Will Howard
Posts: 27 +0
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-10-2015 01
Ran by Administrator (administrator) on NANTES-H1 (11-10-2015 18:45:48)
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: William Howard & Billfred & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2006-03-05] (Autodesk)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2CCBF3D3-7203-4174-B491-3AA701F839A7}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-842925246-1614895754-1606980848-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-842925246-1614895754-1606980848-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-04] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\65bmg18f.default-1444584435968
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\William Howard\Application Data\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-10-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [858024 2015-09-22] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-10-04] (Oracle Corporation)
S2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [307200 2003-08-29] (Lexmark International, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 SLService; C:\WINDOWS\system32\slserv.exe [73796 2008-04-14] (Smart Link)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R0 AVG Anti-Rootkit; C:\WINDOWS\System32\DRIVERS\avgarkt.sys [5632 2007-01-31] (GRISOFT, s.r.o.) [File not signed]
R1 AvgArCln; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [3968 2007-01-18] (GRISOFT, s.r.o.) [File not signed]
S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [156080 2015-08-10] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [240048 2015-08-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-08-14] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [232368 2015-08-10] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189872 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231344 2015-08-28] (AVG Technologies CZ, s.r.o.)
S1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [126686 2008-04-13] (Smart Link)
S3 Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [1309184 2008-04-13] (Smart Link)
S3 NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [180360 2008-04-13] (Smart Link)
S3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1330048 2003-09-22] (Creative Technology Ltd.)
R0 RecAgent; C:\WINDOWS\System32\DRIVERS\RecAgent.sys [13776 2008-04-13] (Smart Link)
S3 Slntamr; C:\WINDOWS\System32\DRIVERS\slntamr.sys [404990 2008-04-13] (Smart Link)
S3 SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [95424 2008-04-13] (Smart Link)
S3 SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [13240 2008-04-13] (Smart Link)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\drivers\ALCXWDM.SYS DD8520280304B6145A6BE31008748C7C
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgarkt.sys E8054A423E5D2BDAE6062BAB6DA159C4
C:\WINDOWS\System32\DRIVERS\AvgArCln.sys EC08D1625F5C6CF2A57B79EB35186F8C
C:\WINDOWS\System32\DRIVERS\avgdiskx.sys 28ED163EBC48BF20F76B5A90032383A5
C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys E12570E23BB21AD8D51C983446E3D95C
C:\WINDOWS\System32\DRIVERS\avgidshx.sys 58D2DD279EF94567F3ADE0A183AA8E73
C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys B2A20F53C393247935B921831151C107
C:\WINDOWS\System32\DRIVERS\avgldx86.sys 0279A6866096DDCF88E9774D4D026879
C:\WINDOWS\System32\DRIVERS\avglogx.sys 671832356F02077F305F711FF8894BDA
C:\WINDOWS\System32\DRIVERS\avgmfx86.sys 5A5297A835310226A044F3FE87E7F1A2
C:\WINDOWS\System32\DRIVERS\avgrkx86.sys 961DA8B7CE470D85D67262A3E3F45F63
C:\WINDOWS\System32\DRIVERS\avgtdix.sys 771EB18C15CC90C716F7A88777384BB6
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\System32\DRIVERS\BthEnum.sys B279426E3C0C344893ED78A613A73BDE
C:\WINDOWS\System32\DRIVERS\bthpan.sys 80602B8746D3738F5886CE3D67EF06B6
C:\WINDOWS\System32\Drivers\BTHport.sys 662BFD909447DD9CC15B1A1C366583B4
C:\WINDOWS\System32\Drivers\BTHUSB.sys 61364CD71EF63B0F038B7E9DF00F1EFA
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys B459AE4AFCA570088ADDDBE55EABBC92
C:\WINDOWS\System32\DRIVERS\ssudbus.sys 6A2F35D012D014AC5C4C16F2CEB11541
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\Drivers\ElbyCDIO.sys 72753D5CC94A90F5CFC6C00ECC47163F
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\System32\DRIVERS\fetnd5.sys E9648254056BCE81A85380C0C3647DC4
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\drivers\MODEMCSA.sys 1992E0D143B09653AB0F9C5E04B0FD65
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys C53775780148884AC87C455489A0C070
