Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus possibly messed with security software.


  • This topic is locked This topic is locked
21 replies to this topic

#1 doveman

doveman

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 17 August 2014 - 08:07 PM

My sister phoned me the other night, saying that when she booted her XP-running laptop (Acer Travelmate 5720, Core 2 Duo 2Ghz with 1GB RAM), the desktop icons weren't appearing and then she was getting popups saying something like 'your PC is infected, click here to clean/download cleaner'. So I told her to turn it off and give it to our Dad when she next saw him so that he could take a look.

 

He ran something called VIPRE, which seems to have removed a couple of Trojans and produced the attached .xml. I then told him to run dds in Safe Mode and the attach.txt does show several errors with services, including Microsoft Antimalware (MSE) and Truevector Internet Monitor (ZoneAlarm), which makes me suspect a virus interfered with the security software.

 

Anyway, when I booted it, it updated MSE and did some Windows Updates and ZoneAlarm seems to be working OK, so perhaps it's fixed but I'd obviously like to make sure there's nothing nasty lurking before I give it back to her. I've replaced MSE with Avast now and disabled ZoneAlarm's WOT browser plugin to use Avast's instead. I removed LogMeIn some time ago, so any references to that are just left over registry keys I guess. I've been using TeamViewer portable when needed.

 

Thanks for reading. I will be grateful for your assistance.

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702
Run by JM at 19:39:50 on 2014-08-17
Microsoft Windows XP Professional  5.1.2600.3.1252.44.1033.18.1014.536 [GMT 1:00]
.
.
============== Running Processes ================
.
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
G:\AV\SBAVC\sbavc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
mWinlogon: SFCDisable = dword:-99
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe"
uRun: [eNMTray.exe] <no file>
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [ePower_DMC] c:\acer\empowering technology\epower\ePower_DMC.exe
mRun: [Boot] c:\acer\empowering technology\epower\Boot.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [ZoneAlarm] "c:\program files\checkpoint\zonealarm\zatray.exe"
mRun: [ISW] <no file>
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: ForceClassicControlPanel = dword:1
uPolicies-Explorer: NoResolveTrack = dword:1
uPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: ForceClassicControlPanel = dword:1
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{A1E31593-3CD3-40CC-842D-4516945CFDED} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2012-11-7 527408]
R2 vsmon;TrueVector Internet Monitor;c:\program files\checkpoint\zonealarm\vsmon.exe -service --> c:\program files\checkpoint\zonealarm\vsmon.exe -service [?]
R3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2012-6-25 54144]
S1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165648]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27056]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2011-11-3 497320]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2010-10-15 47640]
S3 flash;flash;c:\windows\system32\drivers\flash.sys [2010-10-15 8064]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2014-8-17 43368]
S3 gfiutil;gfiutil;c:\windows\system32\drivers\gfiutil.sys [2014-8-17 24040]
S3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2010-10-15 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-10-15 32512]
S3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2011-11-23 131856]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2014-08-17 21:11:36 -------- d-sh--w- C:\$RECYCLE.BIN
2014-08-17 17:10:33 62576 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ebe24383-5be5-46b7-a43d-91d52187fc0b}\offreg.dll
2014-08-17 16:07:51 8217224 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ebe24383-5be5-46b7-a43d-91d52187fc0b}\mpengine.dll
2014-08-17 15:58:13 24040 ----a-w- c:\windows\system32\drivers\gfiutil.sys
2014-08-17 15:58:12 43368 ----a-w- c:\windows\system32\drivers\gfiark.sys
2014-08-16 21:37:25 -------- d-----w- c:\documents and settings\main\local settings\application data\PCHealth
.
==================== Find3M  ====================
.
.
============= FINISH: 19:40:08.60 ===============
 

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 18 August 2014 - 02:32 PM

Hello Doveman.  My name is Johnny Computer and I will be helping you clean up your computer today.  Please give me some time to look over your log and I will be back with further instructions as soon as possible.
 
Thanks :)

Edited by Johnny Computer, 19 August 2014 - 10:48 AM.

avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#3 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 19 August 2014 - 07:29 AM

Hi Johnny,

 

Thanks for offering to help. I look forward to hearing back from you once you've had a chance to look over the logs.



#4 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 19 August 2014 - 09:19 AM

Hello Doveman-


 

Hello and    :welcome:   to BLEEPING COMPUTER

My name is Johnny Computer and I will be helping you with your malware related computer issues today   

Before we move on, please read the following points carefully.

§  First, I would like to inform you that most of us here at Bleeping Computer are volunteers. The logs you will be asked to submit can take time to analyze. Please try to match our commitment to you with your patience toward us. 

§  Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.

§  IMPORTANT-----> Post all logfiles as a reply rather than as an attachment. If you can not post all log files in one reply, feel free to use more posts.

§  Perform everything in the correct order. Sometimes one step requires the previous one.

§  If you have any problems while following my instructions, Stop and ask any questions you may have.

§  Please stay with me until I have notified you that your system is All Clean. Absence of symptoms does not necessarily mean your machine is clean. 

§  If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

 

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data

 

  =======================================================================================================

 

Please download AdwCleaner by Xplode and save to your Desktop.

§  Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator

§  Click on the Scan button.

§  AdwCleaner will begin...be patient as the scan may take some time to complete.

§  After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).

§  The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.

§  Copy and paste the contents of that logfile in your next reply.

§  A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

  =========================================================================================================

 

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

 

§  Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).

§  When the tool opens, click Yes to disclaimer.

§  Press the Scan button.

§  When finished, it will produce a log called FRST.txt in the same directory the tool was run from.

§  Please copy and paste the log in your next reply.

 

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

 ==============================================================================================================================

 

 

IN YOUR NEXT REPLY I NEED:

 

1.)  ADWCleaner log

2.)  FRST Log

3.) Can you tell me if you are still not able to see your desktop icons, if you are still seeing the pop ups, and if you are experiencing any other issues with your system that may lead you to believe you are infected.

 

 

Thanks :)

 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#5 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 19 August 2014 - 11:56 AM

Hi Johnny,

 

Please find the requested logs below. Earlier I got a prompt to upgrade ZoneAlarm so downloaded the latest version from the official website but after installing, Windows would BSOD after loading, so I've completely removed that now. I'll probably try Comodo Firewall once we've finished here, as I normally use that. I tried doing a sfc /scannow after uninstalling ZoneAlarm just in case it had messed up any system files but although it started off OK, after a while it started throwing up repeated complaints about not being able to find certain files and requesting a different CD (I'm using a slipstreamed SP3 ISO with the I386 folder extracted to D:\I386 and the appropriate registry keys pointed to there) so I had to abort that eventually.

 

The desktop icons are appearing normally now and I can't see anything obvious that would suggest it's still infected but maybe the logs will show something's still lurking.

 

# AdwCleaner v3.307 - Report created 19/08/2014 at 16:30:25
# Updated 17/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JM - PC
# Running from : G:\AV\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Temp\XP\Uninstall.exe
Folder Found : C:\Documents and Settings\Main\Application Data\CheckPoint\ZoneAlarm LTD Toolbar

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [3518 octets] - [19/08/2014 16:30:25]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3578 octets] ##########

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-08-2014 01
Ran by JM (administrator) on PC on 19-08-2014 16:37:18
Running from G:\AV
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor Corp.) C:\Temp\XP\RtkBtMnt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\.DEFAULT\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [Google Update] => C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-10-16] (Google Inc.)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [NetMeter] => C:\Program Files\NetMeter\NetMeter.exe [293888 2009-08-09] ()
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [DVDFab Passkey] => C:\Program Files\DVDFab Passkey\DVDFabPasskey.exe [1392672 2012-05-22] (Fengtao Software Inc.)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {2B30390B-D685-41C4-9E05-31DCD61059F4} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKCU - {2B30390B-D685-41C4-9E05-31DCD61059F4} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-15]
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-18]

