Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer slowness, tasks I commonly use appearing excessively


  • This topic is locked This topic is locked
16 replies to this topic

#1 HardcoreButterfly

HardcoreButterfly

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 20 September 2014 - 03:31 PM

Hello. I'm running Windows XP Professional, and recently its been much slower and acting weird. It probably started when I noticed iexplore.exe was appearing multiple times in task manager, and the memory usage incremented. I got rid of that twice, and I no longer saw those excessive tasks in task manager. However, my computer has still been very slow, and now I noticed other tasks that I actually use are appearing multiple times in task manager. I only noticed this when I saw chrome.exe listed a bunch of times in task manager, but Chrome wasn't open. I think there might be some other tasks like that too, but I'm not 100% sure.

Adwcleaner finds some things, quarantines them, but the problem is back after restarting. Malwarebytes finds nothing. Emisoft found some things, but after coming back to my computer while it's scanning only my computer background is showing, and my computer is unresponsive.

BC AdBot (Login to Remove)

 


#2 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 22 September 2014 - 02:47 PM

I don't mean to sound impatient, but it seems that replies comes pretty quick around here and I'm getting stressed with my computer. Again I apologize if this is normal, but I just really want this fixed.

#3 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 25 September 2014 - 09:07 AM

Okay I'm really sorry again if I'm being impatient, but this is getting out of hand. I've had two blue screens, and today a file called "index.htm" is trying to start downloading in multiple windows. Weird thing is that in each window, a different program name I commonly use is shown (ex: Skype). And even worse, task manager isn't showing the user name of the majority of the tasks running, which is obviously bad.

Something bad is happening, for sure. I am going to start backing stuff up ASAP. Not sure if it's too late to save my system, but it would be greatly appreciated if someone could post with help or tell me that I'm screwed.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 25 September 2014 - 10:33 AM


Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Wait for further instructions.

#5 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 25 September 2014 - 06:47 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-09-2014 01
Ran by bobb (administrator) on ALT200 on 25-09-2014 19:09:04
Running from C:\Documents and Settings\bobb\Desktop\Recovery Tools
Loaded Profile: bobb (Available profiles: Student & bobb)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Spotify Ltd) C:\Documents and Settings\bobb\Application Data\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Documents and Settings\bobb\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(BitTorrent Inc.) C:\Documents and Settings\bobb\Application Data\BitTorrent\BitTorrent.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Wargaming.net) C:\Games\World_of_Tanks\WoTLauncher.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4867544 2014-09-17] (Emsisoft GmbH)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [GoogleChromeAutoLaunch_4FAB92AC64768374DF0B067FBC5637A6] => C:\Program Files\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [Spotify Web Helper] => C:\Documents and Settings\bobb\Application Data\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-18] (Spotify Ltd)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [Spotify] => C:\Documents and Settings\bobb\Application Data\Spotify\Spotify.exe [6342200 2014-09-18] (Spotify Ltd)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [MusicManager] => C:\Documents and Settings\bobb\Local Settings\Application Data\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-07-22] (Google Inc.)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [BitTorrent] => C:\Documents and Settings\bobb\Application Data\BitTorrent\BitTorrent.exe [1391704 2014-09-15] (BitTorrent Inc.)
HKU\S-1-5-21-1606980848-583907252-839522115-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\bobb\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: SmartFTP Drop -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\sfShellTools.dll (SmartSoft Ltd.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC04CA9EB17ACCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=67633
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {88D969C0-F192-11D4-A65F-0040963251E5} file://C:\TempEI4\EI40_\msxml4.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll (Microsoft Corporation)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.250.0.12
 
FireFox:
========
FF ProfilePath: C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\bobb\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-08-21]
FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com [Not Found]
FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\quinnreilly@aol.com [Not Found]
 