C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys 54886A652BF5685192141DF304E923FD
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys 576B34CEAE5B7E5D9FD2775E93B3DB53
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 785500CE8693C06EAAF29FAA64DB17C5
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ctoss2k.sys C720C25B2D0C93DC425155F5B6A707F3
C:\WINDOWS\System32\drivers\P16X.sys F051107FF80F132882E71E3A5D302EC1
C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\RecAgent.sys E9AAA0092D74A9D371659C4C38882E12
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\rfcomm.sys 851C30DF2807FCFA21E4C681A7D6440E
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\slntamr.sys 2C1779C0FEB1F4A6033600305EBA623A
C:\WINDOWS\System32\DRIVERS\Slnthal.sys F9B8E30E82EE95CF3E1D3E495599B99C
C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys DB56BB2C55723815CF549D7FC50CFCEB
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys C04A273FDC50FBC6FF07EFBD62BDF93E
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\DRIVERS\uagp35.sys D85938F272D1BCF3DB3A31FC0A048928
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\DRIVERS\VClone.sys C2D1B1671F9C1C66E0DF1B5D2DC87616
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\System32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WinUSB.sys FD600B032E741EB6AAB509FC630F7C42
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-11 18:45 - 2015-10-11 18:45 - 00000000 ____D C:\FRST
2015-10-11 18:43 - 2015-10-11 18:43 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Adobe
2015-10-11 18:27 - 2015-10-11 18:27 - 00000000 __SHD C:\Documents and Settings\Administrator\PrivacIE
2015-10-11 18:26 - 2015-10-11 18:26 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Macromedia
2015-10-11 18:25 - 2015-10-11 18:27 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
2015-10-11 18:23 - 2015-10-11 18:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2015-10-11 18:23 - 2015-10-11 18:23 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
2015-10-11 18:16 - 2015-10-11 18:16 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg
2015-10-11 18:14 - 2015-10-11 18:47 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-10-11 18:14 - 2015-10-11 18:27 - 00000000 ____D C:\Documents and Settings\Administrator
2015-10-11 18:14 - 2015-10-11 18:14 - 00000020 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-10-11 18:14 - 2015-10-11 18:14 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2015-10-11 18:14 - 2015-10-11 15:01 - 00001599 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-10-11 18:14 - 2015-10-03 20:13 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2015-10-11 18:14 - 2015-10-03 20:13 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2015-10-11 18:13 - 2015-10-11 18:13 - 00000000 ____D C:\WINDOWS\CSC
2015-10-11 17:34 - 2015-10-11 17:34 - 00000803 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Internet Explorer.lnk
2015-10-11 17:34 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Local Settings\Application Data\Avg
2015-10-11 17:34 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Application Data\AVG
2015-10-11 17:33 - 2015-10-11 17:34 - 00000738 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Outlook Express.lnk
2015-10-11 17:33 - 2015-10-11 17:33 - 00000000 __SHD C:\Documents and Settings\Billfred\IETldCache
2015-10-11 17:32 - 2015-10-11 17:34 - 00000178 ___SH C:\Documents and Settings\Billfred\ntuser.ini
2015-10-11 17:32 - 2015-10-11 17:34 - 00000000 ___RD C:\Documents and Settings\Billfred\Start Menu\Programs\Accessories
2015-10-11 17:32 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Local Settings\Temp
2015-10-11 17:32 - 2015-10-11 17:33 - 00000792 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Windows Media Player.lnk
2015-10-11 17:32 - 2015-10-11 17:33 - 00000000 ____D C:\Documents and Settings\Billfred
2015-10-11 17:32 - 2015-10-11 15:01 - 00001599 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Remote Assistance.lnk
2015-10-11 17:29 - 2015-10-11 17:29 - 00000828 _____ C:\Documents and Settings\All Users\Desktop\AVG Anti-Rootkit Free.lnk
2015-10-11 17:29 - 2015-10-11 17:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Anti-Rootkit Free
2015-10-11 17:29 - 2007-01-18 13:00 - 00003968 _____ (GRISOFT, s.r.o.) C:\WINDOWS\system32\Drivers\AvgArCln.sys
2015-10-11 17:27 - 2015-09-15 13:52 - 00042920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2015-10-11 17:26 - 2015-10-11 17:26 - 00001776 _____ C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp.lnk
2015-10-11 17:26 - 2015-10-11 17:26 - 00000000 ____D C:\Program Files\GRISOFT