Chrome:
=======
CHR HomePage: https://startpage.com/
CHR StartupUrls: "https://uk.yahoo.com/", "https://startpage.com/"
CHR DefaultSearchKeyword: startpage.com
CHR DefaultSearchProvider: Startpage HTTPS - UK
CHR DefaultSearchURL: https://startpage.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=english_uk
CHR DefaultSuggestURL:
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (getPlusPlus for Adobe 16291) - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (WOT) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-10-18]
CHR Extension: (FlashBlock) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-08-19]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-18]
CHR Extension: (FLV Video Downloader) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khgbngepgkjeffdkkpnblnlogfjehbjn [2014-08-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-18]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-18] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
S4 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2010-10-15] (Meetinghouse Data Communications) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-18] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-18] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-18] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-18] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 dvdfab; C:\WINDOWS\System32\drivers\dvdfab.sys [54144 2011-08-15] (Fengtao Software Inc.)
R2 EpmPsd; C:\WINDOWS\system32\drivers\epm-psd.sys [4096 2004-07-19] (Acer Value Labs, USA) [File not signed]
R2 EpmShd; C:\WINDOWS\system32\drivers\epm-shd.sys [78208 2005-04-07] (Acer Value Labs, USA) [File not signed]
S3 flash; C:\WINDOWS\system32\drivers\flash.sys [8064 2005-11-17] () [File not signed]
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [24040 2013-09-04] (ThreatTrack Security)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210816 2007-04-26] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-04-26] (Conexant Systems, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [32512 2005-11-02] (CACE Technologies) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
U3 rpcapd;
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
S1 vcdrom; C:\Tools\VCdRom.sys [8576 2001-12-19] (Microsoft Corporation) [File not signed]
S3 WLAN_USB; C:\WINDOWS\System32\DRIVERS\wlanUSB.sys [50176 2002-01-17] () [File not signed]
S4 IntelIde; No ImagePath
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S4 LMIRfsClientNP; No ImagePath
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-10-15] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 16:37 - 2014-08-19 16:37 - 00000000 ____D () C:\FRST
2014-08-19 16:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-08-19 16:29 - 2001-08-23 13:00 - 00025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpn.sys
2014-08-19 16:28 - 2008-04-14 05:42 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
2014-08-19 16:28 - 2008-04-14 05:42 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
2014-08-19 16:28 - 2008-04-14 05:41 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\h323cc.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gzip.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpmib.dll
2014-08-19 16:28 - 2008-04-14 05:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
2014-08-19 16:28 - 2008-04-13 23:16 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbth.sys
2014-08-19 16:28 - 2008-04-13 23:15 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidir.sys
2014-08-19 16:28 - 2008-04-13 23:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2014-08-19 16:28 - 2008-04-13 23:10 - 00028288 _____ (Gemplus) C:\WINDOWS\system32\dllcache\grserial.sys
2014-08-19 16:28 - 2008-04-13 23:06 - 00046464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gagp30kx.sys
2014-08-19 16:28 - 2008-04-13 23:06 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2014-08-19 16:28 - 2001-08-23 13:00 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2014-08-19 16:28 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpctrs2.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2014-08-19 16:28 - 2001-08-17 21:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpdigwia.dll
2014-08-19 16:28 - 2001-08-17 21:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fuusd.dll
2014-08-19 16:28 - 2001-08-17 13:56 - 01733120 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400d.dll
2014-08-19 16:28 - 2001-08-17 13:56 - 00470144 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200d.dll
2014-08-19 16:28 - 2001-08-17 13:02 - 00008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidgame.sys
2014-08-19 16:28 - 2001-08-17 12:51 - 00082304 _____ (Gemplus) C:\WINDOWS\system32\dllcache\grclass.sys
2014-08-19 16:28 - 2001-08-17 12:51 - 00017408 _____ (Gemplus) C:\WINDOWS\system32\dllcache\gpr400.sys
2014-08-19 16:28 - 2001-08-17 11:49 - 00322432 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400m.sys
2014-08-19 16:28 - 2001-08-17 11:49 - 00320384 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200m.sys
2014-08-19 16:27 - 2014-08-19 16:27 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-19 16:27 - 2008-04-14 05:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
2014-08-19 16:27 - 2008-04-14 05:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
2014-08-19 16:27 - 2008-04-14 05:41 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
2014-08-19 16:27 - 2008-04-14 05:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exstrace.dll
2014-08-19 16:27 - 2008-04-14 05:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2014-08-19 16:27 - 2008-04-13 21:06 - 00137088 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\essm2e.sys
2014-08-19 16:27 - 2008-04-13 21:05 - 00034173 _____ (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\forehe.sys
2014-08-19 16:27 - 2003-03-24 16:52 - 00618605 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4autl.dll
2014-08-19 16:27 - 2003-03-24 16:52 - 00094208 _____ () C:\WINDOWS\system32\dllcache\fpencode.dll
2014-08-19 16:27 - 2003-03-24 16:52 - 00024632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2014-08-19 16:27 - 2003-03-24 16:52 - 00020541 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00057856 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00045056 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00031744 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00025856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2014-08-19 16:27 - 2001-08-23 13:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2014-08-19 16:27 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-08-19 16:27 - 2001-08-17 21:36 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fnfilter.dll
2014-08-19 16:27 - 2001-08-17 21:36 - 00061952 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnloop.exe
2014-08-19 16:27 - 2001-08-17 21:36 - 00053248 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqndiag.exe
2014-08-19 16:27 - 2001-08-17 21:36 - 00051200 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnlogr.exe
2014-08-19 16:27 - 2001-08-17 12:53 - 00007296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\elmsmc.sys
2014-08-19 16:27 - 2001-08-17 12:50 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epcfw2k.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00283904 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\emu10k1m.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00174464 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es198x.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00072192 _____ (ESS Technology Inc.) C:\WINDOWS\system32\dllcache\es1969.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00063360 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\ess.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00040704 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1371mp.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00037120 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1370mp.sys
2014-08-19 16:27 - 2001-08-17 11:17 - 00629952 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqn.sys
2014-08-19 16:27 - 2001-08-17 11:13 - 00027165 _____ (VIA Technologies, Inc. ) C:\WINDOWS\system32\dllcache\fetnd5.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00024618 _____ (NETGEAR) C:\WINDOWS\system32\dllcache\fa410nd5.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00018503 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\epro4.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00016998 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\ex10.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00016074 _____ (NETGEAR Corp.) C:\WINDOWS\system32\dllcache\fa312nd5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00455199 _____ (3Com Corporation.) C:\WINDOWS\system32\dllcache\el985n51.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00171520 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el99xn51.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00153631 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xnd5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00070174 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el98xn5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00066591 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xbc5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00012362 _____ (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xi.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00011850 _____ (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xj.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00025159 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\elnk3.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD335.tmp
2014-08-19 16:27 - 2001-08-17 11:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD332.tmp
2014-08-19 16:27 - 2001-08-17 11:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\fem556n5.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD2FD.tmp
2014-08-19 16:27 - 2001-08-17 11:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\OLD2FA.tmp
2014-08-19 16:27 - 2001-08-17 11:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\em556n4.sys
2014-08-19 16:26 - 2008-04-13 23:09 - 00206976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4.sys
2014-08-19 16:26 - 2001-08-23 13:00 - 00514587 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\edb500.dll
2014-08-19 16:26 - 2001-08-17 21:36 - 00110621 _____ (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.dll
2014-08-19 16:26 - 2001-08-17 12:47 - 00023808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4usb.sys
2014-08-19 16:26 - 2001-08-17 12:47 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4prt.sys
2014-08-19 16:26 - 2001-08-17 12:47 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4scan.sys
2014-08-19 16:26 - 2001-08-17 11:20 - 00334208 _____ (Yamaha Corp.) C:\WINDOWS\system32\dllcache\ds1wdm.sys
2014-08-19 16:26 - 2001-08-17 11:17 - 00042432 _____ (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e100b325.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00050719 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e1000nt5.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00028062 _____ (National Semiconductor Coproration) C:\WINDOWS\system32\dllcache\dp83820.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00019594 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e100isa4.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00077386 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el656nd5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00069194 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el656cd5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00029696 _____ (CNet Technology, Inc. ) C:\WINDOWS\system32\dllcache\dm9pci5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00026698 _____ (D-Link Corporation) C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00069692 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el575nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00055999 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el556nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00044103 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el515.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00026141 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el589nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00024653 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el574nd4.sys
2014-08-19 16:25 - 2008-04-14 05:42 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\davcdata.exe
2014-08-19 16:25 - 2008-04-14 05:41 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dataclen.dll
2014-08-19 16:25 - 2008-04-14 05:41 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dcap32.dll
2014-08-19 16:25 - 2008-04-14 04:41 - 00249856 _____ (Comtrol® Corporation) C:\WINDOWS\system32\dllcache\ctmasetp.dll
2014-08-19 16:25 - 2008-04-13 21:06 - 00048640 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwrwdm.sys
2014-08-19 16:25 - 2001-08-23 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2014-08-19 16:25 - 2001-08-17 21:36 - 00419357 _____ (Digi International) C:\WINDOWS\system32\dllcache\dgconfig.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00256512 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devcon32.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csamsp.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc260usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc240usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyycoins.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzports.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyports.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzcoins.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210_32.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00024064 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devldr32.exe
2014-08-19 16:25 - 2001-08-17 21:36 - 00004096 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctwdm32.dll
2014-08-19 16:25 - 2001-08-17 12:52 - 00007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ddsmc.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyport.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00049792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzport.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclad-z.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclom-y.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00111872 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcspud.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00096256 _____ (Copyright © Creative Technology Ltd. 1994-2001) C:\WINDOWS\system32\dllcache\ctlsb16.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00093952 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcwdm.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00072832 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbwdm.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00042112 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\crtaud.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00006912 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctlfacem.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003584 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcosnt5.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003072 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbmidi.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003072 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbase.sys
2014-08-19 16:25 - 2001-08-17 11:17 - 00090525 _____ (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifep5.sys
2014-08-19 16:25 - 2001-08-17 11:17 - 00029531 _____ (Digi International Inc.) C:\WINDOWS\system32\dllcache\dgapci.sys
2014-08-19 16:25 - 2001-08-17 11:12 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\d100ib5.sys
2014-08-19 16:25 - 2001-08-17 11:12 - 00063208 _____ (Intel Corporation.) C:\WINDOWS\system32\dllcache\dc21x4.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00024649 _____ (D-Link) C:\WINDOWS\system32\dllcache\dfe650d.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00024648 _____ (D-Link) C:\WINDOWS\system32\dllcache\dfe650.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00020928 _____ (Digital Networks, LLC) C:\WINDOWS\system32\dllcache\defpa.sys
2014-08-19 16:24 - 2008-04-14 05:42 - 01032192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\conf.exe
2014-08-19 16:24 - 2008-04-14 05:42 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cleanmgr.exe
2014-08-19 16:24 - 2008-04-14 05:42 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cisvc.exe
2014-08-19 16:24 - 2008-04-14 05:41 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\callcont.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ciodm.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\confmrsl.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compfilt.dll
2014-08-19 16:24 - 2008-04-14 04:41 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.dll
2014-08-19 16:24 - 2008-04-14 04:41 - 00015423 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
2014-08-19 16:24 - 2008-04-13 23:11 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\changer.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ciadmin.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_864.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_862.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_858.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_720.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_870.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00054528 _____ (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cpqarray.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00013952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cbidf2k.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cb32.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cidaemon.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cd20xrnt.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2014-08-19 16:24 - 2001-08-17 21:37 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.ax
2014-08-19 16:24 - 2001-08-17 21:37 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.ax
2014-08-19 16:24 - 2001-08-17 21:37 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.ax
2014-08-19 16:24 - 2001-08-17 21:36 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.dll
2014-08-19 16:24 - 2001-08-17 21:36 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.dll
2014-08-19 16:24 - 2001-08-17 21:36 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnusd.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00170880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546x.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00111232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl5465.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00091264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.dll
2014-08-19 16:24 - 2001-08-17 13:05 - 00314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdro21.sys
2014-08-19 16:24 - 2001-08-17 13:04 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv21.sys
2014-08-19 16:24 - 2001-08-17 13:04 - 00171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv30.sys
2014-08-19 16:24 - 2001-08-17 12:57 - 00248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546xm.sys
2014-08-19 16:24 - 2001-08-17 12:57 - 00045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.sys
2014-08-19 16:24 - 2001-08-17 12:51 - 00020736 _____ (OMNIKEY AG) C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
2014-08-19 16:24 - 2001-08-17 12:51 - 00006656 _____ (CMD Technology, Inc.) C:\WINDOWS\system32\dllcache\cmdide.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00049182 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem56n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00046108 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cben5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00027164 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce3n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00022044 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem33n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00022044 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem28n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00021533 _____ (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\cpqndis5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00021530 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce2n5.sys
2014-08-19 16:24 - 2001-08-17 11:12 - 00039680 _____ (Silicom Ltd.) C:\WINDOWS\system32\dllcache\cb325.sys
2014-08-19 16:24 - 2001-08-17 11:12 - 00037916 _____ (Fast Ethernet Controller Provider) C:\WINDOWS\system32\dllcache\cb102.sys
2014-08-19 16:24 - 2001-08-17 11:11 - 00039936 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\dllcache\cnxt1803.sys
2014-08-19 16:23 - 2008-04-14 05:42 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\blastcln.exe
2014-08-19 16:23 - 2008-04-14 04:42 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdaplgin.ax
2014-08-19 16:23 - 2008-04-13 23:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthpan.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthmodem.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthprint.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdasup.sys
2014-08-19 16:23 - 2001-08-23 13:00 - 00195618 _____ () C:\WINDOWS\system32\dllcache\c_10002.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00189986 _____ () C:\WINDOWS\system32\dllcache\c_1361.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00187938 _____ () C:\WINDOWS\system32\dllcache\c_20005.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00186402 _____ () C:\WINDOWS\system32\dllcache\c_20001.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00185378 _____ () C:\WINDOWS\system32\dllcache\c_20003.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180770 _____ () C:\WINDOWS\system32\dllcache\c_20932.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20004.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20000.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_20949.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_10003.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20936.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20002.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_10008.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00162850 _____ () C:\WINDOWS\system32\dllcache\c_10001.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00082172 _____ () C:\WINDOWS\system32\dllcache\bopomofo.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066728 _____ () C:\WINDOWS\system32\dllcache\big5.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_708.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_28596.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21027.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21025.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20924.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20880.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20871.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20838.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20833.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20424.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20423.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20420.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20297.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20290.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20285.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20284.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20280.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20278.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20277.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20273.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20269.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20108.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20107.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20106.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20105.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1149.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1148.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1147.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1146.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1145.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1144.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1143.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1142.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1141.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1140.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1047.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10021.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10005.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10004.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
2014-08-19 16:23 - 2001-08-23 13:00 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\beep.sys
2014-08-19 16:23 - 2001-08-17 21:36 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\binlsvc.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brmfcwia.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00041472 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfusb.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00032256 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfrsmg.exe
2014-08-19 16:23 - 2001-08-17 21:36 - 00029696 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmflpt.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00019456 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brbidiif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00015360 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfbidi.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00012800 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brevif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00009728 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brserif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00009728 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brcoinst.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00005120 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\dllcache\brscnrsm.dll
2014-08-19 16:23 - 2001-08-17 13:56 - 00342336 _____ (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.dll
2014-08-19 16:23 - 2001-08-17 12:51 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bulltlp3.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00060416 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brserwdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00039552 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparwdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00012160 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltlo.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00011008 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbmdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00010368 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbscn.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00003968 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltup.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00003168 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparimg.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00002944 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brfilt.sys
2014-08-19 16:23 - 2001-08-17 11:48 - 00036128 _____ (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.sys
2014-08-19 16:23 - 2001-08-17 11:19 - 00036992 _____ (Aztech Systems Ltd) C:\WINDOWS\system32\dllcache\aztw2320.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00066557 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42u.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00054271 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42xx5.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00031529 _____ (BreezeCOM) C:\WINDOWS\system32\dllcache\brzwlan.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00026568 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm4e5.sys
2014-08-19 16:22 - 2008-04-14 04:42 - 00023040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativmvxx.ax
2014-08-19 16:22 - 2008-04-14 04:42 - 00009728 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativdaxx.ax
2014-08-19 16:22 - 2008-04-14 04:41 - 00516768 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ativvaxx.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00032768 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativtmxx.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00025471 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv04nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00021183 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv01nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00017279 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv10nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00014143 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv06nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00011359 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv02nt5.dll
2014-08-19 16:22 - 2008-04-13 23:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avc.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00104960 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinrvxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00073216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atintuxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00063488 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinxsxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00052224 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinraxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00031744 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinxbxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00028672 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinsnxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinttxx.sys
2014-08-19 16:22 - 2001-08-23 13:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
2014-08-19 16:22 - 2001-08-17 13:56 - 00104832 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiraged.dll
2014-08-19 16:22 - 2001-08-17 13:01 - 00036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcaudio.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00049920 _____ () C:\WINDOWS\system32\dllcache\atirtcap.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00026880 _____ () C:\WINDOWS\system32\dllcache\atirtsnd.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00026624 _____ () C:\WINDOWS\system32\dllcache\ativxbar.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00023552 _____ () C:\WINDOWS\system32\dllcache\atixbar.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00019456 _____ () C:\WINDOWS\system32\dllcache\ativttxx.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00017152 _____ () C:\WINDOWS\system32\dllcache\atitvsnd.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00017152 _____ () C:\WINDOWS\system32\dllcache\atitunep.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00010240 _____ () C:\WINDOWS\system32\dllcache\atipcxxx.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00009472 _____ () C:\WINDOWS\system32\dllcache\ativmdcd.sys
2014-08-19 16:22 - 2001-08-17 11:48 - 00070528 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiragem.sys
2014-08-19 16:21 - 2014-08-19 16:31 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:21 - 2008-04-14 05:41 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
2014-08-19 16:21 - 2008-04-14 05:41 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\appconf.dll
2014-08-19 16:21 - 2008-04-14 05:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admexs.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 01888992 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ati3duag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00870784 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00377984 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2dvaa.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00229376 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2cqag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00201728 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2dvag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00004255 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv01nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003967 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv02nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003775 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv11nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003711 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv09nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003647 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv07nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003615 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv05nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003135 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv08nt5.dll
2014-08-19 16:21 - 2008-04-13 23:16 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\61883.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00044928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agpcpq.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\dllcache\amdagp.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\alim1541.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agp440.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00231552 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ac97ali.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00084480 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\ac97via.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00010880 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\admjoy.sys
2014-08-19 16:21 - 2008-04-13 21:05 - 00036224 _____ (ADMtek Incorporated.) C:\WINDOWS\system32\dllcache\an983.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00701440 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2mtag.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00327040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2mtaa.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00063663 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1rvxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00057856 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinbtxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00056623 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1btxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00036463 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1tuxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00034735 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1xsxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00030671 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1raxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00029455 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1xbxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00026367 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1snxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00021343 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1ttxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00014336 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinpdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinmdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00012047 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1pdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00011615 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1mdxx.sys
2014-08-19 16:21 - 2007-04-02 23:56 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0408.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040e.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt041f.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0419.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0415.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0405.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00056960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78xx.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78u2.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00026496 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\abp480n5.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asc3350p.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00014848 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc3550.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aha154x.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\amsint.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
2014-08-19 16:21 - 2001-08-17 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-08-19 16:21 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-08-19 16:21 - 2001-08-17 21:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agcgauge.ax
2014-08-19 16:21 - 2001-08-17 21:36 - 00462848 _____ (Aureal Inc.) C:\WINDOWS\system32\dllcache\a3dapi.dll
2014-08-19 16:21 - 2001-08-17 21:36 - 00098304 _____ (Aureal Semiconductor) C:\WINDOWS\system32\dllcache\a3d.dll
2014-08-19 16:21 - 2001-08-17 21:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atievxx.exe
2014-08-19 16:21 - 2001-08-17 13:56 - 00268160 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidvai.dll
2014-08-19 16:21 - 2001-08-17 13:56 - 00137216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrae.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00382592 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrab.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ati.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\8514a.dll
2014-08-19 16:21 - 2001-08-17 12:57 - 00077568 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\dllcache\ati.sys
2014-08-19 16:21 - 2001-08-17 12:53 - 00007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adicvls.sys
2014-08-19 16:21 - 2001-08-17 12:51 - 00005248 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\aliide.sys
2014-08-19 16:21 - 2001-08-17 12:49 - 00026624 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\alifir.sys
2014-08-19 16:21 - 2001-08-17 12:47 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\apmbatt.sys
2014-08-19 16:21 - 2001-08-17 11:49 - 00075136 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpae.sys
2014-08-19 16:21 - 2001-08-17 11:49 - 00046464 _____ () C:\WINDOWS\system32\dllcache\atibt829.sys
2014-08-19 16:21 - 2001-08-17 11:48 - 00289664 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpab.sys
2014-08-19 16:21 - 2001-08-17 11:48 - 00281600 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimtai.sys
2014-08-19 16:21 - 2001-08-17 11:20 - 00297728 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\dllcache\ac97sis.sys
2014-08-19 16:21 - 2001-08-17 11:20 - 00096256 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\ac97intc.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00747392 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8830.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00584448 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8810.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00553984 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8820.sys
2014-08-19 16:21 - 2001-08-17 11:12 - 00097354 _____ (Bay Networks, Inc.) C:\WINDOWS\system32\dllcache\aspndis3.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00046112 _____ (Adaptec, Inc ) C:\WINDOWS\system32\dllcache\adptsf50.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00027678 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ali5261.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00020160 _____ (ADMtek Incorporated) C:\WINDOWS\system32\dllcache\adm8511.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00016969 _____ (AmbiCom, Inc.) C:\WINDOWS\system32\dllcache\amb8002.sys
2014-08-19 16:20 - 2001-08-17 13:55 - 00689216 _____ (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvs.dll
2014-08-19 16:20 - 2001-08-17 11:48 - 00148352 _____ (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvsm.sys
2014-08-19 16:19 - 2001-08-17 13:06 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\1394vdbg.sys
2014-08-19 16:18 - 2008-04-14 05:42 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsnap.dll
2014-08-19 16:18 - 2008-04-14 05:42 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpadm.dll
2014-08-19 16:18 - 2008-04-14 05:42 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstas.exe
2014-08-19 16:18 - 2008-04-14 05:42 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\staxmem.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrtl.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isatq.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisext51.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismap.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoadmn.dll
2014-08-19 16:18 - 2008-04-14 05:40 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logui.ocx
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpash.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnepr.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdiultn.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdbhc.dll
2014-08-19 16:18 - 2004-05-13 00:39 - 00598071 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00032827 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00020541 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00020538 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00020536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00016437 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisui.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetsloc.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisreset.exe
2014-08-19 16:18 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.exe
2014-08-19 16:18 - 2001-08-23 13:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamregps.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsapi2.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstap.dll
2014-08-19 16:18 - 2001-08-17 13:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adsiis51.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\coadmin.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admwprox.dll
2014-08-19 16:17 - 2008-04-14 05:39 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certwiz.ocx
2014-08-19 16:17 - 2008-04-14 05:39 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnfgprts.ocx
2014-08-19 16:17 - 2004-05-13 00:39 - 00876653 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
2014-08-19 16:17 - 2004-05-13 00:39 - 00184435 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00188494 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00188480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00147513 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00109328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00102509 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00082035 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00049212 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00049210 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00041020 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00032826 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00020540 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00020540 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00016439 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00016439 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00014608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
2014-08-19 16:17 - 2001-08-23 13:00 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certmap.ocx
2014-08-19 16:00 - 2014-08-19 16:00 - 00000000 ____D () C:\Tools
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\WINDOWS\system32\xircom
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\xerox
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\netmeeting
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-08-19 15:34 - 2014-08-19 15:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-02.dmp
2014-08-19 15:32 - 2014-08-19 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-01.dmp
2014-08-19 15:25 - 2014-08-19 15:25 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
2014-08-19 15:11 - 2014-08-19 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-19 15:09 - 2014-08-19 15:09 - 00000374 _____ () C:\Documents and Settings\Main\Desktop\Downloads.lnk
2014-08-19 14:59 - 2014-08-19 14:56 - 00000768 _____ () C:\Documents and Settings\Main\Desktop\Sandboxed Web Browser.lnk
2014-08-19 14:57 - 2014-08-19 14:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-19 13:01 - 2014-08-19 13:02 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-19 13:00 - 2014-08-19 13:00 - 00000000 ____D () C:\Program Files\Adobe
2014-08-19 12:50 - 2014-08-19 12:50 - 00000817 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk
2014-08-19 12:50 - 2014-08-19 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2014-08-18 02:35 - 2014-08-18 02:35 - 00000732 _____ () C:\Documents and Settings\Main\Start Menu\Programs\IronPortable.lnk
2014-08-18 01:28 - 2014-08-19 16:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-18 01:23 - 2014-08-18 01:23 - 00002279 _____ () C:\Documents and Settings\Main\Desktop\Google Chrome.lnk
2014-08-18 01:23 - 2014-08-18 01:23 - 00000000 ____D () C:\Documents and Settings\Main\Start Menu\Programs\Google Chrome
2014-08-18 01:10 - 2014-08-18 01:10 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\AVAST Software
2014-08-18 01:09 - 2014-08-18 01:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-18 01:08 - 2014-08-19 16:01 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-18 01:08 - 2014-08-18 01:09 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 01:08 - 2014-08-18 01:08 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 01:08 - 2014-08-18 01:08 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 01:06 - 2014-08-18 01:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 01:05 - 2014-08-18 01:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-18 00:13 - 2014-08-18 00:13 - 00001710 _____ () C:\Documents and Settings\Main\Start Menu\Programs\Starter.lnk
2014-08-18 00:13 - 2014-08-18 00:13 - 00000000 ____D () C:\Program Files\CodeStuff
2014-08-17 23:54 - 2014-08-19 15:56 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-17 23:54 - 2014-08-19 12:29 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-17 20:51 - 2014-08-17 20:51 - 00012972 _____ () C:\WINDOWS\KB2868626.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00012404 _____ () C:\WINDOWS\KB2922229.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-17 20:47 - 2014-08-17 20:47 - 00011972 _____ () C:\WINDOWS\KB2916036.log
2014-08-17 20:47 - 2014-08-17 20:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-17 20:29 - 2014-08-17 20:46 - 00011479 _____ () C:\WINDOWS\KB2934207.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00012607 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00011488 _____ () C:\WINDOWS\KB2898715.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010877 _____ () C:\WINDOWS\KB2900986.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010344 _____ () C:\WINDOWS\KB2904266.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010107 _____ () C:\WINDOWS\KB2929961.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-17 20:28 - 2014-08-17 20:29 - 00010657 _____ () C:\WINDOWS\KB2930275.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00010052 _____ () C:\WINDOWS\KB2862152.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-17 20:27 - 2014-08-17 20:27 - 00009684 _____ () C:\WINDOWS\KB2876331.log
2014-08-17 20:27 - 2014-08-17 20:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-17 20:24 - 2014-08-17 20:24 - 00009017 _____ () C:\WINDOWS\KB2893294.log
2014-08-17 20:24 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-17 20:23 - 2014-08-17 20:24 - 00008359 _____ () C:\WINDOWS\KB2892075.log
2014-08-17 20:23 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-17 20:23 - 2014-08-17 20:23 - 00008677 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-08-17 20:22 - 2014-08-17 20:23 - 00014542 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00004887 _____ () C:\WINDOWS\KB2914368.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-17 20:06 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-08-17 19:57 - 2014-08-17 19:57 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-17 17:32 - 2014-08-17 17:32 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
2014-08-17 16:58 - 2013-09-04 14:57 - 00024040 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiutil.sys
2014-08-17 16:58 - 2013-05-23 08:39 - 00043368 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiark.sys
2014-08-17 16:55 - 2014-08-19 15:34 - 00000000 __SHD () C:\WINDOWS\CSC

