 2014-01-16 15:40 - 00039226 _____ () C:\windows\KB2749655.log
2014-01-19 01:27 - 2014-01-16 15:39 - 00038820 _____ () C:\windows\KB971029.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00013090 _____ () C:\windows\KB2803821-v2.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2893984$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2803821-v2_WM9$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2506212$
2014-01-19 01:26 - 2014-01-16 15:40 - 00035738 _____ () C:\windows\KB2893984.log
2014-01-19 01:26 - 2014-01-16 15:37 - 00037806 _____ () C:\windows\KB2506212.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00017621 _____ () C:\windows\KB952069.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB977914$
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB952069_WM9$
2014-01-19 01:25 - 2014-01-16 15:37 - 00039955 _____ () C:\windows\KB977914.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00020653 _____ () C:\windows\KB2698365.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2698365$
2014-01-19 01:24 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2619339$
2014-01-19 01:24 - 2014-01-16 15:40 - 00033685 _____ () C:\windows\KB2892075.log
2014-01-19 01:24 - 2014-01-16 15:37 - 00033980 _____ () C:\windows\KB2619339.log
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB979309$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB978542$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2705219-v2$
2014-01-19 01:23 - 2014-01-16 15:37 - 00033148 _____ () C:\windows\KB978542.log
2014-01-19 01:23 - 2014-01-16 15:36 - 00035113 _____ () C:\windows\KB2705219-v2.log
2014-01-19 01:23 - 2014-01-16 15:33 - 00032081 _____ () C:\windows\KB979309.log
2014-01-19 01:23 - 2007-09-14 21:06 - 00000000 ____D () C:\Program Files\Outlook Express
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB979482$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB978706$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2014-01-19 01:22 - 2014-01-16 15:36 - 00033221 _____ () C:\windows\KB978706.log
2014-01-19 01:22 - 2014-01-16 15:36 - 00033079 _____ () C:\windows\KB2727528.log
2014-01-19 01:22 - 2014-01-16 15:36 - 00032928 _____ () C:\windows\KB979482.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00017019 _____ () C:\windows\KB2723135-v2.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00016243 _____ () C:\windows\KB981997.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB981997$
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2723135-v2$
2014-01-19 01:21 - 2014-01-16 15:36 - 00032867 _____ () C:\windows\KB960803.log
2014-01-19 01:21 - 2007-09-14 21:06 - 00000000 ____D () C:\Program Files\Movie Maker
2014-01-19 01:20 - 2014-01-19 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB960803$
2014-01-19 01:20 - 2014-01-16 15:36 - 00032167 _____ () C:\windows\KB973815.log
2014-01-19 01:20 - 2007-09-14 21:05 - 00000000 ____D () C:\windows\Registration
2014-01-19 01:19 - 2014-01-19 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB973815$
2014-01-19 01:17 - 2014-01-19 01:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2014-01-19 01:16 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2014-01-19 01:16 - 2014-01-16 15:36 - 00033933 _____ () C:\windows\KB2813345.log
2014-01-19 01:15 - 2014-01-19 01:15 - 00309116 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-01-19 01:15 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2676562$
2014-01-19 01:15 - 2014-01-16 15:35 - 00039272 _____ () C:\windows\KB2676562.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00315756 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-01-19 01:14 - 2014-01-19 01:14 - 00017153 _____ () C:\windows\KB2510531-IE8.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\system32\MRT
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-01-19 01:13 - 2014-01-16 15:35 - 00030752 _____ () C:\windows\KB982665.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00016767 _____ () C:\windows\KB923561.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB982665$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB923561$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2620712$
2014-01-19 01:12 - 2014-01-19 01:11 - 00014166 _____ () C:\windows\KB2566454.log
2014-01-19 01:12 - 2014-01-16 15:34 - 00030112 _____ () C:\windows\KB2620712.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00013807 _____ () C:\windows\KB2661637.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00011678 _____ () C:\windows\KB2914368.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2661637$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2566454$
2014-01-19 01:11 - 2014-01-16 15:32 - 00029634 _____ () C:\windows\KB2584146.log
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB975467$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2584146$
2014-01-19 01:10 - 2014-01-16 15:31 - 00030622 _____ () C:\windows\KB975467.log
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB968389$
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2423089$
2014-01-19 01:09 - 2014-01-19 01:08 - 00012123 _____ () C:\windows\KB2423089.log
2014-01-19 01:09 - 2014-01-16 15:31 - 00033488 _____ () C:\windows\KB968389.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000159 _____ () C:\windows\wiadebug.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000049 _____ () C:\windows\wiaservc.log
2014-01-17 07:20 - 2013-10-30 12:36 - 00000000 ____D () C:\Documents and Settings\SummersA\Local Settings\Application Data\Adobe
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 __HDC () C:\windows\$NtUninstallKB898461$
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 ____D () C:\windows\system32\PreInstall
2014-01-16 15:30 - 2014-01-16 15:29 - 00019943 _____ () C:\windows\KB898461.log
2014-01-16 15:14 - 2013-11-05 11:45 - 00000000 ___HD () C:\windows\PIF
2014-01-16 11:27 - 2014-01-16 11:27 - 00001892 _____ () C:\sc-cleaner.txt
2014-01-16 11:25 - 2014-01-16 11:25 - 00000838 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Exploit.lnk
2014-01-16 11:06 - 2013-11-06 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7 Tweak
2014-01-16 10:53 - 2013-10-29 13:38 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-01-16 10:53 - 2013-10-29 13:38 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\SummersA\Local Settings\temp\avgnt.exe
C:\Documents and Settings\SummersA\Local Settings\temp\ntdll_dump.dll
C:\Documents and Settings\SummersA\Local Settings\temp\Offercast_AVIRAV7_.exe


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

Post is coming up as too long.  Will be sending it FRST Addition in the next post.



#4 summersa

summersa
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 15 February 2014 - 10:38 AM

Here is the Second file.

 

FRST Addition file -

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by SummersA (administrator) on SUMMERSA-LAP on 15-02-2014 03:45:04
Running from C:\Documents and Settings\SummersA\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

() C:\Program Files\8 Utils\Zentimo\ZentimoService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\windows\System32\SCardSvr.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
() C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(Intel Corporation) C:\Program Files\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe
(Microsoft Corporation) C:\WINDOWS\system32\CCM\CcmExec.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Sierra Wireless Inc.) C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
() C:\Program Files\8 Utils\Zentimo\Zentimo.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [57344 2007-05-03] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448 2007-01-05] (Analog Devices, Inc.)
Winlogon\Notify\AtiExtEvent: C:\windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-23267018-518795612-518595180-10698\...\Run: [Zentimo xStorage Manager] - C:\Program Files\8 Utils\Zentimo\Zentimo.exe [1696080 2010-10-28] ()
HKU\S-1-5-21-23267018-518795612-518595180-10698\...\Policies\Explorer: [NoSimpleStartMenu] 1
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranet
SearchScopes: HKCU - DefaultScope {1E604647-CB20-4C47-8885-D1268F26AD6B} URL = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=english
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1E604647-CB20-4C47-8885-D1268F26AD6B} URL = https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=english
SearchScopes: HKCU - {5D3DF6C1-38FD-4BB0-B02D-243C358C2322} URL = http://rates.besthotelrate.info/Search.aspx?search={searchTerms}&languageCode=EN&brandId=23639&label=BHRHome-IE&src={referrer:source?}
SearchScopes: HKCU - {6FFAC7F5-378A-40D9-BFF3-B937312B7A8C} URL = http://www.ilike.com/artist/search?artist_qp={searchTerms}
SearchScopes: HKCU - {75C96338-5413-45F3-A1CF-F19875FB7CB9} URL = http://www.tripadvisor.com/Search?q={searchTerms}
SearchScopes: HKCU - {D078D3A7-9975-4E16-9911-795F6625A584} URL = https://duckduckgo.com/?q={searchTerms}
SearchScopes: HKCU - {F0F4E4E7-AE58-4416-AAB4-EC2FA05413BC} URL = http://www.foodnetwork.com/search/delegate.do?fnSearchString={searchTerms}&fnSearchType=recipe
SearchScopes: HKCU - {F4DCA57A-6313-463F-9C89-C3A986884ED1} URL = http://www.bigoven.com/private/searchrecipes.aspx?title={searchTerms}&source=IE
BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\3 Internet\FDM\iefdm2.dll ()
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\6 Security\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Homepage: hxxp://intranet/portal/site/intranet/
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "autoconfig_url", "http://intranet2k.sabc.co.za/proxyconf/proxy.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.3 - C:\Program Files\1 Aud_Vid\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\altavista.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\expediacom.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\lonely-planet-online.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\pdf-ebook-searches.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\startpage-https.xml
FF SearchPlugin: C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\searchplugins\startpage-ssl.xml
FF Extension: Click&Clean - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\clickclean@hotcleaner.com [2013-11-01]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\donottrackplus@abine.com [2014-01-06]
FF Extension: Whois Lookup & Hosting & DNS & Site Flags Firefox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\myipms@myip.ms [2014-01-06]
FF Extension: Super Start - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\superstart@enjoyfreeware.org [2014-02-10]
FF Extension: Flagfox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: EPUBReader - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-02]
FF Extension: WOT - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: ReminderFox - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-02-11]
FF Extension: Jökulsárlón Download Manager - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\dlman@kairo.at.xpi [2014-02-10]
FF Extension: Startpage24 incl. Video Downloader professional - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\ffext_basicchromeext@startpage24.xpi [2013-11-04]
FF Extension: Self-Destructing Cookies - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-11-01]
FF Extension: NoTrace - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\notrace@unisa.it.xpi [2014-01-06]
FF Extension: Test Pilot - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-10-31]
FF Extension: FlashGot - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-11-01]
FF Extension: Gmail Manager - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi [2014-02-10]
FF Extension: Speed Dial - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-11-01]
FF Extension: Bluhell Firewall - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2013-12-10]
FF Extension: NoScript - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-31]
FF Extension: ImTranslator - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2013-11-01]
FF Extension: Adblock Plus - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-31]
FF Extension: Tab Mix Plus - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-31]
FF Extension: DownThemAll! - C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-10]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF [2014-01-07]
FF HKLM\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files\Steganos Privacy Suite 14\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files\Steganos Privacy Suite 14\spmplugin3 [2013-11-23]

========================== Services (Whitelisted) =================

S3 !SASCORE; C:\Program Files\6 Security\SASCORE.EXE [120088 2013-10-11] (SUPERAntiSpyware.com)
S3 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [777016 2013-07-18] (Acronis)
S3 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3873784 2013-12-12] (Acronis)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-05-01] (Intel Corporation)
S3 Backupper Service; C:\Program Files\2 HDD\AO Backup\ABService.exe [29912 2013-08-26] (AOMEI Tech Co., Ltd.)
R2 CcmExec; C:\WINDOWS\system32\CCM\CcmExec.exe [590712 2007-04-13] (Microsoft Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-06-19] (Cisco Systems, Inc.)
S3 EaseUS Agent; C:\Program Files\2 HDD\EASE Todo Backup\bin\Agent.exe [69192 2013-10-11] (CHENGDU YIWO Tech Development Co., Ltd)
S3 FBAgent; C:\Program Files\5 Recovery\FTR\EFB\FBAgent.exe [73064 2013-05-15] ()
S3 FSDcSvc; C:\Program Files\2 HDD\F DC\Files\FsSvcExe.exe [344392 2013-09-22] (FarStone Inc.)
S3 Guard Agent; C:\Program Files\2 HDD\EASE Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R2 HWDeviceService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe [264704 2010-11-16] ()
S3 PSEXESVC; C:\windows\System32\PSEXESVC.EXE [61440 2014-02-05] (Sysinternals)
S2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [987136 2007-06-01] (Intel Corporation )
R2 SepMasterService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2014-01-06] (Symantec Corporation)
R3 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\Smc.exe [1746576 2014-01-06] (Symantec Corporation)
S3 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\snac.exe [288656 2014-01-06] (Symantec Corporation)
S3 Steganos Volatile Disk; C:\WINDOWS\system32\STGRAMDiskHandler32.exe [349184 2010-07-08] (Softwareentwicklung Remus - ArchiCrypt)
R2 SWIHPWMI; C:\Program Files\HPQ\Shared\Sierra Wireless\Win32\Unicode\SWIHPWMI.exe [292384 2006-12-04] (Sierra Wireless Inc.)
S3 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7142320 2013-10-22] (Acronis)
S3 Tran_Process_Proc; C:\Program Files\5 Recovery\FTR\EFB\DCNTranProc.exe [71024 2012-11-14] ()
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [1489688 2007-05-01] (Intel Corporation)
R2 Wuser32; C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe [251256 2007-04-13] (Microsoft Corporation)
R2 ZentimoService; C:\Program Files\8 Utils\Zentimo\ZentimoService.exe [240976 2010-10-28] ()