2015-10-11 17:26 - 2015-10-11 17:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp
2015-10-11 13:00 - 2015-10-11 13:00 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Shortcut to Engineering
2015-10-11 02:51 - 2015-10-11 02:51 - 00000930 _____ C:\Documents and Settings\William Howard\Desktop\JRT.txt
2015-10-10 19:17 - 2015-10-10 19:17 - 00002204 _____ C:\Documents and Settings\William Howard\Desktop\pw2.txt
2015-10-10 19:10 - 2008-04-14 05:42 - 00151552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe
2015-10-10 19:10 - 2008-04-14 05:42 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\irftp.exe
2015-10-10 19:10 - 2008-04-14 05:42 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll
2015-10-10 19:10 - 2008-04-14 05:42 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshirda.dll
2015-10-10 19:10 - 2008-04-14 05:41 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll
2015-10-10 19:10 - 2008-04-14 05:41 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2015-10-10 19:10 - 2008-04-14 00:21 - 00101120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthpan.sys
2015-10-10 19:10 - 2008-04-14 00:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rfcomm.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-10-10 19:10 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthEnum.sys
2015-10-10 17:44 - 2015-10-10 17:44 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\DigitalVolcano
2015-10-10 17:43 - 2015-10-10 17:43 - 00000853 _____ C:\Documents and Settings\All Users\Desktop\Duplicate Cleaner Free.lnk
2015-10-10 17:43 - 2015-10-10 17:43 - 00000000 ____D C:\Program Files\Duplicate Cleaner
2015-10-10 17:43 - 2015-10-10 17:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Duplicate Cleaner Free
2015-10-10 17:00 - 2015-10-10 17:00 - 00025000 _____ C:\Documents and Settings\William Howard\Desktop\monkeyfeedsTiger.jpeg
2015-10-10 16:50 - 2015-10-10 16:50 - 00049717 _____ C:\Documents and Settings\William Howard\Desktop\motivation.jpeg
2015-10-10 13:57 - 2015-10-10 13:57 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\SketchUp
2015-10-10 13:56 - 2015-10-10 13:56 - 00001903 _____ C:\Documents and Settings\All Users\Desktop\Style Builder 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00001817 _____ C:\Documents and Settings\All Users\Desktop\LayOut 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00001754 _____ C:\Documents and Settings\All Users\Desktop\SketchUp 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 2013
2015-10-10 13:55 - 2015-10-10 13:55 - 00000000 ____D C:\Program Files\SketchUp
2015-10-10 13:55 - 2015-10-10 13:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SketchUp
2015-10-10 13:41 - 2015-10-10 13:41 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Google
2015-10-10 13:41 - 2015-10-10 13:41 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Google
2015-10-10 13:36 - 2015-10-10 13:36 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-10 13:31 - 2015-10-10 13:31 - 00001853 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth.lnk
2015-10-10 13:30 - 2015-10-11 18:07 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-10 13:30 - 2015-10-11 17:35 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-10 13:29 - 2015-10-10 13:30 - 00000000 ____D C:\Program Files\Google
2015-10-10 13:26 - 2015-10-10 13:26 - 00000000 ____D C:\WINDOWS\system32\URTTEMP
2015-10-10 13:21 - 2015-10-10 16:06 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-10-10 13:21 - 2015-10-10 16:06 - 00065536 _____ C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2015-10-10 13:18 - 2015-10-10 13:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2015-10-10 13:18 - 2015-10-10 13:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2015-10-10 13:16 - 2015-10-10 13:19 - 00065536 _____ C:\WINDOWS\system32\config\Windows .evt
2015-10-10 13:16 - 2015-10-10 13:19 - 00065536 _____ C:\WINDOWS\system32\config\Microsof.evt
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 __HDC C:\WINDOWS\$968930Uinstall_KB968930$
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\$NtUninstallKB968930$
2015-10-10 13:15 - 2015-10-10 13:17 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Office
2015-10-10 13:15 - 2015-10-10 13:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2015-10-10 13:14 - 2015-10-10 13:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Engieering
2015-10-10 13:13 - 2015-10-10 13:16 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\IT
2015-10-10 12:58 - 2015-10-10 12:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-10-10 12:58 - 2015-10-10 12:58 - 00000000 ____D C:\Program Files\CCleaner