Chrome: 
=======
CHR DefaultSuggestURL: Default -> 
CHR CustomProfile: C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-08-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-06]
CHR Extension: (Google Drive) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-06]
CHR Extension: (YouTube) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-06]
CHR Extension: (Google Search) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-06]
CHR Extension: (Google Play Music) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-08-11]
CHR Extension: (Google Wallet) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-06]
CHR Extension: (Gmail) - C:\Documents and Settings\bobb\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-06]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4784144 2014-09-17] (Emsisoft GmbH)
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-28] (Intel Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [7676720 2013-10-07] (DisplayLink Corp.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106248 2014-09-05] (SurfRight B.V.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-11] (Oracle Corporation)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-28] (Intel)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2554648 2007-06-28] (Intel)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-12] (Emsisoft GmbH)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R3 DisplayLinkFilter; C:\WINDOWS\System32\DRIVERS\DisplayLinkFilter.sys [7296 2013-10-07] (DisplayLink Corp.)
S3 DisplayLinkGA; C:\WINDOWS\System32\DRIVERS\DisplayLinkGAport.sys [40576 2013-10-07] (DisplayLink Corp.)
R3 DisplayLinkmirror; C:\WINDOWS\System32\DRIVERS\DisplayLinkmirrorport.sys [24448 2013-10-07] (DisplayLink Corp.)
S3 DisplayLinkUsbIo; C:\WINDOWS\System32\DRIVERS\DisplayLinkUsbIo_7.4.51572.0.sys [38192 2013-10-08] ()
S3 E1000; C:\WINDOWS\System32\DRIVERS\e1000325.sys [121856 2003-05-21] (Intel Corporation)
R3 HECI; C:\WINDOWS\System32\DRIVERS\HECI.sys [45056 2007-05-11] (Intel Corporation) [File not signed]
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [30976 2014-09-25] ()
R2 kqemu; C:\WINDOWS\system32\drivers\kqemu.sys [123939 2007-02-06] () [File not signed]
S3 msloop; C:\WINDOWS\System32\DRIVERS\loop.sys [4992 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NIWinCDEmu; C:\WINDOWS\System32\DRIVERS\NIWinCDEmu.sys [62544 2014-08-04] ()
S3 PID_PEPI; C:\WINDOWS\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
R1 sf; C:\WINDOWS\System32\drivers\sf.sys [33248 2003-05-09] (Sonic Focus, Inc) [File not signed]
R3 sfng32; C:\WINDOWS\System32\drivers\sfng32.sys [41728 2007-01-05] (Sonic Focus, Inc)
R3 SMBios; C:\WINDOWS\System32\DRIVERS\SMBios.sys [36484 2003-10-14] (Intel Corporation) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1178088 2007-01-05] (SigmaTel, Inc.)
S3 TPM; C:\WINDOWS\System32\DRIVERS\tpm.sys [17792 2007-04-30] (Winbond Electronics Corp.)
S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [113504 2003-04-15] (Intel Corporation)
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [78752 2003-04-15] (Intel Corporation)
S3 aeaudio; system32\drivers\aeaudio.sys [X]
S3 catchme; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MidiSyn; system32\drivers\MidiSyn.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 smwdm; system32\drivers\smwdm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: Ip6FwHlp -> No Registry Path.
NETSVC: ilplcu -> No Registry Path.
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-25 19:07 - 2014-09-25 19:09 - 00000000 ____D () C:\FRST
2014-09-25 19:05 - 2014-09-25 19:09 - 00000000 ____D () C:\Documents and Settings\bobb\Desktop\Recovery Tools
2014-09-25 18:57 - 2014-09-25 18:57 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2014-09-25 15:37 - 2014-09-25 15:37 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-25 14:24 - 2014-09-25 14:26 - 54386502 _____ () C:\Documents and Settings\bobb\My Documents\Any Minute louder drums.wav
2014-09-25 14:17 - 2014-09-25 14:19 - 54386502 _____ () C:\Documents and Settings\bobb\My Documents\Any Minute.wav
2014-09-25 12:17 - 2014-09-25 12:18 - 00010745 _____ () C:\WINDOWS\KB981997.log
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-09-25 12:16 - 2014-09-25 12:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-09-25 11:33 - 2014-09-25 11:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-09-25 11:33 - 2014-09-25 11:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-09-25 11:25 - 2014-09-25 11:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-09-25 11:24 - 2014-09-25 11:25 - 00011289 _____ () C:\WINDOWS\KB2387149.log
2014-09-25 11:24 - 2014-09-25 11:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-09-25 11:18 - 2014-09-25 11:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-09-25 10:38 - 2010-06-18 09:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-09-25 09:15 - 2014-09-25 18:54 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-25 09:15 - 2014-09-25 09:42 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-25 01:14 - 2014-09-25 01:14 - 00035867 _____ () C:\WINDOWS\KB2659262.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00034648 _____ () C:\WINDOWS\KB2564958.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00033218 _____ () C:\WINDOWS\KB2934207.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-09-25 01:08 - 2014-09-25 01:08 - 00032750 _____ () C:\WINDOWS\KB2834886.log
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-09-25 01:07 - 2014-09-25 01:07 - 00035494 _____ () C:\WINDOWS\KB2536276-v2.log
2014-09-25 01:07 - 2014-09-25 01:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-09-25 01:06 - 2014-09-25 01:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-09-25 01:06 - 2014-09-25 01:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-09-25 01:05 - 2014-09-25 01:05 - 00032358 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-09-25 01:05 - 2014-09-25 01:05 - 00031309 _____ () C:\WINDOWS\KB2296011.log
2014-09-25 01:05 - 2014-09-25 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-09-25 01:05 - 2014-09-25 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-09-25 01:04 - 2014-09-25 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-09-25 00:59 - 2014-09-25 00:59 - 00030717 _____ () C:\WINDOWS\KB2900986.log
2014-09-25 00:59 - 2014-09-25 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-09-25 00:54 - 2014-09-25 00:54 - 00033891 _____ () C:\WINDOWS\KB955759.log
2014-09-25 00:54 - 2014-09-25 00:54 - 00031698 _____ () C:\WINDOWS\KB975558.log
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-09-25 00:41 - 2014-09-25 00:41 - 00029697 _____ () C:\WINDOWS\KB2378111.log
2014-09-25 00:41 - 2014-09-25 00:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-09-25 00:40 - 2014-09-25 00:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-09-25 00:40 - 2014-09-25 00:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-09-25 00:40 - 2014-09-25 00:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-09-25 00:35 - 2014-09-25 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-09-25 00:34 - 2014-09-25 00:34 - 00030121 _____ () C:\WINDOWS\KB2229593.log
2014-09-25 00:34 - 2014-09-25 00:34 - 00029181 _____ () C:\WINDOWS\KB2485663.log
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-09-25 00:33 - 2014-09-25 00:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-09-25 00:32 - 2014-09-25 00:32 - 00029258 _____ () C:\WINDOWS\KB2686509.log
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-09-25 00:31 - 2014-09-25 00:32 - 00027748 _____ () C:\WINDOWS\KB2862335.log
2014-09-25 00:29 - 2014-09-25 00:29 - 00027416 _____ () C:\WINDOWS\KB961118.log
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-09-25 00:28 - 2014-09-25 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-09-25 00:28 - 2014-09-25 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-09-25 00:23 - 2014-09-25 00:23 - 00026685 _____ () C:\WINDOWS\KB2904266.log
2014-09-25 00:23 - 2014-09-25 00:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-09-25 00:22 - 2014-09-25 00:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-09-25 00:22 - 2014-09-25 00:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-09-25 00:21 - 2014-09-25 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-09-25 00:13 - 2014-09-25 00:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-09-25 00:13 - 2014-09-25 00:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-09-25 00:12 - 2014-09-25 00:12 - 00026831 _____ () C:\WINDOWS\KB2592799.log
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-09-25 00:11 - 2014-09-25 00:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-09-24 23:57 - 2014-09-24 23:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-09-24 23:55 - 2014-09-24 23:55 - 00026684 _____ () C:\WINDOWS\KB2535512.log
2014-09-24 23:55 - 2014-09-24 23:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-09-24 23:55 - 2014-09-24 23:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-09-24 23:54 - 2014-09-24 23:54 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft Help
2014-09-24 23:53 - 2014-09-24 23:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-09-24 23:53 - 2014-09-24 23:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-09-24 23:52 - 2014-09-24 23:52 - 00026652 _____ () C:\WINDOWS\KB2807986.log
2014-09-24 23:52 - 2014-09-24 23:52 - 00025952 _____ () C:\WINDOWS\KB2570947.log
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-09-24 23:31 - 2014-09-24 23:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-24 23:17 - 2014-09-24 23:17 - 00027609 _____ () C:\WINDOWS\KB2868038.log
2014-09-24 23:17 - 2014-09-24 23:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-09-24 23:17 - 2014-09-24 23:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-09-24 23:16 - 2014-09-24 23:17 - 00022102 _____ () C:\WINDOWS\KB978695.log
2014-09-24 23:16 - 2014-09-24 23:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-09-24 23:09 - 2014-09-24 23:09 - 00026091 _____ () C:\WINDOWS\KB973904.log
2014-09-24 23:09 - 2014-09-24 23:09 - 00025159 _____ () C:\WINDOWS\KB2603381.log
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-09-24 23:08 - 2014-09-24 23:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-09-24 23:07 - 2014-09-24 23:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-09-24 23:07 - 2014-09-24 23:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-09-24 23:06 - 2014-09-24 23:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-09-24 23:05 - 2014-09-24 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-09-24 23:03 - 2014-09-24 23:03 - 00011445 _____ () C:\WINDOWS\KB2803821-v2.log
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-09-24 23:02 - 2014-09-24 23:03 - 00018125 _____ () C:\WINDOWS\KB2698365.log
2014-09-24 23:02 - 2014-09-24 23:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-09-24 23:02 - 2014-09-24 23:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-09-24 22:55 - 2014-09-24 22:55 - 00017016 _____ () C:\WINDOWS\KB2723135-v2.log
2014-09-24 22:55 - 2014-09-24 22:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-09-24 22:55 - 2014-09-24 22:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-09-24 22:48 - 2014-09-24 22:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-09-24 22:45 - 2014-09-24 22:45 - 00229208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMM.sys