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [21393 2007-09-17] (Cisco Systems, Inc.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [26424 2013-05-07] ()
S3 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [129720 2013-05-07] ()
S3 ampa; C:\WINDOWS\system32\ampa.sys [10936 2011-12-26] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [14392 2013-02-06] ()
R3 ATSWPDRV; C:\windows\System32\DRIVERS\ATSwpDrv.sys [140808 2007-04-10] (AuthenTec, Inc.)
R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys [1098968 2014-01-14] (Symantec Corporation)
R0 BootDefragDriver; C:\windows\System32\drivers\BootDefragDriver.sys [13504 2014-01-06] (Glarysoft Ltd)
R3 btaudio; C:\windows\System32\drivers\btaudio.sys [530861 2007-02-14] (Broadcom Corporation.)
R3 BTDriver; C:\windows\System32\DRIVERS\btport.sys [30459 2007-02-14] (Broadcom Corporation.)
R3 BTKRNL; C:\windows\System32\DRIVERS\btkrnl.sys [868298 2007-02-14] (Broadcom Corporation.)
S3 BTWDNDIS; C:\windows\System32\DRIVERS\btwdndis.sys [149123 2007-02-14] (Broadcom Corporation.)
S3 BTWUSB; C:\windows\System32\Drivers\btwusb.sys [67960 2007-02-14] (Broadcom Corporation.)
R1 ccSettings_{974A0163-23BB-4C9D-A3C2-611667F7A450}; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys [134744 2013-12-04] (Symantec Corporation)
S3 CVirtA; C:\windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [306299 2008-06-19] (Cisco Systems, Inc.)
R3 DNE; C:\windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 eabfiltr; C:\windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-01-27] (Symantec Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2011-03-24] ()
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-01-06] (Symantec Corporation)
R0 EUBAKUP; C:\windows\System32\drivers\eubakup.sys [52040 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\windows\System32\drivers\EUBKMON.sys [40776 2013-09-04] ()
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [14920 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [185800 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2011-03-24] ()
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24800 2013-04-11] ()
R3 HdAudAddService; C:\windows\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
R0 hotcore3; C:\windows\System32\drivers\hotcore3.sys [38448 2008-01-17] (Paragon Software Group)
S3 HP24X; C:\windows\System32\DRIVERS\HP24X.sys [33024 2006-10-19] (Hewlett Packard)
R3 HSFHWAZL; C:\windows\System32\DRIVERS\HSFHWAZL.sys [210816 2007-04-26] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\windows\System32\DRIVERS\HSF_DPV.sys [988032 2007-04-27] (Conexant Systems, Inc.)
R3 idisw2km; C:\windows\System32\DRIVERS\idisw2km.sys [8992 2005-11-28] (Microsoft Corporation)
R3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140213.013\IDSxpx86.sys [383120 2014-01-17] (Symantec Corporation)
R3 IFXTPM; C:\windows\System32\DRIVERS\IFXTPM.SYS [36608 2007-01-23] (Infineon Technologies AG)
R3 kbstuff; C:\windows\System32\DRIVERS\kbstuff5.sys [11744 2005-11-28] (Microsoft Corporation)
R3 NAVENG; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVENG.SYS [93272 2014-02-10] (Symantec Corporation)
R3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVEX15.SYS [1612376 2014-02-10] (Symantec Corporation)
S3 NETw4x32; C:\windows\System32\DRIVERS\NETw4x32.sys [2208512 2007-06-29] (Intel Corporation)
R3 NETwLx32; C:\windows\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)
R3 prepdrvr; C:\WINDOWS\system32\CCM\prepdrv.sys [23416 2007-04-13] (Microsoft Corporation)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2010-04-09] ()
R3 rismc32; C:\windows\System32\DRIVERS\rismc32.sys [47616 2006-12-20] (RICOH Company, Ltd.)
R1 SASDIFSV; C:\Program Files\6 Security\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\6 Security\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\windows\system32\Drivers\SCDEmu.sys [112096 2011-11-15] (Power Software Ltd)
R1 SLEE_18_DRIVER; C:\WINDOWS\system32\drivers\Sleen18.sys [91112 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2013-12-11] ()
R1 SRTSP; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS [603224 2014-01-06] (Symantec Corporation)
R1 SRTSPX; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS [32344 2014-01-06] (Symantec Corporation)
R1 STGMFEngine32; C:\WINDOWS\system32\drivers\STGMFEngine32.sys [16384 2010-07-08] (Softwareentwicklung Remus - ArchiCrypt.com)
S3 SyDvCtrl; C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SyDvCtrl32.sys [28576 2014-01-06] (Symantec Corporation)
R0 SymDS; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS [367704 2014-01-06] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS [935512 2014-01-06] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2014-01-24] (Symantec Corporation)
R1 SymIRON; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS [175192 2014-01-06] (Symantec Corporation)
R1 SYMTDI; C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS [396888 2014-01-06] (Symantec Corporation)
R1 SysPlant; C:\windows\System32\Drivers\SysPlant.sys [126440 2014-01-24] (Symantec Corporation)
S3 tdrpman; C:\windows\System32\DRIVERS\tdrpman.sys [889888 2013-12-12] (Acronis International GmbH)
R3 Teefer2; C:\windows\System32\DRIVERS\teefer.sys [150040 2014-01-06] (Symantec Corporation)
R0 tib; C:\windows\System32\DRIVERS\tib.sys [736192 2013-12-12] (Acronis International GmbH)
R0 tib_mounter; C:\windows\System32\DRIVERS\tib_mounter.sys [143648 2013-12-12] (Acronis International GmbH)
R0 TWZDISK; C:\windows\System32\Drivers\TWZDISK.sys [66704 2013-12-05] (Toolwiz.com)
R1 TWZFILE; C:\WINDOWS\system32\Drivers\TWZFILE.sys [33040 2013-12-05] (Toolwiz.com)
R1 UimBus; C:\windows\System32\DRIVERS\UimBus.sys [32352 2008-01-17] (Windows ® 2000 DDK provider)
R1 Uim_IM; C:\windows\System32\Drivers\Uim_IM.sys [131456 2008-01-17] (Paragon)
S1 Uim_Vim; C:\windows\System32\Drivers\Uim_Vim.sys [283472 2012-10-31] (Paragon)
R0 vididr; C:\windows\System32\DRIVERS\vididr.sys [116000 2013-12-12] (Acronis International GmbH)
R0 vidsflt; C:\windows\System32\DRIVERS\vidsflt.sys [85280 2013-12-12] (Acronis International GmbH)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [280344 2005-01-26] (Zone Labs LLC)
R2 WinisoCDBus; C:\windows\System32\drivers\WinisoCDBus.sys [121600 2012-05-17] (WinISO.com)
R0 xssflt; C:\windows\system32\Drivers\xssflt.sys [55752 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
S3 catchme; \??\C:\DOCUME~1\SummersA\LOCALS~1\Temp\catchme.sys [X]
U2 CertPropSvc;
S4 IntelIde; No ImagePath
U5 P3; C:\Windows\System32\Drivers\P3.sys [42752 2008-04-14] (Microsoft Corporation)
U1 RCHelp;
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U2 WinDefend;

========================== Drivers MD5 =======================

C:\windows\System32\DRIVERS\Accelerometer.sys 558A0039F0EF634397E1F61055504478
C:\windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\windows\System32\DRIVERS\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\windows\System32\drivers\ADIHdAud.sys AA77F63A33244FD94ED2BC66F710024D
C:\windows\System32\drivers\AEAudio.sys 358063AB6C1C4173B735525CDFA65F94
C:\windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\windows\System32\DRIVERS\AegisP.sys A1AD1A4A9F18D900CA9C93FA3EFDCB56
C:\windows\System32\DRIVERS\afcdp.sys DF139E5866C19E0B3217EF210198D875
C:\windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\windows\System32\ambakdrv.sys DEB88D6B0D7CE5FB78FC4AB88E6B0C43
C:\WINDOWS\system32\ammntdrv.sys 9059308FD5FE4317B6C489CA570567CB
C:\WINDOWS\system32\ampa.sys FE62E9711285DC2002DEF9B2BC2FB220
C:\WINDOWS\system32\amwrtdrv.sys 9D6956A382EE791013B3FE4B7206D8C7
C:\windows\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\windows\System32\DRIVERS\ati2mtag.sys E41250655174BCF82B3874BA928D9D3D
C:\windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\windows\System32\DRIVERS\ATSwpDrv.sys 293E8CC3C246A89F4CCA75B024AD757F
C:\windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\windows\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys B7150272AADDCC6F0EFDB8BEF1CD7376
C:\windows\System32\drivers\BootDefragDriver.sys 3722F97E33CACAB1D08B76ABFCCC2966
C:\windows\System32\drivers\btaudio.sys 3AA4BF555C00C5B87FD48DD7BDBD4E97
C:\windows\System32\DRIVERS\btport.sys 07F0A66CFA550B13AD0674AE09E3CBA0
C:\windows\System32\DRIVERS\btkrnl.sys BA57F31EAB93DC597D772F6F5B9ED54F
C:\windows\System32\DRIVERS\btwdndis.sys B1D350F3F13CF340FCE93912D2BA1EBF
C:\windows\System32\Drivers\btwusb.sys 57E91E9925976BBC98984EEBAAF1D84C
C:\windows\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys 0D38EFACCEE90AD18740D28D1AE765CC
C:\windows\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\windows\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\windows\System32\DRIVERS\CmBatt.sys 0F6C187D38D98F8DF904589A5F94D411
C:\windows\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\windows\System32\DRIVERS\CVirtA.sys B5ECADF7708960F1818C7FA015F4C239
C:\WINDOWS\system32\Drivers\CVPNDRVA.sys 465CED77E7C4F9D71B81BA600EDAFAC1
C:\windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\windows\System32\DRIVERS\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\windows\system32\Drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\windows\System32\DRIVERS\dne2000.sys 86D52C32A308F84BBC626BFF7C1FB710
C:\windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\windows\System32\DRIVERS\e1e5132.sys ED91F1042071A36F54E7C430E130E4CD
C:\windows\System32\DRIVERS\eabfiltr.sys E88B0CFCECF745211BBA87F44F85D0DD
C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 08EE8892FD19A6A951F40254E97F6EF3
C:\WINDOWS\system32\epmntdrv.sys F07BA56B0235F15EFF8F10DC6389C42E
C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 050D136C61DBCF36C257206ADBBEC009
C:\windows\System32\drivers\eubakup.sys F8EFD04DB94B1DA2568C53A546613E43
C:\windows\System32\drivers\EUBKMON.sys 4CD0B4D145CF39F8221765952301941B
C:\WINDOWS\system32\drivers\eudskacs.sys 8D980D175E17C88AA07ECAB23E38C70D
C:\WINDOWS\system32\drivers\EuFdDisk.sys F8EF4F17D136DA000AE15333376F4CBF
C:\WINDOWS\system32\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013
C:\windows\System32\DRIVERS\ewusbnet.sys FB54F67974D13D73BE3E2F1DF042D295
C:\windows\System32\DRIVERS\ew_hwusbdev.sys 57C171EA22F0A7F068FCB0CAEDD1E8E7
c:\windows\system32\drivers\farmntio.sys F405662B88A33896D166478F0DB204E3
C:\windows\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\windows\system32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\windows\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\windows\system32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\windows\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\windows\System32\DRIVERS\fltsrv.sys 25A6A4FE918BE28B75C5CD3F32A46B3C
C:\windows\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\windows\System32\DRIVERS\cpqbttn.sys DE15777902A5D9121857D155873A1D1B
C:\windows\System32\drivers\AtiHdAud.sys 56BF27D7A539F9E6BBC1DE201ABA0EDF
C:\windows\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511
C:\windows\System32\DRIVERS\HECI.sys 66FED3EEABDCE17829EDF4C68702ED22
C:\windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\windows\System32\drivers\hotcore3.sys 4BAB16AFC2B0029E09C67DAA8EC722A2
C:\windows\System32\DRIVERS\HP24X.sys 04EBEFE45B300A4EDEE5A38DC2791291
C:\windows\System32\DRIVERS\hpdskflt.sys 5953C0952E4DD2B25B9ADEF05AB0285C
C:\windows\System32\DRIVERS\HSFHWAZL.sys F2C5AAAE6403584FBC53053AF0844411
C:\windows\System32\DRIVERS\HSF_DPV.sys DAAB917EEC9849840A13353198D48CC5
C:\windows\System32\Drivers\HTTP.sys F6AACF5BCE2893E0C1754AFEB672E5C9
C:\windows\System32\DRIVERS\ew_jubusenum.sys F44461E66F1B7DD267957FE9BAA63ED0
C:\windows\System32\DRIVERS\ewusbmdm.sys F547F862B8907F1BCBD9B72A72A6449E
C:\windows\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\windows\System32\DRIVERS\iaStor.sys 997E8F5939F2D12CD9F2E6B395724C16
C:\windows\System32\DRIVERS\idisw2km.sys E9CCE03BCE0585226DA5B2AB2A3E342E
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140213.013\IDSxpx86.sys 53380A4F623C73F10DF809D273AB092B
C:\windows\System32\DRIVERS\IFXTPM.SYS 2CDF483F8FC2BF3F7B93E3BDD734CFBD
C:\windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\windows\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\windows\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99
C:\windows\System32\DRIVERS\kbstuff5.sys 5CB887962A98B4E11D62858B75D87580
C:\windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\windows\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\windows\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\windows\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\windows\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\windows\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\windows\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVENG.SYS 81E928EE3751FAF725C87CC17726C05D
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVEX15.SYS E0C39FA6C76AE8ED53ABF043F35ECDFF
C:\windows\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\windows\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\windows\System32\DRIVERS\NETw4x32.sys A9574F52E2FD5C1C1B4807A326E0488F
C:\windows\System32\DRIVERS\NETwLx32.sys 72062B53186E4A3F5FCBC41EBB62B905
C:\windows\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\windows\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\windows\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\windows\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\windows\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\windows\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\windows\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\windows\System32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0
C:\windows\System32\DRIVERS\pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\windows\System32\Drivers\pcouffin.sys 5B6C11DE7E839C05248CED8825470FEF
C:\windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\system32\CCM\prepdrv.sys 19505C4134F3181FC2203E087140C192
C:\windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\system32\pwdrvio.sys 297E2746DF41528A0950F3AF80CEDB2D
C:\WINDOWS\system32\pwdspio.sys BC7D54CDBE3BBFE52F09CB7B20C3D365
C:\windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\windows\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\windows\System32\DRIVERS\revoflt.sys 8B5B8A11306190C6963D3473F052D3C8
C:\windows\System32\DRIVERS\rimmptsk.sys 355AAC141B214BEF1DBC1483AFD9BD50
C:\windows\System32\DRIVERS\rismc32.sys 7C21554942BEF51CBD84FD7D4E62CB9A
C:\Program Files\6 Security\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\6 Security\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\windows\system32\Drivers\SCDEmu.sys 9A8925F0E6919272A768D7C42232AA3A
C:\windows\System32\DRIVERS\sdbus.sys 8D04819A3CE51B9EB47E5689B44D43C4
C:\windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\windows\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\system32\drivers\Sleen18.sys 7E199E1A31ADC632420D13A06346640E
C:\windows\System32\DRIVERS\snapman.sys AF0C80CBC0A2C29462F84FBF74BE59BD
C:\windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS D52D335CEF10FA933141863100226610
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS FE9BD381778A344F0E39AE2D5E607D7F
C:\windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\system32\drivers\STGMFEngine32.sys E5D761276CBF76155BEBEF33A9DA0590
C:\windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\SyDvCtrl32.sys FBB45518D08A7010E804234188D8CB3F
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMDS.SYS 5A193E5E0F0A776430E5D62A051C1E16
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMEFA.SYS 68762EF9ED8A8D4A07112B3E3590EA29
C:\WINDOWS\system32\Drivers\SYMEVENT.SYS E987A9CB539147527F56943BB34B7375
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS 34A34E3E3B37E36DA570489ABE7A9AE0
C:\windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS D71A2027DDDA3ACA597D98654C26EA0F
C:\windows\System32\DRIVERS\SynTP.sys 5876072999220EF2FBA1DDEC86D2B97E
C:\windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\windows\System32\Drivers\SysPlant.sys 5A9A5CE08168E6D23BED96B97E002DF9
C:\windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\windows\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\windows\System32\DRIVERS\tdrpman.sys D6755D59F40B082AD04109F34C909E04
C:\windows\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\windows\System32\DRIVERS\teefer.sys 3DDE85472A50B4D51DA59219DB4F9F2D
C:\windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\windows\System32\DRIVERS\tib.sys D8101E21C746F8234B3DB6AACC3A55BB
C:\windows\System32\DRIVERS\tib_mounter.sys 02CF2A181BC2DEF83166CFF678575185
C:\windows\System32\Drivers\TWZDISK.sys B1B8952FB9E9116B08EF71DD2FF4F41A
C:\WINDOWS\system32\Drivers\TWZFILE.sys ADE25CC20986A4615E2934A8BD4F0463
C:\windows\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\windows\System32\DRIVERS\UimBus.sys E3CFD4FCE555784869A9243A71EFCB22
C:\windows\System32\Drivers\Uim_IM.sys 5237BB4B8390325936A38B55D72C23B4
C:\windows\System32\Drivers\Uim_Vim.sys 25EB385F490E24D87D009337C12CFAAA
C:\windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\windows\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\windows\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\windows\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\windows\System32\DRIVERS\vididr.sys 32CE9263994A4C714FBA8AA5408741CD
C:\windows\System32\DRIVERS\vidsflt.sys 1DD53BB11BDAB317E065FFE429831751
C:\windows\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\system32\vsdatant.sys 27B3DD12A19EEC50220DF15B64913DDA
C:\windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\windows\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC
C:\windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\windows\System32\DRIVERS\wimmount.sys 05FB36A51E04A6C6B3A5F125FA692E6B
C:\windows\System32\DRIVERS\HSF_CNXT.sys BE3A842C2F2E87E7C840D36BCF13E8E0
C:\windows\System32\drivers\WinisoCDBus.sys 2E099C98A64F891DE47A28FB8B9455FC
C:\windows\System32\DRIVERS\wmiacpi.sys C42584FD66CE9E17403AEBCA199F7BDB
C:\windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\windows\system32\Drivers\xssflt.sys A88E94A029DF359F0147CA1AA1D08191