2015-10-09 18:52 - 2015-10-09 18:52 - 00001749 _____ C:\Documents and Settings\All Users\Desktop\Lexmark Z700-P700 Series Solution Center.lnk
2015-10-09 18:49 - 2015-10-09 18:49 - 00000105 _____ C:\WINDOWS\lexstat.ini
2015-10-09 18:47 - 2003-09-10 03:54 - 00073728 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxblpwr.dll
2015-10-09 18:47 - 2003-08-29 15:20 - 00200192 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lexlmpm.dll
2015-10-09 18:47 - 2003-08-29 14:57 - 00197120 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEX2KUSB.DLL
2015-10-09 18:47 - 2003-08-29 14:54 - 00307200 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
2015-10-09 18:47 - 2003-08-29 14:51 - 00147456 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCE.DLL
2015-10-09 18:47 - 2003-08-29 14:50 - 00174592 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
2015-10-09 18:47 - 2003-08-29 14:49 - 00201216 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXP2P32.DLL
2015-10-09 18:47 - 2003-03-26 15:22 - 00286720 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxblcomm.dll
2015-10-09 18:47 - 2002-11-13 16:40 - 00040960 _____ C:\WINDOWS\system32\lxblvs.dll
2015-10-09 18:45 - 2015-10-09 18:45 - 00000000 ____D C:\Program Files\Lexmark Z700-P700 Series
2015-10-09 18:45 - 2003-09-10 04:24 - 00069632 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLCU.DLL
2015-10-09 18:45 - 2003-09-10 04:11 - 00090112 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLCUR.DLL
2015-10-09 18:45 - 2003-09-10 04:09 - 00454656 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLJSWR.DLL
2015-10-09 18:45 - 2003-09-10 03:58 - 00339968 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLUTIL.DLL
2015-10-09 18:45 - 2003-08-29 15:07 - 00155648 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPING.EXE
2015-10-09 18:45 - 2003-03-26 15:27 - 00544768 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLLSNT.EXE
2015-10-09 18:45 - 2003-03-26 15:25 - 00217088 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLLCNT.DLL
2015-10-09 18:45 - 2003-03-26 15:24 - 00286720 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLPMNT.DLL
2015-10-09 18:45 - 2003-03-26 15:23 - 00086016 _____ C:\WINDOWS\system32\LXBLIH.EXE
2015-10-09 18:45 - 2003-03-26 15:22 - 00126976 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLCFG.EXE
2015-10-09 18:45 - 2003-03-26 15:19 - 00077824 _____ C:\WINDOWS\system32\LXBLLCNP.DLL
2015-10-09 18:45 - 2003-01-23 15:13 - 00000451 _____ C:\WINDOWS\system32\LXBL.LOC
2015-10-09 18:45 - 2003-01-22 17:54 - 00649156 _____ C:\WINDOWS\system32\LXBLDRV.HLP
2015-10-09 18:45 - 2003-01-20 16:53 - 01303179 _____ C:\WINDOWS\system32\LXBLLPA.HLP
2015-10-09 18:45 - 2002-10-30 17:48 - 00000200 _____ C:\WINDOWS\system32\LXBLMA.CNT
2015-10-09 18:45 - 2002-10-30 17:46 - 00003589 _____ C:\WINDOWS\system32\LXBLLPA.CNT
2015-10-09 18:45 - 2002-10-30 16:58 - 00002216 _____ C:\WINDOWS\system32\LXBLDRV.CNT
2015-10-09 18:45 - 2002-07-19 12:10 - 00983101 _____ (Microsoft Corporation) C:\WINDOWS\system32\LXBLGF.DLL
2015-10-09 18:45 - 2001-01-19 16:50 - 00040960 _____ C:\WINDOWS\system32\INSTMON.EXE
2015-10-09 18:36 - 2015-10-09 18:36 - 00000000 ____D C:\Documents and Settings\William Howard\WINDOWS
2015-10-09 18:36 - 1997-04-08 20:08 - 00299520 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
2015-10-09 18:33 - 2015-10-09 18:33 - 00001739 _____ C:\Documents and Settings\All Users\Desktop\Lexmark Photo Center.lnk
2015-10-09 18:33 - 2015-10-09 18:33 - 00000000 ____D C:\Program Files\Lexmark
2015-10-09 18:31 - 2015-10-10 17:36 - 00000000 ____D C:\Documents and Settings\William Howard\Desktop\Emma
2015-10-09 18:22 - 2015-10-09 18:22 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-09 18:13 - 2015-10-11 17:29 - 00000528 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-10-09 18:13 - 2015-10-09 18:13 - 00000000 ___RD C:\Documents and Settings\William Howard\My Documents\RocketLifeNetwork
2015-10-09 18:12 - 2015-10-09 18:13 - 00002063 _____ C:\Documents and Settings\William Howard\Desktop\HP Photo Creations.lnk
2015-10-09 18:12 - 2015-10-09 18:13 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Visan
2015-10-09 18:12 - 2015-10-09 18:13 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\HP Photo Creations
2015-10-09 18:12 - 2015-10-09 18:12 - 00000000 ____D C:\Documents and Settings\William Howard\Start Menu\Programs\HP
2015-10-09 17:59 - 2015-05-21 07:02 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-10-09 17:59 - 2015-05-21 07:02 - 00089984 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-10-07 23:25 - 2015-10-07 23:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-10-07 23:24 - 2015-10-07 23:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$