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 16:37 - 2014-08-19 16:37 - 00000000 ____D () C:\FRST
2014-08-19 16:31 - 2014-08-19 16:21 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:29 - 2010-11-28 15:53 - 00249170 _____ () C:\WINDOWS\setupapi.log
2014-08-19 16:27 - 2014-08-19 16:27 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-19 16:24 - 2010-10-15 18:43 - 00004202 _____ () C:\WINDOWS\Sandboxie.ini
2014-08-19 16:19 - 2014-08-18 01:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-19 16:07 - 2010-10-16 01:27 - 00000988 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003UA.job
2014-08-19 16:05 - 2010-10-15 18:49 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-19 16:01 - 2014-08-18 01:08 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-19 16:00 - 2014-08-19 16:00 - 00000000 ____D () C:\Tools
2014-08-19 15:56 - 2014-08-17 23:54 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-19 15:56 - 2010-10-15 17:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-19 15:56 - 2010-10-15 16:47 - 01444498 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\WINDOWS\system32\xircom
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\xerox
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\netmeeting
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-08-19 15:55 - 2010-10-15 22:36 - 00000278 ___SH () C:\Documents and Settings\Main\ntuser.ini
2014-08-19 15:55 - 2010-10-15 22:36 - 00000000 ____D () C:\Documents and Settings\Main
2014-08-19 15:55 - 2010-10-15 17:46 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-08-19 15:55 - 2010-10-15 17:42 - 00000000 ____D () C:\WINDOWS\ime
2014-08-19 15:55 - 2010-10-15 17:42 - 00000000 ____D () C:\WINDOWS\Help
2014-08-19 15:55 - 2010-10-15 16:49 - 00032572 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-19 15:55 - 2010-10-15 16:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-19 15:50 - 2010-10-15 17:44 - 00517858 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-19 15:44 - 2012-01-13 22:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-08-19 15:34 - 2014-08-19 15:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-02.dmp
2014-08-19 15:34 - 2014-08-17 16:55 - 00000000 __SHD () C:\WINDOWS\CSC
2014-08-19 15:32 - 2014-08-19 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-01.dmp
2014-08-19 15:32 - 2010-11-12 15:44 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-19 15:31 - 2010-10-15 17:44 - 00112584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-19 15:26 - 2010-10-15 18:50 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-08-19 15:25 - 2014-08-19 15:25 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
2014-08-19 15:11 - 2014-08-19 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-19 15:09 - 2014-08-19 15:09 - 00000374 _____ () C:\Documents and Settings\Main\Desktop\Downloads.lnk
2014-08-19 15:04 - 2011-11-17 18:12 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\CheckPoint
2014-08-19 14:57 - 2014-08-19 14:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-19 14:56 - 2014-08-19 14:59 - 00000768 _____ () C:\Documents and Settings\Main\Desktop\Sandboxed Web Browser.lnk
2014-08-19 13:07 - 2011-11-17 18:18 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\Spotify
2014-08-19 13:02 - 2014-08-19 13:01 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-19 13:01 - 2010-10-27 22:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-08-19 13:01 - 2010-10-27 22:11 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-19 13:00 - 2014-08-19 13:00 - 00000000 ____D () C:\Program Files\Adobe
2014-08-19 12:50 - 2014-08-19 12:50 - 00000817 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk
2014-08-19 12:50 - 2014-08-19 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2014-08-19 12:50 - 2012-09-17 15:45 - 00000000 ____D () C:\Program Files\TeamViewer
2014-08-19 12:49 - 2010-10-15 18:43 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-19 12:29 - 2014-08-17 23:54 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-19 12:29 - 2010-10-15 16:11 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-18 02:35 - 2014-08-18 02:35 - 00000732 _____ () C:\Documents and Settings\Main\Start Menu\Programs\IronPortable.lnk
2014-08-18 02:20 - 2013-01-25 23:09 - 00011913 _____ () C:\WINDOWS\KB2686509.log
2014-08-18 02:20 - 2013-01-25 23:09 - 00000094 _____ () C:\WINDOWS\faultykeyboard.log
2014-08-18 01:30 - 2013-05-29 21:33 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-18 01:30 - 2012-01-13 22:21 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-18 01:23 - 2014-08-18 01:23 - 00002279 _____ () C:\Documents and Settings\Main\Desktop\Google Chrome.lnk
2014-08-18 01:23 - 2014-08-18 01:23 - 00000000 ____D () C:\Documents and Settings\Main\Start Menu\Programs\Google Chrome
2014-08-18 01:19 - 2010-10-16 01:27 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003Core.job
2014-08-18 01:10 - 2014-08-18 01:10 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\AVAST Software
2014-08-18 01:09 - 2014-08-18 01:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-18 01:09 - 2014-08-18 01:08 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 01:08 - 2014-08-18 01:08 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 01:08 - 2014-08-18 01:08 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 01:06 - 2014-08-18 01:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 01:06 - 2014-08-18 01:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-18 01:04 - 2011-11-17 17:47 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-08-18 00:44 - 2010-12-01 14:33 - 00000614 _____ () C:\WINDOWS\setupact.log
2014-08-18 00:13 - 2014-08-18 00:13 - 00001710 _____ () C:\Documents and Settings\Main\Start Menu\Programs\Starter.lnk
2014-08-18 00:13 - 2014-08-18 00:13 - 00000000 ____D () C:\Program Files\CodeStuff
2014-08-18 00:04 - 2010-10-14 23:24 - 00000461 ____H () C:\menu.lst
2014-08-17 20:51 - 2014-08-17 20:51 - 00012972 _____ () C:\WINDOWS\KB2868626.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00012404 _____ () C:\WINDOWS\KB2922229.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-17 20:51 - 2013-10-11 21:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-17 20:51 - 2011-01-12 00:19 - 00042490 _____ () C:\WINDOWS\updspapi.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00858434 _____ () C:\WINDOWS\iis6.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00791432 _____ () C:\WINDOWS\FaxSetup.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00376448 _____ () C:\WINDOWS\ocgen.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00361154 _____ () C:\WINDOWS\tsoc.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00264050 _____ () C:\WINDOWS\comsetup.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00242624 _____ () C:\WINDOWS\msmqinst.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00159842 _____ () C:\WINDOWS\ntdtcsetup.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00054400 _____ () C:\WINDOWS\MedCtrOC.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00039808 _____ () C:\WINDOWS\tabletoc.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-08-17 20:47 - 2014-08-17 20:47 - 00011972 _____ () C:\WINDOWS\KB2916036.log
2014-08-17 20:47 - 2014-08-17 20:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-17 20:46 - 2014-08-17 20:29 - 00011479 _____ () C:\WINDOWS\KB2934207.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00012607 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00011488 _____ () C:\WINDOWS\KB2898715.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010877 _____ () C:\WINDOWS\KB2900986.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010344 _____ () C:\WINDOWS\KB2904266.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010107 _____ () C:\WINDOWS\KB2929961.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-17 20:29 - 2014-08-17 20:28 - 00010657 _____ () C:\WINDOWS\KB2930275.log
2014-08-17 20:29 - 2010-10-15 21:58 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-17 20:29 - 2010-10-15 16:48 - 00035180 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00010052 _____ () C:\WINDOWS\KB2862152.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-17 20:27 - 2014-08-17 20:27 - 00009684 _____ () C:\WINDOWS\KB2876331.log
2014-08-17 20:27 - 2014-08-17 20:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-17 20:24 - 2014-08-17 20:24 - 00009017 _____ () C:\WINDOWS\KB2893294.log
2014-08-17 20:24 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-17 20:24 - 2014-08-17 20:23 - 00008359 _____ () C:\WINDOWS\KB2892075.log
2014-08-17 20:24 - 2014-08-17 20:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-17 20:23 - 2014-08-17 20:23 - 00008677 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-08-17 20:23 - 2014-08-17 20:22 - 00014542 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00004887 _____ () C:\WINDOWS\KB2914368.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-17 19:57 - 2014-08-17 19:57 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-17 17:32 - 2014-08-17 17:32 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
2014-08-16 20:02 - 2010-10-24 15:55 - 00002433 _____ () C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
2014-08-14 20:05 - 2010-11-07 00:28 - 00002511 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2014-08-05 09:20 - 2010-10-18 20:34 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-07-31 23:42 - 2010-10-15 22:02 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-08-2014 01
Ran by JM at 2014-08-19 16:38:01
Running from G:\AV
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acer Crystal Eye Webcam Video Class Camera  (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.32.500-1.0a - Suyin)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.03.4003 - Acer)
Acer eNet Management (HKLM\...\{C06554A1-2C1E-4D20-B613-EE62C79927CC}) (Version: 2.05.4003 - Acer)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 2.00.4003 - Acer Inc)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.91 - NOS Microsystems Ltd.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Back to the Future The Game - Episode 1 (HKLM\...\Episode 1) (Version: 1.0.0.0 - Telltale Games)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
C4200 (Version: 90.0.222.000 - Hewlett-Packard) Hidden
C4200_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 9.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DVDFab Passkey 8.0.6.4 (22/05/2012) (HKLM\...\DVDFab Passkey 8_is1) (Version:  - Fengtao Software Inc.)
Eraser 6.0.7.1893 (HKLM\...\{38BA2875-D7AD-4611-ABA3-C385051ADF42}) (Version: 6.7.1893 - The Eraser Project)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version:  - )
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
HP Photosmart All-In-One Software 9.0 (HKLM\...\{B09BCBF6-87EE-4403-A336-3A9510856535}) (Version: 9.0 - HP)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Photosmart Essential2.01 (Version: 1.01.0000 - Hewlett-Packard) Hidden
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 0.0.0.0000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0.API - Intel Corporation)
Launch Manager (HKLM\...\LManager) (Version:  - )
LAV Filters 0.51.3 (HKLM\...\lavfilters_is1) (Version: 0.51.3 - Hendrik Leppkes)
Machinarium (HKLM\...\Machinarium) (Version: 11.10.09 - Amanita Design, s.r.o.)
mCore (Version: 9.03.0000 - Intel Corporation) Hidden
Media Player Classic - Home Cinema v1.4.2499.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.4.2499.0 - MPC-HC Team) <==== ATTENTION
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Office XP Standard for Students and Teachers (HKLM\...\{913D0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mMHouse (Version: 9.03.0000 - Intel Corporation) Hidden
mPfMgr (Version: 9.03.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
Nero 7 Lite 7.7.5.1 (HKLM\...\Nero7Lite_is1) (Version: 7.7.5.1 - Updatepack.nl)
NetMeter 1.1.4 BETA (HKLM\...\NetMeter_is1) (Version:  - ReadError)
PS_AIO_ProductContext (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.01.0000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5423 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
Sandboxie 4.12 (32-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.1.64.g5c5914e3 - Spotify AB)
Status (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.15.0 - Synaptics)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}) (Version: 2.00.0002 - Texas Instruments Inc.)
The Humans (HKLM\...\{79E0927E-6347-495F-83C1-92B0AB252B07}) (Version: 1.00.0000 - Deep Silver)
The Sims™ 2 Double Deluxe (HKLM\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
TIPCI (Version: 2.00.0002 - Texas Instruments Inc.) Hidden
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
TrayApp (Version: 90.0.146.000 - Hewlett-Packard) Hidden
TreeSize Professional 3.21 (HKLM\...\TreeSize Professional_is1) (Version:  - JAM Software)
Tweak UI (HKLM\...\Tweak UI 2.10) (Version:  - )
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2362765) (HKLM\...\KB2362765-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VideoToolkit01 (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Wallace and Gromit Grand Adventures (HKLM\...\{9BB6FE41-A1CA-493D-AE34-5ADB4FE0DC03}) (Version: 1.00.0000 - Telltale Games)
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wireless LAN Utility (HKLM\...\{1C0E7CA0-C65C-11D5-B2CD-000086470202}) (Version:  - )
WOT for Internet Explorer (HKLM\...\{F99520C7-7EE6-472E-8DD8-E60003A9292F}) (Version: 10.8.30.0 - WOT Services Oy)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
ZoneAlarm Free Firewall (HKLM\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.99\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.57\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.69\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.2.183.39\goopdate.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.79\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.123\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.115\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.65\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-606747145-602162358-1801674531-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.111\psuser.dll N (the data entry has 6 more characters).