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 03:45 - 2014-02-15 03:45 - 00040566 _____ () C:\Documents and Settings\SummersA\Desktop\FRST.txt
2014-02-15 02:39 - 2013-12-10 13:41 - 277419827 _____ (Aimersoft Software ) C:\Documents and Settings\SummersA\Desktop\aimer-pdf-converter-pro_full1113.exe
2014-02-15 02:39 - 2013-11-12 16:50 - 29409368 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_snap_6_6.0.10_14853.exe
2014-02-15 02:39 - 2013-10-16 21:37 - 14550370 _____ () C:\Documents and Settings\SummersA\Desktop\EasyArchiveRecovery20.zip
2014-02-15 02:37 - 2014-02-14 14:04 - 01141248 _____ (Farbar) C:\Documents and Settings\SummersA\Desktop\FRST.exe
2014-02-14 15:14 - 2014-02-14 15:17 - 00023095 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:14 - 2014-02-14 15:14 - 00000165 ____H () C:\Documents and Settings\SummersA\Desktop\~$Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-13 16:29 - 2014-02-15 03:18 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\Free Download Manager
2014-02-13 16:29 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Free DL Man
2014-02-12 11:56 - 2014-02-12 11:56 - 01712640 _____ () C:\Documents and Settings\SummersA\Desktop\SABC Streams Consolidated_12 02 14_frans_as_26.mpp
2014-02-12 10:17 - 2014-02-14 14:04 - 00020558 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 12 02 14.xlsx
2014-02-12 02:27 - 2014-02-12 09:02 - 01719296 _____ () C:\Documents and Settings\SummersA\Desktop\Clean Audit 2014_12 02 14_to_1.mpp
2014-02-11 19:00 - 2003-05-21 19:18 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.tmp
2014-02-11 19:00 - 2003-05-21 19:18 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\msxml3a.tmp
2014-02-11 19:00 - 2002-12-19 22:06 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.tmp
2014-02-08 00:58 - 2014-02-08 00:58 - 00008192 _____ () C:\Documents and Settings\SummersA\Desktop\Webmail.shb
2014-02-07 09:43 - 2014-02-14 11:25 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-05 15:16 - 2014-02-04 21:34 - 01243588 _____ () C:\Documents and Settings\SummersA\Desktop\ProcessExplorer OLD.zip
2014-02-05 10:39 - 2014-02-05 10:39 - 00061440 _____ (Sysinternals) C:\windows\system32\PSEXESVC.EXE
2014-02-05 09:20 - 2014-02-05 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-02-05 09:19 - 2014-02-05 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2014-02-03 12:08 - 2014-02-03 12:08 - 00002438 ___RH () C:\farstone_pe.letter
2014-02-03 10:11 - 2014-02-03 11:23 - 00001598 _____ () C:\Documents and Settings\SummersA\Desktop\System Restore.lnk
2014-01-30 17:39 - 2014-01-30 17:39 - 00030274 _____ () C:\ComboFix.txt
2014-01-30 17:07 - 2014-01-30 17:39 - 00000000 ____D () C:\DoboF-1
2014-01-30 17:07 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-01-30 17:07 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-01-30 17:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-01-30 17:07 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-01-30 16:45 - 2014-02-15 03:45 - 00000000 ____D () C:\FRST
2014-01-30 12:36 - 2014-01-30 12:37 - 00000000 ____D () C:\ZomboFix
2014-01-30 12:33 - 2014-01-30 17:39 - 00000000 ____D () C:\Qoobox
2014-01-30 11:01 - 2014-01-30 07:24 - 102090009 _____ () C:\Documents and Settings\SummersA\Desktop\vdf_fusebundle.zip
2014-01-29 10:45 - 2014-01-29 10:45 - 16862376 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_uninstaller_4_4.30_14540_2.exe
2014-01-28 15:35 - 2014-02-05 13:34 - 01574985 _____ () C:\Documents and Settings\SummersA\Desktop\licensecrawler(1).zip
2014-01-28 11:39 - 2014-01-28 18:17 - 215842816 _____ () C:\Documents and Settings\SummersA\Desktop\WindowsBootGeniusFull.exe
2014-01-22 15:23 - 2014-01-22 15:23 - 00000372 _____ () C:\Documents and Settings\SummersA\Desktop\2014.lnk
2014-01-21 15:44 - 2014-01-30 13:32 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\New Folder
2014-01-21 15:44 - 2014-01-21 15:44 - 00000687 _____ () C:\Documents and Settings\SummersA\Start Menu\Everything.lnk
2014-01-21 10:58 - 2014-01-06 10:38 - 00101664 _____ (Glarysoft Ltd) C:\windows\system32\BootDefrag.exe
2014-01-21 10:58 - 2014-01-06 05:28 - 00013504 _____ (Glarysoft Ltd) C:\windows\system32\Drivers\BootDefragDriver.sys
2014-01-21 09:27 - 2014-01-21 09:27 - 00000000 ____D () C:\Program Files\NetChecker
2014-01-20 03:36 - 2014-02-13 20:25 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\CA 2014
2014-01-20 03:30 - 2014-01-20 03:30 - 00000022 _____ () C:\windows\cmm.dat
2014-01-20 03:22 - 2014-01-30 17:35 - 00000000 ____D () C:\windows\erdnt
2014-01-20 03:21 - 2014-01-20 03:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-01-20 03:20 - 2014-02-15 03:36 - 00000258 _____ () C:\windows\Tasks\Clean System Memory.job
2014-01-20 03:20 - 2014-01-20 03:20 - 00000000 ____D () C:\windows\CleanMem
2014-01-20 02:42 - 2014-01-20 03:18 - 00000016 _____ () C:\InjectIntoProcess crash
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB951376-v2$
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2868626$
2014-01-19 02:20 - 2014-01-19 02:21 - 00048257 _____ () C:\windows\KB951376-v2.log
2014-01-19 02:20 - 2014-01-19 02:20 - 00000000 __HDC () C:\windows\$NtUninstallKB952954$
2014-01-19 02:19 - 2014-01-19 02:19 - 00000000 __HDC () C:\windows\$NtUninstallKB959426$
2014-01-19 02:18 - 2014-01-19 02:18 - 00047886 _____ () C:\windows\KB946648.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00000000 __HDC () C:\windows\$NtUninstallKB946648$
2014-01-19 02:17 - 2014-01-19 02:18 - 00049243 _____ () C:\windows\KB2387149.log
2014-01-19 02:17 - 2014-01-19 02:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2387149$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB960859$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2712808$
2014-01-19 02:15 - 2014-01-19 02:15 - 00044661 _____ () C:\windows\KB2659262.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2659262$
2014-01-19 02:14 - 2014-01-19 02:15 - 00044932 _____ () C:\windows\KB2564958.log
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2758857$
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2564958$
2014-01-19 02:13 - 2014-01-19 02:13 - 00000000 __HDC () C:\windows\$NtUninstallKB2544893-v2$
2014-01-19 02:12 - 2014-01-19 02:12 - 00042255 _____ () C:\windows\KB2834886.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2834886$
2014-01-19 02:11 - 2014-01-19 02:12 - 00045815 _____ () C:\windows\KB2536276-v2.log
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2585542$
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2536276-v2$
2014-01-19 02:10 - 2014-01-19 02:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2631813$
2014-01-19 02:09 - 2014-01-19 02:09 - 00043005 _____ () C:\windows\KB2296011.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2296011$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2900986$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2691442$
2014-01-19 02:07 - 2014-01-19 02:08 - 00041556 _____ () C:\windows\KB2900986.log
2014-01-19 02:07 - 2014-01-19 02:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2115168$
2014-01-19 02:06 - 2014-01-19 02:07 - 00043789 _____ () C:\windows\KB975558.log
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB975558_WM8$
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB955759$
2014-01-19 02:05 - 2014-01-19 02:06 - 00046472 _____ () C:\windows\KB955759.log
2014-01-19 02:05 - 2014-01-19 02:05 - 00000000 __HDC () C:\windows\$NtUninstallKB2847311$
2014-01-19 02:04 - 2014-01-19 02:04 - 00041609 _____ () C:\windows\KB2378111.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00000000 __HDC () C:\windows\$NtUninstallKB2378111_WM9$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB974318$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB951978$
2014-01-19 02:02 - 2014-01-19 02:02 - 00000000 __HDC () C:\windows\$NtUninstallKB969059$
2014-01-19 02:01 - 2014-01-19 02:01 - 00000000 __HDC () C:\windows\$NtUninstallKB2443105$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2802968$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2655992$
2014-01-19 01:59 - 2014-01-19 01:59 - 00042710 _____ () C:\windows\KB2229593.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00000000 __HDC () C:\windows\$NtUninstallKB2229593$
2014-01-19 01:57 - 2014-01-19 01:59 - 00053620 _____ () C:\windows\KB2898785-IE8.log
2014-01-19 01:57 - 2014-01-19 01:57 - 00000000 __HDC () C:\windows\$NtUninstallKB950974$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2898715$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2481109$
2014-01-19 01:55 - 2014-01-19 01:55 - 00000000 __HDC () C:\windows\$NtUninstallKB975713$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2686509$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2598479$
2014-01-19 01:53 - 2014-01-19 01:54 - 00035524 _____ () C:\windows\KB2686509.log
2014-01-19 01:53 - 2014-01-19 01:53 - 00000000 __HDC () C:\windows\$NtUninstallKB982132$
2014-01-19 01:52 - 2014-01-19 01:53 - 00034312 _____ () C:\windows\KB2862335.log
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB971657$
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB2862335$
2014-01-19 01:51 - 2014-01-19 01:51 - 00000000 __HDC () C:\windows\$NtUninstallKB978338$
2014-01-19 01:50 - 2014-01-19 01:51 - 00032497 _____ () C:\windows\KB954155.log
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB954155_WM9$
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB2507938$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB972270$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2780091$
2014-01-19 01:48 - 2014-01-19 01:48 - 00000000 __HDC () C:\windows\$NtUninstallKB2845187$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB974112$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB956572$
2014-01-19 01:46 - 2014-01-19 01:47 - 00042700 _____ () C:\windows\KB956572.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00029711 _____ () C:\windows\KB2904266.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00006696 _____ () C:\windows\system32\TZLog.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00000000 __HDC () C:\windows\$NtUninstallKB2904266$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2876217$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2347290$
2014-01-19 01:44 - 2014-01-19 01:44 - 00031731 _____ () C:\windows\KB956844.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB979687$
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB956844$
2014-01-19 01:43 - 2014-01-19 01:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2864063$
2014-01-19 01:42 - 2014-01-19 01:43 - 00030680 _____ () C:\windows\KB973869.log
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB975025$
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB973869$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB952004$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB2719985$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB974571$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB2862152$
2014-01-19 01:39 - 2014-01-19 01:39 - 00029377 _____ () C:\windows\KB2592799.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00000000 __HDC () C:\windows\$NtUninstallKB2592799$
2014-01-19 01:38 - 2014-01-19 01:38 - 00000000 __HDC () C:\windows\$NtUninstallKB975560$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB973507$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB2770660$
2014-01-19 01:36 - 2014-01-28 18:20 - 00000000 __HDC () C:\windows\$NtUninstallKB977816$
2014-01-19 01:36 - 2014-01-19 01:36 - 00028966 _____ () C:\windows\KB2535512.log
2014-01-19 01:36 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2535512$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB950762$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB2850869$
2014-01-19 01:34 - 2014-01-19 01:35 - 00028552 _____ () C:\windows\KB950762.log
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2876331$
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2859537$
2014-01-19 01:33 - 2014-01-19 01:33 - 00028703 _____ () C:\windows\KB2807986.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00027120 _____ () C:\windows\KB2570947.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2807986$
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2570947$
2014-01-19 01:32 - 2014-01-19 01:32 - 00027671 _____ () C:\windows\KB952287.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00024636 _____ () C:\windows\KB978695.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB978695_WM9$
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB952287$
2014-01-19 01:31 - 2014-01-19 01:31 - 00026780 _____ () C:\windows\KB2603381.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2820917$
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2603381$
2014-01-19 01:30 - 2014-01-19 01:31 - 00030574 _____ () C:\windows\KB973904.log
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB973904$
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2014-01-19 01:29 - 2014-01-21 09:20 - 00001913 _____ () C:\windows\spupdsvc.log
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB973540_WM9$
