Solved Cvxasync.exe causing havoc, logs included

SFX099

SFX099

Posts: 22   +0
Hey guys I've been having a problem with this one file that likes to hide itself and disable all attempts of removal. Can anyone help me get rid of it?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Steve (administrator) on STEVE-BAPC on 05-05-2015 13:48:14
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (All) =========================

(Microsoft Corporation) C:\WINDOWS\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS\system32\csrss.exe
(Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS\system32\services.exe
(Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
() C:\Documents and Settings\All Users\nvxasync\cvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(Microsoft Corporation) C:\WINDOWS\system32\alg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Microsoft Corporation) C:\WINDOWS\explorer.exe
(SteelWerX) C:\ComboFix\swreg.3XE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
() C:\Program Files\MSI Afterburner\MSIAfterburner.exe
(Microsoft Corporation) C:\WINDOWS\system32\ctfmon.exe
() C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Documents and Settings\Steve\Desktop\FRST.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\wmiprvse.exe

==================== Registry (All) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [MSIAfterburner] => C:\Program Files\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe, [26112 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] Explorer.exe [1033728 2008-04-14] (Microsoft Corporation)
HKLM\...\Winlogon: [UIHost] C:\WINDOWS\system32\logonui.exe [514560 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2015-05-01] (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll [2013-10-07] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoDriveAutoRun] 67108863
HKLM\...\Policies\Explorer: [NoDriveTypeAutoRun] 323
HKLM\...\Policies\Explorer: [NoDrives] 0
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\System32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [nvxasync] => C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [153822720 2015-05-03] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\logon.scr [220672 2008-04-14] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll (Microsoft Corporation)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %systemroot%\system32\stobject.dll (Microsoft Corporation)
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINDOWS\System32\cscui.dll [2008-04-14] (Microsoft Corporation)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe

==================== Internet (All) ===========================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
URLSearchHook: HKU\S-1-5-21-790525478-2000478354-725345543-1004 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL [2014-08-25] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll [2014-09-20] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2014-02-24] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll [2011-10-10] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll [2014-04-30] (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll [2008-04-14] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\system32\mscoree.dll [2010-03-18] (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896 2006-02-28] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248 2006-02-28] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-01]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-05-05]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.surfvox.com/
CHR StartupUrls: Default -> "hxxp://www.surfvox.com/"
CHR DefaultSearchKeyword: Default -> surfvox.com
CHR DefaultSearchURL: Default -> http://www.google.com/?cx=partner-p...}&sa=Search&siteurl=www.surfvox.com/&ref=&ss=
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]
CHR Extension: (Google Drive) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05]
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2015-05-05]
StartMenuInternet: chrome.exe - "C:\Program Files\Google\Chrome\Application\chrome.exe"

==================== Services (All) ========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [643072 2015-05-01] (ATI Technologies Inc.)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S3 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Corp., Veritas Software)
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R3 EventSystem; C:\WINDOWS\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
S3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [107848 2015-05-05] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
R3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [293144 2014-03-24] (Logitech, Inc.)
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S3 mnmsrvc; C:\WINDOWS\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [78848 2008-04-14] (Microsoft Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R3 Nla; C:\WINDOWS\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 NtLmSsp; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-06] (Microsoft Corporation)
R2 PolicyAgent; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S3 RpcLocator; C:\WINDOWS\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S3 RSVP; C:\WINDOWS\system32\rsvp.exe [132608 2006-02-28] (Microsoft Corporation)
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
R3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S3 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation)
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation)
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [175104 2008-04-14] (Microsoft Corporation)
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation)
S3 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation)
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [X]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 SwPrv; C:\WINDOWS\system32\dllhost.exe /Processid:{CE4EC343-54DB-4CCD-8EA9-1016188C584F}

==================== Drivers (All) ==========================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11648 2006-02-28] (Microsoft Corporation)
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation)
S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50888 2014-09-19] (Advanced Micro Devices)
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [110808 2015-01-05] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [343768 2015-01-05] (ASMedia Technology Inc)
S3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [6852096 2015-05-01] (ATI Technologies Inc.)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2015-05-01] (Advanced Micro Devices)
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2006-02-28] (Microsoft Corporation)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [1172184 2015-05-01] (Symantec Corporation)
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2006-02-28] (Microsoft Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1506000.020\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2006-02-28] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Corporation)
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2006-02-28] (Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-14] (Microsoft Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-05-04] (Symantec Corporation)
S4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
S1 Fdc; C:\WINDOWS\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Corporation)
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S1 Flpydisk; C:\WINDOWS\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2006-02-28] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125056 2006-02-28] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
R3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
R3 IDSxpx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSxpx86.sys [478352 2015-05-01] (Symantec Corporation)
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\System32\drivers\RtkHDAud.sys [5630168 2013-12-10] (Realtek Semiconductor Corp.)
S3 Ip6Fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2006-02-28] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-14] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
R2 LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [10136 2014-03-18] (Logitech, Inc.)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 LHidFilt; C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys [43800 2014-03-18] (Logitech, Inc.)
R3 LMouFilt; C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys [37528 2014-03-18] (Logitech, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-05] (Malwarebytes Corporation)
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30080 2008-04-14] (Microsoft Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23040 2008-04-14] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2006-02-28] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Corporation)
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-14] (Microsoft Corporation)
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVENG.SYS [95704 2015-05-04] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150504.037\NAVEX15.SYS [1636696 2015-05-04] (Symantec Corporation)
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-14] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2006-02-28] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2006-02-28] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2006-02-28] (Microsoft Corporation)
S3 Parport; C:\WINDOWS\system32\Drivers\Parport.sys [80128 2008-04-14] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6784 2006-02-28] (Microsoft Corporation)
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2006-02-28] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [35840 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2006-02-28] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2006-02-28] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2006-02-28] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2006-02-28] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
R3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-10] () [File not signed]
R3 RTLE8023xp; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [427992 2014-06-05] (Realtek Semiconductor Corporation )
S3 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2008-04-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
R1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
S3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1506000.020\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-14] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-14] (Microsoft Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1506000.020\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2015-05-05] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1506000.020\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1506000.020\SYMTDI.SYS [423256 2014-08-25] (Symantec Corporation)
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-14] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation)
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [35712 2010-11-28] (Advanced Micro Devices)
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
R3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-14] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-14] (Microsoft Corporation)
U3 Winsock; No ImagePath
R1 WmiAcpi; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS\System32\drivers\ws2ifsl.sys [12032 2006-02-28] (Microsoft Corporation)
S3 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation)
S4 Abiosdsk; No ImagePath
S4 abp480n5; No ImagePath
S4 adpu160m; No ImagePath
S4 Aha154x; No ImagePath
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S4 amsint; No ImagePath
S4 asc; No ImagePath
S4 asc3350p; No ImagePath
S4 asc3550; No ImagePath
S4 Atdisk; No ImagePath
S3 catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys [X]
S4 cd20xrnt; No ImagePath
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S4 Cpqarray; No ImagePath
U4 dac2w2k; No ImagePath
S4 dac960nt; No ImagePath
S4 dpti2o; No ImagePath
S4 hpn; No ImagePath
S1 i2omgmt; No ImagePath
S4 i2omp; No ImagePath
S4 ini910u; No ImagePath
S4 IntelIde; No ImagePath
S1 lbrtfdc; No ImagePath
S4 mraid35x; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
S1 PCIDump; No ImagePath
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
S4 perc2; No ImagePath
S4 perc2hib; No ImagePath
S4 ql1080; No ImagePath
S4 Ql10wnt; No ImagePath
S4 ql12160; No ImagePath
S4 ql1240; No ImagePath
S4 ql1280; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S4 Simbad; No ImagePath
S4 Sparrow; No ImagePath
S4 symc810; No ImagePath
S4 symc8xx; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
U3 TlntSvr; No ImagePath
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-05-2015
Ran by Steve at 2015-05-05 13:48:39
Running from C:\Documents and Settings\Steve\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-790525478-2000478354-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-790525478-2000478354-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-790525478-2000478354-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-790525478-2000478354-725345543-1000 - Limited - Disabled)
Steve (S-1-5-21-790525478-2000478354-725345543-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Steve
SUPPORT_388945a0 (S-1-5-21-790525478-2000478354-725345543-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
AMD Catalyst Install Manager (HKLM\...\{ADFFE046-88C0-5ABF-A93A-B95C19B54DF1}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
Asmedia USB Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Player Codec Pack 4.3.7 (HKLM\...\Media Player - Codec Pack) (Version: 4.3.7 - Media Player Codec Pack)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.1.0 (HKLM\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSI Kombustor 2.5.9 (HKLM\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.017 - MSI)
Norton Internet Security (HKLM\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM\...\RTSS) (Version: 6.3.0 - Unwinder)
Sims 4 by BuZeR version final (HKLM\...\{ED118F10-E516-4245-160F-6213F508F71F}_is1) (Version: final - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

01-05-2015 22:25:04 System Checkpoint
01-05-2015 22:41:19 Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver
01-05-2015 22:44:32 Installed AMD Processor Driver
01-05-2015 23:07:35 Installed Windows XP Service Pack 3.
01-05-2015 23:19:11 Installed Windows KB954550-v5.
01-05-2015 23:19:14 Printer Driver Microsoft XPS Document Writer Installed
01-05-2015 23:19:17 Printer Driver Microsoft XPS Document Writer Installed
01-05-2015 23:23:59 Installed Realtek High Definition Audio Driver
02-05-2015 00:00:02 Installed DirectX
02-05-2015 12:13:31 Installed Windows Media Player 11
02-05-2015 12:13:49 Software Distribution Service 3.0
02-05-2015 12:38:06 Installed Windows XP Wdf01009.
02-05-2015 14:43:42 Installed DirectX
02-05-2015 14:44:28 Installed Microsoft Visual C++ 2005 Redistributable
02-05-2015 14:51:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
02-05-2015 14:51:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
02-05-2015 23:32:44 Software Distribution Service 3.0
03-05-2015 03:00:23 Software Distribution Service 3.0
03-05-2015 13:21:17 Installed AMD OverDrive.
03-05-2015 13:37:55 Software Distribution Service 3.0
04-05-2015 16:37:52 Software Distribution Service 3.0
05-05-2015 11:59:57 Removed Google Drive

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-02-28 07:00 - 2015-05-05 13:31 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2015-05-03 16:03 - 2015-05-03 16:03 - 153822720 __RSH () C:\Documents and Settings\All Users\nvxasync\cvxasync.exe
2015-05-03 16:03 - 2015-05-03 16:03 - 153822720 __RSH () C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe
2014-12-06 02:03 - 2014-12-06 02:03 - 00565760 _____ () C:\Program Files\MSI Afterburner\MSIAfterburner.exe
2014-12-06 02:01 - 2014-12-06 02:01 - 00071680 _____ () C:\Program Files\MSI Afterburner\RTMUI.dll
2014-12-06 02:01 - 2014-12-06 02:01 - 00056832 _____ () C:\Program Files\MSI Afterburner\RTFC.dll
2014-12-06 02:02 - 2014-12-06 02:02 - 00217600 _____ () C:\Program Files\MSI Afterburner\RTCore.dll
2014-12-06 02:01 - 2014-12-06 02:01 - 00353792 _____ () C:\Program Files\MSI Afterburner\RTUI.dll
2014-12-06 02:02 - 2014-12-06 02:02 - 00649216 _____ () C:\Program Files\MSI Afterburner\RTHAL.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-30 03:03 - 2013-08-30 03:03 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2006-02-28 07:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-02-28 07:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-05-05 12:07 - 2015-04-27 21:07 - 14980424 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-790525478-2000478354-725345543-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 10.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Steve\Application Data\uTorrent\uTorrent.exe] => Enabled:μTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 01:28:41 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (05/05/2015 01:28:13 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (05/05/2015 01:28:12 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (05/05/2015 00:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application housecall.bin, version 1.62.0.1087, faulting module hc_core.dll, version 1.62.0.1089, fault address 0x00024d77.
Processing media-specific event for [housecall.bin!ws!]

Error: (05/04/2015 08:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:50:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:44:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:42:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]


System errors:
=============
Error: (05/05/2015 01:42:52 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 01:37:42 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 01:32:32 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 01:31:12 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (05/05/2015 01:28:43 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/05/2015 01:28:43 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (05/05/2015 01:28:36 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/05/2015 01:28:36 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error: (05/05/2015 01:28:23 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (05/05/2015 01:28:23 PM) (Source: DCOM) (EventID: 10005) (User: STEVE-BAPC)
Description: DCOM got error "%%1084" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}


Microsoft Office Sessions:
=========================
Error: (05/05/2015 01:28:41 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (05/05/2015 01:28:13 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (05/05/2015 01:28:12 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (05/05/2015 00:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: housecall.bin1.62.0.1087hc_core.dll1.62.0.108900024d77

Error: (05/04/2015 08:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:50:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:44:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:42:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:42:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 3033.88 MB
Available physical RAM: 2091.36 MB
Total Pagefile: 4919 MB
Available Pagefile: 3534.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:183.84 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 89E189E1)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=============================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.


(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Earlier today Mbam and ADW found nothing but I am running a new scan to make sure. here is the log for Rogue Killer.. It did find it, but whether it was completely deleted I don't know yet. Thanks for your reply by the way.

RogueKiller V10.6.2.0 [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Steve [Administrator]
Started from : C:\Documents and Settings\Steve\My Documents\Downloads\RogueKiller.exe
Mode : Delete -- Date : 05/05/2015 17:53:28

¤¤¤ Processes : 3 ¤¤¤
[VT.Unknown] cvxasync.exe(1944) -- C:\Documents and Settings\All Users\nvxasync\cvxasync.exe[-] -> Killed [TermProc]
[Suspicious.Path|VT.Unknown] nvxasync.exe(708) -- C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe[-] -> Killed [TermProc]
[Suspicious.Path|VT.Unknown] nvxasync.exe(3240) -- C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe[-] -> Killed [TermProc]

¤¤¤ Registry : 12 ¤¤¤
[Suspicious.Path|VT.Unknown] HKEY_USERS\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run | nvxasync : C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [-] -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys) -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys) -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\catchme (\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys) -> Deleted
[PUM.HomePage] HKEY_USERS\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.surfvox.com/ -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9F8A1C26-6544-4F4E-8B39-0D9343FC0E4B} | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{9F8A1C26-6544-4F4E-8B39-0D9343FC0E4B} | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{9F8A1C26-6544-4F4E-8B39-0D9343FC0E4B} | DhcpNameServer : 10.0.0.1 [(Private Address) (XX)] -> Replaced ()
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Replaced (0)

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\WINDOWS\system32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 43 (Driver: Loaded) ¤¤¤
[SSDT:Addr(Hook.SSDT)] NtAlertResumeThread[12] : Unknown @ 0x89d76ca0
[SSDT:Addr(Hook.SSDT)] NtAlertThread[13] : Unknown @ 0x89d76d18
[SSDT:Addr(Hook.SSDT)] NtAllocateVirtualMemory[17] : Unknown @ 0x8a3816f8
[SSDT:Addr(Hook.SSDT)] NtAssignProcessToJobObject[19] : Unknown @ 0x89d34658
[SSDT:Addr(Hook.SSDT)] NtConnectPort[31] : Unknown @ 0x89564478
[SSDT:Addr(Hook.SSDT)] NtCreateMutant[43] : Unknown @ 0x8a133d00
[SSDT:Addr(Hook.SSDT)] NtCreateSymbolicLinkObject[52] : Unknown @ 0x89d8c8f8
[SSDT:Addr(Hook.SSDT)] NtCreateThread[53] : Unknown @ 0x89d32830
[SSDT:Addr(Hook.SSDT)] NtDebugActiveProcess[57] : Unknown @ 0x89d30920
[SSDT:Addr(Hook.SSDT)] NtDuplicateObject[68] : Unknown @ 0x8a1c2d50
[SSDT:Addr(Hook.SSDT)] NtFreeVirtualMemory[83] : Unknown @ 0x89d7c860
[SSDT:Addr(Hook.SSDT)] NtImpersonateAnonymousToken[89] : Unknown @ 0x8a133da8
[SSDT:Addr(Hook.SSDT)] NtImpersonateThread[91] : Unknown @ 0x89d76c08
[SSDT:Addr(Hook.SSDT)] NtLoadDriver[97] : Unknown @ 0x8a1d2fd0
[SSDT:Addr(Hook.SSDT)] unknown[108] : Unknown @ 0x89da3490
[SSDT:Addr(Hook.SSDT)] NtOpenEvent[114] : Unknown @ 0x8a133c68
[SSDT:Addr(Hook.SSDT)] NtOpenProcess[122] : Unknown @ 0x89d42d38
[SSDT:Addr(Hook.SSDT)] NtOpenProcessToken[123] : Unknown @ 0x8a381780
[SSDT:Addr(Hook.SSDT)] NtOpenSection[125] : Unknown @ 0x89d30a30
[SSDT:Addr(Hook.SSDT)] NtOpenThread[128] : Unknown @ 0x89d42cb0
[SSDT:Addr(Hook.SSDT)] NtProtectVirtualMemory[137] : Unknown @ 0x89d345b0
[SSDT:Addr(Hook.SSDT)] NtQueueApcThread[180] : Unknown @ 0x89d8c870
[SSDT:Addr(Hook.SSDT)] NtReadVirtualMemory[186] : Unknown @ 0x89d8c7c8
[SSDT:Addr(Hook.SSDT)] NtResumeThread[206] : Unknown @ 0x8a15cd28
[SSDT:Addr(Hook.SSDT)] NtSetContextThread[213] : Unknown @ 0x89d88b70
[SSDT:Addr(Hook.SSDT)] NtSetInformationProcess[228] : Unknown @ 0x8a13dd58
[SSDT:Addr(Hook.SSDT)] NtSetSystemInformation[240] : Unknown @ 0x89d30978
[SSDT:Addr(Hook.SSDT)] NtSuspendProcess[253] : Unknown @ 0x89d30aa8
[SSDT:Addr(Hook.SSDT)] NtSuspendThread[254] : Unknown @ 0x8a15cda0
[SSDT:Addr(Hook.SSDT)] NtTerminateProcess[257] : Unknown @ 0x8a1564b0
[SSDT:Addr(Hook.SSDT)] unknown[258] : Unknown @ 0x89d88af8
[SSDT:Addr(Hook.SSDT)] NtUnmapViewOfSection[267] : Unknown @ 0x89da33f8
[SSDT:Addr(Hook.SSDT)] NtWriteVirtualMemory[277] : Unknown @ 0x89d7c8e8
[ShwSSDT:Addr(Hook.Shadow)] NtUserAttachThreadInput[307] : Unknown @ 0x894c87b0
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetAsyncKeyState[383] : Unknown @ 0x89dc7170
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyboardState[414] : Unknown @ 0x8a17d798
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyState[416] : Unknown @ 0x8a1c2178
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetRawInputData[428] : Unknown @ 0x8a3cee80
[ShwSSDT:Addr(Hook.Shadow)] NtUserMessageCall[460] : Unknown @ 0x893d3420
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostMessage[475] : Unknown @ 0x893d3530
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostThreadMessage[476] : Unknown @ 0x893d34a8
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[549] : Unknown @ 0x8a38d240
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[552] : Unknown @ 0x893ea618

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST3250312AS +++++
--- User ---
[MBR] f2ca5f89b67652e2275ebf42b5fee49f
[BSP] 3ceb9ece3d43c5557d69fcf495f248af : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 238464 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic Flash Disk USB Device +++++
--- User ---
[MBR] 4b9b3c922614b9dd50580b084ebce7d8
[BSP] 7609254c4f4a9790edfb44ebcfbb687e : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 2048 | Size: 1900 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_05052015_174717.log
 
Mbam found it, removed it, and after restart all symptoms are the same... continuing

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/5/2015
Scan Time: 5:56:24 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.05.05
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Steve

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332854
Time Elapsed: 12 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe, 4008, Delete-on-Reboot, [b4553e52543626107086a7075ca71ae6]

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync, Delete-on-Reboot, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\searchplugins, Quarantined, [b4553e52543626107086a7075ca71ae6],

Files: 13
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\com.apple.Safari.plist, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\cvxasync.exe, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\klite.exe, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe, Delete-on-Reboot, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\oldfilenotused, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\Prefaddon, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\Preferences, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\Secure Preferences, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\setting.dat, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\starter.xml, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\user.js, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Application Data\nvxasync\Web Data, Quarantined, [b4553e52543626107086a7075ca71ae6],
PUP.Optional.SurfVox.A, C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://www.surfvox.com/",), Replaced,[2bde731de8a2d26463cf183bc4420df3]

Physical Sectors: 0
(No malicious items detected)


(end)
 
# AdwCleaner v4.203 - Logfile created 05/05/2015 at 18:17:11
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Steve - STEVE-BAPC
# Running from : C:\Documents and Settings\Steve\My Documents\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v42.0.2311.135

[C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
[C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] :

*************************

AdwCleaner[R0].txt - [13436 bytes] - [05/05/2015 16:16:02]
AdwCleaner[R1].txt - [12624 bytes] - [05/05/2015 18:16:05]
AdwCleaner[S0].txt - [2176 bytes] - [05/05/2015 16:17:00]
AdwCleaner[S1].txt - [1416 bytes] - [05/05/2015 18:17:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1475 bytes] ##########
 
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
Ok, Combofix would load and extract in normal mode but never actually opened the program so I continued in safe mode as you said to.


Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/05/2015 06:39:33 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
* C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

* AFD (AFD) is not Running.
Startup Type set to: System

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Manual

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Automatic

* AFD (AFD) is not Running.
Startup Type set to: System

* IPSEC driver (IPSec) is not Running.
Startup Type set to: System

* NetBios over Tcpip (NetBT) is not Running.
Startup Type set to: System

* TCP/IP Protocol Driver (Tcpip) is not Running.
Startup Type set to: System

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 05/05/2015 06:40:48 PM
Execution time: 0 hours(s), 1 minute(s), and 15 seconds(s)
 
ComboFix 15-04-28.01 - Steve 05/05/2015 18:45:38.2.6 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3034.2645 [GMT -5:00]
Running from: c:\documents and settings\Steve\Desktop\Steve.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\install.exe
c:\windows\msdownld.tmp
c:\windows\system32\SET1C30.tmp
c:\windows\system32\SET811.tmp
c:\windows\system32\SET812.tmp
c:\windows\system32\SET814.tmp
c:\windows\system32\SET96C.tmp
c:\windows\system32\SET9F.tmp
c:\windows\system32\SETA3.tmp
c:\windows\system32\SETA4.tmp
c:\windows\system32\SETAB.tmp
.
-- Previous Run --
.
c:\windows\system32\drivers\i8042prt.sys was missing
Restored copy from - c:\windows\ServicePackFiles\i386\i8042prt.sys
.
--------
.
.
((((((((((((((((((((((((( Files Created from 2015-04-05 to 2015-05-05 )))))))))))))))))))))))))))))))
.
.
2015-05-05 23:30 . 2015-05-05 23:42 -------- d-----w- C:\ComboFix
2015-05-05 23:21 . 2015-05-05 23:21 -------- d-----w- C:\RegBackup
2015-05-05 21:16 . 2015-05-05 23:17 -------- d-----w- C:\AdwCleaner
2015-05-05 18:45 . 2015-05-05 19:13 -------- d-----w- C:\FRST
2015-05-02 17:14 . 2015-05-02 17:14 -------- d-----w- C:\ebcf7aa9b58ac0373f86a481
2015-05-02 17:13 . 2015-05-02 17:14 -------- d-----w- C:\e8641b88008937d8d0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-13 12:19 . 2015-02-13 12:19 979528 ----a-w- c:\windows\system32\LAVVideo.ax
2015-02-13 12:19 . 2015-02-13 12:19 344136 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2015-02-13 12:19 . 2015-02-13 12:19 242248 ----a-w- c:\windows\system32\libbluray.dll
2015-02-13 12:19 . 2015-02-13 12:19 489544 ----a-w- c:\windows\system32\LAVSplitter.ax
2015-02-13 12:19 . 2015-02-13 12:19 477768 ----a-w- c:\windows\system32\swscale-lav-3.dll
2015-02-13 12:19 . 2015-02-13 12:19 413768 ----a-w- c:\windows\system32\avutil-lav-54.dll
2015-02-13 12:19 . 2015-02-13 12:19 263240 ----a-w- c:\windows\system32\LAVAudio.ax
2015-02-13 12:19 . 2015-02-13 12:19 157768 ----a-w- c:\windows\system32\avresample-lav-2.dll
2015-02-13 12:19 . 2015-02-13 12:19 8766024 ----a-w- c:\windows\system32\avcodec-lav-56.dll
2015-02-13 12:19 . 2015-02-13 12:19 186440 ----a-w- c:\windows\system32\avfilter-lav-5.dll
2015-02-13 12:19 . 2015-02-13 12:19 1494600 ----a-w- c:\windows\system32\avformat-lav-56.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\documents and settings\Steve\Local Settings\Application Data\Viber\Viber.exe" [2015-02-25 776400]
"nvxasync"="c:\documents and settings\Steve\Application Data\nvxasync\nvxasync.exe" [2015-05-03 153822720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-08-30 98304]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 2303256]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburner.exe" [2014-12-06 565760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2014-03-24 22:50 64280 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2013-10-04 04:29 20145368 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSI_LiveUpdate_Service"=2 (0x2)
"AODService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Steve\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1507000.00B\symds.sys [5/5/2015 3:27 PM 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1507000.00B\symefa.sys [5/5/2015 3:27 PM 936152]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [5/1/2015 10:44 PM 110808]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [5/1/2015 10:44 PM 343768]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [3/18/2014 7:24 PM 42264]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [3/18/2014 7:24 PM 10136]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [5/1/2015 10:41 PM 35712]
S1 BHDrvx86;BHDrvx86;c:\program files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [5/1/2015 6:15 PM 1172184]
S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NIS\1507000.00B\ccsetx86.sys [5/5/2015 3:27 PM 127064]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1507000.00B\ironx86.sys [5/5/2015 3:27 PM 209624]
S2 AODDriver4.3.0;AODDriver4.3.0;c:\program files\AMD\OverDrive\i386\AODDriver2.sys [9/19/2014 2:32 AM 50888]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [5/2/2015 12:37 PM 10136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [5/5/2015 12:20 PM 1080120]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\21.7.0.11\nis.exe [5/5/2015 3:27 PM 276336]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/1/2015 11:24 PM 1691480]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5/1/2015 11:52 PM 103040]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/5/2015 12:45 PM 111408]
S3 IDSxpx86;IDSxpx86;c:\program files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSXpx86.sys [5/1/2015 3:14 PM 478352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/5/2015 12:20 PM 23256]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update\NTIOLib.sys [5/5/2015 11:55 AM 7680]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;\??\d:\ntiolib.sys --> d:\NTIOLib.sys [?]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [3/10/2013 7:30 PM 5632]
S4 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [9/19/2014 2:35 AM 137584]
S4 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files\MSI\Live Update\MSI_LiveUpdate_Service.exe [5/5/2015 11:55 AM 1736872]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - LBEEPKE
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-05 17:07 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-05-05 17:07]
.
2015-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-05-05 17:07]
.
2015-05-05 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2015-05-03 01:59]
.
2015-05-03 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2015-05-03 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.surfvox.com/
TCP: DhcpNameServer = 10.0.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-05-05 18:55
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
nvxasync = c:\documents and settings\Steve\Application Data\nvxasync\nvxasync.exe?
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\21.7.0.11\NIS.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\21.7.0.11\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NIS\1507000.00B\SYMTDI.SYS"
"TrustedImagePaths"="c:\program files\Norton Internet Security\Engine\21.7.0.11"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(248)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(1696)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2015-05-05 18:58:45
ComboFix-quarantined-files.txt 2015-05-05 23:58
.
Pre-Run: 196,207,038,464 bytes free
Post-Run: 196,173,901,824 bytes free
.
- - End Of File - - EE353787E6CF1E0570DFE70CC2A8D78E
8F558EB6672622401DA993E1E865C861
 
On another site I was just sent a fix file for FRST, should I go ahead and try it?

HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [nvxasync] => C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [153822720 2015-05-03] ()
C:\Documents and Settings\All Users\nvxasync
C:\Documents and Settings\Steve\Application Data\nvxasync
 
No.
...and you must decide which forum you want to stay with.
Let me know.

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code: 
File::

Folder::
c:\documents and settings\Steve\Application Data\nvxasync

Driver::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nvxasync"=-

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
Sorry, I got pissed at this rootkit and ran both....

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-05-2015
Ran by Steve at 2015-05-05 19:17:06 Run:1
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [nvxasync] => C:\Documents and Settings\Steve\Application Data\nvxasync\nvxasync.exe [153822720 2015-05-03] ()
C:\Documents and Settings\All Users\nvxasync
C:\Documents and Settings\Steve\Application Data\nvxasync
*****************

HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\nvxasync => value deleted successfully.

"C:\Documents and Settings\All Users\nvxasync" directory move:

Could not move "C:\Documents and Settings\All Users\nvxasync" directory. => Scheduled to move on reboot.

C:\Documents and Settings\Steve\Application Data\nvxasync => Moved successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-05-05 19:18:06)<=

C:\Documents and Settings\All Users\nvxasync => Moved successfully.

==== End of Fixlog 19:18:07 ====


ComboFix 15-04-28.01 - Steve 05/05/2015 19:26:17.3.6 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3034.1974 [GMT -5:00]
Running from: c:\documents and settings\Steve\Desktop\Steve.exe
Command switches used :: c:\documents and settings\Steve\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Steve\Application Data\Launcher.rb4
.
.
((((((((((((((((((((((((( Files Created from 2015-04-06 to 2015-05-06 )))))))))))))))))))))))))))))))
.
.
2015-05-05 23:30 . 2015-05-05 23:42 -------- d-----w- C:\ComboFix
2015-05-05 23:21 . 2015-05-05 23:21 -------- d-----w- C:\RegBackup
2015-05-05 21:16 . 2015-05-05 23:17 -------- d-----w- C:\AdwCleaner
2015-05-05 18:45 . 2015-05-06 00:18 -------- d-----w- C:\FRST
2015-05-02 17:14 . 2015-05-02 17:14 -------- d-----w- C:\ebcf7aa9b58ac0373f86a481
2015-05-02 17:13 . 2015-05-02 17:14 -------- d-----w- C:\e8641b88008937d8d0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-13 12:19 . 2015-02-13 12:19 979528 ----a-w- c:\windows\system32\LAVVideo.ax
2015-02-13 12:19 . 2015-02-13 12:19 344136 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2015-02-13 12:19 . 2015-02-13 12:19 242248 ----a-w- c:\windows\system32\libbluray.dll
2015-02-13 12:19 . 2015-02-13 12:19 489544 ----a-w- c:\windows\system32\LAVSplitter.ax
2015-02-13 12:19 . 2015-02-13 12:19 477768 ----a-w- c:\windows\system32\swscale-lav-3.dll
2015-02-13 12:19 . 2015-02-13 12:19 413768 ----a-w- c:\windows\system32\avutil-lav-54.dll
2015-02-13 12:19 . 2015-02-13 12:19 263240 ----a-w- c:\windows\system32\LAVAudio.ax
2015-02-13 12:19 . 2015-02-13 12:19 157768 ----a-w- c:\windows\system32\avresample-lav-2.dll
2015-02-13 12:19 . 2015-02-13 12:19 8766024 ----a-w- c:\windows\system32\avcodec-lav-56.dll
2015-02-13 12:19 . 2015-02-13 12:19 186440 ----a-w- c:\windows\system32\avfilter-lav-5.dll
2015-02-13 12:19 . 2015-02-13 12:19 1494600 ----a-w- c:\windows\system32\avformat-lav-56.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\documents and settings\Steve\Local Settings\Application Data\Viber\Viber.exe" [2015-02-25 776400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-08-30 98304]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 2303256]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburner.exe" [2014-12-06 565760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2014-03-24 22:50 64280 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2013-10-04 04:29 20145368 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MSI_LiveUpdate_Service"=2 (0x2)
"AODService"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Steve\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1507000.00B\symds.sys [5/5/2015 3:27 PM 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1507000.00B\symefa.sys [5/5/2015 3:27 PM 936152]
R1 BHDrvx86;BHDrvx86;c:\program files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [5/1/2015 6:15 PM 1172184]
R1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NIS\1507000.00B\ccsetx86.sys [5/5/2015 3:27 PM 127064]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1507000.00B\ironx86.sys [5/5/2015 3:27 PM 209624]
R2 AODDriver4.3.0;AODDriver4.3.0;c:\program files\AMD\OverDrive\i386\AODDriver2.sys [9/19/2014 2:32 AM 50888]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [5/2/2015 12:37 PM 10136]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\21.7.0.11\nis.exe [5/5/2015 3:27 PM 276336]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [5/1/2015 10:44 PM 110808]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [5/1/2015 10:44 PM 343768]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [5/1/2015 11:52 PM 103040]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/5/2015 12:45 PM 111408]
R3 IDSxpx86;IDSxpx86;c:\program files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSXpx86.sys [5/1/2015 3:14 PM 478352]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [3/18/2014 7:24 PM 42264]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [3/18/2014 7:24 PM 10136]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5/5/2015 12:20 PM 23256]
R3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [3/10/2013 7:30 PM 5632]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [5/1/2015 10:41 PM 35712]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [5/5/2015 12:20 PM 1080120]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [5/1/2015 11:24 PM 1691480]
S3 MSICDSetup;MSICDSetup;\??\d:\cdriver.sys --> d:\CDriver.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update\NTIOLib.sys [5/5/2015 11:55 AM 7680]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C;\??\d:\ntiolib.sys --> d:\NTIOLib.sys [?]
S4 AODService;AODService;c:\program files\AMD\OverDrive\AODAssist.exe [9/19/2014 2:35 AM 137584]
S4 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files\MSI\Live Update\MSI_LiveUpdate_Service.exe [5/5/2015 11:55 AM 1736872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-05 17:07 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-05-05 17:07]
.
2015-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-05-05 17:07]
.
2015-05-06 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job
- c:\windows\system32\xp_eos.exe [2015-05-03 01:59]
.
2015-05-03 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
- c:\windows\system32\xp_eos.exe [2015-05-03 01:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.surfvox.com/
TCP: DhcpNameServer = 10.0.0.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-05-05 19:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\21.7.0.11\NIS.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\21.7.0.11\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NIS\1507000.00B\SYMTDI.SYS"
"TrustedImagePaths"="c:\program files\Norton Internet Security\Engine\21.7.0.11"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Completion time: 2015-05-05 19:30:58
ComboFix-quarantined-files.txt 2015-05-06 00:30
ComboFix2.txt 2015-05-05 23:58
.
Pre-Run: 196,159,381,504 bytes free
Post-Run: 196,146,954,240 bytes free
.
- - End Of File - - A903BDE29A379A3F0AED2906EC1E0827
8F558EB6672622401DA993E1E865C861
 
But you are very prompt, and deserve a donation. What do you think is the best antivirus program to keep these rootkits out?

Everything seems normal now, do the logs support that?
 
At the beginning of this topic I posted my rules and you didn't read them carefully.

Two of them say:

- Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
- The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

If you don't want to follow my rules I won't be able to help you.