2014-09-24 22:42 - 2014-09-24 22:42 - 00013195 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-09-24 22:34 - 2014-09-25 12:16 - 00022495 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-09-24 22:34 - 2014-09-24 22:34 - 00011629 _____ () C:\WINDOWS\KB2510531-IE8.log
2014-09-24 22:22 - 2014-09-24 22:22 - 00316680 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG
2014-09-24 22:02 - 2014-09-24 22:02 - 00013031 _____ () C:\WINDOWS\KB2393802.log
2014-09-24 22:02 - 2014-09-24 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-09-24 22:00 - 2014-09-24 22:00 - 00010881 _____ () C:\WINDOWS\KB2566454.log
2014-09-24 22:00 - 2014-09-24 22:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-09-24 21:59 - 2014-09-24 22:00 - 00010677 _____ () C:\WINDOWS\KB2661637.log
2014-09-24 21:59 - 2014-09-24 21:59 - 00008817 _____ () C:\WINDOWS\KB2914368.log
2014-09-24 21:59 - 2014-09-24 21:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-09-24 21:59 - 2014-09-24 21:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-09-24 21:53 - 2014-09-24 21:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-09-24 21:51 - 2014-09-24 21:54 - 00010788 _____ () C:\WINDOWS\KB2423089.log
2014-09-24 21:48 - 2010-09-18 02:53 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-09-24 21:46 - 2014-09-25 11:18 - 00020411 _____ () C:\WINDOWS\KB2479943.log
2014-09-24 21:35 - 2014-09-25 11:33 - 00018443 _____ () C:\WINDOWS\KB2868626.log
2014-09-24 21:34 - 2014-09-25 11:33 - 00017761 _____ () C:\WINDOWS\KB2922229.log
2014-09-24 21:24 - 2014-09-25 11:24 - 00020150 _____ () C:\WINDOWS\KB2712808.log
2014-09-24 21:06 - 2014-09-25 01:14 - 00044308 _____ () C:\WINDOWS\KB2478971.log
2014-09-24 21:06 - 2014-09-25 01:14 - 00042587 _____ () C:\WINDOWS\KB2916036.log
2014-09-24 21:06 - 2014-02-25 21:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-09-24 21:06 - 2014-02-25 21:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-09-24 21:05 - 2014-09-25 01:08 - 00043873 _____ () C:\WINDOWS\KB2345886.log
2014-09-24 21:05 - 2014-09-25 01:08 - 00043721 _____ () C:\WINDOWS\KB2544893-v2.log
2014-09-24 21:05 - 2014-09-25 01:07 - 00043825 _____ () C:\WINDOWS\KB2585542.log
2014-09-24 21:04 - 2014-09-25 01:06 - 00041870 _____ () C:\WINDOWS\KB2631813.log
2014-09-24 21:04 - 2014-09-25 01:05 - 00042319 _____ () C:\WINDOWS\KB2691442.log
2014-09-24 21:04 - 2010-08-23 12:12 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-09-24 21:04 - 2009-11-21 11:51 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2014-09-24 21:03 - 2014-09-25 00:54 - 00038193 _____ () C:\WINDOWS\KB2847311.log
2014-09-24 21:03 - 2014-09-25 00:41 - 00040012 _____ () C:\WINDOWS\KB974318.log
2014-09-24 21:03 - 2014-09-25 00:40 - 00038840 _____ () C:\WINDOWS\KB2443105.log
2014-09-24 21:02 - 2014-09-25 00:40 - 00038959 _____ () C:\WINDOWS\KB2655992.log
2014-09-24 21:02 - 2014-09-25 00:35 - 00038452 _____ () C:\WINDOWS\KB2802968.log
2014-09-24 21:02 - 2014-09-25 00:34 - 00039566 _____ () C:\WINDOWS\KB2481109.log
2014-09-24 21:02 - 2014-09-25 00:34 - 00036405 _____ () C:\WINDOWS\KB2898715.log
2014-09-24 21:02 - 2010-06-14 10:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-09-24 21:01 - 2014-09-25 00:34 - 00037469 _____ () C:\WINDOWS\KB975713.log
2014-09-24 21:01 - 2014-09-25 00:34 - 00037204 _____ () C:\WINDOWS\KB2598479.log
2014-09-24 21:01 - 2014-09-25 00:32 - 00036124 _____ () C:\WINDOWS\KB982132.log
2014-09-24 21:01 - 2014-09-25 00:32 - 00033891 _____ () C:\WINDOWS\KB2929961.log
2014-09-24 21:01 - 2014-09-25 00:29 - 00036648 _____ () C:\WINDOWS\KB978338.log
2014-09-24 21:01 - 2013-07-02 22:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-09-24 21:01 - 2013-07-02 21:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-09-24 21:00 - 2014-09-25 00:29 - 00036536 _____ () C:\WINDOWS\KB2507938.log
2014-09-24 21:00 - 2014-09-25 00:28 - 00036036 _____ () C:\WINDOWS\KB2780091.log
2014-09-24 21:00 - 2009-01-09 15:19 - 01089593 ____C () C:\WINDOWS\system32\dllcache\ntprint.cat
2014-09-24 20:54 - 2014-09-25 00:22 - 00033904 _____ () C:\WINDOWS\KB2876217.log
2014-09-24 20:53 - 2014-09-25 00:22 - 00036659 _____ () C:\WINDOWS\KB2483185.log
2014-09-24 20:50 - 2014-09-25 00:14 - 00035976 _____ () C:\WINDOWS\KB979687.log
2014-09-24 20:50 - 2014-09-25 00:13 - 00032878 _____ () C:\WINDOWS\KB2930275.log
2014-09-24 20:50 - 2014-09-25 00:12 - 00034314 _____ () C:\WINDOWS\KB2719985.log
2014-09-24 20:50 - 2014-09-25 00:12 - 00031445 _____ () C:\WINDOWS\KB2864063.log
2014-09-24 20:49 - 2014-09-25 00:12 - 00031830 _____ () C:\WINDOWS\KB2862152.log
2014-09-24 20:45 - 2011-04-21 09:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-09-24 20:44 - 2014-09-24 23:55 - 00032869 _____ () C:\WINDOWS\KB977816.log
2014-09-24 20:44 - 2014-09-24 23:53 - 00030920 _____ () C:\WINDOWS\KB2876331.log
2014-09-24 20:44 - 2014-09-24 23:53 - 00030616 _____ () C:\WINDOWS\KB2850869.log
2014-09-24 20:43 - 2014-09-24 23:53 - 00031826 _____ () C:\WINDOWS\KB2859537.log
2014-09-24 20:43 - 2013-02-11 20:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-09-24 20:43 - 2013-02-11 20:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-09-24 20:36 - 2014-09-24 23:16 - 00032415 _____ () C:\WINDOWS\KB2820917.log
2014-09-24 20:36 - 2013-07-16 20:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-09-24 20:36 - 2013-07-16 20:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-09-24 20:35 - 2014-09-24 23:09 - 00031606 _____ () C:\WINDOWS\KB2757638.log
2014-09-24 20:35 - 2014-09-24 23:09 - 00029599 _____ () C:\WINDOWS\KB2893294.log
2014-09-24 20:34 - 2014-09-24 23:09 - 00033162 _____ () C:\WINDOWS\KB2419632.log
2014-09-24 20:34 - 2014-09-24 23:09 - 00026231 _____ () C:\WINDOWS\KB2508429.log
2014-09-24 20:34 - 2014-09-24 23:07 - 00025506 _____ () C:\WINDOWS\KB2653956.log
2014-09-24 20:34 - 2014-09-24 23:07 - 00025025 _____ () C:\WINDOWS\KB974392.log
2014-09-24 20:33 - 2014-09-24 23:06 - 00024580 _____ () C:\WINDOWS\KB2749655.log
2014-09-24 20:33 - 2014-09-24 23:06 - 00024208 _____ () C:\WINDOWS\KB971029.log
2014-09-24 20:33 - 2014-09-24 23:04 - 00022948 _____ () C:\WINDOWS\KB2506212.log
2014-09-24 20:32 - 2014-09-24 23:03 - 00024564 _____ () C:\WINDOWS\KB977914.log
2014-09-24 20:32 - 2014-09-24 23:03 - 00020382 _____ () C:\WINDOWS\KB2892075.log
2014-09-24 20:32 - 2012-05-28 14:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-09-24 20:31 - 2014-09-24 23:02 - 00022683 _____ () C:\WINDOWS\KB2705219-v2.log
2014-09-24 20:31 - 2014-09-24 23:02 - 00022020 _____ () C:\WINDOWS\KB2619339.log
2014-09-24 20:31 - 2014-09-24 22:56 - 00021182 _____ () C:\WINDOWS\KB978542.log
2014-09-24 20:31 - 2014-09-24 22:56 - 00021065 _____ () C:\WINDOWS\KB2727528.log
2014-09-24 20:31 - 2014-09-24 22:56 - 00020982 _____ () C:\WINDOWS\KB979482.log
2014-09-24 20:31 - 2013-08-08 20:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-09-24 20:31 - 2013-08-08 20:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-09-24 20:31 - 2009-03-18 07:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-09-24 20:30 - 2014-09-24 22:56 - 00021101 _____ () C:\WINDOWS\KB978706.log
2014-09-24 20:07 - 2012-07-04 10:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-09-24 20:00 - 2014-09-25 12:17 - 00017615 _____ () C:\WINDOWS\KB2813345.log
2014-09-24 19:59 - 2014-09-25 12:17 - 00016744 _____ () C:\WINDOWS\KB2509553.log
2014-09-24 19:55 - 2014-09-24 19:59 - 00004276 _____ () C:\WINDOWS\KB2676562.log
2014-09-24 19:54 - 2014-03-06 13:59 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET900.tmp
2014-09-24 19:54 - 2014-03-06 13:59 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET8F2.tmp
2014-09-24 19:54 - 2014-03-06 13:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-09-24 19:54 - 2014-03-06 13:59 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET8FA.tmp
2014-09-24 19:54 - 2014-03-06 13:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-09-24 19:53 - 2014-09-25 12:16 - 00012269 _____ () C:\WINDOWS\KB982665.log
2014-09-24 16:24 - 2014-09-25 12:15 - 00012369 _____ () C:\WINDOWS\KB2620712.log
2014-09-24 16:23 - 2014-09-24 22:56 - 00020152 _____ () C:\WINDOWS\KB979309.log
2014-09-24 16:23 - 2012-01-11 15:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-09-24 16:23 - 2012-01-11 15:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-09-24 16:23 - 2011-07-08 10:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-09-24 16:22 - 2013-11-27 16:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-09-24 16:16 - 2014-09-25 12:15 - 00011740 _____ () C:\WINDOWS\KB2584146.log
2014-09-24 16:15 - 2010-10-11 10:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-09-23 20:02 - 2012-06-02 15:18 - 00275696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll
2014-09-23 20:02 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll.mui
2014-09-22 17:02 - 2014-09-22 17:02 - 00043696 _____ () C:\6a27ffc1-1af1-4af0-a6b7-ba844673f287.dmp
2014-09-22 17:02 - 2014-09-22 17:02 - 00000663 _____ () C:\Documents and Settings\All Users\Desktop\World of Tanks.lnk
2014-09-22 17:02 - 2014-09-22 17:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\World of Tanks
2014-09-22 17:01 - 2014-09-22 17:01 - 00000000 ____D () C:\Games
2014-09-21 16:29 - 2014-09-21 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
2014-09-21 16:28 - 2014-06-28 16:39 - 00112640 _____ () C:\WINDOWS\system32\ff_vfw.dll
2014-09-21 16:28 - 2013-04-16 17:32 - 00000714 _____ () C:\WINDOWS\system32\ff_vfw.dll.manifest
2014-09-21 16:26 - 2014-09-21 16:29 - 00000000 ____D () C:\Program Files\ffdshow
2014-09-21 08:52 - 2014-09-21 08:52 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ___RD () C:\Program Files\Skype
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-09-20 17:24 - 2014-09-20 17:24 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Blizzard Entertainment
2014-09-20 17:23 - 2014-09-20 17:29 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Battle.net
2014-09-20 17:23 - 2014-09-20 17:23 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Battle.net
2014-09-20 17:14 - 2014-09-20 17:22 - 00000000 ____D () C:\Program Files\Battle.net
2014-09-20 17:14 - 2014-09-20 17:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Battle.net
2014-09-20 17:14 - 2014-09-20 17:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2014-09-20 17:14 - 2014-09-20 17:19 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-09-20 17:05 - 2014-09-20 17:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Battle.net
2014-09-20 10:10 - 2014-09-20 10:10 - 00043696 _____ () C:\cda06d94-00d1-4a86-a65f-a22ee4f93e06.dmp
2014-09-19 19:12 - 2014-09-19 19:12 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Old DT Torrents
2014-09-19 11:12 - 2014-09-19 11:12 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Old BitTorrent App Data
2014-09-18 18:48 - 2014-09-21 18:09 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Dream Theater Bootlegs
2014-09-15 16:22 - 2014-09-15 16:22 - 00000386 _____ () C:\Documents and Settings\bobb\My Documents\klijlk.txt
2014-09-15 16:13 - 2014-09-15 16:14 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Skyrim
2014-09-15 16:09 - 2014-09-15 16:12 - 00000000 ____D () C:\07cf0bd6eb5bb3913a98ef03e9bba66e
2014-09-14 18:48 - 2014-09-14 18:48 - 00090112 _____ () C:\WINDOWS\Minidump\Mini091414-01.dmp
2014-09-14 17:15 - 2014-09-14 17:15 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\BANDISOFT
2014-09-14 15:38 - 2014-09-14 15:38 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-09-13 17:46 - 2014-09-13 17:47 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Splitscreen for homeboy