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2014-01-19 01:28 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2419632$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB974392$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2653956$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB971029$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2014-01-19 01:26 - 2014-01-19 01:26 - 00013090 _____ () C:\windows\KB2803821-v2.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2893984$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2803821-v2_WM9$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2506212$
2014-01-19 01:25 - 2014-01-19 01:25 - 00017621 _____ () C:\windows\KB952069.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB977914$
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB952069_WM9$
2014-01-19 01:24 - 2014-01-19 01:24 - 00020653 _____ () C:\windows\KB2698365.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2698365$
2014-01-19 01:23 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2619339$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB979309$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB978542$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2705219-v2$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB979482$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB978706$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2014-01-19 01:21 - 2014-01-19 01:21 - 00017019 _____ () C:\windows\KB2723135-v2.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00016243 _____ () C:\windows\KB981997.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB981997$
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2723135-v2$
2014-01-19 01:20 - 2014-01-19 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB960803$
2014-01-19 01:19 - 2014-01-19 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB973815$
2014-01-19 01:17 - 2014-01-19 01:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2014-01-19 01:15 - 2014-01-19 01:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2014-01-19 01:15 - 2014-01-19 01:15 - 00309116 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-01-19 01:15 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2676562$
2014-01-19 01:14 - 2014-01-19 01:58 - 00000000 ____D () C:\windows\ie8updates
2014-01-19 01:14 - 2014-01-19 01:14 - 00315756 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-01-19 01:14 - 2014-01-19 01:14 - 00017153 _____ () C:\windows\KB2510531-IE8.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\system32\MRT
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-01-19 01:13 - 2014-01-06 16:20 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-19 01:12 - 2014-01-19 01:12 - 00016767 _____ () C:\windows\KB923561.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB982665$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB923561$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2620712$
2014-01-19 01:11 - 2014-01-19 01:12 - 00014166 _____ () C:\windows\KB2566454.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00013807 _____ () C:\windows\KB2661637.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00011678 _____ () C:\windows\KB2914368.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2661637$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2566454$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB975467$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2584146$
2014-01-19 01:09 - 2014-01-19 02:21 - 00027292 _____ () C:\windows\updspapi.log
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB968389$
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2423089$
2014-01-19 01:08 - 2014-01-19 01:09 - 00012123 _____ () C:\windows\KB2423089.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000159 _____ () C:\windows\wiadebug.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000049 _____ () C:\windows\wiaservc.log
2014-01-16 15:44 - 2014-01-19 02:22 - 00067358 _____ () C:\windows\KB2868626.log
2014-01-16 15:44 - 2014-01-19 02:20 - 00069043 _____ () C:\windows\KB952954.log
2014-01-16 15:44 - 2014-01-19 02:19 - 00067997 _____ () C:\windows\KB959426.log
2014-01-16 15:44 - 2014-01-19 02:17 - 00068317 _____ () C:\windows\KB2712808.log
2014-01-16 15:44 - 2008-06-13 13:05 - 00272128 ____N (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2014-01-16 15:44 - 2008-06-13 13:05 - 00272128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\bthport.sys
2014-01-16 15:43 - 2014-01-19 02:16 - 00068536 _____ () C:\windows\KB960859.log
2014-01-16 15:43 - 2014-01-19 02:14 - 00065709 _____ () C:\windows\KB2758857.log
2014-01-16 15:43 - 2014-01-19 02:13 - 00065431 _____ () C:\windows\KB2544893-v2.log
2014-01-16 15:43 - 2014-01-19 02:11 - 00066586 _____ () C:\windows\KB2585542.log
2014-01-16 15:43 - 2014-01-19 02:10 - 00065409 _____ () C:\windows\KB2631813.log
2014-01-16 15:43 - 2014-01-19 02:09 - 00065138 _____ () C:\windows\KB2691442.log
2014-01-16 15:43 - 2014-01-19 02:05 - 00061711 _____ () C:\windows\KB2847311.log
2014-01-16 15:43 - 2014-01-19 01:56 - 00055561 _____ () C:\windows\KB2898715.log
2014-01-16 15:43 - 2013-10-29 09:57 - 11113472 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ieframe.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 02006016 ____C (Microsoft Corporation) C:\windows\system32\dllcache\iertutil.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00743424 ____C (Microsoft Corporation) C:\windows\system32\dllcache\iedvtool.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00630272 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msfeeds.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00522240 ____C (Microsoft Corporation) C:\windows\system32\dllcache\jsdbgui.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00247808 ____C (Microsoft Corporation) C:\windows\system32\dllcache\ieproxy.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00055296 ____C (Microsoft Corporation) C:\windows\system32\dllcache\msfeedsbs.dll
2014-01-16 15:43 - 2013-10-29 09:57 - 00012800 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xpshims.dll
2014-01-16 15:42 - 2014-01-19 02:07 - 00063900 _____ () C:\windows\KB2115168.log
2014-01-16 15:42 - 2014-01-19 02:04 - 00063588 _____ () C:\windows\KB974318.log
2014-01-16 15:42 - 2014-01-19 02:03 - 00065889 _____ () C:\windows\KB951978.log
2014-01-16 15:42 - 2014-01-19 02:02 - 00061967 _____ () C:\windows\KB969059.log
2014-01-16 15:42 - 2014-01-19 02:01 - 00063761 _____ () C:\windows\KB2655992.log
2014-01-16 15:42 - 2014-01-19 02:00 - 00062854 _____ () C:\windows\KB2802968.log
2014-01-16 15:42 - 2014-01-19 01:57 - 00058705 _____ () C:\windows\KB2481109.log
2014-01-16 15:42 - 2014-01-19 01:57 - 00057556 _____ () C:\windows\KB950974.log
2014-01-16 15:42 - 2014-01-19 01:55 - 00055732 _____ () C:\windows\KB975713.log
2014-01-16 15:41 - 2014-01-19 02:01 - 00061757 _____ () C:\windows\KB2443105.log
2014-01-16 15:41 - 2014-01-19 01:55 - 00055935 _____ () C:\windows\KB2598479.log
2014-01-16 15:41 - 2014-01-19 01:53 - 00054336 _____ () C:\windows\KB982132.log
2014-01-16 15:41 - 2014-01-19 01:52 - 00054266 _____ () C:\windows\KB971657.log
2014-01-16 15:41 - 2014-01-19 01:51 - 00054897 _____ () C:\windows\KB978338.log
2014-01-16 15:41 - 2014-01-19 01:49 - 00055068 _____ () C:\windows\KB2780091.log
2014-01-16 15:41 - 2014-01-19 01:45 - 00048844 _____ () C:\windows\KB2876217.log
2014-01-16 15:41 - 2014-01-19 01:43 - 00047842 _____ () C:\windows\KB2864063.log
2014-01-16 15:41 - 2014-01-19 01:34 - 00047789 _____ () C:\windows\KB2859537.log
2014-01-16 15:41 - 2013-07-03 04:12 - 00025088 ____C (Microsoft Corporation) C:\windows\system32\dllcache\hidparse.sys
2014-01-16 15:41 - 2013-07-03 03:59 - 00014976 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbscan.sys
2014-01-16 15:41 - 2013-02-12 02:32 - 00012928 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usb8023x.sys
2014-01-16 15:40 - 2014-01-19 01:50 - 00053660 _____ () C:\windows\KB2507938.log
2014-01-16 15:40 - 2014-01-19 01:48 - 00051454 _____ () C:\windows\KB2845187.log
2014-01-16 15:40 - 2014-01-19 01:40 - 00045807 _____ () C:\windows\KB2862152.log
2014-01-16 15:40 - 2014-01-19 01:35 - 00043998 _____ () C:\windows\KB2850869.log
2014-01-16 15:40 - 2014-01-19 01:32 - 00046430 _____ () C:\windows\KB2820917.log
2014-01-16 15:40 - 2014-01-19 01:30 - 00045520 _____ () C:\windows\KB2757638.log
2014-01-16 15:40 - 2014-01-19 01:30 - 00043352 _____ () C:\windows\KB2893294.log
2014-01-16 15:40 - 2014-01-19 01:27 - 00039226 _____ () C:\windows\KB2749655.log
2014-01-16 15:40 - 2014-01-19 01:26 - 00035738 _____ () C:\windows\KB2893984.log
2014-01-16 15:40 - 2014-01-19 01:24 - 00033685 _____ () C:\windows\KB2892075.log
2014-01-16 15:39 - 2014-01-19 01:48 - 00053575 _____ () C:\windows\KB974112.log
2014-01-16 15:39 - 2014-01-19 01:42 - 00048315 _____ () C:\windows\KB975025.log
2014-01-16 15:39 - 2014-01-19 01:41 - 00052393 _____ () C:\windows\KB952004.log
2014-01-16 15:39 - 2014-01-19 01:27 - 00038820 _____ () C:\windows\KB971029.log
2014-01-16 15:38 - 2014-01-19 01:44 - 00051059 _____ () C:\windows\KB979687.log
2014-01-16 15:38 - 2014-01-19 01:42 - 00048394 _____ () C:\windows\KB2719985.log
2014-01-16 15:38 - 2014-01-19 01:40 - 00046953 _____ () C:\windows\KB974571.log
2014-01-16 15:38 - 2014-01-19 01:38 - 00046520 _____ () C:\windows\KB973507.log
2014-01-16 15:38 - 2014-01-19 01:36 - 00046832 _____ () C:\windows\KB977816.log
2014-01-16 15:38 - 2014-01-19 01:29 - 00051627 _____ () C:\windows\KB2419632.log
2014-01-16 15:38 - 2014-01-19 01:28 - 00038908 _____ () C:\windows\KB974392.log
2014-01-16 15:37 - 2014-01-19 01:34 - 00043037 _____ () C:\windows\KB2876331.log
2014-01-16 15:37 - 2014-01-19 01:28 - 00038981 _____ () C:\windows\KB2653956.log
2014-01-16 15:37 - 2014-01-19 01:26 - 00037806 _____ () C:\windows\KB2506212.log
2014-01-16 15:37 - 2014-01-19 01:25 - 00039955 _____ () C:\windows\KB977914.log
2014-01-16 15:37 - 2014-01-19 01:24 - 00033980 _____ () C:\windows\KB2619339.log
2014-01-16 15:37 - 2014-01-19 01:23 - 00033148 _____ () C:\windows\KB978542.log
2014-01-16 15:36 - 2014-01-19 01:23 - 00035113 _____ () C:\windows\KB2705219-v2.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00033221 _____ () C:\windows\KB978706.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00033079 _____ () C:\windows\KB2727528.log
2014-01-16 15:36 - 2014-01-19 01:22 - 00032928 _____ () C:\windows\KB979482.log
2014-01-16 15:36 - 2014-01-19 01:21 - 00032867 _____ () C:\windows\KB960803.log
2014-01-16 15:36 - 2014-01-19 01:20 - 00032167 _____ () C:\windows\KB973815.log
2014-01-16 15:36 - 2014-01-19 01:16 - 00033933 _____ () C:\windows\KB2813345.log
2014-01-16 15:36 - 2013-08-09 02:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2014-01-16 15:36 - 2013-08-09 02:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2014-01-16 15:36 - 2009-03-18 13:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2014-01-16 15:35 - 2014-01-19 01:15 - 00039272 _____ () C:\windows\KB2676562.log
2014-01-16 15:35 - 2014-01-19 01:13 - 00030752 _____ () C:\windows\KB982665.log
2014-01-16 15:34 - 2014-01-19 01:12 - 00030112 _____ () C:\windows\KB2620712.log
2014-01-16 15:34 - 2012-01-11 21:06 - 00003072 ____N () C:\windows\system32\iacenc.dll
2014-01-16 15:34 - 2012-01-11 21:06 - 00003072 ____C () C:\windows\system32\dllcache\iacenc.dll
2014-01-16 15:33 - 2014-01-19 01:23 - 00032081 _____ () C:\windows\KB979309.log
2014-01-16 15:32 - 2014-01-19 01:11 - 00029634 _____ () C:\windows\KB2584146.log
2014-01-16 15:31 - 2014-01-19 01:10 - 00030622 _____ () C:\windows\KB975467.log
2014-01-16 15:31 - 2014-01-19 01:09 - 00033488 _____ () C:\windows\KB968389.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00787377 _____ () C:\windows\iis6.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00735763 _____ () C:\windows\FaxSetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00351764 _____ () C:\windows\ocgen.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00335556 _____ () C:\windows\tsoc.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00244253 _____ () C:\windows\comsetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00222214 _____ () C:\windows\msmqinst.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00147894 _____ () C:\windows\ntdtcsetup.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00128877 _____ () C:\windows\netfxocm.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00050575 _____ () C:\windows\MedCtrOC.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00040698 _____ () C:\windows\ocmsn.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00036931 _____ () C:\windows\tabletoc.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00036771 _____ () C:\windows\msgsocm.log
2014-01-16 15:30 - 2014-01-19 02:22 - 00001374 _____ () C:\windows\imsins.log
2014-01-16 15:30 - 2014-01-19 02:21 - 00001374 _____ () C:\windows\imsins.BAK
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 __HDC () C:\windows\$NtUninstallKB898461$
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 ____D () C:\windows\system32\PreInstall
2014-01-16 15:29 - 2014-01-16 15:30 - 00019943 _____ () C:\windows\KB898461.log
2014-01-16 11:27 - 2014-01-16 11:27 - 00001892 _____ () C:\sc-cleaner.txt
2014-01-16 11:25 - 2014-02-15 03:32 - 00000480 _____ () C:\windows\Tasks\Malwarebytes Anti-Exploit.job
2014-01-16 11:25 - 2014-01-16 11:25 - 00000838 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Exploit.lnk
2014-01-16 11:25 - 2013-07-16 03:41 - 01498960 _____ (Microsoft Corporation) C:\windows\system32\msvcr100d.dll
2014-01-16 11:25 - 2013-07-16 03:41 - 00743248 _____ (Microsoft Corporation) C:\windows\system32\msvcp100d.dll