===============================

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
You're right, When you replied here I should have deleted the other post. But on rule 2, I'm not trying to step on your toes, I'm reading the logs too and taking this time to learn. I should have mentioned this is a new computer, I built it last week so these logs get pretty long with everything installed so recently.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-05-2015
Ran by Steve (administrator) on STEVE-BAPC on 05-05-2015 20:39:35
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files\MSI Afterburner\MSIAfterburner.exe
() C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\Viber.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [MSIAfterburner] => C:\Program Files\MSI Afterburner\MSIAfterburner.exe [565760 2014-12-06] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2015-05-01] (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-24] (Logitech, Inc.)
HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Run: [Viber] => C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\Viber.exe [776400 2015-02-25] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-790525478-2000478354-725345543-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surfvox.com/
HKU\S-1-5-21-790525478-2000478354-725345543-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> DefaultScope {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
SearchScopes: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> {828B376B-F2F6-4778-928C-E29EC877535E} URL = http://www.google.com/cse?cx=partne...ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-790525478-2000478354-725345543-1004 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-05] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-05-01]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-05-05]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://wisersearch.com/?channel=en", "hxxp://www.google.com", "hxxp://www.surfvox.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]
CHR Extension: (Google Drive) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]
CHR Extension: (YouTube) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]
CHR Extension: (Slinky Elegant) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2015-05-05]
CHR Extension: (Google Search) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]
CHR Extension: (Search by Image (by Google)) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-05-05]
CHR Extension: (Дополнительные настройки ВКонтакте) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djhgiahomjkabjdodlemhnhbnbfcomam [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05]
CHR Extension: (Ghostery) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-05-05]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]
CHR Extension: (Gmail) - C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-05-05]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872 2015-04-29] (Micro-Star INT'L CO., LTD.)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-17] (Creative)
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files\AMD\OverDrive\i386\AODDriver2.sys [50888 2014-09-19] (Advanced Micro Devices)
R3 asmthub3; C:\WINDOWS\System32\DRIVERS\asmthub3.sys [110808 2015-01-05] (ASMedia Technology Inc)
R3 asmtxhci; C:\WINDOWS\System32\DRIVERS\asmtxhci.sys [343768 2015-01-05] (ASMedia Technology Inc)
R3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [103040 2015-05-01] (Advanced Micro Devices)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150501.001\BHDrvx86.sys [1172184 2015-05-01] (Symantec Corporation)
R1 ccSet_NIS; C:\WINDOWS\system32\drivers\NIS\1507000.00B\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2015-05-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2015-05-04] (Symantec Corporation)
R3 IDSxpx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150501.001\IDSxpx86.sys [478352 2015-05-01] (Symantec Corporation)
R3 LEqdUsb; C:\WINDOWS\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\WINDOWS\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-17] (Creative Technology Ltd.)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150505.001\NAVENG.SYS [95704 2015-05-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150505.001\NAVEX15.SYS [1636696 2015-05-04] (Symantec Corporation)
S3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
R3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-10] () [File not signed]
R3 SRTSP; C:\WINDOWS\System32\Drivers\NIS\1507000.00B\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NIS\1507000.00B\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\NIS\1507000.00B\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\NIS\1507000.00B\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2015-05-05] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NIS\1507000.00B\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\NIS\1507000.00B\SYMTDI.SYS [423256 2014-08-25] (Symantec Corporation)
S3 catchme; \??\C:\DOCUME~1\Steve\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 20:38 - 2015-05-05 20:38 - 00000320 _____ () C:\Documents and Settings\Steve\Desktop\Addition.txt
2015-05-05 20:37 - 2015-05-05 20:39 - 00014340 _____ () C:\Documents and Settings\Steve\Desktop\FRST.txt
2015-05-05 20:36 - 2015-05-05 20:36 - 01140736 _____ (Farbar) C:\Documents and Settings\Steve\Desktop\frst.exe
2015-05-05 19:31 - 2015-05-05 19:31 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-05-05 19:31 - 2015-05-05 19:31 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-05-05 19:31 - 2015-05-05 19:31 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2015-05-05 19:31 - 2015-05-05 19:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-05-05 19:30 - 2015-05-05 19:30 - 00009332 _____ () C:\ComboFix.txt
2015-05-05 18:58 - 2015-05-05 20:39 - 00000000 ____D () C:\Documents and Settings\Steve\Local Settings\temp
2015-05-05 18:30 - 2015-05-05 18:42 - 00000000 ____D () C:\ComboFix
2015-05-05 18:21 - 2015-05-05 18:21 - 00000000 ____D () C:\RegBackup
2015-05-05 18:11 - 2015-05-05 18:12 - 00003421 _____ () C:\Documents and Settings\Steve\Desktop\mbam.txt
2015-05-05 18:10 - 2015-05-05 18:55 - 00000000 ____D () C:\Avenger
2015-05-05 17:42 - 2015-05-05 17:42 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-05-05 17:41 - 2015-05-05 17:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2015-05-05 17:38 - 2008-04-14 00:15 - 00026368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbstor.sys
2015-05-05 17:38 - 2008-04-14 00:15 - 00026368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2015-05-05 16:16 - 2015-05-05 18:17 - 00000000 ____D () C:\AdwCleaner
2015-05-05 14:24 - 2015-05-05 20:34 - 00000000 ____D () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber
2015-05-05 14:24 - 2015-05-05 20:34 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\ViberPC
2015-05-05 14:24 - 2015-05-05 14:24 - 00000931 _____ () C:\Documents and Settings\Steve\Start Menu\Programs\Viber.lnk
2015-05-05 14:24 - 2015-05-05 14:24 - 00000925 _____ () C:\Documents and Settings\Steve\Desktop\Viber.lnk
2015-05-05 13:58 - 2015-05-05 13:48 - 00020432 _____ () C:\Documents and Settings\Steve\My Documents\Addition.txt
2015-05-05 13:48 - 2015-05-05 14:02 - 00193409 _____ () C:\Documents and Settings\Steve\My Documents\FRST.txt
2015-05-05 13:45 - 2015-05-05 20:39 - 00000000 ____D () C:\FRST
2015-05-05 13:30 - 2008-04-14 00:48 - 00052480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-05-05 13:19 - 2015-05-05 19:31 - 00000000 ____D () C:\Qoobox
2015-05-05 13:19 - 2011-06-26 01:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-05-05 13:19 - 2010-11-07 12:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-05-05 13:19 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-05-05 13:19 - 2000-08-30 19:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-05-05 13:18 - 2015-05-05 18:57 - 00000000 ____D () C:\WINDOWS\erdnt
2015-05-05 12:47 - 2015-05-05 12:47 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2015-05-05 12:37 - 2015-05-05 12:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-05-05 12:37 - 2015-05-05 12:37 - 00142936 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
2015-05-05 12:37 - 2015-05-05 12:37 - 00008194 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT.CAT
2015-05-05 12:37 - 2015-05-05 12:37 - 00000000 ____D () C:\Program Files\Symantec
2015-05-05 12:35 - 2015-05-05 16:19 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NIS
2015-05-05 12:35 - 2015-05-05 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Norton Internet Security
2015-05-05 12:35 - 2015-05-05 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
2015-05-05 12:35 - 2015-05-05 12:35 - 00000000 ____D () C:\Program Files\Norton Internet Security
2015-05-05 12:27 - 2013-09-27 21:56 - 00289352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-05-05 12:25 - 2015-05-05 12:25 - 00000036 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\housecall.guid.cache
2015-05-05 12:24 - 2015-05-05 12:24 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\QuickScan
2015-05-05 12:21 - 2015-05-05 18:11 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 12:20 - 2015-05-05 17:56 - 00000821 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-05 12:20 - 2015-05-05 16:20 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-05-05 12:20 - 2015-05-05 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 12:20 - 2015-05-05 12:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-05-05 12:20 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-05 12:20 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-05 12:19 - 2015-05-05 12:20 - 00006144 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-05 12:17 - 2015-05-05 12:17 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-05-05 12:16 - 2015-05-05 13:31 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-05-05 12:16 - 2015-05-05 12:17 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-05-05 12:16 - 2015-05-02 13:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2015-05-05 12:16 - 2015-05-01 21:58 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-05-05 12:16 - 2015-05-01 21:58 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2015-05-05 12:16 - 2015-05-01 21:58 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2015-05-05 12:13 - 2015-05-05 12:17 - 00000000 ____D () C:\WINDOWS\pss
2015-05-05 12:07 - 2015-05-05 20:34 - 00000880 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 12:07 - 2015-05-05 20:12 - 00000884 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 12:07 - 2015-05-05 12:07 - 00001813 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2015-05-05 12:07 - 2015-05-05 12:07 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2015-05-05 11:55 - 2015-05-05 11:55 - 00000000 ____D () C:\Program Files\MSI
2015-05-05 11:55 - 2015-05-05 11:55 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MSI
2015-05-03 20:39 - 2015-05-03 20:39 - 00000000 __SHD () C:\Documents and Settings\Steve\PrivacIE
2015-05-03 20:13 - 2015-05-03 20:13 - 00000000 ____D () C:\Program Files\WinRAR
2015-05-03 20:13 - 2015-05-03 20:13 - 00000000 ____D () C:\Documents and Settings\Steve\Start Menu\Programs\WinRAR
2015-05-03 20:13 - 2015-05-03 20:13 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\WinRAR
2015-05-03 20:13 - 2015-05-03 20:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2015-05-03 16:04 - 2015-05-03 16:03 - 00046226 _____ () C:\Documents and Settings\Steve\Local Settings\Secure Preferences
2015-05-03 16:04 - 2015-05-03 16:03 - 00005482 _____ () C:\Documents and Settings\Steve\Local Settings\Preferences
2015-05-03 16:03 - 2015-05-03 16:03 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\chportu
2015-05-03 13:39 - 2015-05-03 13:39 - 00008862 _____ () C:\WINDOWS\KB2964358-IE8.log
2015-05-03 13:39 - 2015-05-03 13:39 - 00007300 _____ () C:\WINDOWS\KB2834904-v2.log
2015-05-03 13:39 - 2015-05-03 13:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2015-05-03 13:39 - 2015-05-03 13:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2015-05-03 13:39 - 2015-05-03 13:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2015-05-03 13:39 - 2015-05-03 13:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2015-05-03 13:39 - 2015-05-03 13:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2015-05-03 13:38 - 2015-05-03 13:39 - 00011340 _____ () C:\WINDOWS\KB941569.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00009735 _____ () C:\WINDOWS\KB929399.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00009496 _____ () C:\WINDOWS\KB939683.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00008102 _____ () C:\WINDOWS\KB2510531-IE8.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00005457 _____ () C:\WINDOWS\KB2909210-IE8.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00005223 _____ () C:\WINDOWS\KB954154.log
2015-05-03 13:38 - 2015-05-03 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954154_WM11$
2015-05-03 13:38 - 2015-05-03 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB939683$
2015-05-03 13:38 - 2015-05-03 13:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB929399$
2015-05-03 13:21 - 2015-05-03 13:21 - 00001792 _____ () C:\Documents and Settings\All Users\Desktop\AMD OverDrive.lnk
2015-05-03 13:21 - 2015-05-03 13:21 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AMD
2015-05-03 13:20 - 2015-05-03 13:20 - 00000000 ____D () C:\Documents and Settings\Steve\Local Settings\Application Data\Downloaded Installations
2015-05-03 13:02 - 2015-05-03 13:02 - 00004096 _____ () C:\WINDOWS\system32\crash
2015-05-03 08:47 - 2015-05-03 13:39 - 00016244 _____ () C:\WINDOWS\KB2345886.log
2015-05-03 08:47 - 2015-05-03 13:39 - 00014184 _____ () C:\WINDOWS\KB2802968.log
2015-05-03 08:46 - 2015-05-03 08:46 - 00000000 __SHD () C:\Documents and Settings\LocalService\IETldCache
2015-05-03 08:44 - 2015-05-05 20:34 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-05-03 08:44 - 2015-05-03 13:36 - 00000216 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-05-03 08:44 - 2015-05-03 08:44 - 00000000 __SHD () C:\Documents and Settings\Steve\IETldCache
2015-05-03 04:00 - 2015-05-03 04:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2015-05-03 03:58 - 2015-05-03 03:58 - 00070909 _____ () C:\WINDOWS\KB2936068-IE8.log
2015-05-03 03:58 - 2015-05-03 03:58 - 00066002 _____ () C:\WINDOWS\KB951376-v2.log
2015-05-03 03:58 - 2015-05-03 03:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2015-05-03 03:58 - 2015-05-03 03:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2015-05-03 03:58 - 2015-05-03 03:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2015-05-03 03:58 - 2015-05-03 03:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2015-05-03 03:57 - 2015-05-03 04:00 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-05-03 03:57 - 2015-05-03 03:58 - 00076251 _____ () C:\WINDOWS\KB2909921-IE8.log
2015-05-03 03:57 - 2015-05-03 03:57 - 00082984 _____ () C:\WINDOWS\KB982381-IE8.log
2015-05-03 03:57 - 2015-05-03 03:57 - 00069774 _____ () C:\WINDOWS\KB2598845-IE8.log
2015-05-03 03:57 - 2015-05-03 03:57 - 00069135 _____ () C:\WINDOWS\KB2467659.log
2015-05-03 03:57 - 2015-05-03 03:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2015-05-03 03:57 - 2015-05-03 03:57 - 00000000 ____D () C:\WINDOWS\ie8updates
2015-05-03 03:57 - 2014-03-06 12:59 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2015-05-03 03:57 - 2014-03-06 12:59 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2015-05-03 03:57 - 2011-08-16 05:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2015-05-03 03:56 - 2015-05-03 03:57 - 00083609 _____ () C:\WINDOWS\ie8.log
2015-05-03 03:56 - 2015-05-03 03:57 - 00000000 __HDC () C:\WINDOWS\ie8
2015-05-03 03:53 - 2015-04-01 11:22 - 125832184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-03 03:52 - 2015-05-03 03:58 - 00069740 _____ () C:\WINDOWS\ie8_main.log
2015-05-03 03:52 - 2015-05-03 03:52 - 00046149 _____ () C:\WINDOWS\KB946648.log
2015-05-03 03:52 - 2015-05-03 03:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2015-05-03 03:51 - 2015-05-03 03:51 - 00046354 _____ () C:\WINDOWS\KB2387149.log
2015-05-03 03:51 - 2015-05-03 03:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2015-05-03 03:51 - 2015-05-03 03:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2015-05-03 03:50 - 2015-05-03 03:50 - 00043500 _____ () C:\WINDOWS\KB2659262.log
2015-05-03 03:50 - 2015-05-03 03:50 - 00042705 _____ () C:\WINDOWS\KB2564958.log
2015-05-03 03:50 - 2015-05-03 03:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2015-05-03 03:50 - 2015-05-03 03:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2015-05-03 03:50 - 2015-05-03 03:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2015-05-03 03:50 - 2015-05-03 03:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2015-05-03 03:49 - 2015-05-03 03:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2015-05-03 03:49 - 2015-05-03 03:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2015-05-03 03:48 - 2015-05-03 03:48 - 00043681 _____ () C:\WINDOWS\KB2536276-v2.log
2015-05-03 03:48 - 2015-05-03 03:48 - 00040906 _____ () C:\WINDOWS\KB2834886.log
2015-05-03 03:48 - 2015-05-03 03:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2015-05-03 03:48 - 2015-05-03 03:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2015-05-03 03:48 - 2015-05-03 03:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2015-05-03 03:48 - 2015-05-03 03:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2015-05-03 03:48 - 2015-05-03 03:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2015-05-03 03:47 - 2015-05-03 03:47 - 00041221 _____ () C:\WINDOWS\KB2296011.log
2015-05-03 03:47 - 2015-05-03 03:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2015-05-03 03:47 - 2015-05-03 03:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2015-05-03 03:46 - 2015-05-03 03:46 - 00040578 _____ () C:\WINDOWS\KB2900986.log
2015-05-03 03:46 - 2015-05-03 03:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2015-05-03 03:46 - 2015-05-03 03:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2015-05-03 03:45 - 2015-05-03 13:39 - 00054416 _____ () C:\WINDOWS\KB955759.log
2015-05-03 03:45 - 2015-05-03 03:45 - 00042571 _____ () C:\WINDOWS\KB975558.log
2015-05-03 03:45 - 2015-05-03 03:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2015-05-03 03:45 - 2015-05-03 03:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2015-05-03 03:45 - 2015-05-03 03:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2015-05-03 03:42 - 2015-05-03 03:42 - 00041246 _____ () C:\WINDOWS\KB969059.log
2015-05-03 03:42 - 2015-05-03 03:42 - 00040864 _____ () C:\WINDOWS\KB2378111.log
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2015-05-03 03:42 - 2015-05-03 03:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2015-05-03 03:40 - 2015-05-03 03:40 - 00041461 _____ () C:\WINDOWS\KB2229593.log
2015-05-03 03:40 - 2015-05-03 03:40 - 00040149 _____ () C:\WINDOWS\KB2686509.log
2015-05-03 03:40 - 2015-05-03 03:40 - 00040075 _____ () C:\WINDOWS\KB2485663.log
2015-05-03 03:40 - 2015-05-03 03:40 - 00038237 _____ () C:\WINDOWS\KB2862335.log
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2015-05-03 03:40 - 2015-05-03 03:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2015-05-03 03:39 - 2015-05-03 03:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2015-05-03 03:38 - 2015-05-03 03:39 - 00038120 _____ () C:\WINDOWS\KB961118.log
2015-05-03 03:38 - 2015-05-03 03:38 - 00039853 _____ () C:\WINDOWS\KB2780091.log
2015-05-03 03:38 - 2015-05-03 03:38 - 00037740 _____ () C:\WINDOWS\KB954155.log
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2015-05-03 03:38 - 2015-05-03 03:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2015-05-03 03:35 - 2015-05-03 03:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2015-05-03 03:33 - 2015-05-03 03:33 - 00041487 _____ () C:\WINDOWS\KB956572.log
2015-05-03 03:33 - 2015-05-03 03:33 - 00036043 _____ () C:\WINDOWS\KB956844.log
2015-05-03 03:33 - 2015-05-03 03:33 - 00034489 _____ () C:\WINDOWS\KB2904266.log
2015-05-03 03:33 - 2015-05-03 03:33 - 00006620 _____ () C:\WINDOWS\system32\TZLog.log
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2015-05-03 03:33 - 2015-05-03 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2015-05-03 03:30 - 2015-05-03 03:30 - 00035935 _____ () C:\WINDOWS\KB952004.log
2015-05-03 03:30 - 2015-05-03 03:30 - 00035159 _____ () C:\WINDOWS\KB973869.log
2015-05-03 03:30 - 2015-05-03 03:30 - 00035062 _____ () C:\WINDOWS\KB975025.log
2015-05-03 03:30 - 2015-05-03 03:30 - 00033879 _____ () C:\WINDOWS\KB2930275.log
2015-05-03 03:30 - 2015-05-03 03:30 - 00033602 _____ () C:\WINDOWS\KB2864063.log
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2015-05-03 03:30 - 2015-05-03 03:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2015-05-03 03:29 - 2015-05-03 03:29 - 00031853 _____ () C:\WINDOWS\KB974571.log
2015-05-03 03:29 - 2015-05-03 03:29 - 00031400 _____ () C:\WINDOWS\KB2592799.log
2015-05-03 03:29 - 2015-05-03 03:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2015-05-03 03:29 - 2015-05-03 03:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2015-05-03 03:29 - 2015-05-03 03:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2015-05-03 03:29 - 2015-05-03 03:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2015-05-03 03:29 - 2015-05-03 03:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2015-05-03 03:26 - 2015-05-03 03:26 - 00031418 _____ () C:\WINDOWS\KB973507.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00030996 _____ () C:\WINDOWS\KB2535512.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00030693 _____ () C:\WINDOWS\KB977816.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00029913 _____ () C:\WINDOWS\KB950762.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00029832 _____ () C:\WINDOWS\KB2807986.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00029006 _____ () C:\WINDOWS\KB2964358.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00028050 _____ () C:\WINDOWS\KB2850869.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00027528 _____ () C:\WINDOWS\KB2876331.log
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2015-05-03 03:26 - 2015-05-03 03:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2015-05-03 03:25 - 2015-05-03 03:26 - 00029134 _____ () C:\WINDOWS\KB2570947.log
2015-05-03 03:25 - 2015-05-03 03:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2015-05-03 03:21 - 2015-05-03 03:21 - 00028774 _____ () C:\WINDOWS\KB952287.log
2015-05-03 03:21 - 2015-05-03 03:21 - 00027410 _____ () C:\WINDOWS\KB2868038.log
2015-05-03 03:21 - 2015-05-03 03:21 - 00026346 _____ () C:\WINDOWS\KB978695.log
2015-05-03 03:21 - 2015-05-03 03:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2015-05-03 03:21 - 2015-05-03 03:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2015-05-03 03:21 - 2015-05-03 03:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2015-05-03 03:21 - 2015-05-03 03:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2015-05-03 03:19 - 2015-05-03 03:19 - 00029366 _____ () C:\WINDOWS\KB973904.log
2015-05-03 03:19 - 2015-05-03 03:19 - 00028342 _____ () C:\WINDOWS\KB2603381.log
2015-05-03 03:19 - 2015-05-03 03:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2015-05-03 03:19 - 2015-05-03 03:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2015-05-03 03:19 - 2015-05-03 03:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2015-05-03 03:18 - 2015-05-03 03:19 - 00028686 _____ () C:\WINDOWS\KB2757638.log
2015-05-03 03:18 - 2015-05-03 03:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2015-05-03 03:18 - 2015-05-03 03:18 - 00029266 _____ () C:\WINDOWS\KB2419632.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00021896 _____ () C:\WINDOWS\KB2653956.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00021449 _____ () C:\WINDOWS\KB974392.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00020995 _____ () C:\WINDOWS\KB952069.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00020575 _____ () C:\WINDOWS\KB971029.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00019690 _____ () C:\WINDOWS\KB2506212.log
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2015-05-03 03:18 - 2015-05-03 03:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2015-05-03 03:17 - 2015-05-03 03:17 - 00019860 _____ () C:\WINDOWS\KB2698365.log
2015-05-03 03:17 - 2015-05-03 03:17 - 00018113 _____ () C:\WINDOWS\KB2619339.log
2015-05-03 03:17 - 2015-05-03 03:17 - 00016387 _____ () C:\WINDOWS\KB2892075.log
2015-05-03 03:17 - 2015-05-03 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2015-05-03 03:17 - 2015-05-03 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2015-05-03 03:17 - 2015-05-03 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2015-05-03 03:17 - 2015-05-03 03:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2015-05-03 03:15 - 2015-05-04 16:38 - 00023135 _____ () C:\WINDOWS\KB979482.log
2015-05-03 03:15 - 2015-05-03 03:15 - 00017185 _____ () C:\WINDOWS\KB979309.log
2015-05-03 03:15 - 2015-05-03 03:15 - 00016846 _____ () C:\WINDOWS\KB981997.log
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2015-05-03 03:15 - 2015-05-03 03:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2015-05-03 03:14 - 2015-05-03 03:14 - 00017387 _____ () C:\WINDOWS\KB2723135-v2.log
2015-05-03 03:14 - 2015-05-03 03:14 - 00016520 _____ () C:\WINDOWS\KB973815.log
2015-05-03 03:14 - 2015-05-03 03:14 - 00014692 _____ () C:\WINDOWS\KB2934207.log
2015-05-03 03:14 - 2015-05-03 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2015-05-03 03:14 - 2015-05-03 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2015-05-03 03:14 - 2015-05-03 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2015-05-03 03:14 - 2015-05-03 03:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2015-05-03 03:13 - 2015-05-03 03:13 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2015-05-03 03:12 - 2015-05-03 03:12 - 00017193 _____ () C:\WINDOWS\KB2676562.log
2015-05-03 03:12 - 2015-05-03 03:12 - 00017019 _____ () C:\WINDOWS\KB2813345.log
2015-05-03 03:12 - 2015-05-03 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2015-05-03 03:12 - 2015-05-03 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2015-05-03 03:12 - 2015-05-03 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2015-05-03 03:05 - 2015-05-03 03:05 - 00014489 _____ () C:\WINDOWS\KB982665.log
2015-05-03 03:05 - 2015-05-03 03:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2015-05-03 03:02 - 2015-05-03 13:38 - 00022330 _____ () C:\WINDOWS\KB923561.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00016329 _____ () C:\WINDOWS\KB2393802.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00013028 _____ () C:\WINDOWS\KB2620712.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00012868 _____ () C:\WINDOWS\KB2566454.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00012664 _____ () C:\WINDOWS\KB2661637.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00012528 _____ () C:\WINDOWS\KB2584146.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00010466 _____ () C:\WINDOWS\KB2914368.log
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2015-05-03 03:02 - 2015-05-03 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2015-05-03 03:00 - 2015-05-03 03:00 - 00013863 _____ () C:\WINDOWS\KB968389.log
2015-05-03 03:00 - 2015-05-03 03:00 - 00013354 _____ () C:\WINDOWS\KB975467.log
2015-05-03 03:00 - 2015-05-03 03:00 - 00009593 _____ () C:\WINDOWS\KB2423089.log
2015-05-03 03:00 - 2015-05-03 03:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2015-05-03 03:00 - 2015-05-03 03:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2015-05-03 03:00 - 2015-05-03 03:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2015-05-03 00:05 - 2015-05-03 04:00 - 00071641 _____ () C:\WINDOWS\KB2868626.log
2015-05-03 00:05 - 2015-05-03 03:58 - 00073270 _____ () C:\WINDOWS\KB959426.log
2015-05-03 00:05 - 2015-05-03 03:58 - 00072923 _____ () C:\WINDOWS\KB952954.log
2015-05-03 00:05 - 2015-05-03 03:58 - 00071007 _____ () C:\WINDOWS\KB2922229.log
2015-05-03 00:05 - 2008-06-13 06:05 - 00272128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2015-05-03 00:04 - 2015-05-03 03:51 - 00053322 _____ () C:\WINDOWS\KB2712808.log
2015-05-03 00:04 - 2015-05-03 03:50 - 00052874 _____ () C:\WINDOWS\KB2479943.log
2015-05-03 00:04 - 2015-05-03 03:50 - 00052821 _____ () C:\WINDOWS\KB960859.log
2015-05-03 00:04 - 2015-05-03 03:50 - 00048645 _____ () C:\WINDOWS\KB2916036.log
2015-05-03 00:04 - 2015-05-03 03:49 - 00050961 _____ () C:\WINDOWS\KB2478971.log
2015-05-03 00:04 - 2010-09-18 01:53 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2015-05-03 00:03 - 2015-05-03 13:39 - 00065982 _____ () C:\WINDOWS\KB2585542.log
2015-05-03 00:03 - 2015-05-03 03:48 - 00050237 _____ () C:\WINDOWS\KB2544893-v2.log
2015-05-03 00:03 - 2015-05-03 03:48 - 00050117 _____ () C:\WINDOWS\KB2631813.log
2015-05-03 00:03 - 2015-05-03 03:46 - 00049700 _____ () C:\WINDOWS\KB2115168.log
2015-05-03 00:03 - 2011-07-15 08:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2015-05-03 00:03 - 2010-08-23 11:12 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2015-05-03 00:02 - 2015-05-03 03:47 - 00050511 _____ () C:\WINDOWS\KB2691442.log
2015-05-03 00:02 - 2015-05-03 03:45 - 00047151 _____ () C:\WINDOWS\KB2847311.log
2015-05-03 00:02 - 2015-05-03 03:42 - 00048606 _____ () C:\WINDOWS\KB951978.log
2015-05-03 00:02 - 2009-11-21 10:51 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2015-05-03 00:01 - 2015-05-03 03:42 - 00048917 _____ () C:\WINDOWS\KB974318.log
2015-05-03 00:01 - 2015-05-03 03:42 - 00048353 _____ () C:\WINDOWS\KB2655992.log
2015-05-03 00:01 - 2015-05-03 03:42 - 00047617 _____ () C:\WINDOWS\KB2443105.log
2015-05-03 00:01 - 2015-05-03 03:40 - 00048502 _____ () C:\WINDOWS\KB2481109.log
2015-05-03 00:01 - 2015-05-03 03:40 - 00046856 _____ () C:\WINDOWS\KB2598479.log
2015-05-03 00:01 - 2015-05-03 03:40 - 00046474 _____ () C:\WINDOWS\KB975713.log
2015-05-03 00:01 - 2015-05-03 03:40 - 00045680 _____ () C:\WINDOWS\KB971657.log
2015-05-03 00:01 - 2015-05-03 03:40 - 00045540 _____ () C:\WINDOWS\KB982132.log
2015-05-03 00:01 - 2015-05-03 03:39 - 00045539 _____ () C:\WINDOWS\KB978338.log
2015-05-03 00:01 - 2015-05-03 03:38 - 00045820 _____ () C:\WINDOWS\KB2507938.log
2015-05-03 00:01 - 2015-05-03 03:38 - 00044443 _____ () C:\WINDOWS\KB2909212.log
2015-05-03 00:01 - 2015-05-03 03:33 - 00045118 _____ () C:\WINDOWS\KB974112.log
2015-05-03 00:01 - 2015-05-03 03:33 - 00040805 _____ () C:\WINDOWS\KB2876217.log
2015-05-03 00:01 - 2010-08-27 03:02 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2015-05-03 00:01 - 2010-06-14 09:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2015-05-03 00:01 - 2009-10-15 11:28 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2015-05-03 00:01 - 2009-07-17 11:22 - 01435648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.dll
 