==================== Restore Points  =========================

25-07-2014 10:57:28 System Checkpoint
26-07-2014 18:50:31 System Checkpoint
27-07-2014 19:06:50 System Checkpoint
28-07-2014 19:55:12 System Checkpoint
30-07-2014 09:58:53 System Checkpoint
01-08-2014 12:54:32 System Checkpoint
03-08-2014 13:10:19 System Checkpoint
04-08-2014 14:28:30 System Checkpoint
05-08-2014 15:07:41 System Checkpoint
07-08-2014 08:38:37 System Checkpoint
08-08-2014 19:03:24 System Checkpoint
09-08-2014 20:12:51 System Checkpoint
10-08-2014 22:00:43 System Checkpoint
12-08-2014 13:11:09 System Checkpoint
13-08-2014 14:45:02 System Checkpoint
17-08-2014 19:08:41 Software Distribution Service 3.0
17-08-2014 23:05:21 Software Distribution Service 3.0
17-08-2014 23:40:20 Software Distribution Service 3.0
18-08-2014 00:06:14 avast! antivirus system restore point
18-08-2014 01:20:30 Software Distribution Service 3.0
19-08-2014 12:54:49 System Checkpoint
19-08-2014 14:25:26 Installed Windows KB954550-v5.
19-08-2014 14:25:34 Printer Driver Microsoft XPS Document Writer Installed
19-08-2014 14:25:47 Printer Driver Microsoft XPS Document Writer Installed

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-10-15 16:09 - 2001-08-23 14:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003Core.job => C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003UA.job => C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2007-02-21 11:13 - 2007-02-21 11:13 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-08-18 01:08 - 2014-08-18 01:08 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-19 12:33 - 2014-08-19 12:34 - 02797568 _____ () C:\Program Files\AVAST Software\Avast\defs\14081800\algo.dll
2010-10-15 16:12 - 2013-01-02 07:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2014-08-18 01:08 - 2014-08-18 01:08 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk => C:\WINDOWS\pss\Acer Empowering Technology.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Wireless LAN Utility.lnk => C:\WINDOWS\pss\Wireless LAN Utility.lnkCommon Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IgfxTray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: PLFSetL => C:\WINDOWS\PLFSetL.exe

==================== Faulty Device Manager Devices =============

Name: HDAUDIO Soft Data Fax Modem with SmartCP
Description: HDAUDIO Soft Data Fax Modem with SmartCP
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: CXT
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Texas Instruments PCIxx12 Cardbus Controller
Description: Generic CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: pcmcia
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: Texas Instruments
Service: ohci1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Texas Instruments PCIxx12 Integrated FlashMedia Controller
Description: Texas Instruments PCIxx12 Integrated FlashMedia Controller
Class Guid: {4D36E970-E325-11CE-BFC1-08002BE10318}
Manufacturer: Texas Instruments Inc
Service: tifm21
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2014 02:16:35 AM) (Source: MsiInstaller) (EventID: 10005) (User: PC)
Description: Product: Microsoft Fix it 50882 -- This Microsoft Fix it does not apply to your operating system or application version.

Error: (08/18/2014 01:02:16 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (08/18/2014 00:43:38 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/18/2014 00:43:38 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/17/2014 08:21:28 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80070003moaccachereset4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (08/17/2014 08:10:30 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry80240016begininstallinstall3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The directory name is invalid.

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The directory name is invalid.

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The directory name is invalid.

Error: (08/17/2014 06:08:38 PM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The directory name is invalid.

System errors:
=============
Error: (08/19/2014 04:31:23 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:23:31 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:23:26 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:22:15 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:06:11 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:05:48 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:05:46 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 04:01:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 03:58:34 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error: (08/19/2014 03:58:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service hpqcxs08 with arguments ""
in order to run the server:
{1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Microsoft Office Sessions:
=========================
Error: (08/18/2014 02:16:35 AM) (Source: MsiInstaller) (EventID: 10005) (User: PC)
Description: Product: Microsoft Fix it 50882 -- This Microsoft Fix it does not apply to your operating system or application version.(NULL)(NULL)(NULL)

Error: (08/18/2014 01:02:16 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (08/18/2014 00:43:38 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/18/2014 00:43:38 AM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/17/2014 08:21:28 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry0x80070003moaccachereset4.4.304.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (08/17/2014 08:10:30 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry80240016begininstallinstall3.0.8402.0mpsigdwn.dll3.0.8402.0microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094)NILNILNIL

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe directory name is invalid.

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe directory name is invalid.

Error: (08/17/2014 06:08:39 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe directory name is invalid.

Error: (08/17/2014 06:08:38 PM) (Source: crypt32) (EventID: 11) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe directory name is invalid.

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T7300 @ 2.00GHz
Percentage of memory in use: 39%
Total physical RAM: 1014.36 MB
Available physical RAM: 610.64 MB
Total Pagefile: 2440.91 MB
Available Pagefile: 2101.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.18 MB

==================== Drives ================================

Drive c: (XP) (Fixed) (Total:24.31 GB) (Free:12.36 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DATA) (Fixed) (Total:124.74 GB) (Free:33.3 GB) NTFS
Drive g: (Win81AIO-x64-en-US-Feb2014) (Removable) (Total:29.44 GB) (Free:22.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 71A35A81)
Partition 1: (Active) - (Size=24.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 29.4 GB) (Disk ID: 00ABAF64)
Partition 1: (Active) - (Size=29.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 20 August 2014 - 07:26 AM

Hi Doveman-

 

 

Earlier I got a prompt to upgrade ZoneAlarm so downloaded the latest version from the official website but after installing, Windows would BSOD after loading, so I've completely removed that now. I'll probably try Comodo Firewall once we've finished here

 

 

As requested in my welcome speech:

 

 

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

 

 

 

  =================================================================================================

 

Double click on AdwCleaner.exe to run the tool again.

 

§  Click on the Scan button.

§  AdwCleaner will begin to scan your computer like it did before.

§  After the scan has finished...
<-
insert any special instructions here for what to uncheck OR remove this line if there are none->

§  This time click on the Clean button.