2015-10-07 23:19 - 2015-10-07 23:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2015-10-07 23:18 - 2008-03-21 13:57 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-10-07 23:17 - 2015-10-07 23:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$
2015-10-07 23:11 - 2010-12-21 06:55 - 01112288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-10-07 23:11 - 2010-12-21 06:55 - 00581192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2015-10-07 23:01 - 2015-10-07 23:01 - 00000000 ____D C:\Program Files\Samsung
2015-10-07 22:50 - 2015-10-07 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2015-10-07 22:16 - 2015-10-07 22:16 - 00029696 _____ C:\Documents and Settings\William Howard\Desktop\Timber Truss Calculations.xls
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2015-10-07 19:56 - 2008-04-14 05:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2015-10-07 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2015-10-06 20:53 - 2015-10-06 20:53 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\OpenOffice
2015-10-06 20:30 - 2015-10-06 20:31 - 00014336 _____ C:\Documents and Settings\William Howard\Desktop\Timber Calculations.xls
2015-10-06 20:03 - 2015-10-11 17:14 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-06 20:03 - 2015-10-06 20:03 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-06 20:03 - 2015-10-06 20:03 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-06 20:03 - 2015-10-06 20:03 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Macromedia
2015-10-06 20:01 - 2015-10-06 20:01 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Temp
2015-10-06 20:01 - 2015-10-06 20:01 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Adobe
2015-10-06 20:00 - 2015-10-06 20:08 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2015-10-06 20:00 - 2015-10-06 20:00 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
2015-10-06 19:59 - 2015-10-06 20:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ____D C:\Program Files\Adobe
2015-10-06 19:58 - 2015-10-06 20:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2015-10-06 19:57 - 2015-10-06 20:03 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Adobe
2015-10-05 20:30 - 2015-10-05 20:31 - 00000000 ____D C:\c53558e94c8b9dacb4948bea8ca5
2015-10-05 19:45 - 2015-10-05 19:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2345886$
2015-10-05 19:44 - 2015-10-05 19:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970430$
2015-10-05 19:11 - 2015-10-05 19:11 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-10-04 17:30 - 2015-10-04 17:30 - 00000877 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.1.1.lnk
2015-10-04 17:28 - 2015-10-04 17:28 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-10-04 17:26 - 2015-10-04 17:26 - 00000000 ____D C:\Documents and Settings\William Howard\Desktop\OpenOffice 4.1.1 (en-GB) Installation Files
2015-10-04 16:42 - 2015-10-04 16:42 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-10-04 16:42 - 2015-10-04 16:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Visan
2015-10-04 16:41 - 2015-10-05 19:59 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\HpUpdate
2015-10-04 16:41 - 2015-10-04 16:41 - 00001957 _____ C:\Documents and Settings\All Users\Desktop\HP Deskjet 2540 series.lnk
2015-10-04 16:41 - 2015-10-04 16:41 - 00000904 _____ C:\Documents and Settings\All Users\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
2015-10-04 16:41 - 2014-03-06 11:48 - 00597512 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 02525368 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanTRDrv_DJ2540.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00536760 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsC211.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00417464 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia1_DJ2540.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00271032 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsC211LM.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00222904 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoiC211.dll
2015-10-04 16:41 - 2012-12-15 23:45 - 02220216 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkinsC211.exe
2015-10-04 16:40 - 2015-10-04 19:16 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\vlc
2015-10-04 16:40 - 2015-10-04 16:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2015-10-04 16:39 - 2015-10-04 16:41 - 00000000 ____D C:\Program Files\HP