2015-05-03 00:00 - 2015-05-03 13:39 - 00055893 _____ () C:\WINDOWS\KB979687.log
2015-05-03 00:00 - 2015-05-03 03:40 - 00047000 _____ () C:\WINDOWS\KB950974.log
2015-05-03 00:00 - 2015-05-03 03:40 - 00044883 _____ () C:\WINDOWS\KB2898715.log
2015-05-03 00:00 - 2015-05-03 03:40 - 00042619 _____ () C:\WINDOWS\KB2929961.log
2015-05-03 00:00 - 2015-05-03 03:35 - 00047189 _____ () C:\WINDOWS\KB2510581.log
2015-05-03 00:00 - 2015-05-03 03:33 - 00042572 _____ () C:\WINDOWS\KB2483185.log
2015-05-03 00:00 - 2015-05-03 03:30 - 00040841 _____ () C:\WINDOWS\KB2719985.log
2015-05-03 00:00 - 2015-05-03 03:30 - 00038996 _____ () C:\WINDOWS\KB2936068.log
2015-05-03 00:00 - 2015-05-03 03:29 - 00034740 _____ () C:\WINDOWS\KB2862152.log
2015-05-03 00:00 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2015-05-03 00:00 - 2013-07-02 20:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2015-05-03 00:00 - 2013-01-02 01:49 - 00148992 ____C () C:\WINDOWS\system32\dllcache\mpg2splt.ax
2015-05-03 00:00 - 2009-03-06 09:22 - 00284160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2015-05-03 00:00 - 2009-02-09 07:10 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2015-05-03 00:00 - 2009-02-09 07:10 - 00473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2015-05-03 00:00 - 2009-02-09 07:10 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2015-05-03 00:00 - 2009-02-09 07:10 - 00401408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2015-05-03 00:00 - 2009-02-06 06:11 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2015-05-03 00:00 - 2009-02-06 05:10 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2015-05-02 23:59 - 2015-05-03 03:26 - 00033390 _____ () C:\WINDOWS\KB2859537.log
2015-05-02 23:59 - 2015-05-03 03:21 - 00034096 _____ () C:\WINDOWS\KB2820917.log
2015-05-02 23:59 - 2015-05-03 03:19 - 00031291 _____ () C:\WINDOWS\KB2893294.log
2015-05-02 23:59 - 2015-05-03 03:18 - 00027459 _____ () C:\WINDOWS\KB2508429.log
2015-05-02 23:59 - 2015-05-03 03:18 - 00025806 _____ () C:\WINDOWS\KB2749655.log
2015-05-02 23:59 - 2014-04-30 03:13 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2015-05-02 23:59 - 2013-10-09 08:12 - 00287744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gdi32.dll
2015-05-02 23:59 - 2013-08-08 20:56 - 00386560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\themeui.dll
2015-05-02 23:59 - 2011-04-21 08:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2015-05-02 23:59 - 2009-07-27 17:27 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2015-05-02 23:59 - 2009-07-17 14:01 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atl.dll
2015-05-02 23:59 - 2008-06-12 09:23 - 00956928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtctm.dll
2015-05-02 23:59 - 2008-06-12 09:23 - 00161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtcuiu.dll
2015-05-02 23:59 - 2008-06-12 09:23 - 00091648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxoci.dll
2015-05-02 23:59 - 2008-06-12 09:23 - 00066560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtxclu.dll
2015-05-02 23:59 - 2008-06-12 09:23 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdtclog.dll
2015-05-02 23:59 - 2008-05-08 09:02 - 00203136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
2015-05-02 23:58 - 2015-05-03 03:18 - 00024908 _____ () C:\WINDOWS\KB977914.log
2015-05-02 23:58 - 2015-05-03 03:17 - 00023362 _____ () C:\WINDOWS\KB2705219-v2.log
2015-05-02 23:58 - 2015-05-03 03:15 - 00021815 _____ () C:\WINDOWS\KB2727528.log
2015-05-02 23:58 - 2015-05-03 03:15 - 00021792 _____ () C:\WINDOWS\KB978542.log
2015-05-02 23:58 - 2015-05-03 03:15 - 00021144 _____ () C:\WINDOWS\KB978706.log
2015-05-02 23:58 - 2014-02-25 20:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-05-02 23:58 - 2014-02-25 20:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-05-02 23:58 - 2013-11-12 21:59 - 00150528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imagehlp.dll
2015-05-02 23:58 - 2013-10-12 10:56 - 00278528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\oakley.dll
2015-05-02 23:58 - 2012-06-08 09:26 - 08462848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shell32.dll
2015-05-02 23:58 - 2012-05-28 13:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2015-05-02 23:58 - 2011-10-18 06:13 - 00186880 ____C () C:\WINDOWS\system32\dllcache\encdec.dll
2015-05-02 23:58 - 2011-02-08 08:33 - 00978944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc42.dll
2015-05-02 23:58 - 2010-11-09 09:52 - 00249856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\odbc32.dll
2015-05-02 23:58 - 2010-11-09 09:52 - 00200704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadox.dll
2015-05-02 23:58 - 2010-11-09 09:52 - 00180224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadomd.dll
2015-05-02 23:58 - 2010-11-09 09:52 - 00143360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadco.dll
2015-05-02 23:58 - 2010-11-09 09:52 - 00102400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msjro.dll
2015-05-02 23:58 - 2010-11-08 07:41 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado27.tlb
2015-05-02 23:58 - 2010-11-08 07:41 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado26.tlb
2015-05-02 23:58 - 2010-11-08 07:41 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado25.tlb
2015-05-02 23:58 - 2010-11-08 07:41 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado21.tlb
2015-05-02 23:58 - 2010-11-08 07:41 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado20.tlb
2015-05-02 23:58 - 2010-03-05 09:37 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asycfilt.dll
2015-05-02 23:58 - 2009-07-27 18:17 - 00135168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shsvcs.dll
2015-05-02 23:57 - 2015-05-03 13:38 - 00034093 _____ () C:\WINDOWS\KB2509553.log
2015-05-02 23:57 - 2015-05-03 13:38 - 00033926 _____ () C:\WINDOWS\KB960803.log
2015-05-02 23:57 - 2013-02-27 02:56 - 02067456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lhmstscx.dll
2015-05-02 23:57 - 2010-08-17 08:17 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spoolsv.exe
2015-05-02 23:57 - 2009-08-05 04:01 - 00204800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mswebdvd.dll
2015-05-02 23:56 - 2013-11-05 20:03 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2015-05-02 23:55 - 2013-11-27 15:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2015-05-02 23:55 - 2011-07-08 09:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2015-05-02 23:55 - 2010-10-11 09:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2015-05-02 23:55 - 2010-07-12 07:55 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2015-05-02 23:55 - 2009-11-21 10:51 - 01206508 ____C () C:\WINDOWS\system32\dllcache\sysmain.sdb
2015-05-02 23:32 - 2015-05-02 23:32 - 00006746 _____ () C:\WINDOWS\KB898461.log
2015-05-02 23:32 - 2015-05-02 23:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2015-05-02 23:32 - 2015-05-02 23:32 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2015-05-02 15:02 - 2013-07-10 05:37 - 00406016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usp10.dll
2015-05-02 15:02 - 2012-11-01 21:02 - 00375296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dpnet.dll
2015-05-02 15:02 - 2012-06-03 23:32 - 00152576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\schannel.dll
2015-05-02 15:02 - 2010-12-22 07:34 - 00301568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kerberos.dll
2015-05-02 15:02 - 2010-12-20 12:26 - 00730112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lsasrv.dll
2015-05-02 15:02 - 2009-09-11 09:18 - 00136192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msv1_0.dll
2015-05-02 15:02 - 2009-09-04 16:03 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msasn1.dll
2015-05-02 15:02 - 2009-06-25 03:25 - 00056832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\secur32.dll
2015-05-02 15:02 - 2009-06-25 03:25 - 00054272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wdigest.dll
2015-05-02 15:02 - 2009-06-24 06:18 - 00092928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksecdd.sys
2015-05-02 15:02 - 2009-06-21 16:44 - 00153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2015-05-02 15:02 - 2008-05-01 09:33 - 00331776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2015-05-02 15:01 - 2014-02-06 21:01 - 01879040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\win32k.sys
2015-05-02 15:01 - 2013-10-23 18:45 - 00172032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scrrun.dll
2015-05-02 15:01 - 2013-07-03 22:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2015-05-02 15:01 - 2013-07-03 21:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2015-05-02 15:01 - 2013-07-03 21:08 - 02070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2015-05-02 15:01 - 2013-07-03 21:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2015-05-02 15:01 - 2012-01-11 14:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2015-05-02 15:01 - 2012-01-11 14:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2015-05-02 15:01 - 2010-12-09 10:15 - 00718336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2015-05-02 15:01 - 2010-06-18 08:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2015-05-02 15:00 - 2015-05-05 19:48 - 00000001 _____ () C:\Documents and Settings\Steve\Application Data\update.dat
2015-05-02 15:00 - 2015-05-05 03:45 - 00000000 ____D () C:\Documents and Settings\Steve\Desktop\saves
2015-05-02 15:00 - 2015-05-04 21:56 - 00000000 ____D () C:\Documents and Settings\Steve\Desktop\Tray
2015-05-02 15:00 - 2015-05-04 20:51 - 00000000 ____D () C:\Documents and Settings\Steve\Desktop\Mods
2015-05-02 15:00 - 2015-05-02 15:00 - 00000000 ____D () C:\Documents and Settings\Steve\My Documents\Electronic Arts
2015-05-02 15:00 - 2015-05-02 15:00 - 00000000 ____D () C:\Documents and Settings\Steve\Desktop\SavedSimInfoData
2015-05-02 15:00 - 2010-01-13 09:01 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cabview.dll
2015-05-02 14:51 - 2015-05-02 14:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-05-02 14:43 - 2015-05-05 20:25 - 00000780 _____ () C:\Documents and Settings\All Users\Desktop\Sims 4 by BuZeR.lnk
2015-05-02 14:43 - 2015-05-05 20:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Sims 4
2015-05-02 14:24 - 2015-05-05 20:25 - 00000000 ____D () C:\Program Files\Sims 4
2015-05-02 13:23 - 2015-05-02 13:23 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google
2015-05-02 12:46 - 2015-05-02 14:58 - 00000000 ____D () C:\Program Files\PeerBlock
2015-05-02 12:46 - 2015-05-02 12:46 - 00001606 _____ () C:\Documents and Settings\Steve\Desktop\PeerBlock.lnk
2015-05-02 12:46 - 2015-05-02 12:46 - 00000828 _____ () C:\Documents and Settings\Steve\Start Menu\µTorrent.lnk
2015-05-02 12:46 - 2015-05-02 12:46 - 00000828 _____ () C:\Documents and Settings\Steve\Desktop\µTorrent.lnk
2015-05-02 12:46 - 2015-05-02 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\PeerBlock
2015-05-02 12:45 - 2015-05-02 14:23 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\uTorrent
2015-05-02 12:38 - 2015-05-02 12:38 - 00052814 _____ () C:\WINDOWS\Wdf01009Inst.log
2015-05-02 12:38 - 2015-05-02 12:38 - 00016400 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-05-02 12:38 - 2015-05-02 12:38 - 00000825 _____ () C:\WINDOWS\LkmdfCoInst.log
2015-05-02 12:38 - 2015-05-02 12:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWdf01009$
2015-05-02 12:38 - 2015-05-02 12:38 - 00000000 ____H () C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2015-05-02 12:38 - 2015-05-02 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Logitech
2015-05-02 12:38 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-05-02 12:38 - 2008-04-14 05:41 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidserv.dll
2015-05-02 12:37 - 2015-05-02 12:38 - 00005316 _____ () C:\WINDOWS\LDPINST.LOG
2015-05-02 12:37 - 2015-05-02 12:38 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2015-05-02 12:37 - 2015-05-02 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
2015-05-02 12:37 - 2015-05-02 12:38 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Logishrd
2015-05-02 12:37 - 2015-05-02 12:37 - 00000000 ____D () C:\Program Files\Logitech
2015-05-02 12:37 - 2014-03-18 19:24 - 00010136 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LBeepKE.sys
2015-05-02 12:29 - 2015-05-02 12:38 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\Logitech
2015-05-02 12:29 - 2015-05-02 12:29 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\Logishrd
2015-05-02 12:29 - 2015-05-02 12:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Media Player - Codec Pack
2015-05-02 12:25 - 2015-05-05 19:52 - 00003584 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-02 12:23 - 2015-05-02 14:59 - 00000000 ____D () C:\WINDOWS\system32\Codecs
2015-05-02 12:18 - 2015-05-02 12:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2015-05-02 12:14 - 2015-05-02 12:14 - 00024285 _____ () C:\WINDOWS\WMFDist11.log
2015-05-02 12:14 - 2015-05-02 12:14 - 00018125 _____ () C:\WINDOWS\wmp11.log
2015-05-02 12:14 - 2015-05-02 12:14 - 00010301 _____ () C:\WINDOWS\MSCompPackV1.log
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWudf01000$
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwmp11$
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallWMFDist11$
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallMSCompPackV1$
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2015-05-02 12:14 - 2015-05-02 12:14 - 00000000 ____D () C:\ebcf7aa9b58ac0373f86a481
2015-05-02 12:14 - 2009-01-07 18:20 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2015-05-02 12:13 - 2015-05-02 12:14 - 00007204 _____ () C:\WINDOWS\Wudf01000Inst.log
2015-05-02 12:13 - 2015-05-02 12:14 - 00000000 ____D () C:\e8641b88008937d8d0
2015-05-02 11:56 - 2015-05-02 11:56 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-05-02 11:56 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2015-05-02 11:56 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2015-05-02 11:56 - 2013-02-11 19:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2015-05-02 11:56 - 2013-02-11 19:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2015-05-02 11:56 - 2009-01-09 14:19 - 01089593 ____C () C:\WINDOWS\system32\dllcache\ntprint.cat
2015-05-02 11:55 - 2013-08-08 19:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2015-05-02 11:55 - 2013-08-08 19:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2015-05-02 11:55 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2015-05-02 11:55 - 2012-07-04 09:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2015-05-02 11:55 - 2011-11-18 07:35 - 00060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\packager.exe
2015-05-02 11:55 - 2011-10-28 00:31 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csrsrv.dll
2015-05-02 11:55 - 2009-03-18 06:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2015-05-02 05:42 - 2015-05-05 20:34 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-05-02 05:42 - 2015-05-05 20:34 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2015-05-02 05:42 - 2015-05-02 05:42 - 00000000 _____ () C:\WINDOWS\Sti_Trace.log
2015-05-02 05:42 - 2008-04-14 05:41 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2015-05-02 05:42 - 2001-08-17 08:59 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\audstub.sys
2015-05-02 05:41 - 2008-04-14 05:42 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbui.dll
2015-05-02 05:41 - 2008-04-14 00:10 - 00057600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\redbook.sys
2015-05-02 05:40 - 2015-05-05 16:09 - 00976673 _____ () C:\WINDOWS\FaxSetup.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00478543 _____ () C:\WINDOWS\ocgen.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00376953 _____ () C:\WINDOWS\tsoc.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00335225 _____ () C:\WINDOWS\comsetup.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00201545 _____ () C:\WINDOWS\ntdtcsetup.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00150616 _____ () C:\WINDOWS\iis6.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00054183 _____ () C:\WINDOWS\ocmsn.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00049089 _____ () C:\WINDOWS\msgsocm.log
2015-05-02 05:40 - 2015-05-05 16:09 - 00001891 _____ () C:\WINDOWS\imsins.log
2015-05-02 05:40 - 2015-05-03 14:18 - 00590352 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-02 05:40 - 2015-05-03 13:39 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2015-05-02 05:40 - 2015-05-02 05:40 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2015-05-02 05:40 - 2015-05-02 05:40 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2015-05-02 05:40 - 2015-05-01 22:39 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-02 05:40 - 2015-05-01 21:58 - 00004161 _____ () C:\WINDOWS\ODBCINST.INI
2015-05-02 05:40 - 2008-04-14 00:06 - 00008832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmiacpi.sys
2015-05-02 05:40 - 2006-02-28 07:00 - 01685606 ____C () C:\WINDOWS\system32\dllcache\sam.spd
2015-05-02 05:40 - 2006-02-28 07:00 - 00774144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spttseng.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00643717 ____C () C:\WINDOWS\system32\dllcache\ltts1033.lxa
2015-05-02 05:40 - 2006-02-28 07:00 - 00605050 ____C () C:\WINDOWS\system32\dllcache\r1033tts.lxa
2015-05-02 05:40 - 2006-02-28 07:00 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spcommon.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_857.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_857.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28603.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28599.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10081.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_28603.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_28599.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10081.nls
2015-05-02 05:40 - 2006-02-28 07:00 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\spcplui.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sapisvr.exe
2015-05-02 05:40 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdtuq.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdtuf.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtuq.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtuf.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdtat.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdmon.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdkyr.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdazel.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdtat.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdmon.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdkyr.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdazel.dll
2015-05-02 05:40 - 2006-02-28 07:00 - 00000888 ____C () C:\WINDOWS\system32\dllcache\sam.sdf
2015-05-02 05:39 - 2015-05-05 20:27 - 00392103 _____ () C:\WINDOWS\setupapi.log
2015-05-02 05:39 - 2015-05-05 14:22 - 00186505 _____ () C:\WINDOWS\setupact.log
2015-05-02 05:39 - 2015-05-03 08:44 - 00095072 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-02 05:39 - 2015-05-02 11:51 - 01035466 _____ () C:\WINDOWS\setupapi.log.0.old
2015-05-02 05:39 - 2015-05-02 05:40 - 00001052 _____ () C:\WINDOWS\regopt.log
2015-05-02 05:39 - 2015-05-02 05:39 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-02 05:39 - 2008-04-14 05:42 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system\winspool.drv
2015-05-02 05:39 - 2008-04-14 05:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\storprop.dll
2015-05-02 05:39 - 2008-04-14 05:42 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-05-02 05:39 - 2008-04-14 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\batt.dll
2015-05-02 05:39 - 2008-04-14 00:24 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irenum.sys
2015-05-02 05:39 - 2006-02-28 07:00 - 01086058 ____R () C:\WINDOWS\SET4.tmp
2015-05-02 05:39 - 2006-02-28 07:00 - 01042903 ____R () C:\WINDOWS\SET3.tmp
2015-05-02 05:39 - 2006-02-28 07:00 - 01042903 ____C () C:\WINDOWS\system32\dllcache\SP2.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00797189 ____C () C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00399645 ____C () C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00176157 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\dgrpsetu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00176157 _____ (Digi International, Inc.) C:\WINDOWS\system32\dgrpsetu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00126912 _____ (Microsoft Corporation) C:\WINDOWS\system\MSVIDEO.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00109456 _____ (Microsoft Corporation) C:\WINDOWS\system\AVIFILE.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00103424 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnclass.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00103424 _____ (Equinox Systems Inc.) C:\WINDOWS\system32\EqnClass.Dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00085020 ____C (Digi International) C:\WINDOWS\system32\dllcache\dgsetup.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00085020 _____ (Digi International) C:\WINDOWS\system32\dgsetup.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system\OLECLI.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00073376 _____ (Microsoft Corporation) C:\WINDOWS\system\MCIAVI.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00069584 _____ (Microsoft Corporation) C:\WINDOWS\system\AVICAP.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00068768 _____ (Microsoft Corporation) C:\WINDOWS\system\MMSYSTEM.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_869.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_866.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_855.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_852.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_737.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_869.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_866.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_855.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_852.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066594 _____ () C:\WINDOWS\system32\c_737.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_875.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28597.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28595.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28594.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20127.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10082.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10029.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10017.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10010.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10007.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10006.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_875.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\C_28597.NLS
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\C_28595.NLS
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\C_28594.NLS
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_20127.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10082.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10029.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10017.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10010.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10007.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00066082 _____ () C:\WINDOWS\system32\c_10006.nls
2015-05-02 05:39 - 2006-02-28 07:00 - 00037484 ____C () C:\WINDOWS\system32\dllcache\MW770.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00032816 _____ (Microsoft Corporation) C:\WINDOWS\system\COMMDLG.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system\MCIWAVE.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00025264 _____ (Microsoft Corporation) C:\WINDOWS\system\MCISEQ.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00024661 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxcoins.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS\system32\spxcoins.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system\OLESVR.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00019200 _____ (Microsoft Corporation) C:\WINDOWS\system\TAPI.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\taskman.exe
2015-05-02 05:39 - 2006-02-28 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\TASKMAN.EXE
2015-05-02 05:39 - 2006-02-28 07:00 - 00014573 ____R () C:\WINDOWS\SET25.tmp
2015-05-02 05:39 - 2006-02-28 07:00 - 00013753 ____R () C:\WINDOWS\SET8.tmp
2015-05-02 05:39 - 2006-02-28 07:00 - 00013600 _____ (Microsoft Corporation) C:\WINDOWS\system\WFWNET.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00013472 ____C () C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irclass.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\irclass.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00009936 _____ (Microsoft Corporation) C:\WINDOWS\system\LZEXPAND.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00009008 _____ (Microsoft Corporation) C:\WINDOWS\system\VER.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00008574 ____C () C:\WINDOWS\system32\dllcache\IASNT4.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00008192 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhept.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhept.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00007382 ____C () C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2015-05-02 05:39 - 2006-02-28 07:00 - 00007334 ____C () C:\WINDOWS\system32\dllcache\wmerrenu.cat
2015-05-02 05:39 - 2006-02-28 07:00 - 00007168 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdcz.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdycl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdsl1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdsl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdpl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhela3.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdcz2.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdcz1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdcr.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____R (Microsoft Corporation) C:\WINDOWS\system32\KBDAL.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdycl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsl1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhela3.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz2.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcz1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdcr.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdal.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdlv1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdlv.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhela2.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdgkl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdest.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlv1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlv.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhela2.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgkl.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdest.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdycc.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbduzb.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdur.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdru1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdru.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdro.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdpl1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdlt1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdlt.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdkaz.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhu1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhe319.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhe220.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdhe.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdbu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdblr.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____R (Microsoft Corporation) C:\WINDOWS\system32\kbdaze.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdycc.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbduzb.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdur.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdru1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdru.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdro.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdpl1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlt1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlt.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdkaz.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhu1.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe319.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe220.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhe.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdbu.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdblr.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdaze.dll
2015-05-02 05:39 - 2006-02-28 07:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system\SHELL.DLL
2015-05-02 05:39 - 2006-02-28 07:00 - 00004048 _____ (Microsoft Corporation) C:\WINDOWS\system\TIMER.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00003360 _____ (Microsoft Corporation) C:\WINDOWS\system\SYSTEM.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00002577 ____N () C:\WINDOWS\system32\CONFIG.TMP
2015-05-02 05:39 - 2006-02-28 07:00 - 00002176 _____ (Microsoft Corporation) C:\WINDOWS\system\VGA.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00002032 _____ (Microsoft Corporation) C:\WINDOWS\system\MOUSE.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00002000 _____ (Microsoft Corporation) C:\WINDOWS\system\KEYBOARD.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00001744 _____ (Microsoft Corporation) C:\WINDOWS\system\SOUND.DRV
2015-05-02 05:39 - 2006-02-28 07:00 - 00001688 _____ () C:\WINDOWS\system32\AUTOEXEC.NT
2015-05-02 05:39 - 2006-02-28 07:00 - 00001152 _____ (Microsoft Corporation) C:\WINDOWS\system\MMTASK.TSK
2015-05-02 05:38 - 2015-05-05 12:17 - 00000223 __RSH () C:\boot.ini
2015-05-02 05:38 - 2015-05-02 05:38 - 00925696 _____ () C:\WINDOWS\system32\config\system.sav
2015-05-02 05:38 - 2015-05-02 05:38 - 00634880 _____ () C:\WINDOWS\system32\config\software.sav
2015-05-02 05:38 - 2015-05-02 05:38 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-02 05:38 - 2015-05-02 05:38 - 00094208 _____ () C:\WINDOWS\system32\config\default.sav
2015-05-02 05:38 - 2015-05-02 05:38 - 00001024 ____H () C:\WINDOWS\system32\config\userdiff.LOG
2015-05-02 05:38 - 2015-05-02 05:38 - 00001024 ____H () C:\WINDOWS\system32\config\TempKey.LOG
2015-05-02 05:32 - 2015-05-05 18:10 - 00000000 ____D () C:\WINDOWS\msagent
2015-05-02 05:32 - 2015-05-03 08:44 - 00000000 ____D () C:\WINDOWS\Help
2015-05-02 05:32 - 2015-05-03 03:57 - 00000000 ____D () C:\WINDOWS\Media
2015-05-02 05:32 - 2015-05-02 05:34 - 00000000 ____D () C:\WINDOWS\twain_32
2015-05-02 05:32 - 2015-05-02 05:34 - 00000000 ____D () C:\WINDOWS\system32\ras
2015-05-02 05:32 - 2015-05-02 05:34 - 00000000 ____D () C:\WINDOWS\system32\icsxml
2015-05-02 05:32 - 2015-05-02 05:33 - 00000000 ____D () C:\WINDOWS\system32\ias
2015-05-02 05:32 - 2015-05-02 05:33 - 00000000 ____D () C:\WINDOWS\system32\1033
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\wins
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\ShellExt
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\export
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\Drivers\disdn
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\dhcp
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\3com_dmi
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\3076
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\2052
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1054
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1042
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1041
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1037
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1031
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1028
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\system32\1025
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\Resources
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\repair
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\Provisioning
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\mui
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\java
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\Driver Cache
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\Connection Wizard
2015-05-02 05:32 - 2015-05-02 05:32 - 00000000 ____D () C:\WINDOWS\addins
2015-05-02 05:32 - 2015-05-01 23:19 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-02 05:32 - 2015-05-01 23:12 - 00000000 ____D () C:\WINDOWS\security
2015-05-02 05:32 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\usmt
2015-05-02 05:32 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\npp
2015-05-02 05:32 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system
2015-05-02 05:32 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\PeerNet
2015-05-02 05:32 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\ime
2015-05-02 05:32 - 2015-05-01 22:39 - 00000000 ____D () C:\WINDOWS\system32\mui
2015-05-02 05:32 - 2015-05-01 22:39 - 00000000 ____D () C:\WINDOWS\pchealth
2015-05-02 05:32 - 2015-05-01 21:57 - 00000000 ___RD () C:\WINDOWS\Web
2015-05-02 05:32 - 2015-05-01 21:55 - 00000000 ____D () C:\WINDOWS\Cursors
2015-05-02 00:00 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-05-02 00:00 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-05-02 00:00 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-05-02 00:00 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-05-02 00:00 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-05-02 00:00 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-05-02 00:00 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-05-02 00:00 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-05-02 00:00 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-05-02 00:00 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-05-02 00:00 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-05-02 00:00 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-05-02 00:00 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-05-02 00:00 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-05-02 00:00 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-05-02 00:00 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-05-02 00:00 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-05-02 00:00 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-05-02 00:00 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-05-02 00:00 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-05-02 00:00 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-05-02 00:00 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-05-02 00:00 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-05-02 00:00 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-05-02 00:00 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-05-02 00:00 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-05-02 00:00 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-05-02 00:00 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-05-02 00:00 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-05-02 00:00 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-05-02 00:00 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-05-02 00:00 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-05-02 00:00 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-05-02 00:00 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-05-02 00:00 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-05-02 00:00 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-05-02 00:00 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-05-02 00:00 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-05-02 00:00 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-05-02 00:00 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-05-02 00:00 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-05-02 00:00 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-05-02 00:00 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-05-02 00:00 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-05-02 00:00 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-05-02 00:00 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-05-02 00:00 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-05-02 00:00 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-05-02 00:00 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-05-02 00:00 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-05-02 00:00 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-05-02 00:00 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-05-02 00:00 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-05-02 00:00 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-05-02 00:00 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-05-02 00:00 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-05-02 00:00 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-05-02 00:00 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-05-02 00:00 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-05-02 00:00 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-05-02 00:00 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-05-02 00:00 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-05-02 00:00 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
 