§  Press OK when asked to close all programs and follow the onscreen prompts.

§  Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

§  After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).

§  Copy and paste the contents of that logfile in your next reply.

§  A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

 =================================================================================================================

 

Please download Junkware Removal Tool to your desktop.

 

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

 

 ===============================================================================================

 

IN YOUR NEXT REPLY I NEED:

 

1.)    ADWCleaner log

2.)    Junkware Removal Tool Log

 

 

 

Thanks  :) 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#7 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 20 August 2014 - 03:20 PM

Hi Doveman-

 

As requested in my welcome speech:

 

 

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

 

Hi Johnny

 

Oops. sorry. Won't happen again :)

 

Please find the requested logs below.

 

I had a bit of a problem when I first booted the laptop today, the HDD just kept chugging/ticking away every few seconds not doing much and not all the normal programs loaded into the systray. Worried that it might be a virus uploading data holding things up, I used the switch on the front of the laptop to turn off the WiFi and that caused a burst of HDD activity but then it went back to ticking away. I couldn't even open the Task Manager with Ctrl+Alt+Del or do anything else with the mouse or keyboard (apart from move the pointer). Pressing the power button brought up the Shutdown/Restart screen and selecting Restart brought up a prompt about RTHDCPL (realtek soundcard panel) taking a long time to shut down, so I clicked End Now but after that it just got stuck doing nothing so I had to hold down the power button to do a hard reset. It booted normally after that, so was probably a hardware glitch rather than a virus but I thought I should mention it.

 

 

# AdwCleaner v3.307 - Report created 20/08/2014 at 20:10:50
# Updated 17/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : JM - PC
# Running from : G:\AV\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Main\Application Data\CheckPoint\ZoneAlarm LTD Toolbar
File Deleted : C:\Temp\XP\Uninstall.exe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3658 octets] - [19/08/2014 16:30:25]
AdwCleaner[R1].txt - [3718 octets] - [20/08/2014 20:09:13]
AdwCleaner[S0].txt - [3435 octets] - [20/08/2014 20:10:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3495 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by JM on 20/08/2014 at 20:15:33.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/08/2014 at 20:22:21.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 21 August 2014 - 08:03 AM

Hi Doveman-3
 
 

Quote

Oops. sorry. Won't happen again

 
 
No problem Doveman.  It’s actually happens quite often.  Just needed to bring it to your intention. 
 
The boot problems you described in your last post seem to be more hardware related then malware related.  Your system really isn’t infected that badly and the things that are on it are  not likely to be uploading lots of data from your hard drive.  Malware can effect the performance of your hardware but I do not think that is the case here.  Let’s investigate a bit further.  
 
Please do the following:
 
 
STEP #1:

 

 Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on YesFailure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


 
==================================================================================================================================
 
STEP #2:
 
Please re run FRST as instructed in post #4 and copy and paste the scan results into your next reply.

 
 
 ==================================================================================================================
 
IN YOUR NEXT POST I NEED:
 
1.)    MBAM Log
2.)    FRST Log
3.)    An update as to how your computer is running now
 
 
Thanks   :)
 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#9 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 21 August 2014 - 12:36 PM

Hi Johnny

 

The laptop seems to be running OK as far as I can tell. However, at this time I am unable to run MBAM, as it crashes with an error referring to MSVCR100.dll shortly after it launches.

 

I shall await your further advice.

 

Regards



#10 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 22 August 2014 - 08:01 AM

Hello Doveman-

 

It looks like your Microsoft Visual C++ 2010  x86 Redistributable file is corrupt.  Please do the following:

 

 

STEP #1:

 

Please navigate to C: \ Windows \ system32 \ MSVCR100.dll and delete the file

 

 

STEP #2:

 

Please click the following link and download a new copy of MSVCR100.dll

 

http://www.microsoft.com/en-us/download/details.aspx?id=5555

 

 

STEP #3:

 

Reboot

 

 

STEP #4:

 

Please attempt to run the MBAM and FRST scans as instructed in post #8

 

 ======================================================================================================================

 

IN YOUR NEXT POST I NEED:

 

1.)    Mbam Log

2.)   FRST Log

 

Thanks


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#11 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 22 August 2014 - 01:39 PM

Hi Johnny

 

Still the same problem I'm afraid. It seems to only crash after I click Update though.

 

I see there's a related update being offered by WU, KB2565063 http://support.microsoft.com/kb/2565063

 

Do you want me to try installing that to see if it fixes the problem?



#12 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 22 August 2014 - 05:19 PM

Hello Doveman-

 

Yes, please try the update you linked to.  If that works then try running MBAM and FRST and post the logs.

 

Thanks  :busy:

 


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#13 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 23 August 2014 - 06:29 AM

Hi Johnny

 

Well that didn't help I'm afraid. I noticed that the msvcr100.dll in the MBAM folder was newer than the one in system32, so installed the vcredist SP1 as well, which fixed that but still the same error when trying to update. However, I noticed that there was a tick next to Update and it showed v2014.03.04.09, so maybe it's updated despite the error. So I tried to Scan but then it goes to check the Update again and throws up the same error. I was still able to click Skip Update and continue with the scan though, albeit with the error box overlayed. I've posted the log below but it only seems to have identified and removed an intentional tweak to enable Classic Control Panel.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 23/08/2014
Scan Time: 11:49:09
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: JM

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 268884
Time Elapsed: 5 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 6
Hijack.ControlPanelStyle, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [60e97d827ffb6cca58d553b2748f6e92]
Hijack.ControlPanelStyle, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [91b84cb34c2e44f2dd509471699a629e]
Hijack.ControlPanelStyle, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [5dec21de601a9b9ba18cd134f112926e]
Hijack.ControlPanelStyle, HKU\S-1-5-21-606747145-602162358-1801674531-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [4405629db6c448eec36ac4411ce724dc]
Hijack.ControlPanelStyle, HKU\S-1-5-21-606747145-602162358-1801674531-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [97b25ba42a509f9768c55ca915ee34cc]
Hijack.ControlPanelStyle, HKU\S-1-5-21-606747145-602162358-1801674531-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [89c0788752280c2a31fc2dd8699afd03]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-08-2014
Ran by JM (administrator) on PC on 23-08-2014 12:10:21
Running from D:\Downloads
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\Temp\XP\RtkBtMnt.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16132608 2007-05-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Synaptics, Inc.)
HKLM\...\Run: [ISW] => C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-18] (AVAST Software)
HKLM\...\Run: [ePower_DMC] => C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [471040 2007-10-03] ()
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll (LogMeIn, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\.DEFAULT\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-19\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-19\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-20\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [631816 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [Google Update] => C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-10-16] (Google Inc.)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [NetMeter] => C:\Program Files\NetMeter\NetMeter.exe [293888 2009-08-09] ()
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Run: [DVDFab Passkey] => C:\Program Files\DVDFab Passkey\DVDFabPasskey.exe [1392672 2012-05-22] (Fengtao Software Inc.)
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-606747145-602162358-1801674531-1003\...\Policies\Explorer: [NoSMConfigurePrograms] 1
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {2B30390B-D685-41C4-9E05-31DCD61059F4} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
SearchScopes: HKCU - {2B30390B-D685-41C4-9E05-31DCD61059F4} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+®,version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-18]