2014-09-11 21:03 - 2014-09-11 21:03 - 00000113 _____ () C:\Documents and Settings\bobb\My Documents\PROG KLIJDFG.mid
2014-09-11 21:01 - 2014-09-11 21:01 - 11222778 _____ () C:\Documents and Settings\bobb\My Documents\PROG ;RMKETG.wav
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\New Folder
2014-09-08 18:14 - 2014-09-08 18:14 - 00000048 _____ () C:\Documents and Settings\bobb\My Documents\CloudRunTP.txt
2014-09-08 18:14 - 2014-09-08 18:14 - 00000048 _____ () C:\Documents and Settings\bobb\My Documents\CloudRunTP.bat
2014-09-08 16:33 - 2014-09-08 16:33 - 00043664 _____ () C:\a2ac8fea-39ce-4627-ac64-eaaddc4e8c89.dmp
2014-09-06 18:49 - 2014-09-06 18:49 - 02131942 _____ () C:\Documents and Settings\bobb\My Documents\untitled.wav
2014-09-06 12:25 - 2014-09-06 12:25 - 04808774 _____ () C:\Documents and Settings\bobb\My Documents\caprice song.wav
2014-09-05 12:29 - 2014-09-05 12:29 - 00000974 _____ () C:\Documents and Settings\bobb\My Documents\sabi moves.txt
2014-09-04 14:26 - 2014-09-04 14:26 - 00000766 _____ () C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
2014-09-04 14:26 - 2014-09-04 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-04 14:25 - 2014-09-25 18:57 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-04 14:09 - 2014-09-04 14:09 - 00034394 _____ () C:\WINDOWS\system32\.crusader
2014-09-04 13:29 - 2014-09-04 13:29 - 00001610 _____ () C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
2014-09-04 13:29 - 2014-09-04 13:29 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-04 13:29 - 2014-09-04 13:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-09-04 13:28 - 2014-09-04 14:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-09-04 13:20 - 2014-09-04 13:20 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\{E092747D-0094-4672-9917-8FA1BC83E2B0}
2014-09-03 11:52 - 2014-09-03 14:27 - 61952078 _____ () C:\Documents and Settings\bobb\My Documents\flamenco intro.wav
2014-09-03 09:50 - 2014-09-03 10:03 - 59461394 _____ () C:\Documents and Settings\bobb\My Documents\morbid poops.wav
2014-09-03 08:55 - 2014-09-14 18:51 - 00000000 ____D () C:\WINDOWS\pss
2014-09-02 19:48 - 2014-09-02 19:48 - 00021557 _____ () C:\ComboFix.txt
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-09-02 19:23 - 2014-09-02 19:23 - 00000000 _RSHD () C:\cmdcons
2014-09-02 19:23 - 2006-03-24 13:19 - 00000211 _____ () C:\Boot.bak
2014-09-02 19:23 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-09-02 19:20 - 2014-09-24 19:55 - 00000000 ____D () C:\Qoobox
2014-09-02 19:20 - 2011-06-26 02:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-09-02 19:20 - 2010-11-07 13:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-09-02 19:20 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-09-02 19:20 - 2000-08-30 20:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-09-02 19:19 - 2014-09-02 19:45 - 00000000 ____D () C:\WINDOWS\erdnt
2014-09-02 18:04 - 2014-09-02 18:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-02 17:58 - 2014-09-02 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-02 17:53 - 2014-09-02 17:53 - 00001041 _____ () C:\Documents and Settings\bobb\My Documents\reboot.txt
2014-09-02 13:58 - 2014-09-02 13:58 - 00000000 ____D () C:\Program Files\Sony
2014-09-02 13:57 - 2014-09-02 13:57 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Sony
2014-09-02 13:50 - 2014-09-02 13:50 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Sony
2014-09-02 10:19 - 2014-09-02 10:24 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\ASB Rounds
2014-09-01 16:52 - 2014-09-01 16:52 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Chromium
2014-09-01 16:47 - 2014-09-01 16:47 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\The Lord of the Rings Online
2014-09-01 15:54 - 2014-09-01 15:56 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\RB3 Metropolis PT 2
2014-08-31 20:32 - 2014-09-13 15:16 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Pokemon
2014-08-30 15:24 - 2014-08-30 15:26 - 06657442 _____ () C:\Documents and Settings\bobb\My Documents\theme.wav
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-25 19:18 - 2013-12-02 09:54 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Temp
2014-09-25 19:17 - 2014-08-03 20:21 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\BitTorrent
2014-09-25 19:10 - 2014-08-03 10:05 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-583907252-839522115-1006UA.job
2014-09-25 19:09 - 2014-09-25 19:07 - 00000000 ____D () C:\FRST
2014-09-25 19:09 - 2014-09-25 19:05 - 00000000 ____D () C:\Documents and Settings\bobb\Desktop\Recovery Tools
2014-09-25 19:07 - 2014-07-28 21:43 - 00000000 ____D () C:\Program Files\Steam
2014-09-25 19:03 - 2014-07-28 21:41 - 00010486 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-09-25 19:02 - 2006-03-24 13:23 - 01782935 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-25 18:58 - 2014-08-06 08:53 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 18:57 - 2014-09-25 18:57 - 00030976 _____ () C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2014-09-25 18:57 - 2014-09-04 14:25 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-09-25 18:57 - 2001-08-23 08:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-25 18:56 - 2004-04-01 11:31 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-25 18:56 - 2004-04-01 11:31 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-09-25 18:55 - 2008-04-22 10:53 - 00000070 _____ () C:\WINDOWS\system32\Drivers\etc\hosts-lms.tmp
2014-09-25 18:54 - 2014-09-25 09:15 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-25 18:54 - 2014-08-21 20:39 - 00216791 _____ () C:\WINDOWS\setupapi.log
2014-09-25 18:54 - 2014-08-06 08:53 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 18:54 - 2004-04-01 16:44 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-25 15:47 - 2007-01-11 17:06 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-09-25 15:47 - 2004-04-01 16:54 - 00032596 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-25 15:37 - 2014-09-25 15:37 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-25 15:26 - 2004-04-01 16:39 - 00000063 _____ () C:\WINDOWS\vbaddin.ini
2014-09-25 15:19 - 2013-12-02 09:54 - 00000178 ___SH () C:\Documents and Settings\bobb\ntuser.ini
2014-09-25 14:59 - 2014-07-29 08:56 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Skype
2014-09-25 14:26 - 2014-09-25 14:24 - 54386502 _____ () C:\Documents and Settings\bobb\My Documents\Any Minute louder drums.wav
2014-09-25 14:19 - 2014-09-25 14:17 - 54386502 _____ () C:\Documents and Settings\bobb\My Documents\Any Minute.wav
2014-09-25 12:18 - 2014-09-25 12:17 - 00010745 _____ () C:\WINDOWS\KB981997.log
2014-09-25 12:18 - 2007-01-11 17:06 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-25 12:18 - 2004-04-01 18:52 - 00303222 _____ () C:\WINDOWS\netfxocm.log
2014-09-25 12:18 - 2004-04-01 18:52 - 00122618 _____ () C:\WINDOWS\MedCtrOC.log
2014-09-25 12:18 - 2004-04-01 18:52 - 00087392 _____ () C:\WINDOWS\tabletoc.log
2014-09-25 12:18 - 2004-04-01 11:28 - 01930344 _____ () C:\WINDOWS\iis6.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00847347 _____ () C:\WINDOWS\ocgen.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00801596 _____ () C:\WINDOWS\tsoc.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00593097 _____ () C:\WINDOWS\comsetup.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00361015 _____ () C:\WINDOWS\ntdtcsetup.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00095285 _____ () C:\WINDOWS\ocmsn.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00087420 _____ () C:\WINDOWS\msgsocm.log
2014-09-25 12:18 - 2004-04-01 11:28 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-09-25 12:17 - 2014-09-25 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-09-25 12:17 - 2014-09-24 20:00 - 00017615 _____ () C:\WINDOWS\KB2813345.log
2014-09-25 12:17 - 2014-09-24 19:59 - 00016744 _____ () C:\WINDOWS\KB2509553.log
2014-09-25 12:17 - 2007-01-11 14:06 - 00189256 _____ () C:\WINDOWS\updspapi.log
2014-09-25 12:17 - 2007-01-11 13:49 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-09-25 12:17 - 2004-04-01 16:41 - 00000000 ____D () C:\Program Files\Movie Maker
2014-09-25 12:17 - 2004-04-01 11:28 - 01741398 _____ () C:\WINDOWS\FaxSetup.log
2014-09-25 12:17 - 2004-04-01 11:28 - 00541840 _____ () C:\WINDOWS\msmqinst.log
2014-09-25 12:17 - 2004-04-01 11:28 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-09-25 12:16 - 2014-09-25 12:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-09-25 12:16 - 2014-09-24 22:34 - 00022495 _____ () C:\WINDOWS\KB2936068-IE8.log
2014-09-25 12:16 - 2014-09-24 19:53 - 00012269 _____ () C:\WINDOWS\KB982665.log
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-09-25 12:15 - 2014-09-25 12:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-09-25 12:15 - 2014-09-24 16:24 - 00012369 _____ () C:\WINDOWS\KB2620712.log
2014-09-25 12:15 - 2014-09-24 16:16 - 00011740 _____ () C:\WINDOWS\KB2584146.log
2014-09-25 12:01 - 2014-08-08 10:06 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Spotify
2014-09-25 11:34 - 2014-07-28 21:28 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-09-25 11:33 - 2014-09-25 11:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-09-25 11:33 - 2014-09-25 11:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-09-25 11:33 - 2014-09-24 21:35 - 00018443 _____ () C:\WINDOWS\KB2868626.log
2014-09-25 11:33 - 2014-09-24 21:34 - 00017761 _____ () C:\WINDOWS\KB2922229.log
2014-09-25 11:33 - 2004-04-01 11:28 - 00573890 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-25 11:25 - 2014-09-25 11:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-09-25 11:25 - 2014-09-25 11:24 - 00011289 _____ () C:\WINDOWS\KB2387149.log
2014-09-25 11:24 - 2014-09-25 11:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-09-25 11:24 - 2014-09-24 21:24 - 00020150 _____ () C:\WINDOWS\KB2712808.log
2014-09-25 11:18 - 2014-09-25 11:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-09-25 11:18 - 2014-09-24 21:46 - 00020411 _____ () C:\WINDOWS\KB2479943.log
2014-09-25 10:55 - 2004-04-01 11:28 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-25 10:45 - 2001-08-23 08:00 - 00000696 _____ () C:\WINDOWS\win.ini
2014-09-25 10:25 - 2014-08-06 08:54 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-09-25 10:10 - 2014-08-03 10:05 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-583907252-839522115-1006Core.job
2014-09-25 10:03 - 2014-08-08 10:07 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Spotify
2014-09-25 09:42 - 2014-09-25 09:15 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-25 09:07 - 2006-03-24 13:23 - 00113083 _____ () C:\WINDOWS\spupdsvc.log
2014-09-25 09:04 - 2004-04-01 11:26 - 00269392 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-25 01:14 - 2014-09-25 01:14 - 00035867 _____ () C:\WINDOWS\KB2659262.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00034648 _____ () C:\WINDOWS\KB2564958.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00033218 _____ () C:\WINDOWS\KB2934207.log
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-09-25 01:14 - 2014-09-25 01:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-09-25 01:14 - 2014-09-24 21:06 - 00044308 _____ () C:\WINDOWS\KB2478971.log
2014-09-25 01:14 - 2014-09-24 21:06 - 00042587 _____ () C:\WINDOWS\KB2916036.log
2014-09-25 01:08 - 2014-09-25 01:08 - 00032750 _____ () C:\WINDOWS\KB2834886.log