2015-10-04 16:39 - 2015-10-04 16:39 - 00000057 _____ C:\Documents and Settings\All Users\Application Data\Ament.ini
2015-10-04 16:30 - 2015-10-07 20:37 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2015-10-04 16:30 - 2015-10-04 16:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-04 16:30 - 2015-10-04 16:30 - 00000000 ____D C:\Program Files\MSBuild
2015-10-04 16:08 - 2015-10-04 16:08 - 00001768 _____ C:\Documents and Settings\William Howard\Desktop\Framework.lnk
2015-10-04 16:07 - 2015-10-07 20:07 - 00000000 ____D C:\Program Files\Wolsink
2015-10-04 15:58 - 2015-10-04 15:58 - 00000000 ____D C:\WINDOWS\system32\Data
2015-10-04 15:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-04 15:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-04 15:58 - 2006-09-23 08:06 - 00020480 _____ (Creative Technology Ltd) C:\WINDOWS\INRES.DLL
2015-10-04 15:58 - 2006-09-23 08:06 - 00002092 ____R C:\WINDOWS\system32\P16X.ini
2015-10-04 15:58 - 2006-09-23 08:06 - 00000026 ____R C:\WINDOWS\system32\ctzapxx.ini
2015-10-04 15:58 - 2001-08-17 13:57 - 00016128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\modemcsa.sys
2015-10-04 15:58 - 2001-08-17 13:57 - 00016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MODEMCSA.sys
2015-10-04 15:57 - 2015-10-04 15:57 - 00000000 ____D C:\Program Files\Creative
2015-10-04 15:57 - 2008-04-14 05:42 - 00286792 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slextspk.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00286792 _____ (Smart Link) C:\WINDOWS\system32\slextspk.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00188508 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slgen.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00188508 _____ (Smart Link) C:\WINDOWS\system32\SLGen.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073832 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slcoinst.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073832 _____ (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073796 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slserv.exe
2015-10-04 15:57 - 2008-04-14 05:42 - 00073796 _____ (Smart Link) C:\WINDOWS\system32\slserv.exe
2015-10-04 15:57 - 2008-04-14 05:42 - 00032866 _____ (Smart Link) C:\WINDOWS\system32\slrundll.exe
2015-10-04 15:57 - 2008-04-13 23:53 - 01309184 ____C (Smart Link) C:\WINDOWS\system32\dllcache\mtlstrm.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 01309184 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00404990 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slntamr.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00404990 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00180360 ____C (Smart Link) C:\WINDOWS\system32\dllcache\ntmtlfax.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00180360 _____ (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00126686 ____C (Smart Link) C:\WINDOWS\system32\dllcache\mtlmnt5.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00126686 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00095424 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slnthal.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00095424 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013776 ____C (Smart Link) C:\WINDOWS\system32\dllcache\recagent.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013776 _____ (Smart Link) C:\WINDOWS\system32\Drivers\RecAgent.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013240 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slwdmsup.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013240 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2015-10-04 15:04 - 2015-10-04 15:04 - 00001690 _____ C:\Documents and Settings\All Users\Desktop\AutoCAD 2007.lnk
2015-10-04 15:03 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\AnswerWorks 4.0
2015-10-04 15:00 - 2015-10-04 15:04 - 00000000 ____D C:\Program Files\AutoCAD 2007
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Autodesk
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Autodesk
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Autodesk
2015-10-04 14:58 - 2015-10-04 15:05 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-04 14:58 - 2015-10-04 14:58 - 00001781 _____ C:\Documents and Settings\All Users\Start Menu\Autodesk DWF Viewer.lnk
2015-10-04 14:58 - 2015-10-04 14:58 - 00001781 _____ C:\Documents and Settings\All Users\Desktop\Autodesk DWF Viewer.lnk
2015-10-04 14:58 - 2015-10-04 14:58 - 00000000 ____D C:\Program Files\Autodesk
2015-10-04 14:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-10-04 14:55 - 2015-10-04 16:42 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\HP