2015-05-02 00:00 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-05-02 00:00 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-05-02 00:00 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-05-02 00:00 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-05-02 00:00 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-05-02 00:00 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-05-02 00:00 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-05-02 00:00 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-05-02 00:00 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-05-02 00:00 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-05-02 00:00 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-05-02 00:00 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-05-02 00:00 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-05-02 00:00 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-05-02 00:00 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-05-02 00:00 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-05-02 00:00 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-05-02 00:00 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-05-02 00:00 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-05-02 00:00 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-05-02 00:00 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-05-02 00:00 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-05-02 00:00 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-05-02 00:00 - 2005-12-05 18:07 - 00061136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput9_1_0.dll
2015-05-02 00:00 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-05-02 00:00 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-05-02 00:00 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-05-02 00:00 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-05-01 23:59 - 2015-05-01 23:59 - 00000000 ____D () C:\Documents and Settings\Steve\Start Menu\Programs\RivaTuner Statistics Server
2015-05-01 23:58 - 2015-05-05 16:38 - 00000000 ____D () C:\Program Files\MSI Afterburner
2015-05-01 23:58 - 2015-05-01 23:59 - 00000000 ____D () C:\Program Files\RivaTuner Statistics Server
2015-05-01 23:58 - 2015-05-01 23:58 - 00000761 _____ () C:\Documents and Settings\Steve\Desktop\MSI Afterburner.lnk
2015-05-01 23:58 - 2015-05-01 23:58 - 00000000 ____D () C:\Documents and Settings\Steve\Start Menu\Programs\MSI Afterburner
2015-05-01 23:55 - 2015-05-05 20:36 - 00262144 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-05-01 23:55 - 2015-05-01 23:55 - 00000000 ____D () C:\Documents and Settings\Steve\Local Settings\Application Data\ATI
2015-05-01 23:55 - 2015-05-01 23:55 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\ATI
2015-05-01 23:55 - 2015-05-01 23:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ATI
2015-05-01 23:53 - 2015-05-01 23:53 - 00000143 _____ () C:\Documents and Settings\All Users\Application Data\LaunchURL.bat
2015-05-01 23:52 - 2015-05-01 23:52 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-05-01 23:52 - 2015-05-01 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Catalyst Control Center
2015-05-01 23:52 - 2015-05-01 23:52 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-05-01 23:52 - 2015-05-01 23:51 - 18964480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atioglxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 01610912 _____ () C:\WINDOWS\system32\ativvaxx.cap
2015-05-01 23:52 - 2015-05-01 23:51 - 00929792 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atikvmag.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00710269 _____ () C:\WINDOWS\system32\atiicdxx.dat
2015-05-01 23:52 - 2015-05-01 23:51 - 00643072 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00495616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiok3x2.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIDEMGX.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00307200 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atiiiexx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00296240 _____ () C:\WINDOWS\system32\atiapfxx.blb
2015-05-01 23:52 - 2015-05-01 23:51 - 00294912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00245760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00212992 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\atipdlxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00192512 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00163840 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\Oemdspif.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00163840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atibtmon.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00103040 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdXP3.sys
2015-05-01 23:52 - 2015-05-01 23:51 - 00071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc32.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00071192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom32.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00053248 _____ ( ATI Technologies Inc.) C:\WINDOWS\system32\ATIDDC.DLL
2015-05-01 23:52 - 2015-05-01 23:51 - 00045056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00043520 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ati2edxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00038445 _____ () C:\WINDOWS\atiogl.xml
2015-05-01 23:52 - 2015-05-01 23:51 - 00026112 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\Ati2mdxx.exe
2015-05-01 23:52 - 2015-05-01 23:51 - 00024064 _____ (ATI Technologies, Inc.) C:\WINDOWS\system32\ativcoxx.dll
2015-05-01 23:52 - 2015-05-01 23:51 - 00017408 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\atitvo32.dll
2015-05-01 23:34 - 2015-03-04 14:13 - 00000000 ____D () C:\Documents and Settings\Steve\Desktop\Driver
2015-05-01 23:31 - 2015-05-05 15:41 - 00000000 ____D () C:\WINDOWS\system32\LiveUpdate
2015-05-01 23:29 - 2015-05-01 23:29 - 00940794 _____ () C:\WINDOWS\system32\LoopyMusic.wav
2015-05-01 23:29 - 2015-05-01 23:29 - 00146650 _____ () C:\WINDOWS\system32\BuzzingBee.wav
2015-05-01 23:29 - 2015-05-01 23:29 - 00000000 ____D () C:\WINDOWS\system32\Lang
2015-05-01 23:28 - 2015-05-05 11:55 - 00001672 _____ () C:\Documents and Settings\All Users\Desktop\MSI Live Update 6.lnk
2015-05-01 23:28 - 2015-05-05 11:55 - 00000000 ____D () C:\MSI
2015-05-01 23:28 - 2014-04-30 16:23 - 00011248 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2015-05-01 23:24 - 2015-05-01 23:24 - 00000000 ____D () C:\WINDOWS\system32\RTCOM
2015-05-01 23:24 - 2013-12-10 08:07 - 01523416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlUpd.exe
2015-05-01 23:24 - 2013-12-10 07:20 - 05630168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtkHDAud.sys
2015-05-01 23:24 - 2013-12-05 06:08 - 00087256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoInstIIXP.dll
2015-05-01 23:24 - 2013-10-24 22:38 - 00026084 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-05-01 23:24 - 2013-10-03 23:29 - 20145368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
2015-05-01 23:24 - 2013-03-05 02:37 - 00891976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSndMgr.CPL
2015-05-01 23:24 - 2011-11-22 03:28 - 00011368 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDRXP.dll
2015-05-01 23:24 - 2010-11-03 05:15 - 09721960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RTLCPL.EXE
2015-05-01 23:24 - 2010-11-03 05:15 - 00359016 _____ (Realtek Semiconductor Crop.) C:\WINDOWS\vncutil.exe
2015-05-01 23:24 - 2010-11-03 05:15 - 00084584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE
2015-05-01 23:24 - 2010-11-03 05:14 - 02180712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\MicCal.exe
2015-05-01 23:24 - 2010-11-03 05:14 - 00129640 _____ (Realtek Semiconductor) C:\WINDOWS\RtkAudioService.exe
2015-05-01 23:24 - 2010-11-03 05:13 - 02815592 _____ (RealTek Semicoductor Corp.) C:\WINDOWS\ALCWZRD.EXE
2015-05-01 23:24 - 2010-11-03 05:13 - 00285288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\ALSNDMGR.CPL
2015-05-01 23:24 - 2010-11-03 05:13 - 00064104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\ALCMTR.EXE
2015-05-01 23:24 - 2009-11-17 18:17 - 01395800 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\Monfilt.sys
2015-05-01 23:24 - 2009-11-17 18:16 - 01691480 _____ (Creative) C:\WINDOWS\system32\Drivers\Ambfilt.sys
2015-05-01 23:24 - 2008-04-14 05:42 - 00129536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksproxy.ax
2015-05-01 23:24 - 2008-04-14 05:42 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2015-05-01 23:24 - 2008-04-14 05:41 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ksuser.dll
2015-05-01 23:24 - 2008-04-14 05:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksuser.dll
2015-05-01 23:24 - 2008-04-14 00:49 - 00146048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\portcls.sys
2015-05-01 23:24 - 2008-04-14 00:49 - 00146048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-05-01 23:24 - 2008-04-14 00:47 - 00083072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wdmaud.sys
2015-05-01 23:24 - 2008-04-14 00:47 - 00083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdmaud.sys
2015-05-01 23:24 - 2008-04-14 00:45 - 00060800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sysaudio.sys
2015-05-01 23:24 - 2008-04-14 00:45 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sysaudio.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00172416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kmixer.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kmixer.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\drmk.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00056576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swmidi.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swmidi.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00052864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dmusic.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\DMusic.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00006272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\splitter.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\splitter.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00002944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\drmkaud.sys
2015-05-01 23:24 - 2008-04-14 00:15 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mskssrv.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSKSSRV.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspclock.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSPCLOCK.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mspqm.sys
2015-05-01 23:24 - 2008-04-14 00:09 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MSPQM.sys
2015-05-01 23:24 - 2008-04-13 22:09 - 00142592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aec.sys
2015-05-01 23:24 - 2008-04-13 22:09 - 00142592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\aec.sys
2015-05-01 23:23 - 2015-05-01 23:24 - 00002254 _____ () C:\RHDSetup.log
2015-05-01 23:23 - 2015-05-01 23:23 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-05-01 23:23 - 2013-11-25 04:20 - 02080472 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-05-01 23:21 - 2015-05-01 23:21 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-05-01 23:19 - 2015-05-03 03:11 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2015-05-01 23:19 - 2015-05-01 23:19 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-01 23:19 - 2015-05-01 23:19 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-01 23:19 - 2015-05-01 23:19 - 00000000 ____D () C:\7bcd60ac4265c763d005d809
2015-05-01 23:19 - 2008-07-06 07:06 - 01676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2015-05-01 23:19 - 2008-07-06 07:06 - 01676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
2015-05-01 23:19 - 2008-07-06 07:06 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
2015-05-01 23:19 - 2008-07-06 07:06 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2015-05-01 23:19 - 2008-07-06 07:06 - 00117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2015-05-01 23:19 - 2008-07-06 07:06 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2015-05-01 23:19 - 2008-07-06 05:50 - 00597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2015-05-01 23:13 - 2015-05-01 23:13 - 00000259 _____ () C:\WINDOWS\system32\spupdwxp.log
2015-05-01 23:13 - 2015-05-01 23:13 - 00000187 _____ () C:\WINDOWS\spupdsvc.log.1.log
2015-05-01 23:10 - 2015-05-03 14:17 - 00127137 _____ () C:\WINDOWS\spupdsvc.log
2015-05-01 23:10 - 2012-11-05 21:01 - 01371648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll
2015-05-01 23:10 - 2012-11-05 21:01 - 01371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-05-01 23:10 - 2008-04-13 22:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2015-05-01 23:10 - 2008-04-13 22:57 - 00079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6r.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 04847424 ____C (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\dllcache\ati3duag.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 04847424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ati3duag.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 02380800 ____C (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\dllcache\ativvaxx.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 02380800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 00663552 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2cqag.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 00663552 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 00306176 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2dvag.dll
2015-05-01 23:09 - 2015-05-01 23:51 - 00306176 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2015-05-01 23:09 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\scripting
2015-05-01 23:09 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\bits
2015-05-01 23:09 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2015-05-01 23:09 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\l2schemas
2015-05-01 23:09 - 2013-11-12 20:13 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
2015-05-01 23:09 - 2009-01-07 18:21 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 04274816 ____N (NVIDIA Corporation) C:\WINDOWS\system32\nv4_disp.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 01737856 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\mtxparhd.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00712704 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecs.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00412160 ____N (Microsoft Corporation) C:\WINDOWS\system32\photometadatahandler.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00397056 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\s3gnb.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00346112 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecsext.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00294912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dlimport.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00291328 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagentrt.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00290304 ____N (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00286792 ____N (Smart Link) C:\WINDOWS\system32\slextspk.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00276992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmphoto.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00193024 ____N (Microsoft Corporation) C:\WINDOWS\system32\napmontr.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00188508 ____N (Smart Link) C:\WINDOWS\system32\slgen.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00176640 ____N (Microsoft Corporation) C:\WINDOWS\system32\napstat.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssha.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagent.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00144384 ____N (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\qutil.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00073832 ____N (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00073796 ____N (Smart Link) C:\WINDOWS\system32\slserv.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00069120 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00062464 ____N (Microsoft Corporation) C:\WINDOWS\system32\qcliprov.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00061952 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasqec.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00050688 ____N (Microsoft Corporation) C:\WINDOWS\system32\tspkg.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcperf.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\system32\slrundll.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00032866 ____N (Smart Link) C:\WINDOWS\slrundll.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\setupn.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00030208 ____N (Microsoft Corporation) C:\WINDOWS\system32\napipsec.dll
2015-05-01 23:09 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2015-05-01 23:09 - 2008-04-14 05:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\verclsid.exe
2015-05-01 23:09 - 2008-04-14 05:42 - 00023040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativmvxx.ax
2015-05-01 23:09 - 2008-04-14 05:42 - 00009728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativdaxx.ax
2015-05-01 23:09 - 2008-04-14 05:41 - 00870784 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3d1ag.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00650752 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00397312 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcex.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00377984 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvaa.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00233472 ____N (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\microsoft.managementconsole.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00180224 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00132096 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00126976 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00106496 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcfxcommon.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00094208 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00086016 ____N (Conexant) C:\WINDOWS\system32\mdmxsdk.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\kmsvc.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapqec.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00057856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3cfg.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00048640 ____N (Microsoft Corporation) C:\WINDOWS\system32\dhcpqec.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3gpclnt.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00037376 ____N (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00032768 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativtmxx.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00032285 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\hsfcisp2.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapolqec.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00019456 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsntfy.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2015-05-01 23:09 - 2008-04-14 05:41 - 00007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2015-05-01 23:09 - 2008-04-14 05:40 - 00294912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msaud32.acm
2015-05-01 23:09 - 2008-04-14 05:40 - 00086016 ____C (Sipro Lab Telecom Inc.) C:\WINDOWS\system32\dllcache\sl_anet.acm
2015-05-01 23:09 - 2008-04-14 05:39 - 00290816 ____C (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\system32\dllcache\l3codeca.acm
2015-05-01 23:09 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpash.dll
2015-05-01 23:09 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnepr.dll
2015-05-01 23:09 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdiultn.dll
2015-05-01 23:09 - 2008-04-14 05:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbhc.dll
2015-05-01 23:09 - 2008-04-13 23:45 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\msshavmsg.dll
2015-05-01 23:09 - 2008-04-13 22:58 - 00184959 ____C () C:\WINDOWS\system32\dllcache\compact.wmz
2015-05-01 23:09 - 2008-04-13 22:58 - 00066725 ____C () C:\WINDOWS\system32\dllcache\revert.wmz
2015-05-01 23:09 - 2007-06-26 11:30 - 00572557 ____C () C:\WINDOWS\system32\dllcache\rtuner.wmv
2015-05-01 23:09 - 2007-06-26 11:30 - 00457607 ____C () C:\WINDOWS\system32\dllcache\mdlib.wmv
2015-05-01 23:09 - 2007-06-26 11:30 - 00381425 ____C () C:\WINDOWS\system32\dllcache\copycd.wmv
2015-05-01 23:09 - 2007-06-26 11:30 - 00375519 ____C () C:\WINDOWS\system32\dllcache\nuskin.wmv
2015-05-01 23:09 - 2007-06-26 11:30 - 00354468 ____C () C:\WINDOWS\system32\dllcache\wmpaud1.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00343204 ____C () C:\WINDOWS\system32\dllcache\wmpaud7.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00343204 ____C () C:\WINDOWS\system32\dllcache\wmpaud6.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00300969 ____C () C:\WINDOWS\system32\dllcache\viz.wmv
2015-05-01 23:09 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud9.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud8.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00172196 ____C () C:\WINDOWS\system32\dllcache\wmpaud3.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00086196 ____C () C:\WINDOWS\system32\dllcache\wmpaud5.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00086180 ____C () C:\WINDOWS\system32\dllcache\wmpaud4.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00086180 ____C () C:\WINDOWS\system32\dllcache\wmpaud2.wav
2015-05-01 23:09 - 2007-06-26 11:30 - 00022060 ____C () C:\WINDOWS\system32\dllcache\npds.zip
2015-05-01 23:09 - 2007-06-26 11:30 - 00010457 ____C () C:\WINDOWS\system32\dllcache\wmptour.hta
2015-05-01 23:09 - 2007-06-26 11:30 - 00009585 ____C () C:\WINDOWS\system32\dllcache\controls.css
2015-05-01 23:09 - 2007-06-26 11:30 - 00008298 ____C () C:\WINDOWS\system32\dllcache\contents.htm
2015-05-01 23:09 - 2007-06-26 11:30 - 00006878 ____C () C:\WINDOWS\system32\dllcache\controls.js
2015-05-01 23:09 - 2007-06-26 11:30 - 00005971 ____C () C:\WINDOWS\system32\dllcache\events.js
2015-05-01 23:09 - 2007-06-26 11:30 - 00003187 ____C () C:\WINDOWS\system32\dllcache\tour.js
2015-05-01 23:09 - 2007-06-26 11:30 - 00001771 ____C () C:\WINDOWS\system32\dllcache\wmptour.css
2015-05-01 23:09 - 2007-06-26 11:30 - 00001148 ____C () C:\WINDOWS\system32\dllcache\snd.htm
2015-05-01 23:09 - 2007-06-26 11:30 - 00000420 ____C () C:\WINDOWS\system32\dllcache\wmploc.js
2015-05-01 23:09 - 2007-06-26 11:29 - 00097117 ____C () C:\WINDOWS\system32\dllcache\mplayer2.hlp
2015-05-01 23:09 - 2007-06-26 11:29 - 00001885 ____C () C:\WINDOWS\system32\dllcache\mplayer2.cnt
2015-05-01 23:09 - 2007-06-26 11:28 - 00613334 ____C () C:\WINDOWS\system32\dllcache\wmplayer.chm
2015-05-01 23:09 - 2007-06-26 11:26 - 00077307 ____C () C:\WINDOWS\system32\dllcache\plyr_err.chm
2015-05-01 23:09 - 2007-06-26 11:26 - 00001477 ____C () C:\WINDOWS\system32\dllcache\plylst6.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001477 ____C () C:\WINDOWS\system32\dllcache\plylst5.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001474 ____C () C:\WINDOWS\system32\dllcache\plylst3.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001451 ____C () C:\WINDOWS\system32\dllcache\plylst12.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001448 ____C () C:\WINDOWS\system32\dllcache\plylst4.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001250 ____C () C:\WINDOWS\system32\dllcache\plylst1.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001049 ____C () C:\WINDOWS\system32\dllcache\plylst2.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001046 ____C () C:\WINDOWS\system32\dllcache\plylst7.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00001036 ____C () C:\WINDOWS\system32\dllcache\plylst8.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000789 ____C () C:\WINDOWS\system32\dllcache\plylst11.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000787 ____C () C:\WINDOWS\system32\dllcache\plylst10.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000784 ____C () C:\WINDOWS\system32\dllcache\plylst9.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000783 ____C () C:\WINDOWS\system32\dllcache\plylst13.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000775 ____C () C:\WINDOWS\system32\dllcache\plylst14.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000733 ____C () C:\WINDOWS\system32\dllcache\plylst15.wpl
2015-05-01 23:09 - 2007-06-26 11:26 - 00000403 ____C () C:\WINDOWS\system32\dllcache\npdrmv2.zip
2015-05-01 23:09 - 2007-04-02 23:21 - 00023195 ____C () C:\WINDOWS\system32\dllcache\wmplay.chm
2015-05-01 23:09 - 2006-04-25 10:10 - 00069612 ____C () C:\WINDOWS\system32\dllcache\wmplayer.adm
2015-05-01 23:08 - 2015-05-03 13:39 - 00141490 _____ () C:\WINDOWS\updspapi.log
2015-05-01 23:08 - 2015-05-01 23:51 - 06852096 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\ati2mtag.sys
2015-05-01 23:08 - 2015-05-01 23:51 - 06852096 _____ (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2015-05-01 23:08 - 2013-07-16 19:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2015-05-01 23:08 - 2013-02-11 19:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys
2015-05-01 23:08 - 2008-06-13 06:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-05-01 23:08 - 2008-04-14 05:42 - 00011325 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\vchnt5.dll
2015-05-01 23:08 - 2008-04-14 05:42 - 00003901 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\siint5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00025471 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\atv04nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00021183 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\atv01nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00017279 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\atv10nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00015423 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\ch7xxnt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00014143 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\atv06nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00011359 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\atv02nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00004255 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv01nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003967 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv02nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003775 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv11nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003711 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv09nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003647 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv07nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003615 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv05nt5.dll
2015-05-01 23:08 - 2008-04-14 05:41 - 00003135 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\adv08nt5.dll
2015-05-01 23:08 - 2008-04-14 00:26 - 00030592 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys
2015-05-01 23:08 - 2008-04-14 00:21 - 00101120 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00059136 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00036480 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys
2015-05-01 23:08 - 2008-04-14 00:16 - 00017024 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-05-01 23:08 - 2008-04-14 00:15 - 00019200 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidir.sys
2015-05-01 23:08 - 2008-04-14 00:13 - 00014208 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys
2015-05-01 23:08 - 2008-04-14 00:13 - 00012672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys
2015-05-01 23:08 - 2008-04-14 00:10 - 00010240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00046464 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00044928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agpcpq.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00044672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00043008 ____N (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdagp.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00042752 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\alim1541.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00042368 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agp440.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00042240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viaagp.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00040960 ____N (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\Drivers\sisagp.sys
2015-05-01 23:08 - 2008-04-14 00:06 - 00005888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 01309184 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 01041536 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00685056 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00404990 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00220032 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00180360 ____N (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00129535 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00126686 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00095424 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00013776 ____N (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00013240 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2015-05-01 23:08 - 2008-04-13 23:53 - 00011868 ____N (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys
2015-05-01 23:08 - 2008-04-13 22:06 - 00144384 ____N (Windows (R) Server 2003 DDK provider) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 01897408 ____N (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nv4_mini.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00452736 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00327040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00166912 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00104960 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00073216 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00063663 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00063488 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00057856 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00056623 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00052224 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00036463 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00034735 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00031744 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00030671 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00029455 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00028672 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00026367 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00025471 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00022271 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00021343 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00014336 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00012047 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00011935 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00011871 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00011807 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00011615 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys
2015-05-01 23:08 - 2008-04-13 22:04 - 00011295 ____N (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys
2015-05-01 23:08 - 2007-04-02 21:36 - 00129045 ____N () C:\WINDOWS\system32\Drivers\cxthsfs2.cty
2015-05-01 23:08 - 2006-12-29 20:21 - 00064352 ____N () C:\WINDOWS\system32\Drivers\ativmc20.cod
2015-05-01 23:08 - 2006-12-29 20:02 - 00067866 ____N () C:\WINDOWS\system32\Drivers\netwlan5.img
2015-05-01 23:07 - 2009-01-07 18:21 - 00026144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spupdsvc.exe
2015-05-01 23:07 - 2006-12-29 00:31 - 00019569 _____ () C:\WINDOWS\002580_.tmp
2015-05-01 23:06 - 2015-05-01 23:07 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2015-05-01 23:06 - 2015-05-01 23:06 - 00000581 _____ () C:\WINDOWS\medctroc.Log
2015-05-01 23:05 - 2015-05-01 23:12 - 00461400 _____ () C:\WINDOWS\svcpack.log
2015-05-01 22:49 - 2015-05-01 23:55 - 00013104 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-05-01 22:49 - 2015-05-01 22:49 - 00000000 ___SD () C:\Documents and Settings\Steve\UserData
2015-05-01 22:46 - 2015-05-01 23:43 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2015-05-01 22:46 - 2015-05-01 22:46 - 00012984 _____ () C:\WINDOWS\system32\wpa.bak
2015-05-01 22:44 - 2015-05-03 13:21 - 00000000 ____D () C:\Program Files\AMD
2015-05-01 22:44 - 2015-05-02 12:38 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-05-01 22:44 - 2015-05-01 22:44 - 00018258 _____ () C:\WINDOWS\DPINST.LOG
2015-05-01 22:44 - 2015-05-01 22:44 - 00000000 ____D () C:\Program Files\ASM104xUSB3
2015-05-01 22:44 - 2015-05-01 22:44 - 00000000 ____D () C:\Documents and Settings\Steve\Application Data\InstallShield
2015-05-01 22:44 - 2015-01-05 14:23 - 00343768 _____ (ASMedia Technology Inc) C:\WINDOWS\system32\Drivers\asmtxhci.sys
2015-05-01 22:44 - 2015-01-05 14:23 - 00110808 _____ (ASMedia Technology Inc) C:\WINDOWS\system32\Drivers\asmthub3.sys
2015-05-01 22:44 - 2007-04-16 16:46 - 00033792 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AmdPPM.sys
2015-05-01 22:42 - 2015-05-05 12:07 - 00000000 ____D () C:\Program Files\Google
2015-05-01 22:42 - 2015-05-05 12:07 - 00000000 ____D () C:\Documents and Settings\Steve\Local Settings\Application Data\Google
2015-05-01 22:41 - 2015-05-01 23:24 - 00000000 ____D () C:\Program Files\Realtek
2015-05-01 22:41 - 2015-05-01 23:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-05-01 22:41 - 2015-05-01 22:41 - 00000197 _____ () C:\mylog.log
2015-05-01 22:41 - 2015-05-01 22:41 - 00000000 ____D () C:\Program Files\AMD APP
2015-05-01 22:41 - 2014-06-05 12:05 - 00427992 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\Rtenicxp.sys
2015-05-01 22:41 - 2014-06-05 12:05 - 00102416 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RTNUninst32.dll
2015-05-01 22:41 - 2014-06-05 12:05 - 00076872 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp32.dll
2015-05-01 22:41 - 2010-11-28 15:50 - 00035712 ____R (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2015-05-01 22:40 - 2015-05-01 22:40 - 00000000 ____D () C:\Program Files\ATI
2015-05-01 22:39 - 2015-05-03 09:00 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-05-01 22:29 - 2015-05-01 22:29 - 00000000 ____D () C:\Program Files\MSI Kombustor 2.5
2015-05-01 22:29 - 2015-05-01 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MSI Kombustor 2.5
2015-05-01 22:24 - 2015-05-05 20:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-01 22:24 - 2015-05-05 20:33 - 00000178 ___SH () C:\Documents and Settings\Steve\ntuser.ini
2015-05-01 22:24 - 2015-05-05 19:17 - 00000000 ____D () C:\Documents and Settings\Steve
2015-05-01 22:24 - 2015-05-03 08:44 - 00000803 _____ () C:\Documents and Settings\Steve\Start Menu\Programs\Internet Explorer.lnk
2015-05-01 22:24 - 2015-05-03 08:44 - 00000000 ___RD () C:\Documents and Settings\Steve\Start Menu\Programs\Accessories
2015-05-01 22:24 - 2015-05-02 12:18 - 00000788 _____ () C:\Documents and Settings\Steve\Start Menu\Programs\Windows Media Player.lnk
2015-05-01 22:24 - 2015-05-01 23:13 - 00000738 _____ () C:\Documents and Settings\Steve\Start Menu\Programs\Outlook Express.lnk
2015-05-01 22:24 - 2015-05-01 21:58 - 00001599 _____ () C:\Documents and Settings\Steve\Start Menu\Programs\Remote Assistance.lnk
2015-05-01 22:23 - 2015-05-05 20:33 - 00032568 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-01 22:23 - 2015-05-05 19:02 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-05-01 22:23 - 2015-05-01 22:23 - 00000020 ___SH () C:\Documents and Settings\LocalService\ntuser.ini
2015-05-01 22:00 - 2015-05-05 19:02 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-05-01 22:00 - 2015-05-01 22:00 - 00008192 _____ () C:\WINDOWS\REGLOCS.OLD
2015-05-01 22:00 - 2015-05-01 22:00 - 00000020 ___SH () C:\Documents and Settings\NetworkService\ntuser.ini
2015-05-01 21:59 - 2008-04-14 05:41 - 00571392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlgnt.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00482304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlgnt.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00426041 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicepad.dll
2015-05-01 21:59 - 2008-04-14 05:41 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winzm.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsp.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winpy.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00086073 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicesub.dll
2015-05-01 21:59 - 2008-04-14 05:41 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winar30.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phon.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dayi.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chajei.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quick.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniime.dll
2015-05-01 21:59 - 2008-04-14 05:41 - 00072704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wingb.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winime.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unicdime.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\romanime.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintlgnt.ime
2015-05-01 21:59 - 2008-04-14 05:41 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmigrate.dll
2015-05-01 21:59 - 2008-04-14 05:40 - 00175104 ____C () C:\WINDOWS\system32\dllcache\pintlcsa.dll
2015-05-01 21:59 - 2008-04-14 05:40 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmigrate.dll
2015-05-01 21:59 - 2008-04-14 05:40 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlcsd.dll
2015-05-01 21:59 - 2008-04-14 05:40 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs404.dll
2015-05-01 21:59 - 2008-04-14 05:40 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs804.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 13463552 ____C () C:\WINDOWS\system32\dllcache\hwxjpn.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00811064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81k.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00716856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcus.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00368696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcic.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00340023 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81.ime
2015-05-01 21:59 - 2008-04-14 05:39 - 00315455 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskf.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00274489 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputyc.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintime.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00173568 ____C () C:\WINDOWS\system32\dllcache\chtskf.dll
 