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-09-25 01:08 - 2014-09-25 01:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-09-25 01:08 - 2014-09-24 21:05 - 00043873 _____ () C:\WINDOWS\KB2345886.log
2014-09-25 01:08 - 2014-09-24 21:05 - 00043721 _____ () C:\WINDOWS\KB2544893-v2.log
2014-09-25 01:07 - 2014-09-25 01:07 - 00035494 _____ () C:\WINDOWS\KB2536276-v2.log
2014-09-25 01:07 - 2014-09-25 01:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-09-25 01:07 - 2014-09-24 21:05 - 00043825 _____ () C:\WINDOWS\KB2585542.log
2014-09-25 01:06 - 2014-09-25 01:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-09-25 01:06 - 2014-09-25 01:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-09-25 01:06 - 2014-09-24 21:04 - 00041870 _____ () C:\WINDOWS\KB2631813.log
2014-09-25 01:05 - 2014-09-25 01:05 - 00032358 _____ () C:\WINDOWS\KB2964358-IE8.log
2014-09-25 01:05 - 2014-09-25 01:05 - 00031309 _____ () C:\WINDOWS\KB2296011.log
2014-09-25 01:05 - 2014-09-25 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-09-25 01:05 - 2014-09-25 01:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-09-25 01:05 - 2014-09-24 21:04 - 00042319 _____ () C:\WINDOWS\KB2691442.log
2014-09-25 01:04 - 2014-09-25 01:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-09-25 00:59 - 2014-09-25 00:59 - 00030717 _____ () C:\WINDOWS\KB2900986.log
2014-09-25 00:59 - 2014-09-25 00:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-09-25 00:54 - 2014-09-25 00:54 - 00033891 _____ () C:\WINDOWS\KB955759.log
2014-09-25 00:54 - 2014-09-25 00:54 - 00031698 _____ () C:\WINDOWS\KB975558.log
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-09-25 00:54 - 2014-09-25 00:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-09-25 00:54 - 2014-09-24 21:03 - 00038193 _____ () C:\WINDOWS\KB2847311.log
2014-09-25 00:41 - 2014-09-25 00:41 - 00029697 _____ () C:\WINDOWS\KB2378111.log
2014-09-25 00:41 - 2014-09-25 00:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-09-25 00:41 - 2014-09-25 00:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-09-25 00:41 - 2014-09-24 21:03 - 00040012 _____ () C:\WINDOWS\KB974318.log
2014-09-25 00:41 - 2004-04-01 18:38 - 00121268 _____ () C:\WINDOWS\wmsetup.log
2014-09-25 00:40 - 2014-09-25 00:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-09-25 00:40 - 2014-09-25 00:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-09-25 00:40 - 2014-09-24 21:03 - 00038840 _____ () C:\WINDOWS\KB2443105.log
2014-09-25 00:40 - 2014-09-24 21:02 - 00038959 _____ () C:\WINDOWS\KB2655992.log
2014-09-25 00:35 - 2014-09-25 00:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-09-25 00:35 - 2014-09-24 21:02 - 00038452 _____ () C:\WINDOWS\KB2802968.log
2014-09-25 00:34 - 2014-09-25 00:34 - 00030121 _____ () C:\WINDOWS\KB2229593.log
2014-09-25 00:34 - 2014-09-25 00:34 - 00029181 _____ () C:\WINDOWS\KB2485663.log
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-09-25 00:34 - 2014-09-25 00:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-09-25 00:34 - 2014-09-24 21:02 - 00039566 _____ () C:\WINDOWS\KB2481109.log
2014-09-25 00:34 - 2014-09-24 21:02 - 00036405 _____ () C:\WINDOWS\KB2898715.log
2014-09-25 00:34 - 2014-09-24 21:01 - 00037469 _____ () C:\WINDOWS\KB975713.log
2014-09-25 00:34 - 2014-09-24 21:01 - 00037204 _____ () C:\WINDOWS\KB2598479.log
2014-09-25 00:33 - 2014-09-25 00:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-09-25 00:32 - 2014-09-25 00:32 - 00029258 _____ () C:\WINDOWS\KB2686509.log
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-09-25 00:32 - 2014-09-25 00:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-09-25 00:32 - 2014-09-25 00:31 - 00027748 _____ () C:\WINDOWS\KB2862335.log
2014-09-25 00:32 - 2014-09-24 21:01 - 00036124 _____ () C:\WINDOWS\KB982132.log
2014-09-25 00:32 - 2014-09-24 21:01 - 00033891 _____ () C:\WINDOWS\KB2929961.log
2014-09-25 00:31 - 2010-07-29 08:53 - 00003245 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-09-25 00:29 - 2014-09-25 00:29 - 00027416 _____ () C:\WINDOWS\KB961118.log
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-09-25 00:29 - 2014-09-25 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-09-25 00:29 - 2014-09-24 21:01 - 00036648 _____ () C:\WINDOWS\KB978338.log
2014-09-25 00:29 - 2014-09-24 21:00 - 00036536 _____ () C:\WINDOWS\KB2507938.log
2014-09-25 00:28 - 2014-09-25 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-09-25 00:28 - 2014-09-25 00:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-09-25 00:28 - 2014-09-24 21:00 - 00036036 _____ () C:\WINDOWS\KB2780091.log
2014-09-25 00:23 - 2014-09-25 00:23 - 00026685 _____ () C:\WINDOWS\KB2904266.log
2014-09-25 00:23 - 2014-09-25 00:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-09-25 00:23 - 2007-07-12 18:14 - 00352338 _____ () C:\WINDOWS\system32\TZLog.log
2014-09-25 00:22 - 2014-09-25 00:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-09-25 00:22 - 2014-09-25 00:22 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-09-25 00:22 - 2014-09-24 20:54 - 00033904 _____ () C:\WINDOWS\KB2876217.log
2014-09-25 00:22 - 2014-09-24 20:53 - 00036659 _____ () C:\WINDOWS\KB2483185.log
2014-09-25 00:21 - 2014-09-25 00:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-09-25 00:14 - 2014-09-24 20:50 - 00035976 _____ () C:\WINDOWS\KB979687.log
2014-09-25 00:13 - 2014-09-25 00:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-09-25 00:13 - 2014-09-25 00:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-09-25 00:13 - 2014-09-24 20:50 - 00032878 _____ () C:\WINDOWS\KB2930275.log
2014-09-25 00:12 - 2014-09-25 00:12 - 00026831 _____ () C:\WINDOWS\KB2592799.log
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-09-25 00:12 - 2014-09-25 00:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-09-25 00:12 - 2014-09-24 20:50 - 00034314 _____ () C:\WINDOWS\KB2719985.log
2014-09-25 00:12 - 2014-09-24 20:50 - 00031445 _____ () C:\WINDOWS\KB2864063.log
2014-09-25 00:12 - 2014-09-24 20:49 - 00031830 _____ () C:\WINDOWS\KB2862152.log
2014-09-25 00:11 - 2014-09-25 00:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-09-24 23:57 - 2014-09-24 23:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-09-24 23:55 - 2014-09-24 23:55 - 00026684 _____ () C:\WINDOWS\KB2535512.log
2014-09-24 23:55 - 2014-09-24 23:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-09-24 23:55 - 2014-09-24 23:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-09-24 23:55 - 2014-09-24 20:44 - 00032869 _____ () C:\WINDOWS\KB977816.log
2014-09-24 23:54 - 2014-09-24 23:54 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft Help
2014-09-24 23:53 - 2014-09-24 23:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-09-24 23:53 - 2014-09-24 23:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-09-24 23:53 - 2014-09-24 20:44 - 00030920 _____ () C:\WINDOWS\KB2876331.log
2014-09-24 23:53 - 2014-09-24 20:44 - 00030616 _____ () C:\WINDOWS\KB2850869.log
2014-09-24 23:53 - 2014-09-24 20:43 - 00031826 _____ () C:\WINDOWS\KB2859537.log
2014-09-24 23:52 - 2014-09-24 23:52 - 00026652 _____ () C:\WINDOWS\KB2807986.log
2014-09-24 23:52 - 2014-09-24 23:52 - 00025952 _____ () C:\WINDOWS\KB2570947.log
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-09-24 23:52 - 2014-09-24 23:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-09-24 23:50 - 2014-09-24 23:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-24 23:17 - 2014-09-24 23:17 - 00027609 _____ () C:\WINDOWS\KB2868038.log
2014-09-24 23:17 - 2014-09-24 23:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-09-24 23:17 - 2014-09-24 23:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-09-24 23:17 - 2014-09-24 23:16 - 00022102 _____ () C:\WINDOWS\KB978695.log
2014-09-24 23:16 - 2014-09-24 23:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-09-24 23:16 - 2014-09-24 20:36 - 00032415 _____ () C:\WINDOWS\KB2820917.log
2014-09-24 23:09 - 2014-09-24 23:09 - 00026091 _____ () C:\WINDOWS\KB973904.log
2014-09-24 23:09 - 2014-09-24 23:09 - 00025159 _____ () C:\WINDOWS\KB2603381.log
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-09-24 23:09 - 2014-09-24 23:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-09-24 23:09 - 2014-09-24 20:35 - 00031606 _____ () C:\WINDOWS\KB2757638.log
2014-09-24 23:09 - 2014-09-24 20:35 - 00029599 _____ () C:\WINDOWS\KB2893294.log
2014-09-24 23:09 - 2014-09-24 20:34 - 00033162 _____ () C:\WINDOWS\KB2419632.log
2014-09-24 23:09 - 2014-09-24 20:34 - 00026231 _____ () C:\WINDOWS\KB2508429.log
2014-09-24 23:08 - 2014-09-24 23:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-09-24 23:07 - 2014-09-24 23:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-09-24 23:07 - 2014-09-24 23:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-09-24 23:07 - 2014-09-24 20:34 - 00025506 _____ () C:\WINDOWS\KB2653956.log
2014-09-24 23:07 - 2014-09-24 20:34 - 00025025 _____ () C:\WINDOWS\KB974392.log
2014-09-24 23:06 - 2014-09-24 23:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-09-24 23:06 - 2014-09-24 20:33 - 00024580 _____ () C:\WINDOWS\KB2749655.log
2014-09-24 23:06 - 2014-09-24 20:33 - 00024208 _____ () C:\WINDOWS\KB971029.log
2014-09-24 23:05 - 2014-09-24 23:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-09-24 23:04 - 2014-09-24 20:33 - 00022948 _____ () C:\WINDOWS\KB2506212.log
2014-09-24 23:03 - 2014-09-24 23:03 - 00011445 _____ () C:\WINDOWS\KB2803821-v2.log
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-09-24 23:03 - 2014-09-24 23:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-09-24 23:03 - 2014-09-24 23:02 - 00018125 _____ () C:\WINDOWS\KB2698365.log
2014-09-24 23:03 - 2014-09-24 20:32 - 00024564 _____ () C:\WINDOWS\KB977914.log
2014-09-24 23:03 - 2014-09-24 20:32 - 00020382 _____ () C:\WINDOWS\KB2892075.log
2014-09-24 23:02 - 2014-09-24 23:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-09-24 23:02 - 2014-09-24 23:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-09-24 23:02 - 2014-09-24 20:31 - 00022683 _____ () C:\WINDOWS\KB2705219-v2.log
2014-09-24 23:02 - 2014-09-24 20:31 - 00022020 _____ () C:\WINDOWS\KB2619339.log
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-09-24 22:56 - 2014-09-24 22:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-09-24 22:56 - 2014-09-24 20:31 - 00021182 _____ () C:\WINDOWS\KB978542.log
2014-09-24 22:56 - 2014-09-24 20:31 - 00021065 _____ () C:\WINDOWS\KB2727528.log
2014-09-24 22:56 - 2014-09-24 20:31 - 00020982 _____ () C:\WINDOWS\KB979482.log
2014-09-24 22:56 - 2014-09-24 20:30 - 00021101 _____ () C:\WINDOWS\KB978706.log
2014-09-24 22:56 - 2014-09-24 16:23 - 00020152 _____ () C:\WINDOWS\KB979309.log
2014-09-24 22:56 - 2004-04-01 16:40 - 00000000 ____D () C:\Program Files\Outlook Express
2014-09-24 22:55 - 2014-09-24 22:55 - 00017016 _____ () C:\WINDOWS\KB2723135-v2.log
2014-09-24 22:55 - 2014-09-24 22:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-09-24 22:55 - 2014-09-24 22:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-09-24 22:48 - 2014-09-24 22:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-09-24 22:45 - 2014-09-24 22:45 - 00229208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMM.sys
2014-09-24 22:43 - 2004-04-01 16:40 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-24 22:42 - 2014-09-24 22:42 - 00013195 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-09-24 22:37 - 2014-08-21 20:32 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-09-24 22:34 - 2014-09-24 22:34 - 00011629 _____ () C:\WINDOWS\KB2510531-IE8.log