Chrome:
=======
CHR HomePage: https://startpage.com/
CHR StartupUrls: "https://uk.yahoo.com/", "https://startpage.com/"
CHR DefaultSearchKeyword: startpage.com
CHR DefaultSearchProvider: Startpage HTTPS - UK
CHR DefaultSearchURL: https://startpage.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=english_uk
CHR DefaultSuggestURL:
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (getPlusPlus for Adobe 16291) - C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (WOT) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-10-18]
CHR Extension: (FlashBlock) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2014-08-19]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-18]
CHR Extension: (FLV Video Downloader) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khgbngepgkjeffdkkpnblnlogfjehbjn [2014-08-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-18]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Main\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-18] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-02-21] (Intel Corporation) [File not signed]
S4 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-02-21] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [983040 2007-02-21] (Intel Corporation ) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [134664 2014-05-29] (Sandboxie Holdings, LLC)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21425 2010-10-15] (Meetinghouse Data Communications) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-18] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-18] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-18] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-18] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 dvdfab; C:\WINDOWS\System32\drivers\dvdfab.sys [54144 2011-08-15] (Fengtao Software Inc.)
R2 EpmPsd; C:\WINDOWS\system32\drivers\epm-psd.sys [4096 2004-07-19] (Acer Value Labs, USA) [File not signed]
R2 EpmShd; C:\WINDOWS\system32\drivers\epm-shd.sys [78208 2005-04-07] (Acer Value Labs, USA) [File not signed]
S3 flash; C:\WINDOWS\system32\drivers\flash.sys [8064 2005-11-17] () [File not signed]
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [24040 2013-09-04] (ThreatTrack Security)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
S3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210816 2007-04-26] (Conexant Systems, Inc.)
S3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-04-26] (Conexant Systems, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-23] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2206976 2007-04-30] (Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [32512 2005-11-02] (CACE Technologies) [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
U3 rpcapd;
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-02-21] (Intel Corporation) [File not signed]
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [160264 2014-05-29] (Sandboxie Holdings, LLC)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R1 vcdrom; C:\Tools\VCdRom.sys [8576 2001-12-19] (Microsoft Corporation) [File not signed]
S3 WLAN_USB; C:\WINDOWS\System32\DRIVERS\wlanUSB.sys [50176 2002-01-17] () [File not signed]
S4 IntelIde; No ImagePath
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S4 LMIRfsClientNP; No ImagePath
U5 Tcpip6; C:\Windows\System32\Drivers\Tcpip6.sys [226880 2010-10-15] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 12:01 - 2014-08-23 12:05 - 00002437 _____ () C:\Documents and Settings\Main\Desktop\MBAM.txt
2014-08-23 03:17 - 2014-08-23 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-23 03:12 - 2014-08-23 03:12 - 00003000 _____ () C:\WINDOWS\PC-HKLM_KBLayout.reg
2014-08-23 03:12 - 2014-08-23 03:12 - 00002902 _____ () C:\WINDOWS\PC-HKLM_KBLayouts.reg
2014-08-21 18:21 - 2014-08-23 12:08 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 18:20 - 2014-08-23 11:34 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-21 18:20 - 2014-08-23 11:34 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-21 18:20 - 2014-08-23 11:34 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-21 18:20 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-21 18:20 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-20 20:15 - 2014-08-20 20:15 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-19 16:46 - 2008-04-14 07:34 - 00144484 _____ () C:\WINDOWS\system32\dllcache\netfx.cat
2014-08-19 16:46 - 2008-04-14 07:34 - 00026991 _____ () C:\WINDOWS\system32\dllcache\msn7.cat
2014-08-19 16:46 - 2008-04-14 07:34 - 00014433 _____ () C:\WINDOWS\system32\dllcache\msn9.cat
2014-08-19 16:46 - 2008-04-14 07:34 - 00012363 _____ () C:\WINDOWS\system32\dllcache\MSMSGS.CAT
2014-08-19 16:37 - 2014-08-23 12:10 - 00000000 ____D () C:\FRST
2014-08-19 16:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-08-19 16:29 - 2001-08-23 13:00 - 00025952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpn.sys
2014-08-19 16:28 - 2008-04-14 05:42 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
2014-08-19 16:28 - 2008-04-14 05:42 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
2014-08-19 16:28 - 2008-04-14 05:41 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\h323cc.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gzip.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
2014-08-19 16:28 - 2008-04-14 05:41 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpmib.dll
2014-08-19 16:28 - 2008-04-14 05:39 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
2014-08-19 16:28 - 2008-04-13 23:16 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbth.sys
2014-08-19 16:28 - 2008-04-13 23:15 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidir.sys
2014-08-19 16:28 - 2008-04-13 23:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2014-08-19 16:28 - 2008-04-13 23:10 - 00028288 _____ (Gemplus) C:\WINDOWS\system32\dllcache\grserial.sys
2014-08-19 16:28 - 2008-04-13 23:06 - 00046464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gagp30kx.sys
2014-08-19 16:28 - 2008-04-13 23:06 - 00020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2014-08-19 16:28 - 2001-08-23 13:00 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2014-08-19 16:28 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpctrs2.dll
2014-08-19 16:28 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2014-08-19 16:28 - 2001-08-17 21:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpdigwia.dll
2014-08-19 16:28 - 2001-08-17 21:36 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fuusd.dll
2014-08-19 16:28 - 2001-08-17 13:56 - 01733120 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400d.dll
2014-08-19 16:28 - 2001-08-17 13:56 - 00470144 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200d.dll
2014-08-19 16:28 - 2001-08-17 13:02 - 00008576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidgame.sys
2014-08-19 16:28 - 2001-08-17 12:51 - 00082304 _____ (Gemplus) C:\WINDOWS\system32\dllcache\grclass.sys
2014-08-19 16:28 - 2001-08-17 12:51 - 00017408 _____ (Gemplus) C:\WINDOWS\system32\dllcache\gpr400.sys
2014-08-19 16:28 - 2001-08-17 11:49 - 00322432 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400m.sys
2014-08-19 16:28 - 2001-08-17 11:49 - 00320384 _____ (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200m.sys
2014-08-19 16:27 - 2008-04-14 05:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
2014-08-19 16:27 - 2008-04-14 05:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
2014-08-19 16:27 - 2008-04-14 05:41 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
2014-08-19 16:27 - 2008-04-14 05:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exstrace.dll
2014-08-19 16:27 - 2008-04-14 05:39 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2014-08-19 16:27 - 2008-04-13 21:06 - 00137088 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\essm2e.sys
2014-08-19 16:27 - 2008-04-13 21:05 - 00034173 _____ (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\forehe.sys
2014-08-19 16:27 - 2003-03-24 16:52 - 00618605 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4autl.dll
2014-08-19 16:27 - 2003-03-24 16:52 - 00094208 _____ () C:\WINDOWS\system32\dllcache\fpencode.dll
2014-08-19 16:27 - 2003-03-24 16:52 - 00024632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2014-08-19 16:27 - 2003-03-24 16:52 - 00020541 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00057856 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00045056 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00031744 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2014-08-19 16:27 - 2001-08-23 13:00 - 00025856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2014-08-19 16:27 - 2001-08-23 13:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2014-08-19 16:27 - 2001-08-17 22:36 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-08-19 16:27 - 2001-08-17 21:36 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fnfilter.dll
2014-08-19 16:27 - 2001-08-17 21:36 - 00061952 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnloop.exe
2014-08-19 16:27 - 2001-08-17 21:36 - 00053248 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqndiag.exe
2014-08-19 16:27 - 2001-08-17 21:36 - 00051200 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnlogr.exe
2014-08-19 16:27 - 2001-08-17 12:53 - 00007296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\elmsmc.sys
2014-08-19 16:27 - 2001-08-17 12:50 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epcfw2k.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00283904 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\emu10k1m.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00174464 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es198x.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00072192 _____ (ESS Technology Inc.) C:\WINDOWS\system32\dllcache\es1969.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00063360 _____ (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\ess.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00040704 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1371mp.sys
2014-08-19 16:27 - 2001-08-17 11:19 - 00037120 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1370mp.sys
2014-08-19 16:27 - 2001-08-17 11:17 - 00629952 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqn.sys
2014-08-19 16:27 - 2001-08-17 11:13 - 00027165 _____ (VIA Technologies, Inc. ) C:\WINDOWS\system32\dllcache\fetnd5.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00024618 _____ (NETGEAR) C:\WINDOWS\system32\dllcache\fa410nd5.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00018503 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\epro4.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00016998 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\ex10.sys
2014-08-19 16:27 - 2001-08-17 11:12 - 00016074 _____ (NETGEAR Corp.) C:\WINDOWS\system32\dllcache\fa312nd5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00455199 _____ (3Com Corporation.) C:\WINDOWS\system32\dllcache\el985n51.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00171520 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el99xn51.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00153631 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xnd5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00070174 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el98xn5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00066591 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xbc5.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00012362 _____ (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xi.sys
2014-08-19 16:27 - 2001-08-17 11:11 - 00011850 _____ (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xj.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00025159 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\elnk3.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00022090 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\fem556n5.sys
2014-08-19 16:27 - 2001-08-17 11:10 - 00019996 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\em556n4.sys
2014-08-19 16:26 - 2008-04-13 23:09 - 00206976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4.sys
2014-08-19 16:26 - 2001-08-23 13:00 - 00514587 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\edb500.dll
2014-08-19 16:26 - 2001-08-17 21:36 - 00110621 _____ (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.dll
2014-08-19 16:26 - 2001-08-17 12:47 - 00023808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4usb.sys
2014-08-19 16:26 - 2001-08-17 12:47 - 00012928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4prt.sys
2014-08-19 16:26 - 2001-08-17 12:47 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4scan.sys
2014-08-19 16:26 - 2001-08-17 11:20 - 00334208 _____ (Yamaha Corp.) C:\WINDOWS\system32\dllcache\ds1wdm.sys
2014-08-19 16:26 - 2001-08-17 11:17 - 00042432 _____ (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e100b325.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00050719 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e1000nt5.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00028062 _____ (National Semiconductor Coproration) C:\WINDOWS\system32\dllcache\dp83820.sys
2014-08-19 16:26 - 2001-08-17 11:12 - 00019594 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\e100isa4.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00077386 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el656nd5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00069194 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el656cd5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00029696 _____ (CNet Technology, Inc. ) C:\WINDOWS\system32\dllcache\dm9pci5.sys
2014-08-19 16:26 - 2001-08-17 11:11 - 00026698 _____ (D-Link Corporation) C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00069692 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el575nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00055999 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el556nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00044103 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el515.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00026141 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el589nd5.sys
2014-08-19 16:26 - 2001-08-17 11:10 - 00024653 _____ (3Com Corporation) C:\WINDOWS\system32\dllcache\el574nd4.sys
2014-08-19 16:25 - 2008-04-14 05:42 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\davcdata.exe
2014-08-19 16:25 - 2008-04-14 05:41 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dataclen.dll
2014-08-19 16:25 - 2008-04-14 05:41 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dcap32.dll
2014-08-19 16:25 - 2008-04-14 04:41 - 00249856 _____ (Comtrol® Corporation) C:\WINDOWS\system32\dllcache\ctmasetp.dll
2014-08-19 16:25 - 2008-04-13 21:06 - 00048640 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwrwdm.sys
2014-08-19 16:25 - 2001-08-23 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2014-08-19 16:25 - 2001-08-17 21:36 - 00419357 _____ (Digi International) C:\WINDOWS\system32\dllcache\dgconfig.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00256512 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devcon32.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csamsp.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc260usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc240usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210usd.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyycoins.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzports.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyports.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzcoins.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210_32.dll
2014-08-19 16:25 - 2001-08-17 21:36 - 00024064 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devldr32.exe
2014-08-19 16:25 - 2001-08-17 21:36 - 00004096 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctwdm32.dll
2014-08-19 16:25 - 2001-08-17 12:52 - 00007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ddsmc.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyport.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00049792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzport.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclad-z.sys
2014-08-19 16:25 - 2001-08-17 12:50 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclom-y.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00111872 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcspud.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00096256 _____ (Copyright © Creative Technology Ltd. 1994-2001) C:\WINDOWS\system32\dllcache\ctlsb16.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00093952 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcwdm.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00072832 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbwdm.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00042112 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\crtaud.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00006912 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctlfacem.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003712 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003584 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcosnt5.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003072 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbmidi.sys
2014-08-19 16:25 - 2001-08-17 11:19 - 00003072 _____ (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbase.sys
2014-08-19 16:25 - 2001-08-17 11:17 - 00090525 _____ (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifep5.sys
2014-08-19 16:25 - 2001-08-17 11:17 - 00029531 _____ (Digi International Inc.) C:\WINDOWS\system32\dllcache\dgapci.sys
2014-08-19 16:25 - 2001-08-17 11:12 - 00117760 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\d100ib5.sys
2014-08-19 16:25 - 2001-08-17 11:12 - 00063208 _____ (Intel Corporation.) C:\WINDOWS\system32\dllcache\dc21x4.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00024649 _____ (D-Link) C:\WINDOWS\system32\dllcache\dfe650d.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00024648 _____ (D-Link) C:\WINDOWS\system32\dllcache\dfe650.sys
2014-08-19 16:25 - 2001-08-17 11:11 - 00020928 _____ (Digital Networks, LLC) C:\WINDOWS\system32\dllcache\defpa.sys
2014-08-19 16:24 - 2008-04-14 05:42 - 01032192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\conf.exe
2014-08-19 16:24 - 2008-04-14 05:42 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cleanmgr.exe
2014-08-19 16:24 - 2008-04-14 05:42 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cisvc.exe
2014-08-19 16:24 - 2008-04-14 05:41 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\callcont.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ciodm.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\confmrsl.dll
2014-08-19 16:24 - 2008-04-14 05:41 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\compfilt.dll
2014-08-19 16:24 - 2008-04-14 04:41 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.dll
2014-08-19 16:24 - 2008-04-14 04:41 - 00015423 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\ch7xxnt5.dll
2014-08-19 16:24 - 2008-04-13 23:11 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\changer.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ciadmin.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_864.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_862.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_858.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066594 _____ () C:\WINDOWS\system32\dllcache\c_720.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_870.nls
2014-08-19 16:24 - 2001-08-23 13:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\convlog.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00054528 _____ (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\controt.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\counters.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00014976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cpqarray.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00013952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cbidf2k.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cb32.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2014-08-19 16:24 - 2001-08-23 13:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cidaemon.exe
2014-08-19 16:24 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cd20xrnt.sys
2014-08-19 16:24 - 2001-08-23 13:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2014-08-19 16:24 - 2001-08-17 21:37 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.ax
2014-08-19 16:24 - 2001-08-17 21:37 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.ax
2014-08-19 16:24 - 2001-08-17 21:37 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.ax
2014-08-19 16:24 - 2001-08-17 21:36 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.dll
2014-08-19 16:24 - 2001-08-17 21:36 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.dll
2014-08-19 16:24 - 2001-08-17 21:36 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnusd.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00170880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546x.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00111232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl5465.dll
2014-08-19 16:24 - 2001-08-17 13:56 - 00091264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.dll
2014-08-19 16:24 - 2001-08-17 13:05 - 00314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdro21.sys
2014-08-19 16:24 - 2001-08-17 13:04 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv21.sys
2014-08-19 16:24 - 2001-08-17 13:04 - 00171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv30.sys
2014-08-19 16:24 - 2001-08-17 12:57 - 00248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546xm.sys
2014-08-19 16:24 - 2001-08-17 12:57 - 00045696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.sys
2014-08-19 16:24 - 2001-08-17 12:51 - 00020736 _____ (OMNIKEY AG) C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
2014-08-19 16:24 - 2001-08-17 12:51 - 00006656 _____ (CMD Technology, Inc.) C:\WINDOWS\system32\dllcache\cmdide.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00049182 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem56n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00046108 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cben5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00027164 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce3n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00022044 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem33n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00022044 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem28n5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00021533 _____ (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\cpqndis5.sys
2014-08-19 16:24 - 2001-08-17 11:13 - 00021530 _____ (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce2n5.sys
2014-08-19 16:24 - 2001-08-17 11:12 - 00039680 _____ (Silicom Ltd.) C:\WINDOWS\system32\dllcache\cb325.sys
2014-08-19 16:24 - 2001-08-17 11:12 - 00037916 _____ (Fast Ethernet Controller Provider) C:\WINDOWS\system32\dllcache\cb102.sys
2014-08-19 16:24 - 2001-08-17 11:11 - 00039936 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\dllcache\cnxt1803.sys
2014-08-19 16:23 - 2008-04-14 05:42 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\blastcln.exe
2014-08-19 16:23 - 2008-04-14 04:42 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdaplgin.ax
2014-08-19 16:23 - 2008-04-13 23:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthpan.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthmodem.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00036480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthprint.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys
2014-08-19 16:23 - 2008-04-13 23:16 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdasup.sys
2014-08-19 16:23 - 2001-08-23 13:00 - 00195618 _____ () C:\WINDOWS\system32\dllcache\c_10002.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00189986 _____ () C:\WINDOWS\system32\dllcache\c_1361.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00187938 _____ () C:\WINDOWS\system32\dllcache\c_20005.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00186402 _____ () C:\WINDOWS\system32\dllcache\c_20001.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00185378 _____ () C:\WINDOWS\system32\dllcache\c_20003.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180770 _____ () C:\WINDOWS\system32\dllcache\c_20932.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20004.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00180258 _____ () C:\WINDOWS\system32\dllcache\c_20000.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_20949.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00177698 _____ () C:\WINDOWS\system32\dllcache\c_10003.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20936.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_20002.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00173602 _____ () C:\WINDOWS\system32\dllcache\c_10008.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00162850 _____ () C:\WINDOWS\system32\dllcache\c_10001.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00082172 _____ () C:\WINDOWS\system32\dllcache\bopomofo.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066728 _____ () C:\WINDOWS\system32\dllcache\big5.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_708.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_28596.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21027.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_21025.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20924.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20880.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20871.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20838.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20833.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20424.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20423.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20420.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20297.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20290.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20285.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20284.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20280.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20278.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20277.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20273.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20269.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20108.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20107.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20106.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_20105.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1149.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1148.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1147.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1146.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1145.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1144.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1143.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1142.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1141.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1140.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_1047.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10021.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10005.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00066082 _____ () C:\WINDOWS\system32\dllcache\c_10004.nls
2014-08-19 16:23 - 2001-08-23 13:00 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\browscap.dll
2014-08-19 16:23 - 2001-08-23 13:00 - 00004224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\beep.sys
2014-08-19 16:23 - 2001-08-17 21:36 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\binlsvc.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brmfcwia.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00041472 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfusb.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00032256 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfrsmg.exe
2014-08-19 16:23 - 2001-08-17 21:36 - 00029696 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmflpt.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00019456 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brbidiif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00015360 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfbidi.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00012800 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brevif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00009728 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brserif.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00009728 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brcoinst.dll
2014-08-19 16:23 - 2001-08-17 21:36 - 00005120 _____ (Brother Industries,Ltd.) C:\WINDOWS\system32\dllcache\brscnrsm.dll
2014-08-19 16:23 - 2001-08-17 13:56 - 00342336 _____ (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.dll
2014-08-19 16:23 - 2001-08-17 12:51 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bulltlp3.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00060416 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brserwdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00039552 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparwdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00012160 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltlo.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00011008 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbmdm.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00010368 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbscn.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00003968 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltup.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00003168 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparimg.sys
2014-08-19 16:23 - 2001-08-17 12:12 - 00002944 _____ (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brfilt.sys
2014-08-19 16:23 - 2001-08-17 11:48 - 00036128 _____ (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.sys
2014-08-19 16:23 - 2001-08-17 11:19 - 00036992 _____ (Aztech Systems Ltd) C:\WINDOWS\system32\dllcache\aztw2320.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00066557 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42u.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00054271 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42xx5.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00031529 _____ (BreezeCOM) C:\WINDOWS\system32\dllcache\brzwlan.sys
2014-08-19 16:23 - 2001-08-17 11:11 - 00026568 _____ (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm4e5.sys
2014-08-19 16:22 - 2008-04-14 04:42 - 00023040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativmvxx.ax
2014-08-19 16:22 - 2008-04-14 04:42 - 00009728 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativdaxx.ax
2014-08-19 16:22 - 2008-04-14 04:41 - 00516768 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ativvaxx.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00032768 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ativtmxx.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00025471 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv04nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00021183 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv01nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00017279 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv10nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00014143 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv06nt5.dll
2014-08-19 16:22 - 2008-04-14 04:41 - 00011359 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\atv02nt5.dll
2014-08-19 16:22 - 2008-04-13 23:16 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avc.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00104960 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinrvxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00073216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atintuxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00063488 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinxsxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00052224 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinraxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00031744 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinxbxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00028672 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinsnxx.sys
2014-08-19 16:22 - 2008-04-13 21:04 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinttxx.sys
2014-08-19 16:22 - 2001-08-23 13:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\authfilt.dll
2014-08-19 16:22 - 2001-08-17 13:56 - 00104832 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiraged.dll
2014-08-19 16:22 - 2001-08-17 13:01 - 00036096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcaudio.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00049920 _____ () C:\WINDOWS\system32\dllcache\atirtcap.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00026880 _____ () C:\WINDOWS\system32\dllcache\atirtsnd.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00026624 _____ () C:\WINDOWS\system32\dllcache\ativxbar.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00023552 _____ () C:\WINDOWS\system32\dllcache\atixbar.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00019456 _____ () C:\WINDOWS\system32\dllcache\ativttxx.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00017152 _____ () C:\WINDOWS\system32\dllcache\atitvsnd.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00017152 _____ () C:\WINDOWS\system32\dllcache\atitunep.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00010240 _____ () C:\WINDOWS\system32\dllcache\atipcxxx.sys
2014-08-19 16:22 - 2001-08-17 11:49 - 00009472 _____ () C:\WINDOWS\system32\dllcache\ativmdcd.sys
2014-08-19 16:22 - 2001-08-17 11:48 - 00070528 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiragem.sys
2014-08-19 16:21 - 2014-08-20 20:11 - 00000000 ____D () C:\AdwCleaner
2014-08-19 16:21 - 2008-04-14 05:41 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
2014-08-19 16:21 - 2008-04-14 05:41 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\appconf.dll
2014-08-19 16:21 - 2008-04-14 05:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admexs.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 01888992 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ati3duag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00870784 _____ (ATI Technologies Inc. ) C:\WINDOWS\system32\dllcache\ati3d1ag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00377984 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2dvaa.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00229376 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2cqag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00201728 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2dvag.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00004255 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv01nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003967 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv02nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003775 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv11nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003711 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv09nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003647 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv07nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003615 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv05nt5.dll
2014-08-19 16:21 - 2008-04-14 04:41 - 00003135 _____ (Intel® Corporation) C:\WINDOWS\system32\dllcache\adv08nt5.dll
2014-08-19 16:21 - 2008-04-13 23:16 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\61883.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00044928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agpcpq.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00043008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\dllcache\amdagp.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00042752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\alim1541.sys
2014-08-19 16:21 - 2008-04-13 23:06 - 00042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agp440.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00231552 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ac97ali.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00084480 _____ (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\ac97via.sys
2014-08-19 16:21 - 2008-04-13 21:06 - 00010880 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\admjoy.sys
2014-08-19 16:21 - 2008-04-13 21:05 - 00036224 _____ (ADMtek Incorporated.) C:\WINDOWS\system32\dllcache\an983.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00701440 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2mtag.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00327040 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2mtaa.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00063663 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1rvxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00057856 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinbtxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00056623 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1btxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00036463 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1tuxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00034735 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1xsxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00030671 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1raxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00029455 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1xbxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00026367 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1snxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00021343 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1ttxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00014336 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinpdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00013824 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atinmdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00012047 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1pdxx.sys
2014-08-19 16:21 - 2008-04-13 21:04 - 00011615 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati1mdxx.sys
2014-08-19 16:21 - 2007-04-02 23:56 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0408.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040e.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt041f.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0419.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0415.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0405.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
2014-08-19 16:21 - 2007-04-02 23:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00056960 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78xx.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78u2.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adrot.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asptxn.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00026496 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\abp480n5.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asc3350p.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00014848 _____ (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc3550.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aha154x.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\amsint.sys
2014-08-19 16:21 - 2001-08-23 13:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aspperf.dll
2014-08-19 16:21 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admxprox.dll
2014-08-19 16:21 - 2001-08-17 22:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-08-19 16:21 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-08-19 16:21 - 2001-08-17 21:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agcgauge.ax
2014-08-19 16:21 - 2001-08-17 21:36 - 00462848 _____ (Aureal Inc.) C:\WINDOWS\system32\dllcache\a3dapi.dll
2014-08-19 16:21 - 2001-08-17 21:36 - 00098304 _____ (Aureal Semiconductor) C:\WINDOWS\system32\dllcache\a3d.dll
2014-08-19 16:21 - 2001-08-17 21:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atievxx.exe
2014-08-19 16:21 - 2001-08-17 13:56 - 00268160 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidvai.dll
2014-08-19 16:21 - 2001-08-17 13:56 - 00137216 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrae.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00382592 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrab.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ati.dll
2014-08-19 16:21 - 2001-08-17 13:55 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\8514a.dll
2014-08-19 16:21 - 2001-08-17 12:57 - 00077568 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\dllcache\ati.sys
2014-08-19 16:21 - 2001-08-17 12:53 - 00007424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adicvls.sys
2014-08-19 16:21 - 2001-08-17 12:51 - 00005248 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\aliide.sys
2014-08-19 16:21 - 2001-08-17 12:49 - 00026624 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\alifir.sys
2014-08-19 16:21 - 2001-08-17 12:47 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\apmbatt.sys
2014-08-19 16:21 - 2001-08-17 11:49 - 00075136 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpae.sys
2014-08-19 16:21 - 2001-08-17 11:49 - 00046464 _____ () C:\WINDOWS\system32\dllcache\atibt829.sys
2014-08-19 16:21 - 2001-08-17 11:48 - 00289664 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpab.sys
2014-08-19 16:21 - 2001-08-17 11:48 - 00281600 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimtai.sys
2014-08-19 16:21 - 2001-08-17 11:20 - 00297728 _____ (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\dllcache\ac97sis.sys
2014-08-19 16:21 - 2001-08-17 11:20 - 00096256 _____ (Intel Corporation) C:\WINDOWS\system32\dllcache\ac97intc.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00747392 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8830.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00584448 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8810.sys
2014-08-19 16:21 - 2001-08-17 11:19 - 00553984 _____ (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8820.sys
2014-08-19 16:21 - 2001-08-17 11:12 - 00097354 _____ (Bay Networks, Inc.) C:\WINDOWS\system32\dllcache\aspndis3.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00046112 _____ (Adaptec, Inc ) C:\WINDOWS\system32\dllcache\adptsf50.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00027678 _____ (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ali5261.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00020160 _____ (ADMtek Incorporated) C:\WINDOWS\system32\dllcache\adm8511.sys
2014-08-19 16:21 - 2001-08-17 11:11 - 00016969 _____ (AmbiCom, Inc.) C:\WINDOWS\system32\dllcache\amb8002.sys
2014-08-19 16:20 - 2001-08-17 13:55 - 00689216 _____ (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvs.dll
2014-08-19 16:20 - 2001-08-17 11:48 - 00148352 _____ (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvsm.sys
2014-08-19 16:19 - 2001-08-17 13:06 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\1394vdbg.sys
2014-08-19 16:18 - 2008-04-14 05:42 - 02134528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsnap.dll
2014-08-19 16:18 - 2008-04-14 05:42 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpadm.dll
2014-08-19 16:18 - 2008-04-14 05:42 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstas.exe
2014-08-19 16:18 - 2008-04-14 05:42 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\staxmem.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrtl.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isatq.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisext51.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iismap.dll
2014-08-19 16:18 - 2008-04-14 05:41 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\infoadmn.dll
2014-08-19 16:18 - 2008-04-14 05:40 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logui.ocx
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpash.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnepr.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdiultn.dll
2014-08-19 16:18 - 2008-04-14 05:39 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdbhc.dll
2014-08-19 16:18 - 2004-05-13 00:39 - 00598071 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00032827 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00020541 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00020538 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00020536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
2014-08-19 16:18 - 2003-03-24 16:52 - 00016437 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
2014-08-19 16:18 - 2003-03-24 16:52 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisui.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetsloc.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisreset.exe
2014-08-19 16:18 - 2001-08-23 13:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetmgr.exe
2014-08-19 16:18 - 2001-08-23 13:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wamregps.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftpsapi2.dll
2014-08-19 16:18 - 2001-08-23 13:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iisrstap.dll
2014-08-19 16:18 - 2001-08-17 13:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adsiis51.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\coadmin.dll
2014-08-19 16:17 - 2008-04-14 05:41 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admwprox.dll
2014-08-19 16:17 - 2008-04-14 05:39 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certwiz.ocx
2014-08-19 16:17 - 2008-04-14 05:39 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnfgprts.ocx
2014-08-19 16:17 - 2004-05-13 00:39 - 00876653 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
2014-08-19 16:17 - 2004-05-13 00:39 - 00184435 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00188494 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00188480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00147513 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00109328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00102509 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00082035 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00049212 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00049210 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00041020 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00032826 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00020540 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00020540 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
2014-08-19 16:17 - 2003-03-24 16:52 - 00016439 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00016439 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2014-08-19 16:17 - 2003-03-24 16:52 - 00014608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
2014-08-19 16:17 - 2001-08-23 13:00 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\certmap.ocx
2014-08-19 16:00 - 2014-08-19 16:00 - 00000000 ____D () C:\Tools
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\WINDOWS\system32\xircom
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\xerox
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\netmeeting
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-08-19 15:34 - 2014-08-19 15:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-02.dmp
2014-08-19 15:32 - 2014-08-19 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-01.dmp
2014-08-19 15:25 - 2014-08-19 15:25 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
2014-08-19 15:11 - 2014-08-19 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-19 15:09 - 2014-08-19 15:09 - 00000374 _____ () C:\Documents and Settings\Main\Desktop\Downloads.lnk
2014-08-19 14:59 - 2014-08-19 14:56 - 00000768 _____ () C:\Documents and Settings\Main\Desktop\Sandboxed Web Browser.lnk
2014-08-19 14:57 - 2014-08-19 14:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-19 13:01 - 2014-08-19 13:02 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-19 13:00 - 2014-08-19 13:00 - 00000000 ____D () C:\Program Files\Adobe
2014-08-19 12:50 - 2014-08-19 12:50 - 00000817 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk
2014-08-19 12:50 - 2014-08-19 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2014-08-18 02:35 - 2014-08-18 02:35 - 00000732 _____ () C:\Documents and Settings\Main\Start Menu\Programs\IronPortable.lnk
2014-08-18 01:28 - 2014-08-21 18:19 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-18 01:23 - 2014-08-18 01:23 - 00002279 _____ () C:\Documents and Settings\Main\Desktop\Google Chrome.lnk
2014-08-18 01:23 - 2014-08-18 01:23 - 00000000 ____D () C:\Documents and Settings\Main\Start Menu\Programs\Google Chrome
2014-08-18 01:10 - 2014-08-18 01:10 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\AVAST Software
2014-08-18 01:09 - 2014-08-18 01:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-18 01:08 - 2014-08-23 11:26 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-18 01:08 - 2014-08-18 01:09 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 01:08 - 2014-08-18 01:08 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 01:08 - 2014-08-18 01:08 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 01:06 - 2014-08-18 01:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 01:05 - 2014-08-18 01:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-18 00:13 - 2014-08-18 00:13 - 00001710 _____ () C:\Documents and Settings\Main\Start Menu\Programs\Starter.lnk
2014-08-18 00:13 - 2014-08-18 00:13 - 00000000 ____D () C:\Program Files\CodeStuff
2014-08-17 23:54 - 2014-08-23 11:26 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-17 23:54 - 2014-08-19 12:29 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-17 20:51 - 2014-08-17 20:51 - 00012972 _____ () C:\WINDOWS\KB2868626.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00012404 _____ () C:\WINDOWS\KB2922229.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-17 20:47 - 2014-08-17 20:47 - 00011972 _____ () C:\WINDOWS\KB2916036.log
2014-08-17 20:47 - 2014-08-17 20:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-17 20:29 - 2014-08-17 20:46 - 00011479 _____ () C:\WINDOWS\KB2934207.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00012607 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00011488 _____ () C:\WINDOWS\KB2898715.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010877 _____ () C:\WINDOWS\KB2900986.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010344 _____ () C:\WINDOWS\KB2904266.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010107 _____ () C:\WINDOWS\KB2929961.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-17 20:28 - 2014-08-17 20:29 - 00010657 _____ () C:\WINDOWS\KB2930275.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00010052 _____ () C:\WINDOWS\KB2862152.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-17 20:27 - 2014-08-17 20:27 - 00009684 _____ () C:\WINDOWS\KB2876331.log
2014-08-17 20:27 - 2014-08-17 20:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-17 20:24 - 2014-08-17 20:24 - 00009017 _____ () C:\WINDOWS\KB2893294.log
2014-08-17 20:24 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-17 20:23 - 2014-08-17 20:24 - 00008359 _____ () C:\WINDOWS\KB2892075.log
2014-08-17 20:23 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-17 20:23 - 2014-08-17 20:23 - 00008677 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-08-17 20:22 - 2014-08-17 20:23 - 00014542 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00004887 _____ () C:\WINDOWS\KB2914368.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-17 20:06 - 2014-02-26 02:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-08-17 19:57 - 2014-08-17 19:57 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-17 17:32 - 2014-08-17 17:32 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
2014-08-17 16:58 - 2013-09-04 14:57 - 00024040 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiutil.sys
2014-08-17 16:58 - 2013-05-23 08:39 - 00043368 _____ (ThreatTrack Security) C:\WINDOWS\system32\Drivers\gfiark.sys
2014-08-17 16:55 - 2014-08-19 15:34 - 00000000 __SHD () C:\WINDOWS\CSC