2015-05-01 21:59 - 2008-04-14 05:39 - 00106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrcic.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00102456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imlang.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtmbx.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekr61.ime
2015-05-01 21:59 - 2008-04-14 05:39 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmbx.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00081976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.dll
2015-05-01 21:59 - 2008-04-14 05:39 - 00056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtskdic.dll
2015-05-01 21:59 - 2008-04-13 22:13 - 00070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlphr.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 10129408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxkor.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 10096640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxcht.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 01875968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.lex
2015-05-01 21:59 - 2006-02-28 07:00 - 01677824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chsbrkr.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 01158818 ____C () C:\WINDOWS\system32\dllcache\korwbrkr.lex
2015-05-01 21:59 - 2006-02-28 07:00 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtbrkr.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00514587 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\edb500.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintsetp.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00471102 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskdic.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintsetp.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00311359 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsv.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00307257 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00262200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputy.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00233527 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjprw.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00229439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\multibox.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00208952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpmig.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00196665 ____C () C:\WINDOWS\system32\dllcache\imjpinst.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00180770 ____C () C:\WINDOWS\system32\dllcache\c_20932.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00177698 ____C () C:\WINDOWS\system32\dllcache\c_20949.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00173602 ____C () C:\WINDOWS\system32\dllcache\c_20936.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00155705 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdsvr.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00143422 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\softkey.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00134339 ____C () C:\WINDOWS\system32\dllcache\imekr.lex
2015-05-01 21:59 - 2006-02-28 07:00 - 00132608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00108827 ____C () C:\WINDOWS\system32\dllcache\hanja.lex
2015-05-01 21:59 - 2006-02-28 07:00 - 00102463 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsm.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00083748 ____C () C:\WINDOWS\system32\dllcache\prcp.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00083748 ____C () C:\WINDOWS\system32\dllcache\prc.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\korwbrkr.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_864.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_862.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_858.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066594 ____C () C:\WINDOWS\system32\dllcache\c_720.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_870.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_708.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_28596.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_21027.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_21025.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20924.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20880.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20871.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20838.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20833.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20424.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20423.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imkrinst.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00059392 ____C () C:\WINDOWS\system32\dllcache\imscinst.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00057399 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cplexe.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00057398 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdadm.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00047066 ____C () C:\WINDOWS\system32\dllcache\ksc.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00045109 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpuex.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlphr.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmig.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00036927 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs411.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hanjadic.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00028288 ____C () C:\WINDOWS\system32\dllcache\xjis.nls
2015-05-01 21:59 - 2006-02-28 07:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs412.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
2015-05-01 21:59 - 2006-02-28 07:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2015-05-01 21:59 - 2006-02-28 07:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecat.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecnt.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnec95.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101a.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
2015-05-01 21:59 - 2006-02-28 07:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2015-05-01 21:59 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2015-05-01 21:59 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2015-05-01 21:58 - 2015-05-03 13:38 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2015-05-01 21:58 - 2015-05-02 12:17 - 00023392 _____ () C:\WINDOWS\system32\nscompat.tlb
2015-05-01 21:58 - 2015-05-02 12:17 - 00016832 _____ () C:\WINDOWS\system32\amcompat.tlb
2015-05-01 21:58 - 2015-05-02 12:14 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2015-05-01 21:58 - 2015-05-02 12:14 - 00000000 __SHD () C:\Documents and Settings\All Users\DRM
2015-05-01 21:58 - 2015-05-01 23:10 - 00001563 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2015-05-01 21:58 - 2015-05-01 21:58 - 00006528 _____ () C:\WINDOWS\KB911164.log
2015-05-01 21:58 - 2015-05-01 21:58 - 00002577 _____ () C:\WINDOWS\system32\CONFIG.NT
2015-05-01 21:58 - 2015-05-01 21:58 - 00001599 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2015-05-01 21:58 - 2015-05-01 21:58 - 00000792 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 __RSH () C:\MSDOS.SYS
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 __RSH () C:\IO.SYS
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 ____D () C:\WINDOWS\system32\xircom
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 ____D () C:\Program Files\xerox
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 ____D () C:\Program Files\microsoft frontpage
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 _____ () C:\WINDOWS\control.ini
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 _____ () C:\CONFIG.SYS
2015-05-01 21:58 - 2015-05-01 21:58 - 00000000 _____ () C:\AUTOEXEC.BAT
2015-05-01 21:58 - 2008-04-13 23:09 - 00689152 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsp3res.dll
2015-05-01 21:58 - 2006-02-28 07:00 - 00195618 ____C () C:\WINDOWS\system32\dllcache\c_10002.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00189986 ____C () C:\WINDOWS\system32\dllcache\c_1361.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00187938 ____C () C:\WINDOWS\system32\dllcache\c_20005.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00186402 ____C () C:\WINDOWS\system32\dllcache\c_20001.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00185378 ____C () C:\WINDOWS\system32\dllcache\c_20003.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00180258 ____C () C:\WINDOWS\system32\dllcache\c_20004.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00180258 ____C () C:\WINDOWS\system32\dllcache\c_20000.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00177698 ____C () C:\WINDOWS\system32\dllcache\c_10003.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00173602 ____C () C:\WINDOWS\system32\dllcache\c_20002.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00173602 ____C () C:\WINDOWS\system32\dllcache\c_10008.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00162850 ____C () C:\WINDOWS\system32\dllcache\c_10001.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2015-05-01 21:58 - 2006-02-28 07:00 - 00082172 ____C () C:\WINDOWS\system32\dllcache\bopomofo.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066728 ____C () C:\WINDOWS\system32\dllcache\big5.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20420.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20297.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20290.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20285.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20284.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20280.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20278.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20277.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20273.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20269.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20108.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20107.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20106.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_20105.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1149.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1148.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1147.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1146.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1145.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1144.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1143.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1142.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1141.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1140.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_1047.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10021.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10005.nls
2015-05-01 21:58 - 2006-02-28 07:00 - 00066082 ____C () C:\WINDOWS\system32\dllcache\c_10004.nls
2015-05-01 21:58 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2015-05-01 21:58 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2015-05-01 21:57 - 2015-05-05 20:35 - 01661929 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-01 21:57 - 2015-05-05 20:25 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2015-05-01 21:57 - 2015-05-01 21:58 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2015-05-01 21:57 - 2015-05-01 21:57 - 00000786 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\system32\sapi.cpl.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\system32\nwc.cpl.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\system32\ncpa.cpl.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000749 ___RH () C:\WINDOWS\system32\cdplayer.exe.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000488 ___RH () C:\WINDOWS\system32\WindowsLogon.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000488 ___RH () C:\WINDOWS\system32\logonui.exe.manifest
2015-05-01 21:57 - 2015-05-01 21:57 - 00000000 ___RD () C:\WINDOWS\Offline Web Pages
2015-05-01 21:57 - 2015-05-01 21:57 - 00000000 ___HD () C:\Program Files\WindowsUpdate
2015-05-01 21:57 - 2015-05-01 21:57 - 00000000 ____D () C:\Program Files\Common Files\Services
2015-05-01 21:57 - 2015-05-01 21:57 - 00000000 ____D () C:\Program Files\Common Files\MSSoap
2015-05-01 21:57 - 2006-02-28 07:00 - 04399505 ____C () C:\WINDOWS\system32\dllcache\nls302en.lex
2015-05-01 21:57 - 2006-02-28 07:00 - 00235520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mssoap1.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg723.acm
2015-05-01 21:57 - 2006-02-28 07:00 - 00099840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helphost.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieinfo5.ocx
2015-05-01 21:57 - 2006-02-28 07:00 - 00073728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwtutor.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00064512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\acctres.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\acctres.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icwres.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00048680 ___SH () C:\WINDOWS\winnt256.bmp
2015-05-01 21:57 - 2006-02-28 07:00 - 00048680 ___SH () C:\WINDOWS\winnt.bmp
2015-05-01 21:57 - 2006-02-28 07:00 - 00047104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srdiag.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\trialoc.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msinfo32.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\notiflag.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wisc10.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mssoapr.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brpinfo.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isignup.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icfgnt5.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfgnt5.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wb32.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nmevtmsg.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cb32.exe
2015-05-01 21:57 - 2006-02-28 07:00 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmevtmsg.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atrace.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\atrace.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hcappres.dll
2015-05-01 21:57 - 2006-02-28 07:00 - 00000984 ____C () C:\WINDOWS\system32\dllcache\srframe.mmf
2015-05-01 21:56 - 2015-05-03 03:15 - 00000000 ____D () C:\Program Files\Outlook Express
2015-05-01 21:56 - 2015-05-03 03:15 - 00000000 ____D () C:\Program Files\Movie Maker
2015-05-01 21:56 - 2015-05-01 23:13 - 00000359 _____ () C:\WINDOWS\DtcInstall.log
2015-05-01 21:56 - 2015-05-01 23:10 - 00001281 _____ () C:\WINDOWS\sessmgr.setup.log
2015-05-01 21:56 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-05-01 21:56 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\srchasst
2015-05-01 21:56 - 2015-05-01 23:09 - 00000000 ____D () C:\Program Files\NetMeeting
2015-05-01 21:56 - 2015-05-01 23:09 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-01 21:56 - 2015-05-01 21:58 - 00000000 ____D () C:\WINDOWS\Registration
2015-05-01 21:56 - 2015-05-01 21:56 - 00021640 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-01 21:56 - 2015-05-01 21:56 - 00000037 _____ () C:\WINDOWS\vbaddin.ini
2015-05-01 21:56 - 2015-05-01 21:56 - 00000036 _____ () C:\WINDOWS\vb.ini
2015-05-01 21:56 - 2015-05-01 21:56 - 00000000 ____D () C:\WINDOWS\system32\Macromed
2015-05-01 21:56 - 2015-05-01 21:56 - 00000000 ____D () C:\Program Files\ComPlus Applications
2015-05-01 21:56 - 2012-06-02 15:19 - 01933848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuaueng.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 01933848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00577048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuapi.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00577048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00329240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wucltui.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00329240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltui.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00219160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuaucpl.cpl
2015-05-01 21:56 - 2012-06-02 15:19 - 00219160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaucpl.cpl
2015-05-01 21:56 - 2012-06-02 15:19 - 00210968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuweb.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00210968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuweb.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00053784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wuauclt.exe
2015-05-01 21:56 - 2012-06-02 15:19 - 00053784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-01 21:56 - 2012-06-02 15:19 - 00035864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wups.dll
2015-05-01 21:56 - 2012-06-02 15:19 - 00035864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-01 21:56 - 2011-10-10 09:22 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-01 21:56 - 2010-11-18 13:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\isign32.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00786432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migrate.exe
2015-05-01 21:56 - 2008-04-14 05:42 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00364544 ____C (Microsoft Corporation (written by Digital Renaissance Inc.)) C:\WINDOWS\system32\dllcache\npdsplay.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstask.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoeacct.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00226816 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\npdrmv2.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00221184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmpns.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msh261.drv
2015-05-01 21:56 - 2008-04-14 05:42 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng1.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srsvc.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt1.exe
2015-05-01 21:56 - 2008-04-14 05:42 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msconf.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrslv.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrcdlg.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mnmsrvc.exe
2015-05-01 21:56 - 2008-04-14 05:42 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\safrdm.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmmkcert.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltmc.exe
2015-05-01 21:56 - 2008-04-14 05:42 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgrprxy.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstinit.exe
2015-05-01 21:56 - 2008-04-14 05:42 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\npwmsdrm.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauserv.dll
2015-05-01 21:56 - 2008-04-14 05:42 - 00004639 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mplayer2.exe
2015-05-01 21:56 - 2008-04-14 05:41 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcfg.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ils.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\icwdial.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\icwphbk.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00034560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mnmdd.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\custsat.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00032768 _____ (Intel Corporation) C:\WINDOWS\system32\isrdbg32.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fltlib.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx2.dll
2015-05-01 21:56 - 2008-04-14 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx3.dll
2015-05-01 21:56 - 2008-04-14 00:06 - 00073472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sr.sys
2015-05-01 21:56 - 2008-04-14 00:03 - 00129792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltmgr.sys
2015-05-01 21:56 - 2008-04-13 21:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetres.dll
2015-05-01 21:56 - 2006-11-01 18:31 - 01669120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\setup_wm.exe
2015-05-01 21:56 - 2006-10-18 21:47 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mpvis.dll
2015-05-01 21:56 - 2006-10-18 21:47 - 00096256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmpband.dll
2015-05-01 21:56 - 2006-10-18 21:46 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmplayer.exe
2015-05-01 21:55 - 2015-05-03 03:52 - 00000000 ____D () C:\Program Files\Messenger
2015-05-01 21:55 - 2015-05-03 03:42 - 00011171 _____ () C:\WINDOWS\wmsetup.log
2015-05-01 21:55 - 2015-05-01 23:09 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-05-01 21:55 - 2015-05-01 23:09 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-01 21:55 - 2015-05-01 21:56 - 00000000 ____D () C:\WINDOWS\system32\MsDtc
2015-05-01 21:55 - 2015-05-01 21:55 - 00001986 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\MSN.lnk
2015-05-01 21:55 - 2015-05-01 21:55 - 00000609 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2015-05-01 21:55 - 2015-05-01 21:55 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2015-05-01 21:55 - 2015-05-01 21:55 - 00000000 ____D () C:\Program Files\Online Services
2015-05-01 21:55 - 2015-05-01 21:55 - 00000000 ____D () C:\Program Files\MSN Gaming Zone
2015-05-01 21:55 - 2015-05-01 21:55 - 00000000 ____D () C:\Program Files\MSN
2015-05-01 21:55 - 2013-02-27 02:56 - 02067456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-05-01 21:55 - 2012-07-04 09:05 - 00139784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpwd.sys
2015-05-01 21:55 - 2011-01-27 06:57 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2015-05-01 21:55 - 2009-12-16 13:43 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2015-05-01 21:55 - 2008-06-12 19:53 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2015-05-01 21:55 - 2008-06-12 09:23 - 00956928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2015-05-01 21:55 - 2008-06-12 09:23 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2015-05-01 21:55 - 2008-06-12 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2015-05-01 21:55 - 2008-06-12 09:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtclog.dll
2015-05-01 21:55 - 2008-04-14 05:43 - 00087176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpwsx.dll
2015-05-01 21:55 - 2008-04-14 05:43 - 00021896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdtcp.sys
2015-05-01 21:55 - 2008-04-14 05:43 - 00012040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdpipe.sys
2015-05-01 21:55 - 2008-04-14 05:42 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\spider.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\accwiz.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdchost.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sessmgr.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sndrec32.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mplay32.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mplay32.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\clipbrd.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\access.cpl
2015-05-01 21:55 - 2008-04-14 05:42 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdshost.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remotepg.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\stclient.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxlegih.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxdm.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsnd.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsaddin.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2015-05-01 21:55 - 2008-04-14 05:42 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtc.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomcnfg.exe
2015-05-01 21:55 - 2008-04-14 05:42 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxex.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00347136 _____ (Hilgraeve, Inc.) C:\WINDOWS\system32\hypertrm.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsnap.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatex.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comrepl.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\colbact.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comaddin.dll
2015-05-01 21:55 - 2008-04-14 05:41 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\icaapi.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 02178131 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvlres.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 01817687 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckgres.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 01175635 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtzres.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 01039955 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmnresm.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00780885 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkrres.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00753236 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvseres.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00655360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstscax.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00605696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\getuname.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\getuname.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00407552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstsc.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00273920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msiprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avtapi.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\avtapi.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00217160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cmnclim.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00138752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sndvol32.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sndvol32.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00126976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshearts.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshearts.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00120320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dsprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmine.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmine.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00116224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\updprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\calc.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00113222 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zoneclim.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00093702 _____ () C:\WINDOWS\system32\subrange.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00082501 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckg.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00080384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\charmap.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\charmap.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00075264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmipicmp.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avwav.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\avwav.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00066113 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvl.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00065978 _____ () C:\WINDOWS\Soap Bubbles.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00065954 _____ () C:\WINDOWS\Prairie Wind.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00065832 _____ () C:\WINDOWS\Santa Fe Stucco.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00063488 _____ () C:\WINDOWS\system32\wmimgmt.msc
2015-05-01 21:55 - 2006-02-28 07:00 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmplprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00061440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmimsg.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00060458 _____ () C:\WINDOWS\system32\ideograf.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemdisp.tlb
2015-05-01 21:55 - 2006-02-28 07:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\trnsprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00057409 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtz.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00056832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sol.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sol.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\freecell.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\freecell.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fwdprov.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00052224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmitimep.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00048706 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvse.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmi2xml.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00044544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tscupgrd.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscupgrd.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00044544 _____ (Hilgraeve, Inc.) C:\WINDOWS\system32\hticons.dll
 