==================== One Month Modified Files and Folders =======

2014-02-15 03:45 - 2014-02-15 03:45 - 00040566 _____ () C:\Documents and Settings\SummersA\Desktop\FRST.txt
2014-02-15 03:45 - 2014-01-30 16:45 - 00000000 ____D () C:\FRST
2014-02-15 03:36 - 2014-01-20 03:20 - 00000258 _____ () C:\windows\Tasks\Clean System Memory.job
2014-02-15 03:35 - 2007-09-18 07:37 - 00000467 _____ () C:\windows\SMSCFG.ini
2014-02-15 03:35 - 2007-09-14 21:07 - 01850550 _____ () C:\windows\WindowsUpdate.log
2014-02-15 03:34 - 2014-01-15 15:44 - 00000334 _____ () C:\windows\Tasks\GlaryInitialize 4.job
2014-02-15 03:32 - 2014-01-16 11:25 - 00000480 _____ () C:\windows\Tasks\Malwarebytes Anti-Exploit.job
2014-02-15 03:32 - 2007-09-17 08:16 - 00000000 __SHD () C:\windows\CSC
2014-02-15 03:32 - 2007-09-14 21:14 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-15 03:18 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\Free Download Manager
2014-02-14 16:06 - 2007-09-17 12:21 - 00000440 _____ () C:\windows\system32\config\netlogon.ftl
2014-02-14 15:34 - 2007-09-14 13:39 - 00000000 ____D () C:\windows\security
2014-02-14 15:20 - 2014-01-14 16:55 - 00000422 _____ () C:\windows\Tasks\SyncBackFree Gus.job
2014-02-14 15:17 - 2014-02-14 15:14 - 00023095 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:14 - 2014-02-14 15:14 - 00000165 ____H () C:\Documents and Settings\SummersA\Desktop\~$Project Clean Audit Status Tracking 14 02 14.xlsx
2014-02-14 15:10 - 2014-01-14 16:53 - 00000440 _____ () C:\windows\Tasks\SyncBackFree 2014 My Docs.job
2014-02-14 14:04 - 2014-02-15 02:37 - 01141248 _____ (Farbar) C:\Documents and Settings\SummersA\Desktop\FRST.exe
2014-02-14 14:04 - 2014-02-12 10:17 - 00020558 _____ () C:\Documents and Settings\SummersA\Desktop\Project Clean Audit Status Tracking 12 02 14.xlsx
2014-02-14 12:06 - 2007-09-14 21:14 - 00032506 _____ () C:\windows\SchedLgU.Txt
2014-02-14 12:05 - 2013-10-31 17:31 - 00000000 ____D () C:\Program Files\8 Utils
2014-02-14 11:28 - 2007-09-18 14:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-02-14 11:25 - 2014-02-07 09:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-13 20:35 - 2013-10-31 09:54 - 00131072 _____ () C:\windows\system32\config\OAlerts.evt
2014-02-13 20:35 - 2013-10-29 14:26 - 02949120 _____ () C:\windows\system32\config\Symantec.evt
2014-02-13 20:34 - 2013-10-30 12:36 - 00000178 ___SH () C:\Documents and Settings\SummersA\ntuser.ini
2014-02-13 20:34 - 2013-10-30 12:35 - 00000000 ____D () C:\Documents and Settings\SummersA
2014-02-13 20:25 - 2014-01-20 03:36 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\CA 2014
2014-02-13 20:00 - 2013-11-28 17:03 - 00000510 _____ () C:\windows\Tasks\Auslogics Disk Defrag Prof Task {00000001-BF28-44E1-9E64-C2FC22645762} for SummersA.job
2014-02-13 20:00 - 2013-10-31 14:12 - 00000000 ____D () C:\windows\system32\VPCache
2014-02-13 19:17 - 2013-10-31 09:15 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\6 Security
2014-02-13 16:29 - 2014-02-13 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Free DL Man
2014-02-13 16:26 - 2013-11-28 21:59 - 00000000 ____D () C:\Program Files\3 Internet
2014-02-13 16:17 - 2013-11-06 16:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\6 Security
2014-02-13 16:12 - 2007-09-11 09:17 - 00002206 _____ () C:\windows\system32\wpa.dbl
2014-02-12 12:16 - 2013-11-04 14:34 - 00008372 _____ () C:\windows\Q-Dir.ini
2014-02-12 11:56 - 2014-02-12 11:56 - 01712640 _____ () C:\Documents and Settings\SummersA\Desktop\SABC Streams Consolidated_12 02 14_frans_as_26.mpp
2014-02-12 09:02 - 2014-02-12 02:27 - 01719296 _____ () C:\Documents and Settings\SummersA\Desktop\Clean Audit 2014_12 02 14_to_1.mpp
2014-02-12 05:01 - 2011-01-11 03:23 - 00000187 _____ () C:\windows\system32\CleanMem.ini
2014-02-12 04:56 - 2013-11-05 19:40 - 00000000 ____D () C:\Documents and Settings\SummersA\Application Data\vlc
2014-02-11 16:18 - 2013-12-05 17:33 - 00353461 _____ () C:\windows\setupapi.log
2014-02-11 14:51 - 2013-12-02 11:19 - 00000000 ____D () C:\Program Files\6 Security
2014-02-11 14:51 - 2013-10-29 15:48 - 2113249280 _____ () C:\windows\MEMORY.DMP
2014-02-11 12:13 - 2013-11-06 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\3 Internet
2014-02-10 16:17 - 2007-09-14 21:14 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-02-08 12:50 - 2013-10-31 08:53 - 00002433 _____ () C:\Documents and Settings\SummersA\Desktop\VPN Client.lnk
2014-02-08 00:58 - 2014-02-08 00:58 - 00008192 _____ () C:\Documents and Settings\SummersA\Desktop\Webmail.shb
2014-02-07 14:41 - 2013-10-31 13:18 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-06 15:00 - 2013-11-07 18:56 - 00000440 _____ () C:\windows\Tasks\SyncBackFree 2013 My Docs.job
2014-02-06 14:04 - 2007-09-18 14:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-02-06 14:02 - 2013-10-29 13:40 - 00002315 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-02-05 15:58 - 2013-10-29 15:11 - 00000000 ____D () C:\Angus Summers
2014-02-05 13:39 - 2013-10-31 09:15 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\8 Utils
2014-02-05 13:38 - 2013-10-31 09:09 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Esot
2014-02-05 13:34 - 2014-01-28 15:35 - 01574985 _____ () C:\Documents and Settings\SummersA\Desktop\licensecrawler(1).zip
2014-02-05 10:39 - 2014-02-05 10:39 - 00061440 _____ (Sysinternals) C:\windows\system32\PSEXESVC.EXE
2014-02-05 09:20 - 2014-02-05 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo
2014-02-05 09:19 - 2014-02-05 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Comodo Downloader
2014-02-04 21:34 - 2014-02-05 15:16 - 01243588 _____ () C:\Documents and Settings\SummersA\Desktop\ProcessExplorer OLD.zip
2014-02-03 12:08 - 2014-02-03 12:08 - 00002438 ___RH () C:\farstone_pe.letter
2014-02-03 12:08 - 2013-12-08 19:26 - 00000106 _____ () C:\boot.ini
2014-02-03 11:23 - 2014-02-03 10:11 - 00001598 _____ () C:\Documents and Settings\SummersA\Desktop\System Restore.lnk
2014-01-31 16:23 - 2007-09-14 13:47 - 00477368 _____ () C:\windows\system32\PerfStringBackup.INI
2014-01-30 17:39 - 2014-01-30 17:39 - 00030274 _____ () C:\ComboFix.txt
2014-01-30 17:39 - 2014-01-30 17:07 - 00000000 ____D () C:\DoboF-1
2014-01-30 17:39 - 2014-01-30 12:33 - 00000000 ____D () C:\Qoobox
2014-01-30 17:35 - 2014-01-20 03:22 - 00000000 ____D () C:\windows\erdnt
2014-01-30 17:34 - 2007-09-11 09:17 - 00000227 _____ () C:\windows\system.ini
2014-01-30 16:47 - 2013-12-05 16:59 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Startup (Disabled by AnVir)
2014-01-30 13:32 - 2014-01-21 15:44 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\New Folder
2014-01-30 12:37 - 2014-01-30 12:36 - 00000000 ____D () C:\ZomboFix
2014-01-30 07:24 - 2014-01-30 11:01 - 102090009 _____ () C:\Documents and Settings\SummersA\Desktop\vdf_fusebundle.zip
2014-01-29 17:19 - 2013-11-04 14:35 - 00001433 _____ () C:\Documents and Settings\SummersA\Start Menu\Q-Dir.lnk
2014-01-29 17:17 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\5 Recover
2014-01-29 10:45 - 2014-01-29 10:45 - 16862376 _____ (Ashampoo GmbH & Co. KG ) C:\Documents and Settings\SummersA\Desktop\ashampoo_uninstaller_4_4.30_14540_2.exe
2014-01-29 09:01 - 2013-12-05 17:32 - 00000000 ____D () C:\Documents and Settings\All Users\GlarySoft
2014-01-28 18:20 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB977816$
2014-01-28 18:17 - 2014-01-28 11:39 - 215842816 _____ () C:\Documents and Settings\SummersA\Desktop\WindowsBootGeniusFull.exe
2014-01-28 11:15 - 2013-12-31 00:50 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Photo Supp
2014-01-24 10:22 - 2013-10-29 14:25 - 00142936 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT.SYS
2014-01-24 10:22 - 2013-10-29 14:25 - 00008194 _____ () C:\windows\system32\Drivers\SYMEVENT.CAT
2014-01-24 10:22 - 2013-10-29 14:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Symantec Endpoint Protection
2014-01-24 10:21 - 2013-10-29 14:25 - 00420752 _____ (Symantec Corporation) C:\windows\system32\SymVPN.dll
2014-01-24 10:21 - 2013-10-29 14:25 - 00136080 _____ (Symantec Corporation) C:\windows\system32\FwsVpn.dll
2014-01-24 10:21 - 2013-10-29 14:25 - 00126440 _____ (Symantec Corporation) C:\windows\system32\Drivers\SysPlant.sys
2014-01-24 10:21 - 2013-10-29 14:25 - 00033264 _____ (Symantec Corporation) C:\windows\system32\Drivers\WGX.SYS
2014-01-24 10:08 - 2013-10-29 13:31 - 00000000 ____D () C:\windows\system32\appmgmt
2014-01-22 16:00 - 2013-11-14 13:40 - 00000000 ____D () C:\windows\Minidump
2014-01-22 15:23 - 2014-01-22 15:23 - 00000372 _____ () C:\Documents and Settings\SummersA\Desktop\2014.lnk
2014-01-22 14:31 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\3 Internet
2014-01-22 14:14 - 2013-10-31 09:16 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\1 Aud_Vid
2014-01-22 13:52 - 2014-01-13 10:42 - 00000000 ____D () C:\Documents and Settings\SummersA\Start Menu\Programs\3 Internet
2014-01-22 13:52 - 2013-12-04 11:41 - 00000000 ____D () C:\Documents and Settings\SummersA\Start Menu\Programs\6 Security
2014-01-22 13:52 - 2013-11-06 16:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\1 Aud_Vid
2014-01-22 09:31 - 2013-12-10 12:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CDRWIN 10
2014-01-22 09:25 - 2013-11-06 09:55 - 00000000 ____D () C:\Documents and Settings\SummersA\Local Settings\Application Data\privazer
2014-01-21 15:44 - 2014-01-21 15:44 - 00000687 _____ () C:\Documents and Settings\SummersA\Start Menu\Everything.lnk
2014-01-21 09:27 - 2014-01-21 09:27 - 00000000 ____D () C:\Program Files\NetChecker
2014-01-21 09:26 - 2013-12-10 12:01 - 00047024 _____ () C:\windows\wmsetup.log
2014-01-21 09:26 - 2007-09-14 21:08 - 00316640 _____ () C:\windows\WMSysPr9.prx
2014-01-21 09:20 - 2014-01-19 01:29 - 00001913 _____ () C:\windows\spupdsvc.log
2014-01-21 09:18 - 2013-11-07 08:31 - 00267008 _____ () C:\windows\system32\FNTCACHE.DAT
2014-01-20 05:37 - 2007-09-17 08:52 - 00000000 ____D () C:\windows\system32\NtmsData
2014-01-20 05:15 - 2013-10-30 12:36 - 00064512 _____ () C:\Documents and Settings\SummersA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-20 04:16 - 2013-12-07 08:10 - 00000000 ____D () C:\Documents and Settings\SummersA\Desktop\Factory
2014-01-20 03:30 - 2014-01-20 03:30 - 00000022 _____ () C:\windows\cmm.dat
2014-01-20 03:21 - 2014-01-20 03:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeraCopy
2014-01-20 03:20 - 2014-01-20 03:20 - 00000000 ____D () C:\windows\CleanMem
2014-01-20 03:18 - 2014-01-20 02:42 - 00000016 _____ () C:\InjectIntoProcess crash