2015-10-04 14:53 - 2015-10-11 01:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-10-04 14:52 - 2015-10-04 14:52 - 00000376 _____ C:\WINDOWS\ODBC.INI
2015-10-04 14:52 - 2015-10-04 14:52 - 00000063 _____ C:\WINDOWS\mdm.ini
2015-10-04 14:51 - 2015-10-04 14:51 - 00000000 ____D C:\Documents and Settings\William Howard\My Documents\SIWPortable
2015-10-04 14:51 - 2015-10-04 14:51 - 00000000 _____ C:\WINDOWS\NSREX.INI
2015-10-04 14:49 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\Common Files\Designer
2015-10-04 14:49 - 2015-10-04 14:49 - 00000000 ____D C:\WINDOWS\system32\Viewers
2015-10-04 14:49 - 2015-10-04 14:49 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2015-10-04 14:48 - 2015-10-04 14:48 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-04 14:48 - 2015-10-04 14:48 - 00000000 ____D C:\Program Files\Snapshot Viewer
2015-10-04 14:47 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-04 14:47 - 2015-10-04 14:47 - 00000000 ____D C:\WINDOWS\Twain32
2015-10-04 14:47 - 2015-10-04 14:47 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Microsoft Web Folders
2015-10-04 14:46 - 2015-10-04 14:46 - 00000903 _____ C:\Documents and Settings\All Users\Desktop\Virtual CloneDrive.lnk
Ran by Administrator (administrator) on NANTES-H1 (11-10-2015 18:45:48)
Running from C:\Documents and Settings\Administrator\My Documents\Downloads
Loaded Profiles: Administrator (Available Profiles: William Howard & Billfred & UpdatusUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1125800 2015-09-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [3812264 2015-09-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [577536 2007-04-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2006-03-05] (Autodesk)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\Av\avgrsx.exe /sync /restart
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2CCBF3D3-7203-4174-B491-3AA701F839A7}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-842925246-1614895754-1606980848-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-gb/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-842925246-1614895754-1606980848-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-04] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\65bmg18f.default-1444584435968
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-06] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-04] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\William Howard\Application Data\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-08-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-10-05]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [604712 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [3792880 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [858024 2015-09-22] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [596344 2015-09-30] (AVG Technologies CZ, s.r.o.)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2015-10-04] (Oracle Corporation)
S2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [307200 2003-08-29] (Lexmark International, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 SLService; C:\WINDOWS\system32\slserv.exe [73796 2008-04-14] (Smart Link)
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.)
R0 AVG Anti-Rootkit; C:\WINDOWS\System32\DRIVERS\avgarkt.sys [5632 2007-01-31] (GRISOFT, s.r.o.) [File not signed]
R1 AvgArCln; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [3968 2007-01-18] (GRISOFT, s.r.o.) [File not signed]
S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [156080 2015-08-10] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [240048 2015-08-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [231344 2015-08-20] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [31664 2015-08-14] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [232368 2015-08-10] (AVG Technologies CZ, s.r.o.)
S0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [308656 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [189872 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [36784 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [231344 2015-08-28] (AVG Technologies CZ, s.r.o.)
S1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
S3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [126686 2008-04-13] (Smart Link)
S3 Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [1309184 2008-04-13] (Smart Link)
S3 NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [180360 2008-04-13] (Smart Link)
S3 P16X; C:\WINDOWS\System32\drivers\P16X.sys [1330048 2003-09-22] (Creative Technology Ltd.)