2014-09-24 22:22 - 2014-09-24 22:22 - 00316680 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG
2014-09-24 22:02 - 2014-09-24 22:02 - 00013031 _____ () C:\WINDOWS\KB2393802.log
2014-09-24 22:02 - 2014-09-24 22:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-09-24 22:00 - 2014-09-24 22:00 - 00010881 _____ () C:\WINDOWS\KB2566454.log
2014-09-24 22:00 - 2014-09-24 22:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-09-24 22:00 - 2014-09-24 21:59 - 00010677 _____ () C:\WINDOWS\KB2661637.log
2014-09-24 21:59 - 2014-09-24 21:59 - 00008817 _____ () C:\WINDOWS\KB2914368.log
2014-09-24 21:59 - 2014-09-24 21:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-09-24 21:59 - 2014-09-24 21:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-09-24 21:54 - 2014-09-24 21:51 - 00010788 _____ () C:\WINDOWS\KB2423089.log
2014-09-24 21:53 - 2014-09-24 21:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-09-24 19:59 - 2014-09-24 19:55 - 00004276 _____ () C:\WINDOWS\KB2676562.log
2014-09-24 19:55 - 2014-09-02 19:20 - 00000000 ____D () C:\Qoobox
2014-09-23 20:02 - 2004-04-01 11:22 - 00000000 ____D () C:\WINDOWS\Help
2014-09-23 16:04 - 2014-08-11 20:11 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-09-22 17:03 - 2004-04-01 16:41 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-09-22 17:02 - 2014-09-22 17:02 - 00043696 _____ () C:\6a27ffc1-1af1-4af0-a6b7-ba844673f287.dmp
2014-09-22 17:02 - 2014-09-22 17:02 - 00000663 _____ () C:\Documents and Settings\All Users\Desktop\World of Tanks.lnk
2014-09-22 17:02 - 2014-09-22 17:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\World of Tanks
2014-09-22 17:02 - 2014-08-03 10:25 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-09-22 17:01 - 2014-09-22 17:01 - 00000000 ____D () C:\Games
2014-09-21 18:09 - 2014-09-18 18:48 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Dream Theater Bootlegs
2014-09-21 16:29 - 2014-09-21 16:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ffdshow
2014-09-21 16:29 - 2014-09-21 16:26 - 00000000 ____D () C:\Program Files\ffdshow
2014-09-21 16:21 - 2014-08-03 10:44 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\vlc
2014-09-21 08:53 - 2014-07-29 08:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-09-21 08:52 - 2014-09-21 08:52 - 00001878 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ___RD () C:\Program Files\Skype
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-21 08:52 - 2014-09-21 08:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-09-20 17:29 - 2014-09-20 17:23 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Battle.net
2014-09-20 17:24 - 2014-09-20 17:24 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Blizzard Entertainment
2014-09-20 17:23 - 2014-09-20 17:23 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Battle.net
2014-09-20 17:22 - 2014-09-20 17:14 - 00000000 ____D () C:\Program Files\Battle.net
2014-09-20 17:22 - 2014-09-20 17:14 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Battle.net
2014-09-20 17:22 - 2014-09-20 17:14 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
2014-09-20 17:19 - 2014-09-20 17:14 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-09-20 17:05 - 2014-09-20 17:05 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Battle.net
2014-09-20 10:10 - 2014-09-20 10:10 - 00043696 _____ () C:\cda06d94-00d1-4a86-a65f-a22ee4f93e06.dmp
2014-09-20 10:06 - 2014-07-29 12:11 - 00000000 ____D () C:\Documents and Settings\bobb\Desktop\Games
2014-09-19 19:12 - 2014-09-19 19:12 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Old DT Torrents
2014-09-19 15:21 - 2014-08-12 15:42 - 00000000 ____D () C:\AdwCleaner
2014-09-19 11:34 - 2013-12-02 09:54 - 00070056 _____ () C:\Documents and Settings\bobb\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-09-19 11:12 - 2014-09-19 11:12 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Old BitTorrent App Data
2014-09-16 21:33 - 2014-08-11 21:42 - 01231324 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1606980848-583907252-839522115-1006-0.dat
2014-09-16 21:33 - 2014-08-11 17:25 - 00274158 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-09-16 16:56 - 2013-09-19 16:37 - 00000717 _____ () C:\Documents and Settings\All Users\Desktop\CPUID CPU-Z.lnk
2014-09-16 16:15 - 2014-08-22 19:24 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-15 16:22 - 2014-09-15 16:22 - 00000386 _____ () C:\Documents and Settings\bobb\My Documents\klijlk.txt
2014-09-15 16:14 - 2014-09-15 16:13 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Skyrim
2014-09-15 16:12 - 2014-09-15 16:09 - 00000000 ____D () C:\07cf0bd6eb5bb3913a98ef03e9bba66e
2014-09-15 15:57 - 2014-08-03 10:22 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\My Games
2014-09-14 20:12 - 2014-07-29 09:02 - 00000000 ____D () C:\Documents and Settings\bobb\Start Menu\Programs\Steam
2014-09-14 18:51 - 2014-09-03 08:55 - 00000000 ____D () C:\WINDOWS\pss
2014-09-14 18:51 - 2004-04-01 11:26 - 00000327 __RSH () C:\boot.ini
2014-09-14 18:51 - 2001-08-23 08:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-09-14 18:48 - 2014-09-14 18:48 - 00090112 _____ () C:\WINDOWS\Minidump\Mini091414-01.dmp
2014-09-14 18:48 - 2014-07-29 21:20 - 00000000 ____D () C:\WINDOWS\Minidump
2014-09-14 18:11 - 2014-08-10 13:00 - 00025600 _____ () C:\Documents and Settings\bobb\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-14 18:11 - 2014-08-02 17:40 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Bandicam
2014-09-14 17:15 - 2014-09-14 17:15 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\BANDISOFT
2014-09-14 15:38 - 2014-09-14 15:38 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-09-14 15:38 - 2014-07-28 20:54 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-13 21:30 - 2014-07-29 16:19 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Audacity
2014-09-13 17:47 - 2014-09-13 17:46 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Splitscreen for homeboy
2014-09-13 15:16 - 2014-08-31 20:32 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Pokemon
2014-09-13 12:37 - 2004-04-01 16:55 - 00000178 ___SH () C:\Documents and Settings\Student\ntuser.ini
2014-09-13 12:37 - 2004-04-01 16:55 - 00000000 ____D () C:\Documents and Settings\Student\Local Settings\Temp
2014-09-11 21:03 - 2014-09-11 21:03 - 00000113 _____ () C:\Documents and Settings\bobb\My Documents\PROG KLIJDFG.mid
2014-09-11 21:01 - 2014-09-11 21:01 - 11222778 _____ () C:\Documents and Settings\bobb\My Documents\PROG ;RMKETG.wav
2014-09-11 20:16 - 2014-07-29 13:13 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\EOF
2014-09-09 18:05 - 2014-08-07 16:32 - 00000000 ____D () C:\Documents and Settings\bobb\.gimp-2.8
2014-09-08 18:16 - 2014-07-29 11:56 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\NetBeansProjects
2014-09-08 18:15 - 2014-09-08 18:15 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\New Folder
2014-09-08 18:15 - 2014-07-29 12:10 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\Java Libraries
2014-09-08 18:14 - 2014-09-08 18:14 - 00000048 _____ () C:\Documents and Settings\bobb\My Documents\CloudRunTP.txt
2014-09-08 18:14 - 2014-09-08 18:14 - 00000048 _____ () C:\Documents and Settings\bobb\My Documents\CloudRunTP.bat
2014-09-08 18:08 - 2014-07-29 11:52 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-09-08 17:46 - 2014-08-13 13:28 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\REAPER Media
2014-09-08 16:43 - 2014-08-03 10:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WarThunder
2014-09-08 16:33 - 2014-09-08 16:33 - 00043664 _____ () C:\a2ac8fea-39ce-4627-ac64-eaaddc4e8c89.dmp
2014-09-06 18:49 - 2014-09-06 18:49 - 02131942 _____ () C:\Documents and Settings\bobb\My Documents\untitled.wav
2014-09-06 12:25 - 2014-09-06 12:25 - 04808774 _____ () C:\Documents and Settings\bobb\My Documents\caprice song.wav
2014-09-05 12:29 - 2014-09-05 12:29 - 00000974 _____ () C:\Documents and Settings\bobb\My Documents\sabi moves.txt
2014-09-04 14:26 - 2014-09-04 14:26 - 00000766 _____ () C:\Documents and Settings\All Users\Desktop\Emsisoft Anti-Malware.lnk
2014-09-04 14:26 - 2014-09-04 14:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Emsisoft Anti-Malware
2014-09-04 14:09 - 2014-09-04 14:09 - 00034394 _____ () C:\WINDOWS\system32\.crusader
2014-09-04 14:08 - 2014-09-04 13:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-09-04 13:29 - 2014-09-04 13:29 - 00001610 _____ () C:\Documents and Settings\All Users\Desktop\HitmanPro.lnk
2014-09-04 13:29 - 2014-09-04 13:29 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-04 13:29 - 2014-09-04 13:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HitmanPro
2014-09-04 13:20 - 2014-09-04 13:20 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\{E092747D-0094-4672-9917-8FA1BC83E2B0}
2014-09-03 20:28 - 2009-11-20 15:36 - 00000000 __HDC () C:\WINDOWS\ie8
2014-09-03 20:28 - 2006-03-24 13:14 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-09-03 14:27 - 2014-09-03 11:52 - 61952078 _____ () C:\Documents and Settings\bobb\My Documents\flamenco intro.wav
2014-09-03 10:03 - 2014-09-03 09:50 - 59461394 _____ () C:\Documents and Settings\bobb\My Documents\morbid poops.wav
2014-09-03 08:40 - 2004-04-01 16:41 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-09-02 19:48 - 2014-09-02 19:48 - 00021557 _____ () C:\ComboFix.txt
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-09-02 19:48 - 2014-09-02 19:48 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-09-02 19:48 - 2004-04-01 16:54 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-09-02 19:46 - 2004-04-01 11:22 - 00000000 ____D () C:\WINDOWS\repair
2014-09-02 19:45 - 2014-09-02 19:19 - 00000000 ____D () C:\WINDOWS\erdnt
2014-09-02 19:23 - 2014-09-02 19:23 - 00000000 _RSHD () C:\cmdcons
2014-09-02 18:04 - 2014-09-02 18:04 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-02 17:58 - 2014-09-02 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-02 17:53 - 2014-09-02 17:53 - 00001041 _____ () C:\Documents and Settings\bobb\My Documents\reboot.txt
2014-09-02 13:58 - 2014-09-02 13:58 - 00000000 ____D () C:\Program Files\Sony
2014-09-02 13:57 - 2014-09-02 13:57 - 00000000 ____D () C:\Documents and Settings\bobb\Application Data\Sony
2014-09-02 13:50 - 2014-09-02 13:50 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Sony
2014-09-02 10:24 - 2014-09-02 10:19 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\ASB Rounds
2014-09-01 20:47 - 2007-01-11 14:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB914389$
2014-09-01 16:55 - 2014-08-02 11:43 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\The Lord of the Rings Online
2014-09-01 16:52 - 2014-09-01 16:52 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Chromium
2014-09-01 16:47 - 2014-09-01 16:47 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\The Lord of the Rings Online
2014-09-01 15:56 - 2014-09-01 15:54 - 00000000 ____D () C:\Documents and Settings\bobb\My Documents\RB3 Metropolis PT 2
2014-09-01 13:14 - 2014-08-02 11:43 - 00000000 ____D () C:\Documents and Settings\bobb\Local Settings\Application Data\Turbine
2014-08-30 15:26 - 2014-08-30 15:24 - 06657442 _____ () C:\Documents and Settings\bobb\My Documents\theme.wav
2014-08-29 13:01 - 2007-01-11 14:11 - 98758480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
Files to move or delete:
====================
C:\Documents and Settings\bobb\jagex_cl_runescape_LIVE.dat
C:\Documents and Settings\bobb\random.dat
 