2014-01-19 02:22 - 2014-01-16 15:44 - 00067358 _____ () C:\windows\KB2868626.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00787377 _____ () C:\windows\iis6.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00735763 _____ () C:\windows\FaxSetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00351764 _____ () C:\windows\ocgen.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00335556 _____ () C:\windows\tsoc.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00244253 _____ () C:\windows\comsetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00222214 _____ () C:\windows\msmqinst.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00147894 _____ () C:\windows\ntdtcsetup.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00128877 _____ () C:\windows\netfxocm.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00050575 _____ () C:\windows\MedCtrOC.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00040698 _____ () C:\windows\ocmsn.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00036931 _____ () C:\windows\tabletoc.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00036771 _____ () C:\windows\msgsocm.log
2014-01-19 02:22 - 2014-01-16 15:30 - 00001374 _____ () C:\windows\imsins.log
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB951376-v2$
2014-01-19 02:21 - 2014-01-19 02:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2868626$
2014-01-19 02:21 - 2014-01-19 02:20 - 00048257 _____ () C:\windows\KB951376-v2.log
2014-01-19 02:21 - 2014-01-19 01:09 - 00027292 _____ () C:\windows\updspapi.log
2014-01-19 02:21 - 2014-01-16 15:30 - 00001374 _____ () C:\windows\imsins.BAK
2014-01-19 02:20 - 2014-01-19 02:20 - 00000000 __HDC () C:\windows\$NtUninstallKB952954$
2014-01-19 02:20 - 2014-01-16 15:44 - 00069043 _____ () C:\windows\KB952954.log
2014-01-19 02:20 - 2013-10-29 14:54 - 00000000 ___HD () C:\windows\$hf_mig$
2014-01-19 02:19 - 2014-01-19 02:19 - 00000000 __HDC () C:\windows\$NtUninstallKB959426$
2014-01-19 02:19 - 2014-01-16 15:44 - 00067997 _____ () C:\windows\KB959426.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00047886 _____ () C:\windows\KB946648.log
2014-01-19 02:18 - 2014-01-19 02:18 - 00000000 __HDC () C:\windows\$NtUninstallKB946648$
2014-01-19 02:18 - 2014-01-19 02:17 - 00049243 _____ () C:\windows\KB2387149.log
2014-01-19 02:18 - 2007-09-14 21:05 - 00000000 ____D () C:\Program Files\Messenger
2014-01-19 02:17 - 2014-01-19 02:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2387149$
2014-01-19 02:17 - 2014-01-16 15:44 - 00068317 _____ () C:\windows\KB2712808.log
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB960859$
2014-01-19 02:16 - 2014-01-19 02:16 - 00000000 __HDC () C:\windows\$NtUninstallKB2712808$
2014-01-19 02:16 - 2014-01-16 15:43 - 00068536 _____ () C:\windows\KB960859.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00044661 _____ () C:\windows\KB2659262.log
2014-01-19 02:15 - 2014-01-19 02:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2659262$
2014-01-19 02:15 - 2014-01-19 02:14 - 00044932 _____ () C:\windows\KB2564958.log
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2758857$
2014-01-19 02:14 - 2014-01-19 02:14 - 00000000 __HDC () C:\windows\$NtUninstallKB2564958$
2014-01-19 02:14 - 2014-01-16 15:43 - 00065709 _____ () C:\windows\KB2758857.log
2014-01-19 02:13 - 2014-01-19 02:13 - 00000000 __HDC () C:\windows\$NtUninstallKB2544893-v2$
2014-01-19 02:13 - 2014-01-16 15:43 - 00065431 _____ () C:\windows\KB2544893-v2.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00042255 _____ () C:\windows\KB2834886.log
2014-01-19 02:12 - 2014-01-19 02:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2834886$
2014-01-19 02:12 - 2014-01-19 02:11 - 00045815 _____ () C:\windows\KB2536276-v2.log
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2585542$
2014-01-19 02:11 - 2014-01-19 02:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2536276-v2$
2014-01-19 02:11 - 2014-01-16 15:43 - 00066586 _____ () C:\windows\KB2585542.log
2014-01-19 02:10 - 2014-01-19 02:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2631813$
2014-01-19 02:10 - 2014-01-16 15:43 - 00065409 _____ () C:\windows\KB2631813.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00043005 _____ () C:\windows\KB2296011.log
2014-01-19 02:09 - 2014-01-19 02:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2296011$
2014-01-19 02:09 - 2014-01-16 15:43 - 00065138 _____ () C:\windows\KB2691442.log
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2900986$
2014-01-19 02:08 - 2014-01-19 02:08 - 00000000 __HDC () C:\windows\$NtUninstallKB2691442$
2014-01-19 02:08 - 2014-01-19 02:07 - 00041556 _____ () C:\windows\KB2900986.log
2014-01-19 02:07 - 2014-01-19 02:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2115168$
2014-01-19 02:07 - 2014-01-19 02:06 - 00043789 _____ () C:\windows\KB975558.log
2014-01-19 02:07 - 2014-01-16 15:42 - 00063900 _____ () C:\windows\KB2115168.log
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB975558_WM8$
2014-01-19 02:06 - 2014-01-19 02:06 - 00000000 __HDC () C:\windows\$NtUninstallKB955759$
2014-01-19 02:06 - 2014-01-19 02:05 - 00046472 _____ () C:\windows\KB955759.log
2014-01-19 02:05 - 2014-01-19 02:05 - 00000000 __HDC () C:\windows\$NtUninstallKB2847311$
2014-01-19 02:05 - 2014-01-16 15:43 - 00061711 _____ () C:\windows\KB2847311.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00041609 _____ () C:\windows\KB2378111.log
2014-01-19 02:04 - 2014-01-19 02:04 - 00000000 __HDC () C:\windows\$NtUninstallKB2378111_WM9$
2014-01-19 02:04 - 2014-01-16 15:42 - 00063588 _____ () C:\windows\KB974318.log
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB974318$
2014-01-19 02:03 - 2014-01-19 02:03 - 00000000 __HDC () C:\windows\$NtUninstallKB951978$
2014-01-19 02:03 - 2014-01-16 15:42 - 00065889 _____ () C:\windows\KB951978.log
2014-01-19 02:02 - 2014-01-19 02:02 - 00000000 __HDC () C:\windows\$NtUninstallKB969059$
2014-01-19 02:02 - 2014-01-16 15:42 - 00061967 _____ () C:\windows\KB969059.log
2014-01-19 02:01 - 2014-01-19 02:01 - 00000000 __HDC () C:\windows\$NtUninstallKB2443105$
2014-01-19 02:01 - 2014-01-16 15:42 - 00063761 _____ () C:\windows\KB2655992.log
2014-01-19 02:01 - 2014-01-16 15:41 - 00061757 _____ () C:\windows\KB2443105.log
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2802968$
2014-01-19 02:00 - 2014-01-19 02:00 - 00000000 __HDC () C:\windows\$NtUninstallKB2655992$
2014-01-19 02:00 - 2014-01-16 15:42 - 00062854 _____ () C:\windows\KB2802968.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00042710 _____ () C:\windows\KB2229593.log
2014-01-19 01:59 - 2014-01-19 01:59 - 00000000 __HDC () C:\windows\$NtUninstallKB2229593$
2014-01-19 01:59 - 2014-01-19 01:57 - 00053620 _____ () C:\windows\KB2898785-IE8.log
2014-01-19 01:58 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\ie8updates
2014-01-19 01:57 - 2014-01-19 01:57 - 00000000 __HDC () C:\windows\$NtUninstallKB950974$
2014-01-19 01:57 - 2014-01-16 15:42 - 00058705 _____ () C:\windows\KB2481109.log
2014-01-19 01:57 - 2014-01-16 15:42 - 00057556 _____ () C:\windows\KB950974.log
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2898715$
2014-01-19 01:56 - 2014-01-19 01:56 - 00000000 __HDC () C:\windows\$NtUninstallKB2481109$
2014-01-19 01:56 - 2014-01-16 15:43 - 00055561 _____ () C:\windows\KB2898715.log
2014-01-19 01:55 - 2014-01-19 01:55 - 00000000 __HDC () C:\windows\$NtUninstallKB975713$
2014-01-19 01:55 - 2014-01-16 15:42 - 00055732 _____ () C:\windows\KB975713.log
2014-01-19 01:55 - 2014-01-16 15:41 - 00055935 _____ () C:\windows\KB2598479.log
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2686509$
2014-01-19 01:54 - 2014-01-19 01:54 - 00000000 __HDC () C:\windows\$NtUninstallKB2598479$
2014-01-19 01:54 - 2014-01-19 01:53 - 00035524 _____ () C:\windows\KB2686509.log
2014-01-19 01:53 - 2014-01-19 01:53 - 00000000 __HDC () C:\windows\$NtUninstallKB982132$
2014-01-19 01:53 - 2014-01-19 01:52 - 00034312 _____ () C:\windows\KB2862335.log
2014-01-19 01:53 - 2014-01-16 15:41 - 00054336 _____ () C:\windows\KB982132.log
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB971657$
2014-01-19 01:52 - 2014-01-19 01:52 - 00000000 __HDC () C:\windows\$NtUninstallKB2862335$
2014-01-19 01:52 - 2014-01-16 15:41 - 00054266 _____ () C:\windows\KB971657.log
2014-01-19 01:51 - 2014-01-19 01:51 - 00000000 __HDC () C:\windows\$NtUninstallKB978338$
2014-01-19 01:51 - 2014-01-19 01:50 - 00032497 _____ () C:\windows\KB954155.log
2014-01-19 01:51 - 2014-01-16 15:41 - 00054897 _____ () C:\windows\KB978338.log
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB954155_WM9$
2014-01-19 01:50 - 2014-01-19 01:50 - 00000000 __HDC () C:\windows\$NtUninstallKB2507938$
2014-01-19 01:50 - 2014-01-16 15:40 - 00053660 _____ () C:\windows\KB2507938.log
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB972270$
2014-01-19 01:49 - 2014-01-19 01:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2780091$
2014-01-19 01:49 - 2014-01-16 15:41 - 00055068 _____ () C:\windows\KB2780091.log
2014-01-19 01:48 - 2014-01-19 01:48 - 00000000 __HDC () C:\windows\$NtUninstallKB2845187$
2014-01-19 01:48 - 2014-01-16 15:40 - 00051454 _____ () C:\windows\KB2845187.log
2014-01-19 01:48 - 2014-01-16 15:39 - 00053575 _____ () C:\windows\KB974112.log
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB974112$
2014-01-19 01:47 - 2014-01-19 01:47 - 00000000 __HDC () C:\windows\$NtUninstallKB956572$
2014-01-19 01:47 - 2014-01-19 01:46 - 00042700 _____ () C:\windows\KB956572.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00029711 _____ () C:\windows\KB2904266.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00006696 _____ () C:\windows\system32\TZLog.log
2014-01-19 01:46 - 2014-01-19 01:46 - 00000000 __HDC () C:\windows\$NtUninstallKB2904266$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2876217$
2014-01-19 01:45 - 2014-01-19 01:45 - 00000000 __HDC () C:\windows\$NtUninstallKB2347290$
2014-01-19 01:45 - 2014-01-16 15:41 - 00048844 _____ () C:\windows\KB2876217.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00031731 _____ () C:\windows\KB956844.log
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB979687$
2014-01-19 01:44 - 2014-01-19 01:44 - 00000000 __HDC () C:\windows\$NtUninstallKB956844$
2014-01-19 01:44 - 2014-01-16 15:38 - 00051059 _____ () C:\windows\KB979687.log
2014-01-19 01:43 - 2014-01-19 01:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2864063$
2014-01-19 01:43 - 2014-01-19 01:42 - 00030680 _____ () C:\windows\KB973869.log
2014-01-19 01:43 - 2014-01-16 15:41 - 00047842 _____ () C:\windows\KB2864063.log
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB975025$
2014-01-19 01:42 - 2014-01-19 01:42 - 00000000 __HDC () C:\windows\$NtUninstallKB973869$
2014-01-19 01:42 - 2014-01-16 15:39 - 00048315 _____ () C:\windows\KB975025.log
2014-01-19 01:42 - 2014-01-16 15:38 - 00048394 _____ () C:\windows\KB2719985.log
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB952004$
2014-01-19 01:41 - 2014-01-19 01:41 - 00000000 __HDC () C:\windows\$NtUninstallKB2719985$
2014-01-19 01:41 - 2014-01-16 15:39 - 00052393 _____ () C:\windows\KB952004.log