2015-05-01 21:55 - 2006-02-28 07:00 - 00042577 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bckgzm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00042575 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkrzm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00042574 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rvsezm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shvlzm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00042573 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hrtzzm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00041029 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zcorem.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpcons.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00040515 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chkr.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00036937 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zclientm.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winchat.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winchat.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\regini.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\regini.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00032339 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniansi.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemads.tlb
2015-05-01 21:55 - 2006-02-28 07:00 - 00029760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\znetm.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00026680 _____ () C:\WINDOWS\River Sumida.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00026582 _____ () C:\WINDOWS\Greenstone.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00024006 _____ () C:\WINDOWS\system32\gb2312.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00022984 _____ () C:\WINDOWS\system32\bopomofo.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qwinsta.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msg.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtsadmin.tlb
2015-05-01 21:55 - 2006-02-28 07:00 - 00017362 _____ () C:\WINDOWS\Rhododendron.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00017336 _____ () C:\WINDOWS\Gone Fishing.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00017062 _____ () C:\WINDOWS\Coffee Bean.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unsecapp.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsshutdn.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qappsrv.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsshutdn.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016740 _____ () C:\WINDOWS\system32\shiftjis.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00016730 _____ () C:\WINDOWS\FeatherTexture.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmgmtr.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tskill.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avmeter.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\avmeter.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rwinsta.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cdmodem.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdmodem.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\logoff.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsdiscon.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tscon.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shadow.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shadow.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00013894 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zonelibm.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winmgmt.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00013312 ____C (Hilgraeve, Inc.) C:\WINDOWS\system32\dllcache\htrn_jis.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00013223 _____ () C:\WINDOWS\system32\tslabels.ini
2015-05-01 21:55 - 2006-02-28 07:00 - 00012876 _____ () C:\WINDOWS\system32\korean.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wbemads.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\reset.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00009522 _____ () C:\WINDOWS\Zapotec.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00008484 _____ () C:\WINDOWS\system32\kanji_2.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00006948 _____ () C:\WINDOWS\system32\kanji_1.uce
2015-05-01 21:55 - 2006-02-28 07:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\write.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\write.exe
2015-05-01 21:55 - 2006-02-28 07:00 - 00004677 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\zeeverm.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpcfgex.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcfgex.dll
2015-05-01 21:55 - 2006-02-28 07:00 - 00003286 _____ () C:\WINDOWS\system32\tslabels.h
2015-05-01 21:55 - 2006-02-28 07:00 - 00001931 _____ () C:\WINDOWS\system32\msdtcprf.ini
2015-05-01 21:55 - 2006-02-28 07:00 - 00001272 _____ () C:\WINDOWS\Blue Lace 16.bmp
2015-05-01 21:55 - 2006-02-28 07:00 - 00001161 _____ () C:\WINDOWS\system32\usrlogon.cmd
2015-05-01 21:55 - 2006-02-28 07:00 - 00000768 _____ () C:\WINDOWS\system32\msdtcprf.h
2015-05-01 21:54 - 2015-05-01 23:10 - 00000373 _____ () C:\WINDOWS\cmsetacl.log
2015-05-01 21:54 - 2015-05-01 23:10 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-05-01 21:54 - 2008-04-14 05:43 - 00040840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\termdd.sys
2015-05-01 21:54 - 2008-04-14 05:42 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\servdeps.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 01267200 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\clbcatq.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrv.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmprops.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\licwmi.dll
2015-05-01 21:54 - 2008-04-14 05:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmfutil.dll
2015-05-01 21:54 - 2008-04-14 00:02 - 00196224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 19:30 - 2006-02-28 07:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-05-05 12:17 - 2006-02-28 07:00 - 00000507 _____ () C:\WINDOWS\win.ini
2015-05-03 13:35 - 2006-02-28 07:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-01 23:08 - 2006-02-28 07:00 - 00250048 __RSH () C:\ntldr