 
Some content of TEMP:
====================
C:\Documents and Settings\bobb\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\bobb\Local Settings\Temp\{B591E79D-FB02-4C12-B959-340D637C52A4}-37.0.2062.124_37.0.2062.120_chrome_updater.exe
C:\Documents and Settings\Student\Local Settings\Temp\converter.exe
C:\Documents and Settings\Student\Local Settings\Temp\msxml6-KB927977-enu-x86.exe
C:\Documents and Settings\Student\Local Settings\Temp\ose00000.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 26 September 2014 - 08:00 AM

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com [Not Found]
FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\quinnreilly@aol.com [Not Found]
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S3 aeaudio; system32\drivers\aeaudio.sys [X]
S3 catchme; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MidiSyn; system32\drivers\MidiSyn.sys [X]
S3 smwdm; system32\drivers\smwdm.sys [X]
C:\Documents and Settings\bobb\Local Settings\Temp\{B591E79D-FB02-4C12-B959-340D637C52A4}-37.0.2062.124_37.0.2062.120_chrome_updater.exe
C:\Documents and Settings\Student\Local Settings\Temp\converter.exe
C:\Documents and Settings\Student\Local Settings\Temp\msxml6-KB927977-enu-x86.exe
C:\Documents and Settings\Student\Local Settings\Temp\ose00000.exe