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 12:10 - 2014-08-19 16:37 - 00000000 ____D () C:\FRST
2014-08-23 12:08 - 2014-08-21 18:21 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 12:08 - 2010-10-15 16:49 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-08-23 12:07 - 2010-10-16 01:27 - 00000988 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003UA.job
2014-08-23 12:05 - 2014-08-23 12:01 - 00002437 _____ () C:\Documents and Settings\Main\Desktop\MBAM.txt
2014-08-23 11:34 - 2014-08-21 18:20 - 00000779 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-23 11:34 - 2014-08-21 18:20 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-23 11:34 - 2014-08-21 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-23 11:29 - 2010-10-15 16:47 - 01647438 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-23 11:26 - 2014-08-18 01:08 - 00000374 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-23 11:26 - 2014-08-17 23:54 - 00000234 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-23 11:26 - 2010-10-15 17:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-23 11:26 - 2010-10-15 17:46 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-08-23 11:26 - 2010-10-15 16:49 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-23 11:25 - 2010-10-15 22:36 - 00000278 ___SH () C:\Documents and Settings\Main\ntuser.ini
2014-08-23 11:25 - 2010-10-15 22:36 - 00000000 ____D () C:\Documents and Settings\Main
2014-08-23 11:25 - 2010-10-15 16:49 - 00032572 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-23 11:24 - 2010-10-15 16:11 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-23 03:17 - 2014-08-23 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-08-23 03:17 - 2013-01-25 23:09 - 00018981 _____ () C:\WINDOWS\KB2686509.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00865075 _____ () C:\WINDOWS\iis6.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00797615 _____ () C:\WINDOWS\FaxSetup.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00379389 _____ () C:\WINDOWS\ocgen.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00363975 _____ () C:\WINDOWS\tsoc.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00266110 _____ () C:\WINDOWS\comsetup.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00244502 _____ () C:\WINDOWS\msmqinst.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00161090 _____ () C:\WINDOWS\ntdtcsetup.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00054825 _____ () C:\WINDOWS\MedCtrOC.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00040119 _____ () C:\WINDOWS\tabletoc.log
2014-08-23 03:17 - 2011-01-12 00:18 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-08-23 03:17 - 2010-10-15 18:30 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-08-23 03:12 - 2014-08-23 03:12 - 00003000 _____ () C:\WINDOWS\PC-HKLM_KBLayout.reg
2014-08-23 03:12 - 2014-08-23 03:12 - 00002902 _____ () C:\WINDOWS\PC-HKLM_KBLayouts.reg
2014-08-22 19:31 - 2010-11-28 15:53 - 00251406 _____ () C:\WINDOWS\setupapi.log
2014-08-22 19:31 - 2010-10-18 20:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-21 18:19 - 2014-08-18 01:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-20 20:21 - 2010-10-15 18:49 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-08-20 20:15 - 2014-08-20 20:15 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-20 20:11 - 2014-08-19 16:21 - 00000000 ____D () C:\AdwCleaner
2014-08-20 20:10 - 2011-11-17 18:12 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\CheckPoint
2014-08-20 20:08 - 2010-10-15 18:43 - 00004202 _____ () C:\WINDOWS\Sandboxie.ini
2014-08-19 16:00 - 2014-08-19 16:00 - 00000000 ____D () C:\Tools
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\WINDOWS\system32\xircom
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\xerox
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\netmeeting
2014-08-19 15:55 - 2014-08-19 15:55 - 00000000 ____D () C:\Program Files\microsoft frontpage
2014-08-19 15:55 - 2010-10-15 17:42 - 00000000 ____D () C:\WINDOWS\ime
2014-08-19 15:55 - 2010-10-15 17:42 - 00000000 ____D () C:\WINDOWS\Help
2014-08-19 15:50 - 2010-10-15 17:44 - 00517858 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-19 15:44 - 2012-01-13 22:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CheckPoint
2014-08-19 15:34 - 2014-08-19 15:34 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-02.dmp
2014-08-19 15:34 - 2014-08-17 16:55 - 00000000 __SHD () C:\WINDOWS\CSC
2014-08-19 15:32 - 2014-08-19 15:32 - 00090112 _____ () C:\WINDOWS\Minidump\Mini081914-01.dmp
2014-08-19 15:32 - 2010-11-12 15:44 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-19 15:31 - 2010-10-15 17:44 - 00112584 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-19 15:26 - 2010-10-15 18:50 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-08-19 15:25 - 2014-08-19 15:25 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
2014-08-19 15:11 - 2014-08-19 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-19 15:09 - 2014-08-19 15:09 - 00000374 _____ () C:\Documents and Settings\Main\Desktop\Downloads.lnk
2014-08-19 14:57 - 2014-08-19 14:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sandboxie
2014-08-19 14:56 - 2014-08-19 14:59 - 00000768 _____ () C:\Documents and Settings\Main\Desktop\Sandboxed Web Browser.lnk
2014-08-19 13:07 - 2011-11-17 18:18 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\Spotify
2014-08-19 13:02 - 2014-08-19 13:01 - 00002347 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 9.lnk
2014-08-19 13:01 - 2010-10-27 22:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-08-19 13:01 - 2010-10-27 22:11 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-19 13:00 - 2014-08-19 13:00 - 00000000 ____D () C:\Program Files\Adobe
2014-08-19 12:50 - 2014-08-19 12:50 - 00000817 _____ () C:\Documents and Settings\All Users\Desktop\TeamViewer 9.lnk
2014-08-19 12:50 - 2014-08-19 12:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2014-08-19 12:50 - 2012-09-17 15:45 - 00000000 ____D () C:\Program Files\TeamViewer
2014-08-19 12:49 - 2010-10-15 18:43 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-19 12:29 - 2014-08-17 23:54 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-18 02:35 - 2014-08-18 02:35 - 00000732 _____ () C:\Documents and Settings\Main\Start Menu\Programs\IronPortable.lnk
2014-08-18 02:20 - 2013-01-25 23:09 - 00000094 _____ () C:\WINDOWS\faultykeyboard.log
2014-08-18 01:30 - 2013-05-29 21:33 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-18 01:30 - 2012-01-13 22:21 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-18 01:23 - 2014-08-18 01:23 - 00002279 _____ () C:\Documents and Settings\Main\Desktop\Google Chrome.lnk
2014-08-18 01:23 - 2014-08-18 01:23 - 00000000 ____D () C:\Documents and Settings\Main\Start Menu\Programs\Google Chrome
2014-08-18 01:19 - 2010-10-16 01:27 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-606747145-602162358-1801674531-1003Core.job
2014-08-18 01:10 - 2014-08-18 01:10 - 00000000 ____D () C:\Documents and Settings\Main\Application Data\AVAST Software
2014-08-18 01:09 - 2014-08-18 01:09 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-18 01:09 - 2014-08-18 01:08 - 00414520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00779536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00276432 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-08-18 01:08 - 2014-08-18 01:08 - 00192352 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00057800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00055112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-18 01:08 - 2014-08-18 01:08 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-08-18 01:08 - 2014-08-18 01:08 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-18 01:06 - 2014-08-18 01:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-18 01:06 - 2014-08-18 01:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-18 01:04 - 2011-11-17 17:47 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-08-18 00:44 - 2010-12-01 14:33 - 00000614 _____ () C:\WINDOWS\setupact.log
2014-08-18 00:13 - 2014-08-18 00:13 - 00001710 _____ () C:\Documents and Settings\Main\Start Menu\Programs\Starter.lnk
2014-08-18 00:13 - 2014-08-18 00:13 - 00000000 ____D () C:\Program Files\CodeStuff
2014-08-18 00:04 - 2010-10-14 23:24 - 00000461 ____H () C:\menu.lst
2014-08-17 20:51 - 2014-08-17 20:51 - 00012972 _____ () C:\WINDOWS\KB2868626.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00012404 _____ () C:\WINDOWS\KB2922229.log
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-08-17 20:51 - 2014-08-17 20:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-08-17 20:51 - 2013-10-11 21:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-17 20:51 - 2011-01-12 00:19 - 00042490 _____ () C:\WINDOWS\updspapi.log
2014-08-17 20:51 - 2011-01-12 00:18 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-08-17 20:47 - 2014-08-17 20:47 - 00011972 _____ () C:\WINDOWS\KB2916036.log
2014-08-17 20:47 - 2014-08-17 20:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-08-17 20:46 - 2014-08-17 20:29 - 00011479 _____ () C:\WINDOWS\KB2934207.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00012607 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00011488 _____ () C:\WINDOWS\KB2898715.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010877 _____ () C:\WINDOWS\KB2900986.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010344 _____ () C:\WINDOWS\KB2904266.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00010107 _____ () C:\WINDOWS\KB2929961.log
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-08-17 20:29 - 2014-08-17 20:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-08-17 20:29 - 2014-08-17 20:28 - 00010657 _____ () C:\WINDOWS\KB2930275.log
2014-08-17 20:29 - 2010-10-15 21:58 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-08-17 20:29 - 2010-10-15 16:48 - 00035180 _____ () C:\WINDOWS\system32\TZLog.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00010052 _____ () C:\WINDOWS\KB2862152.log
2014-08-17 20:28 - 2014-08-17 20:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-08-17 20:27 - 2014-08-17 20:27 - 00009684 _____ () C:\WINDOWS\KB2876331.log
2014-08-17 20:27 - 2014-08-17 20:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-08-17 20:24 - 2014-08-17 20:24 - 00009017 _____ () C:\WINDOWS\KB2893294.log
2014-08-17 20:24 - 2014-08-17 20:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-08-17 20:24 - 2014-08-17 20:23 - 00008359 _____ () C:\WINDOWS\KB2892075.log
2014-08-17 20:24 - 2014-08-17 20:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-08-17 20:23 - 2014-08-17 20:23 - 00008677 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-08-17 20:23 - 2014-08-17 20:22 - 00014542 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00004887 _____ () C:\WINDOWS\KB2914368.log
2014-08-17 20:09 - 2014-08-17 20:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-08-17 19:57 - 2014-08-17 19:57 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-08-17 17:32 - 2014-08-17 17:32 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
2014-08-16 20:02 - 2010-10-24 15:55 - 00002433 _____ () C:\Documents and Settings\All Users\Start Menu\New Office Document.lnk
2014-08-14 20:05 - 2010-11-07 00:28 - 00002511 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2014-08-05 09:20 - 2010-10-18 20:34 - 00231584 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-07-31 23:42 - 2010-10-15 22:02 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================