==================== Files in the root of some directories =======

2015-05-02 15:00 - 2015-05-05 19:48 - 0000001 _____ () C:\Documents and Settings\Steve\Application Data\update.dat
2015-05-02 12:25 - 2015-05-05 19:52 - 0003584 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-05 12:25 - 2015-05-05 12:25 - 0000036 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\housecall.guid.cache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-05-2015
Ran by Steve at 2015-05-05 20:39:58
Running from C:\Documents and Settings\Steve\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-790525478-2000478354-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-790525478-2000478354-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-790525478-2000478354-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-790525478-2000478354-725345543-1000 - Limited - Disabled)
Steve (S-1-5-21-790525478-2000478354-725345543-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Steve
SUPPORT_388945a0 (S-1-5-21-790525478-2000478354-725345543-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\uTorrent) (Version: 3.4.3.40208 - BitTorrent Inc.)
AMD Catalyst Install Manager (HKLM\...\{ADFFE046-88C0-5ABF-A93A-B95C19B54DF1}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.3.2.0053 - AMD)
Asmedia USB Host Controller Driver (HKLM\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.23.0 - Asmedia Technology)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media Player Codec Pack 4.3.7 (HKLM\...\Media Player - Codec Pack) (Version: 4.3.7 - Media Player Codec Pack)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Afterburner 4.1.0 (HKLM\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSI Kombustor 2.5.9 (HKLM\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.017 - MSI)
Norton Internet Security (HKLM\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM\...\RTSS) (Version: 6.3.0 - Unwinder)
Sims 4 by BuZeR version final (HKLM\...\{ED118F10-E516-4245-160F-6213F508F71F}_is1) (Version: final - )
Viber (HKU\S-1-5-21-790525478-2000478354-725345543-1004\...\Viber) (Version: 5.0.1.42 - Viber Media Inc)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

01-05-2015 22:25:04 System Checkpoint
01-05-2015 22:41:19 Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver
01-05-2015 22:44:32 Installed AMD Processor Driver
01-05-2015 23:07:35 Installed Windows XP Service Pack 3.
01-05-2015 23:19:11 Installed Windows KB954550-v5.
01-05-2015 23:19:14 Printer Driver Microsoft XPS Document Writer Installed
01-05-2015 23:19:17 Printer Driver Microsoft XPS Document Writer Installed
01-05-2015 23:23:59 Installed Realtek High Definition Audio Driver
02-05-2015 00:00:02 Installed DirectX
02-05-2015 12:13:31 Installed Windows Media Player 11
02-05-2015 12:13:49 Software Distribution Service 3.0
02-05-2015 12:38:06 Installed Windows XP Wdf01009.
02-05-2015 14:43:42 Installed DirectX
02-05-2015 14:44:28 Installed Microsoft Visual C++ 2005 Redistributable
02-05-2015 14:51:21 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
02-05-2015 14:51:36 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
02-05-2015 23:32:44 Software Distribution Service 3.0
03-05-2015 03:00:23 Software Distribution Service 3.0
03-05-2015 13:21:17 Installed AMD OverDrive.
03-05-2015 13:37:55 Software Distribution Service 3.0
04-05-2015 16:37:52 Software Distribution Service 3.0
05-05-2015 11:59:57 Removed Google Drive
05-05-2015 20:25:40 Installed DirectX
05-05-2015 20:32:19 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
05-05-2015 20:32:28 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-02-28 07:00 - 2015-05-05 19:29 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-06 02:03 - 2014-12-06 02:03 - 00565760 _____ () C:\Program Files\MSI Afterburner\MSIAfterburner.exe
2014-12-06 02:01 - 2014-12-06 02:01 - 00071680 _____ () C:\Program Files\MSI Afterburner\RTMUI.dll
2014-12-06 02:01 - 2014-12-06 02:01 - 00056832 _____ () C:\Program Files\MSI Afterburner\RTFC.dll
2014-12-06 02:02 - 2014-12-06 02:02 - 00217600 _____ () C:\Program Files\MSI Afterburner\RTCore.dll
2014-12-06 02:01 - 2014-12-06 02:01 - 00353792 _____ () C:\Program Files\MSI Afterburner\RTUI.dll
2014-12-06 02:02 - 2014-12-06 02:02 - 00649216 _____ () C:\Program Files\MSI Afterburner\RTHAL.dll
2015-05-05 14:24 - 2015-02-25 08:37 - 00776400 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\Viber.exe
2015-05-05 14:24 - 2015-02-25 08:36 - 49469440 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\libViber.dll
2015-05-05 14:24 - 2015-01-09 06:54 - 00769024 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\libGLESv2.dll
2015-05-05 14:24 - 2015-02-25 08:13 - 00104448 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\qfacebook.dll
2015-05-05 14:24 - 2015-02-25 08:13 - 00171008 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\exif.dll
2015-05-05 14:24 - 2014-06-30 02:11 - 00047104 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\libEGL.dll
2006-02-28 07:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2015-05-05 14:24 - 2014-08-20 10:13 - 00875008 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\platforms\qwindows.dll
2015-05-05 14:24 - 2014-06-30 02:17 - 00021504 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qgif.dll
2015-05-05 14:24 - 2014-06-30 02:17 - 00020992 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qico.dll
2015-05-05 14:24 - 2014-06-30 02:17 - 00204800 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qjpeg.dll
2015-05-05 14:24 - 2014-06-30 02:20 - 00218112 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qmng.dll
2015-05-05 14:24 - 2014-06-30 02:18 - 00015872 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qsvg.dll
2015-05-05 14:24 - 2014-06-30 02:20 - 00015360 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qtga.dll
2015-05-05 14:24 - 2014-06-30 02:21 - 00307712 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qtiff.dll
2015-05-05 14:24 - 2014-06-30 02:20 - 00014848 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\imageformats\qwbmp.dll
2015-05-05 14:24 - 2014-06-30 02:17 - 00635392 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\sqldrivers\qsqlite.dll
2015-05-05 14:24 - 2014-06-30 02:18 - 00026624 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\Viber\5.0.1.42\iconengines\qsvgicon.dll
2010-03-16 12:22 - 2010-03-16 12:22 - 00014848 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-08-30 03:03 - 2013-08-30 03:03 - 00270336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-790525478-2000478354-725345543-1004\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 10.0.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXE

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Steve\Application Data\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 08:38:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 5.5.2015.0, faulting module frst.exe, version 5.5.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]

Error: (05/05/2015 01:58:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 5.5.2015.0, faulting module frst.exe, version 5.5.2015.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]

Error: (05/05/2015 01:28:41 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (05/05/2015 01:28:13 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (05/05/2015 01:28:12 PM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (05/05/2015 00:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application housecall.bin, version 1.62.0.1087, faulting module hc_core.dll, version 1.62.0.1089, fault address 0x00024d77.
Processing media-specific event for [housecall.bin!ws!]

Error: (05/04/2015 08:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:50:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]

Error: (05/04/2015 08:44:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application update.fg3, version 1.5.139.1020, faulting module simulation.dll, version 1.200.0.101, fault address 0x00304494.
Processing media-specific event for [update.fg3!ws!]


System errors:
=============
Error: (05/05/2015 08:35:02 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 08:05:25 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:40:35 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:35:25 PM) (Source: BROWSER) (EventID: 8009) (User: )
Description: The browser was unable to promote itself to master browser. The computer that currently
believes it is the master browser is GEORGE-6CA09241.

Error: (05/05/2015 07:35:24 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:33:47 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:28:36 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:23:25 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:18:21 PM) (Source: 0) (EventID: 4321) (User: )
Description: MSHOME :1d10.0.0.1110.0.0.49

Error: (05/05/2015 07:01:46 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (05/05/2015 08:38:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe5.5.2015.0frst.exe5.5.2015.00001f09e

Error: (05/05/2015 01:58:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: frst.exe5.5.2015.0frst.exe5.5.2015.00001f09e

Error: (05/05/2015 01:28:41 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (05/05/2015 01:28:13 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (05/05/2015 01:28:12 PM) (Source: crypt32) (EventID: 8) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (05/05/2015 00:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: housecall.bin1.62.0.1087hc_core.dll1.62.0.108900024d77

Error: (05/04/2015 08:50:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:50:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:47:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494

Error: (05/04/2015 08:44:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: update.fg31.5.139.1020simulation.dll1.200.0.10100304494


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 3033.88 MB
Available physical RAM: 2303.96 MB
Total Pagefile: 4918.99 MB
Available Pagefile: 4327.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:182.42 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 89E189E1)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    961 bytes · Views: 2
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-05-2015
Ran by Steve at 2015-05-06 01:15:42 Run:2
Running from C:\Documents and Settings\Steve\Desktop
Loaded Profiles: Steve (Available profiles: Steve & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-790525478-2000478354-725345543-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://wisersearch.com/?channel=en", "hxxp://www.google.com", "hxxp://www.surfvox.com/"
S3 catchme; \??\C:\DOCUME~1\Steve\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 MSICDSetup; \??\D:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib.sys [X]
U3 TlntSvr; No ImagePath
2015-05-02 15:00 - 2015-05-05 19:48 - 0000001 _____ () C:\Documents and Settings\Steve\Application Data\update.dat
2015-05-02 12:25 - 2015-05-05 19:52 - 0003584 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-05 12:25 - 2015-05-05 12:25 - 0000036 _____ () C:\Documents and Settings\Steve\Local Settings\Application Data\housecall.guid.cache

*****************

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-790525478-2000478354-725345543-1004\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome StartupUrls deleted successfully.
catchme => Service deleted successfully.
IntelIde => Service deleted successfully.
MSICDSetup => Service deleted successfully.
NTIOLib_1_0_C => Service deleted successfully.
TlntSvr => Service deleted successfully.
C:\Documents and Settings\Steve\Application Data\update.dat => Moved successfully.
C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Documents and Settings\Steve\Local Settings\Application Data\housecall.guid.cache => Moved successfully.

==== End of Fixlog 01:15:42 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.001
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton Internet Security
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader XI
Google Chrome (42.0.2311.135)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 0%
````````````````````End of Log``````````````````````
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
830
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back