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB974571$
2014-01-19 01:40 - 2014-01-19 01:40 - 00000000 __HDC () C:\windows\$NtUninstallKB2862152$
2014-01-19 01:40 - 2014-01-16 15:40 - 00045807 _____ () C:\windows\KB2862152.log
2014-01-19 01:40 - 2014-01-16 15:38 - 00046953 _____ () C:\windows\KB974571.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00029377 _____ () C:\windows\KB2592799.log
2014-01-19 01:39 - 2014-01-19 01:39 - 00000000 __HDC () C:\windows\$NtUninstallKB2592799$
2014-01-19 01:38 - 2014-01-19 01:38 - 00000000 __HDC () C:\windows\$NtUninstallKB975560$
2014-01-19 01:38 - 2014-01-16 15:38 - 00046520 _____ () C:\windows\KB973507.log
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB973507$
2014-01-19 01:37 - 2014-01-19 01:37 - 00000000 __HDC () C:\windows\$NtUninstallKB2770660$
2014-01-19 01:36 - 2014-01-19 01:36 - 00028966 _____ () C:\windows\KB2535512.log
2014-01-19 01:36 - 2014-01-19 01:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2535512$
2014-01-19 01:36 - 2014-01-16 15:38 - 00046832 _____ () C:\windows\KB977816.log
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB950762$
2014-01-19 01:35 - 2014-01-19 01:35 - 00000000 __HDC () C:\windows\$NtUninstallKB2850869$
2014-01-19 01:35 - 2014-01-19 01:34 - 00028552 _____ () C:\windows\KB950762.log
2014-01-19 01:35 - 2014-01-16 15:40 - 00043998 _____ () C:\windows\KB2850869.log
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2876331$
2014-01-19 01:34 - 2014-01-19 01:34 - 00000000 __HDC () C:\windows\$NtUninstallKB2859537$
2014-01-19 01:34 - 2014-01-16 15:41 - 00047789 _____ () C:\windows\KB2859537.log
2014-01-19 01:34 - 2014-01-16 15:37 - 00043037 _____ () C:\windows\KB2876331.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00028703 _____ () C:\windows\KB2807986.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00027120 _____ () C:\windows\KB2570947.log
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2807986$
2014-01-19 01:33 - 2014-01-19 01:33 - 00000000 __HDC () C:\windows\$NtUninstallKB2570947$
2014-01-19 01:32 - 2014-01-19 01:32 - 00027671 _____ () C:\windows\KB952287.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00024636 _____ () C:\windows\KB978695.log
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB978695_WM9$
2014-01-19 01:32 - 2014-01-19 01:32 - 00000000 __HDC () C:\windows\$NtUninstallKB952287$
2014-01-19 01:32 - 2014-01-16 15:40 - 00046430 _____ () C:\windows\KB2820917.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00026780 _____ () C:\windows\KB2603381.log
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2820917$
2014-01-19 01:31 - 2014-01-19 01:31 - 00000000 __HDC () C:\windows\$NtUninstallKB2603381$
2014-01-19 01:31 - 2014-01-19 01:30 - 00030574 _____ () C:\windows\KB973904.log
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB973904$
2014-01-19 01:30 - 2014-01-19 01:30 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2014-01-19 01:30 - 2014-01-16 15:40 - 00045520 _____ () C:\windows\KB2757638.log
2014-01-19 01:30 - 2014-01-16 15:40 - 00043352 _____ () C:\windows\KB2893294.log
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB973540_WM9$
2014-01-19 01:29 - 2014-01-19 01:29 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2014-01-19 01:29 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2419632$
2014-01-19 01:29 - 2014-01-16 15:38 - 00051627 _____ () C:\windows\KB2419632.log
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB974392$
2014-01-19 01:28 - 2014-01-19 01:28 - 00000000 __HDC () C:\windows\$NtUninstallKB2653956$
2014-01-19 01:28 - 2014-01-16 15:38 - 00038908 _____ () C:\windows\KB974392.log
2014-01-19 01:28 - 2014-01-16 15:37 - 00038981 _____ () C:\windows\KB2653956.log
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB971029$
2014-01-19 01:27 - 2014-01-19 01:27 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2014-01-19 01:27 - 2014-01-16 15:40 - 00039226 _____ () C:\windows\KB2749655.log
2014-01-19 01:27 - 2014-01-16 15:39 - 00038820 _____ () C:\windows\KB971029.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00013090 _____ () C:\windows\KB2803821-v2.log
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2893984$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2803821-v2_WM9$
2014-01-19 01:26 - 2014-01-19 01:26 - 00000000 __HDC () C:\windows\$NtUninstallKB2506212$
2014-01-19 01:26 - 2014-01-16 15:40 - 00035738 _____ () C:\windows\KB2893984.log
2014-01-19 01:26 - 2014-01-16 15:37 - 00037806 _____ () C:\windows\KB2506212.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00017621 _____ () C:\windows\KB952069.log
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB977914$
2014-01-19 01:25 - 2014-01-19 01:25 - 00000000 __HDC () C:\windows\$NtUninstallKB952069_WM9$
2014-01-19 01:25 - 2014-01-16 15:37 - 00039955 _____ () C:\windows\KB977914.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00020653 _____ () C:\windows\KB2698365.log
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2014-01-19 01:24 - 2014-01-19 01:24 - 00000000 __HDC () C:\windows\$NtUninstallKB2698365$
2014-01-19 01:24 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2619339$
2014-01-19 01:24 - 2014-01-16 15:40 - 00033685 _____ () C:\windows\KB2892075.log
2014-01-19 01:24 - 2014-01-16 15:37 - 00033980 _____ () C:\windows\KB2619339.log
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB979309$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB978542$
2014-01-19 01:23 - 2014-01-19 01:23 - 00000000 __HDC () C:\windows\$NtUninstallKB2705219-v2$
2014-01-19 01:23 - 2014-01-16 15:37 - 00033148 _____ () C:\windows\KB978542.log
2014-01-19 01:23 - 2014-01-16 15:36 - 00035113 _____ () C:\windows\KB2705219-v2.log
2014-01-19 01:23 - 2014-01-16 15:33 - 00032081 _____ () C:\windows\KB979309.log
2014-01-19 01:23 - 2007-09-14 21:06 - 00000000 ____D () C:\Program Files\Outlook Express
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB979482$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB978706$
2014-01-19 01:22 - 2014-01-19 01:22 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2014-01-19 01:22 - 2014-01-16 15:36 - 00033221 _____ () C:\windows\KB978706.log
2014-01-19 01:22 - 2014-01-16 15:36 - 00033079 _____ () C:\windows\KB2727528.log
2014-01-19 01:22 - 2014-01-16 15:36 - 00032928 _____ () C:\windows\KB979482.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00017019 _____ () C:\windows\KB2723135-v2.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00016243 _____ () C:\windows\KB981997.log
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB981997$
2014-01-19 01:21 - 2014-01-19 01:21 - 00000000 __HDC () C:\windows\$NtUninstallKB2723135-v2$
2014-01-19 01:21 - 2014-01-16 15:36 - 00032867 _____ () C:\windows\KB960803.log
2014-01-19 01:21 - 2007-09-14 21:06 - 00000000 ____D () C:\Program Files\Movie Maker
2014-01-19 01:20 - 2014-01-19 01:20 - 00000000 __HDC () C:\windows\$NtUninstallKB960803$
2014-01-19 01:20 - 2014-01-16 15:36 - 00032167 _____ () C:\windows\KB973815.log
2014-01-19 01:20 - 2007-09-14 21:05 - 00000000 ____D () C:\windows\Registration
2014-01-19 01:19 - 2014-01-19 01:19 - 00000000 __HDC () C:\windows\$NtUninstallKB973815$
2014-01-19 01:17 - 2014-01-19 01:17 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2014-01-19 01:16 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2014-01-19 01:16 - 2014-01-16 15:36 - 00033933 _____ () C:\windows\KB2813345.log
2014-01-19 01:15 - 2014-01-19 01:15 - 00309116 _____ () C:\windows\msxml4-KB954430-enu.LOG
2014-01-19 01:15 - 2014-01-19 01:15 - 00000000 __HDC () C:\windows\$NtUninstallKB2676562$
2014-01-19 01:15 - 2014-01-16 15:35 - 00039272 _____ () C:\windows\KB2676562.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00315756 _____ () C:\windows\msxml4-KB973688-enu.LOG
2014-01-19 01:14 - 2014-01-19 01:14 - 00017153 _____ () C:\windows\KB2510531-IE8.log
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\windows\system32\MRT
2014-01-19 01:14 - 2014-01-19 01:14 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-01-19 01:13 - 2014-01-16 15:35 - 00030752 _____ () C:\windows\KB982665.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00016767 _____ () C:\windows\KB923561.log
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB982665$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB923561$
2014-01-19 01:12 - 2014-01-19 01:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2620712$
2014-01-19 01:12 - 2014-01-19 01:11 - 00014166 _____ () C:\windows\KB2566454.log
2014-01-19 01:12 - 2014-01-16 15:34 - 00030112 _____ () C:\windows\KB2620712.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00013807 _____ () C:\windows\KB2661637.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00011678 _____ () C:\windows\KB2914368.log
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2661637$
2014-01-19 01:11 - 2014-01-19 01:11 - 00000000 __HDC () C:\windows\$NtUninstallKB2566454$
2014-01-19 01:11 - 2014-01-16 15:32 - 00029634 _____ () C:\windows\KB2584146.log
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB975467$
2014-01-19 01:10 - 2014-01-19 01:10 - 00000000 __HDC () C:\windows\$NtUninstallKB2584146$
2014-01-19 01:10 - 2014-01-16 15:31 - 00030622 _____ () C:\windows\KB975467.log
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB968389$
2014-01-19 01:09 - 2014-01-19 01:09 - 00000000 __HDC () C:\windows\$NtUninstallKB2423089$
2014-01-19 01:09 - 2014-01-19 01:08 - 00012123 _____ () C:\windows\KB2423089.log
2014-01-19 01:09 - 2014-01-16 15:31 - 00033488 _____ () C:\windows\KB968389.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000159 _____ () C:\windows\wiadebug.log
2014-01-18 07:03 - 2014-01-18 07:03 - 00000049 _____ () C:\windows\wiaservc.log
2014-01-17 07:20 - 2013-10-30 12:36 - 00000000 ____D () C:\Documents and Settings\SummersA\Local Settings\Application Data\Adobe
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 __HDC () C:\windows\$NtUninstallKB898461$
2014-01-16 15:30 - 2014-01-16 15:30 - 00000000 ____D () C:\windows\system32\PreInstall
2014-01-16 15:30 - 2014-01-16 15:29 - 00019943 _____ () C:\windows\KB898461.log
2014-01-16 15:14 - 2013-11-05 11:45 - 00000000 ___HD () C:\windows\PIF
2014-01-16 11:27 - 2014-01-16 11:27 - 00001892 _____ () C:\sc-cleaner.txt
2014-01-16 11:25 - 2014-01-16 11:25 - 00000838 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Exploit.lnk
2014-01-16 11:06 - 2013-11-06 16:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7 Tweak
2014-01-16 10:53 - 2013-10-29 13:38 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-01-16 10:53 - 2013-10-29 13:38 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Documents and Settings\SummersA\Local Settings\temp\avgnt.exe
C:\Documents and Settings\SummersA\Local Settings\temp\ntdll_dump.dll
C:\Documents and Settings\SummersA\Local Settings\temp\Offercast_AVIRAV7_.exe