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

#7 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 26 September 2014 - 04:49 PM

Fixlog.txt:
[code=auto:0]Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-09-2014
Ran by bobb at 2014-09-26 16:56:55 Run:1
Running from C:\Documents and Settings\bobb\Desktop\Recovery Tools
Loaded Profile: bobb (Available profiles: Student & bobb)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com [Not Found]
FF Extension: No Name - C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\quinnreilly@aol.com [Not Found]
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S3 aeaudio; system32\drivers\aeaudio.sys [X]
S3 catchme; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\catchme.sys [X]
S3 cpuz134; \??\C:\DOCUME~1\bobb\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 MidiSyn; system32\drivers\MidiSyn.sys [X]
S3 smwdm; system32\drivers\smwdm.sys [X]
C:\Documents and Settings\bobb\Local Settings\Temp\{B591E79D-FB02-4C12-B959-340D637C52A4}-37.0.2062.124_37.0.2062.120_chrome_updater.exe
C:\Documents and Settings\Student\Local Settings\Temp\converter.exe
C:\Documents and Settings\Student\Local Settings\Temp\msxml6-KB927977-enu-x86.exe
C:\Documents and Settings\Student\Local Settings\Temp\ose00000.exe

End
*****************

C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com => not found.
C:\Documents and Settings\bobb\Application Data\Mozilla\Firefox\Profiles\j4p3he09.default\extensions\quinnreilly@aol.com => not found.
ReimageRealTimeProtector => Service deleted successfully.
aeaudio => Service deleted successfully.
catchme => Service deleted successfully.
cpuz134 => Service deleted successfully.
hpt3xx => Service deleted successfully.
IntelIde => Service deleted successfully.
MidiSyn => Service deleted successfully.
smwdm => Service deleted successfully.
C:\Documents and Settings\bobb\Local Settings\Temp\{B591E79D-FB02-4C12-B959-340D637C52A4}-37.0.2062.124_37.0.2062.120_chrome_updater.exe => Moved successfully.
C:\Documents and Settings\Student\Local Settings\Temp\converter.exe => Moved successfully.
C:\Documents and Settings\Student\Local Settings\Temp\msxml6-KB927977-enu-x86.exe => Moved successfully.
C:\Documents and Settings\Student\Local Settings\Temp\ose00000.exe => Moved successfully.

==== End of Fixlog ====

checkup.txt:
[code=auto:0] Results of screen317's Security Check version 0.99.87
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Please wait while WMIC is being installed.
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java SE Development Kit 7 Update 67
Adobe Flash Player 11.9.900.117 Flash Player out of Date!
Adobe Reader 7 Adobe Reader out of Date!
Mozilla Firefox (31.0)
Google Chrome 37.0.2062.120
Google Chrome 37.0.2062.124
Google Chrome version.dll..
Google Chrome version1.dll..
````````Process Check: objlist.exe by Laurent````````
Emsisoft Anti-Malware a2service.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 24% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


Forgot to restart between the two, so I'll do that now and post how my computer is.

Edited by nasdaq, 27 September 2014 - 08:18 AM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 27 September 2014 - 08:22 AM

Get the latest version of the Adobe Reader.
http://get.adobe.com/reader/
Before your download I suggest you unckeck the box on the top right "Yes, install McAfee Security Scan Plus - optional" this is not required if you are not a McAfee subscriber. While the installation is in progress you can also deny the installation of any other programs that may be suggested.

When installed remove your old version of the Reader using the Add/Remove Programs applet if present.
<<<>>>

Critical vulnerabilities have been identified in old version of Adobe Flash Player please get the latest version.

Flash test site:
http://www.adobe.com/software/flash/about/
Install the new version or if you have the latest close the windows.

Flash Player Help / Find version
http://helpx.adobe.com/flash-player/kb/find-version-flash-player.html#main_Find_the_Flash_Player_version_installed_on_your_machine
===

Run the defrag.exe as described here.
http://support2.microsoft.com/kb/283080

This may take awhile. Do it when you know you will not need the computer.

How is the computer running now.

#9 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 27 September 2014 - 04:58 PM

I got Adobe Reader, but I actually have Adobe Flash Player 15.0.0.152. That might've been the other old account that said 11.9.900.117.

 

It seems to be running a bit faster, but internet is slow and Chrome processes are still popping up. Not where it was to begin with.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 28 September 2014 - 08:21 AM


Try these fixes.

Click the StartBtn.gif button. In the Search box, type Command Prompt, and then, in the list of results, double-click Command Prompt.

at the cursor type:
ipconfig /flushdns <-- (A space between g and / is needed)

ipconfig /release

repeat with
ipconfig /renew

Then hit Enter, type Exit, hit the Enter key.

You may need to run CMD - Command Prompt on Vista - Windows 7/8 with Elevated Privilege
http://www.bleepingcomputer.com/tutorials/windows-elevated-command-prompt/
<<<>>>

If that fails to remove the Redirects try this.
...

Reset all you Browsers.

Reset Chrome...
Click on "Customize and control Google Chrome":
 
p22003758.gif
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
====

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

Internet Explorer:
Menu > Tools > Internet Options > General Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.

===

How is it now?

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 04 October 2014 - 09:04 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 20 October 2014 - 07:17 AM

This topic has been re-opened at the request of the person who originally posted.

#13 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 20 October 2014 - 07:31 AM

My apologies for not responding. Kept forgetting to respond

Anyways, I did all that, but didn't really notice the internet being faster. Just to give an example, some PC games I have take a very long time to update, and take quire a while to connect to servers. However, my dad has been having slow internet too, and he says the router is dying. So this might not be my computer.

Anyways, since the closing of my topic, some ads were popping up in Chrome, but I got rid of those easily.

Do you have any tips for avoiding these viruses? I'm pretty good with computers but XP is virus-prone. I just need XP to survive until my dad gets time to give me a drive with 8.1; however, that could as long as this weekend to the end of this year.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:05 AM

Posted 20 October 2014 - 08:14 AM

Reset your router. It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

How to Secure Your Wireless Router
http://www.ehow.com/how_2253625_secure-wireless-router.html
===

Keep me posted.

#15 HardcoreButterfly

HardcoreButterfly
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 20 October 2014 - 03:18 PM

My dad is getting a new one, and either way I doubt he wants me resetting it... Sorry.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users