#14 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:10:03 PM

Posted 23 August 2014 - 03:14 PM

Hi Doveman-

 

In regards to the error issue with MSVCR100.dll.  This is a fairly common error and is MBAM specific and not malware related.  Therefore, I am going to suggest we continue with the malware removal process.  Then, when we are finished, you can post a topic in the Malware Bytes Forums in regards to the issue with the error.

 

https://forums.malwarebytes.org/

 

Thank you for the MBAM and FRST logs.  Please do the following:

 

 

STEP #1:

 

I do not recommend Zone Alarm as a firewall as it is known to put a significant strain on system resources.  Instead I would uninstall and delete Zone Alarm either turn on your Windows Firewall or,  as you indicated you may do in your previous post, install Comodo.

 

http://support.microsoft.com/kb/283673    < ----  How to turn on Windows Firewall

 

http://personalfirewall.comodo.com/    < ----  Comodo free firewall

 

 

STEP #2:

 

Please download PSI Personal Software Inspector, run the program, and apply any updates it finds.  This will make sure all your software is patched and up to date.

http://secunia.com/vulnerability_scanning/personal/

 

 

In your next reply please let me know how the above steps went.

 

Thanks   :)


avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


#15 doveman

doveman
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 24 August 2014 - 01:52 PM

Hi Johnny

 

OK, I've installed Comodo Firewall but PSI doesn't work, as it says a script is taking a long time to run and clicking Yes to wait just results in the same message popping up a short while later, over and over. It appears that it uses IE, so it may not be compatible with IE8. I've set Chrome as the default browser instead as it's likely to be more secure, so my sister won't be using IE normally.

 

I found that following these instructions to fix MBAM worked and I did another scan after it had updated and it didn't find anything https://forums.malwarebytes.org/index.php?/topic/152047-what-to-do-runtime-error-database-stuck-on-20140304-program-stopped/ so I guess we can conclude it's all clear now. My sister doesn't really use much software or install anything unless I tell her to, so there's probably not much risk of anything being outdated and vulnerable on there anyway (other than XP itself of course but I don't think she can run Win7 or 8 with only 1GB RAM and I only put XP on there because the pre-installed Vista was unusable but I'll see if I can persuade her to upgrade the RAM and then upgrade the OS).






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users