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

 

I trust that this is satisfactory.

 

Once again, thanks

summersa



#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 15 February 2014 - 10:49 PM

1.
Download AdwCleaner
  • Double click on AdwCleaner.exe to run the tool.
    ***Note: Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select
    "Run as administrator"
  • Click the Scan button.
     

  • Once the scan has finished click Clean to clean anything it finds.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your next reply.
  • Or you can find the logfile at C:\AdwCleaner[S1].txt.
  •  
     
    2.
    Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
    • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Click in the introduction screen "next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

Edited by fireman4it, 15 February 2014 - 10:50 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 summersa

summersa
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 16 February 2014 - 09:51 AM

Hi fireman4it,

 

here it goes

1st AdwCleaner -

 

# AdwCleaner v3.018 - Report created 16/02/2014 at 13:27:09
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : SummersA - SUMMERSA-LAP
# Running from : C:\Documents and Settings\SummersA\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1788 octets] - [16/02/2014 11:30:44]
AdwCleaner[R1].txt - [1849 octets] - [16/02/2014 12:44:48]
AdwCleaner[S0].txt - [1793 octets] - [16/02/2014 13:27:09]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1853 octets] ##########

 

Here is the mbar log -

 

# AdwCleaner v3.018 - Report created 16/02/2014 at 13:27:09
# Updated 28/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : SummersA - SUMMERSA-LAP
# Running from : C:\Documents and Settings\SummersA\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\SummersA\Application Data\Mozilla\Firefox\Profiles\s99y878b.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1788 octets] - [16/02/2014 11:30:44]
AdwCleaner[R1].txt - [1849 octets] - [16/02/2014 12:44:48]
AdwCleaner[S0].txt - [1793 octets] - [16/02/2014 13:27:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1853 octets] ##########

 

Finally the mbar system log -

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2113122304, free: 1391476736

Initializing...
======================
------------ Kernel report ------------
     02/16/2014 14:05:05
------------ Loaded modules -----------
\windows\system32\ntkrnlpa.exe
\windows\system32\hal.dll
\windows\system32\KDCOM.DLL
\windows\system32\BOOTVID.dll
spbz.sys
\windows\System32\Drivers\WMILIB.SYS
\windows\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
ohci1394.sys
\windows\system32\DRIVERS\1394BUS.SYS
vidsflt.sys
isapnp.sys
compbatt.sys
\windows\system32\DRIVERS\BATTC.SYS
pciide.sys
\windows\system32\DRIVERS\PCIIDEX.SYS
pcmcia.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\windows\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
hotcore3.sys
VolSnap.sys
atapi.sys
iaStor.sys
disk.sys
\windows\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
SYMDS.SYS
sr.sys
SYMEFA.SYS
KSecDD.sys
Ntfs.sys
NDIS.sys
vididr.sys
tib_mounter.sys
xssflt.sys
TWZDISK.sys
tib.sys
snapman.sys
Mup.sys
hpdskflt.sys
fltsrv.sys
EUBKMON.sys
eubakup.sys
BootDefragDriver.sys
ambakdrv.sys
\SystemRoot\system32\DRIVERS\idisw2km.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\kbstuff5.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\e1e5132.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\NETwLx32.sys
\SystemRoot\system32\DRIVERS\rismc32.sys
\SystemRoot\system32\DRIVERS\SMCLIB.SYS
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\rimmptsk.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\IFXTPM.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\cpqbttn.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\btkrnl.sys
\SystemRoot\system32\DRIVERS\dne2000.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\teefer.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\UimBus.sys
\SystemRoot\System32\Drivers\Uim_IM.sys
\SystemRoot\System32\Drivers\UimFIO.SYS
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\WDFLDR.SYS
\SystemRoot\System32\Drivers\wdf01000.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\btport.sys
\SystemRoot\system32\drivers\btaudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdAud.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\AEAudio.sys
\SystemRoot\system32\DRIVERS\HSFHWAZL.sys
\SystemRoot\system32\DRIVERS\HSF_DPV.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\ccSetx86.sys
\SystemRoot\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSP.SYS
\SystemRoot\system32\DRIVERS\ATSwpDrv.sys
\SystemRoot\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SRTSPX.SYS
\SystemRoot\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\Ironx86.SYS
\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
\??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVEX15.SYS
\??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20140213.033\NAVENG.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\Drivers\SEP\0C010FAD\0FAD.105\x86\SYMTDI.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\??\C:\WINDOWS\system32\Drivers\TWZFILE.sys
\SystemRoot\system32\Drivers\SysPlant.sys
\??\C:\WINDOWS\system32\drivers\STGMFEngine32.sys
\??\C:\WINDOWS\system32\drivers\Sleen18.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\??\C:\Program Files\6 Security\SASKUTIL.SYS
\??\C:\Program Files\6 Security\SASDIFSV.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\WINDOWS\system32\drivers\EuFdDisk.sys
\??\C:\WINDOWS\system32\drivers\eudskacs.sys
\??\C:\Program Files\6 Security\MB Anti-Exploit\MBAE.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140121.011\BHDrvx86.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\system32\DRIVERS\AegisP.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\??\C:\WINDOWS\system32\amwrtdrv.sys
\??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\WinisoCDBus.sys
\SystemRoot\System32\Drivers\TDTCP.SYS
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\WINDOWS\system32\CCM\prepdrv.sys
\??\C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20140213.013\IDSxpx86.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
\WINDOWS\system32\sysferThunk.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8ad10ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-12\
Lower Device Object: 0xffffffff8acd4d98
Lower Device Driver Name: \Driver\atapi\
IRP handler 0 of \Driver\atapi is hooked
IRP handler 2 of \Driver\atapi is hooked
IRP handler 14 of \Driver\atapi is hooked
IRP handler 15 of \Driver\atapi is hooked
IRP handler 22 of \Driver\atapi is hooked
IRP handler 23 of \Driver\atapi is hooked
IRP handler 27 of \Driver\atapi is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8ad10ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-12\
Lower Device Object: 0xffffffff8acd4d98
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8ad10ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a9ece18, DeviceName: Unknown, DriverName: \Driver\TWZDISK\
DevicePointer: 0xffffffff8ad39e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8ad10938, DeviceName: Unknown, DriverName: \Driver\xssflt\
DevicePointer: 0xffffffff8ad10ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8accbd58, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xffffffff8acea990, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xffffffff8acd69e8, DeviceName: \Device\000000e5\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8acd4d98, DeviceName: \Device\Ide\IdeDeviceP2T0L0-12\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\PartMgr\
Upper DeviceData: 0xffffffffe66b3c88, 0xffffffff8ad10ab8, 0xffffffff874c4ab8
Lower DeviceData: 0xffffffffe66b4310, 0xffffffff8acd4d98, 0xffffffff8854f6c8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\WINDOWS\SYSTEM32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80D2F3EE

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 123925410  Numsec = 188651295
    Partition is not bootable

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 16065  Numsec = 123909345

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 160041885696 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-16064-312561808-312581808)...
Done!
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished
=======================================


Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-0-123925410-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

 

 

 

Hope this is as required, thanks

 

All the best.

summersa



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 17 February 2014 - 01:30 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 summersa

summersa
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 17 February 2014 - 05:29 PM

ok.
"Freezing" of the machine seems to be less...
However, -
Task man still shows +-50% on graph, but on Processes it us about 2 to 10%
Firefox opens with Homepage "Intranet.com"
It should be "Intranet" only
Everything loads slower from Outlook to Firefox
Also sometimes I have 2 Processes for "Explorer" running
So i go into Task Man and shut one of them diown and I get it right, CPUthen goes down completely
Bottom line though is "Intermittently" -
- I still get Explorer loading twice
- Firefox loads twice per Task man ™
- In Process Hacker - i could have a dozen Firefox "Network entries" regardless of TM
- I can close all but 2 in PH & my Firefox tabs still all stay open

Yes there seems to be some improvement in terms of lower CPU or Internet usage
bottom line though is that there is still CPU & Internet usage which is "unaccounted" for

Hope this helps...

#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 17 February 2014 - 11:54 PM

1.

Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next Reply.

 

 

2.

  •    
  • Download RogueKiller on the desktop
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Scan 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 summersa

summersa
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Africa
  • Local time:06:18 PM

Posted 18 February 2014 - 01:07 PM

Hi fireman4it, Here we go, log for JRT - Junkware Removal Tool (JRT) by Thisisu Version: 6.1.1 (02.04.2014:1) OS: Microsoft Windows XP x86 Ran by SummersA on 2014/02/18 at 19:34:41.78 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ FireFox Successfully deleted: [Folder] C:\Documents and Settings\SummersA\Application Data\mozilla\firefox\profiles\s99y878b.default\extensions\staged Successfully deleted the following from C:\Documents and Settings\SummersA\Application Data\mozilla\firefox\profiles\s99y878b.default\prefs.js user_pref("extensions.ui.lastCategory", "addons://search/free%20download%20manager"); Emptied folder: C:\Documents and Settings\SummersA\Application Data\mozilla\firefox\profiles\s99y878b.default\minidumps [1 files] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 2014/02/18 at 19:46:37.67 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ and now for Rogue Killer - RogueKiller V8.8.7 [Feb 11 2014] by Tigzy mail : tigzyRKgmailcom Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : SummersA [Admin rights] Mode : Scan -- Date : 02/18/2014 19:51:34 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ [Address] SSDT[12] : NtAlertResumeThread @ 0x805D4C0C -> HOOKED (Unknown @ 0x8A107E88) [Address] SSDT[13] : NtAlertThread @ 0x805D4BBC -> HOOKED (Unknown @ 0x8A0EADF0) [Address] SSDT[17] : NtAllocateVirtualMemory @ 0x805A8AEE -> HOOKED (Unknown @ 0x8A0E0D98) [Address] SSDT[19] : NtAssignProcessToJobObject @ 0x805D66D0 -> HOOKED (Unknown @ 0x8A0D1DC8) [Address] SSDT[31] : NtConnectPort @ 0x805A4604 -> HOOKED (Unknown @ 0x8A9670B0) [Address] SSDT[43] : NtCreateMutant @ 0x80617822 -> HOOKED (Unknown @ 0x8A0D3AC8) [Address] SSDT[52] : NtCreateSymbolicLinkObject @ 0x805C3A2E -> HOOKED (Unknown @ 0x8A090F60) [Address] SSDT[53] : NtCreateThread @ 0x805D1068 -> HOOKED (Unknown @ 0x8A104EE0) [Address] SSDT[57] : NtDebugActiveProcess @ 0x80643CB2 -> HOOKED (Unknown @ 0x8A0D1E60) [Address] SSDT[68] : NtDuplicateObject @ 0x805BE03C -> HOOKED (Unknown @ 0x8A0FFD98) [Address] SSDT[83] : NtFreeVirtualMemory @ 0x805B2FE6 -> HOOKED (Unknown @ 0x8A67CF38) [Address] SSDT[89] : NtImpersonateAnonymousToken @ 0x805F9362 -> HOOKED (Unknown @ 0x8A0D3B70) [Address] SSDT[91] : NtImpersonateThread @ 0x805D7890 -> HOOKED (Unknown @ 0x8A107DF0) [Address] SSDT[97] : NtLoadDriver @ 0x80584172 -> HOOKED (Unknown @ 0x8A9660D0) [Address] SSDT[108] : unknown @ 0x805B206E -> HOOKED (Unknown @ 0x8A6C0FB0) [Address] SSDT[114] : NtOpenEvent @ 0x8060F1E0 -> HOOKED (Unknown @ 0x8A0EEB30) [Address] SSDT[122] : NtOpenProcess @ 0x805CB486 -> HOOKED (C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xA6B98184) [Address] SSDT[123] : NtOpenProcessToken @ 0x805EE030 -> HOOKED (Unknown @ 0x8A100DA8) [Address] SSDT[125] : NtOpenSection @ 0x805AA420 -> HOOKED (Unknown @ 0x8A0D1F90) [Address] SSDT[128] : NtOpenThread @ 0x805CB712 -> HOOKED (C:\WINDOWS\system32\drivers\mbamchameleon.sys @ 0xA6B982D0) [Address] SSDT[137] : NtProtectVirtualMemory @ 0x805B8452 -> HOOKED (Unknown @ 0x8A0D1D20) [Address] SSDT[206] : NtResumeThread @ 0x805D4A48 -> HOOKED (Unknown @ 0x8A0EAE88) [Address] SSDT[213] : NtSetContextThread @ 0x805D2C4A -> HOOKED (Unknown @ 0x8A10BE00) [Address] SSDT[228] : NtSetInformationProcess @ 0x805CDED0 -> HOOKED (Unknown @ 0x8A10BE78) [Address] SSDT[240] : NtSetSystemInformation @ 0x8060FE98 -> HOOKED (Unknown @ 0x8A0D1EF8) [Address] SSDT[253] : NtSuspendProcess @ 0x805D4B10 -> HOOKED (Unknown @ 0x8A0EEAB8) [Address] SSDT[254] : NtSuspendThread @ 0x805D4982 -> HOOKED (Unknown @ 0x8A10DDF0) [Address] SSDT[257] : NtTerminateProcess @ 0x805D2308 -> HOOKED (Unknown @ 0x8A0E5990) [Address] SSDT[258] : unknown @ 0x805D2502 -> HOOKED (Unknown @ 0x8A10DE88) [Address] SSDT[267] : NtUnmapViewOfSection @ 0x805B2E7C -> HOOKED (Unknown @ 0x8A0CA9A8) [Address] SSDT[277] : NtWriteVirtualMemory @ 0x805B4400 -> HOOKED (Unknown @ 0x8A6C1EE8) [Address] Shadow SSDT[307] : NtUserAttachThreadInput -> HOOKED (Unknown @ 0x88321260) [Address] Shadow SSDT[383] : NtUserGetAsyncKeyState -> HOOKED (Unknown @ 0x88304268) [Address] Shadow SSDT[414] : NtUserGetKeyboardState -> HOOKED (Unknown @ 0x88301268) [Address] Shadow SSDT[416] : NtUserGetKeyState -> HOOKED (Unknown @ 0x883E7260) [Address] Shadow SSDT[428] : NtUserGetRawInputData -> HOOKED (Unknown @ 0x8A749D40) [Address] Shadow SSDT[460] : NtUserMessageCall -> HOOKED (Unknown @ 0x8A75ED20) [Address] Shadow SSDT[475] : NtUserPostMessage -> HOOKED (Unknown @ 0x88C19D40) [Address] Shadow SSDT[476] : NtUserPostThreadMessage -> HOOKED (Unknown @ 0x8A815D40) [Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8AB0D250) [Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8A0E2AA0) [Inline] EAT @explorer.exe (KiFastSystemCallRet) : ntdll.dll -> HOOKED (C:\windows\System32\SYSFER.DLL @ 0x65238D50) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) FUJITSU MHZ2160BH G2 +++++ --- User --- [MBR] af912738204c144a2ecdb67da25ec72d [BSP] 8da71c96d519a84222194e101c8d6503 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 123925410 | Size: 92114 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 60502 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_02182014_195134.txt >> Take note that I have only Scanned with Rogue Killer and I have not removed anything. If I need to remove anything, I will run it again and remove as per instructions. Many thanks summersa

#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 18 February 2014 - 03:55 PM

1.

  •    
  • Re-Run RogueKiller
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Delete 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again

 

 

 

2.

 ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 26 February 2014 - 10:39 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 28 February 2014 - 02:06 PM

This topic has been re-opened at the request of the person who originally posted.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 28 February 2014 - 02:08 PM

1.

Please delete your copy of TDSSKiller and download the latest version from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    image001h.png
  • Click the Start Scan button.

    19695967.jpg
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

 

2.

Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop

Link 1
Link 2

  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • RcAuto1.gif
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    whatnext.png
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
 

 

 

Things to include in your next reply::

TdssKiller log

Combofix.txt

How is your machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:18 AM

Posted 02 March 2014 - 04:36 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users