R0 RecAgent; C:\WINDOWS\System32\DRIVERS\RecAgent.sys [13776 2008-04-13] (Smart Link)
S3 Slntamr; C:\WINDOWS\System32\DRIVERS\slntamr.sys [404990 2008-04-13] (Smart Link)
S3 SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [95424 2008-04-13] (Smart Link)
S3 SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [13240 2008-04-13] (Smart Link)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [File not signed]
S4 IntelIde; no ImagePath
U1 WS2IFSL; no ImagePath
========================== Drivers MD5 =======================
C:\WINDOWS\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17
C:\WINDOWS\system32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\drivers\ALCXWDM.SYS DD8520280304B6145A6BE31008748C7C
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\System32\DRIVERS\avgarkt.sys E8054A423E5D2BDAE6062BAB6DA159C4
C:\WINDOWS\System32\DRIVERS\AvgArCln.sys EC08D1625F5C6CF2A57B79EB35186F8C
C:\WINDOWS\System32\DRIVERS\avgdiskx.sys 28ED163EBC48BF20F76B5A90032383A5
C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys E12570E23BB21AD8D51C983446E3D95C
C:\WINDOWS\System32\DRIVERS\avgidshx.sys 58D2DD279EF94567F3ADE0A183AA8E73
C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys B2A20F53C393247935B921831151C107
C:\WINDOWS\System32\DRIVERS\avgldx86.sys 0279A6866096DDCF88E9774D4D026879
C:\WINDOWS\System32\DRIVERS\avglogx.sys 671832356F02077F305F711FF8894BDA
C:\WINDOWS\System32\DRIVERS\avgmfx86.sys 5A5297A835310226A044F3FE87E7F1A2
C:\WINDOWS\System32\DRIVERS\avgrkx86.sys 961DA8B7CE470D85D67262A3E3F45F63
C:\WINDOWS\System32\DRIVERS\avgtdix.sys 771EB18C15CC90C716F7A88777384BB6
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\System32\DRIVERS\BthEnum.sys B279426E3C0C344893ED78A613A73BDE
C:\WINDOWS\System32\DRIVERS\bthpan.sys 80602B8746D3738F5886CE3D67EF06B6
C:\WINDOWS\System32\Drivers\BTHport.sys 662BFD909447DD9CC15B1A1C366583B4
C:\WINDOWS\System32\Drivers\BTHUSB.sys 61364CD71EF63B0F038B7E9DF00F1EFA
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys B459AE4AFCA570088ADDDBE55EABBC92
C:\WINDOWS\System32\DRIVERS\ssudbus.sys 6A2F35D012D014AC5C4C16F2CEB11541
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41
C:\WINDOWS\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\System32\Drivers\ElbyCDIO.sys 72753D5CC94A90F5CFC6C00ECC47163F
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\System32\DRIVERS\fetnd5.sys E9648254056BCE81A85380C0C3647DC4
C:\WINDOWS\system32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\DRIVERS\fltMgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D
C:\WINDOWS\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B
C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\system32\drivers\mbam.sys B4CD87E78A01562E3DA67FE1C2779204
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1
C:\WINDOWS\System32\drivers\MODEMCSA.sys 1992E0D143B09653AB0F9C5E04B0FD65
C:\WINDOWS\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04
C:\WINDOWS\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys C53775780148884AC87C455489A0C070
C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys 54886A652BF5685192141DF304E923FD
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys 576B34CEAE5B7E5D9FD2775E93B3DB53
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nv4_mini.sys 785500CE8693C06EAAF29FAA64DB17C5
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ctoss2k.sys C720C25B2D0C93DC425155F5B6A707F3
C:\WINDOWS\System32\drivers\P16X.sys F051107FF80F132882E71E3A5D302EC1
C:\WINDOWS\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1
C:\WINDOWS\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1
C:\WINDOWS\system32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\RecAgent.sys E9AAA0092D74A9D371659C4C38882E12
C:\WINDOWS\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5
C:\WINDOWS\System32\DRIVERS\rfcomm.sys 851C30DF2807FCFA21E4C681A7D6440E
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\slntamr.sys 2C1779C0FEB1F4A6033600305EBA623A
C:\WINDOWS\System32\DRIVERS\Slnthal.sys F9B8E30E82EE95CF3E1D3E495599B99C
C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys DB56BB2C55723815CF549D7FC50CFCEB
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\ssudmdm.sys C04A273FDC50FBC6FF07EFBD62BDF93E
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\DRIVERS\uagp35.sys D85938F272D1BCF3DB3A31FC0A048928
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\DRIVERS\VClone.sys C2D1B1671F9C1C66E0DF1B5D2DC87616
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\System32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E
C:\WINDOWS\system32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\Drivers\wdf01000.sys BBCFEAB7E871CDDAC2D397EE7FA91FDC
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\DRIVERS\WinUSB.sys FD600B032E741EB6AAB509FC630F7C42
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-10-11 18:45 - 2015-10-11 18:45 - 00000000 ____D C:\FRST
2015-10-11 18:43 - 2015-10-11 18:43 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Adobe
2015-10-11 18:27 - 2015-10-11 18:27 - 00000000 __SHD C:\Documents and Settings\Administrator\PrivacIE
2015-10-11 18:26 - 2015-10-11 18:26 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Macromedia
2015-10-11 18:25 - 2015-10-11 18:27 - 00000000 ____D C:\Documents and Settings\Administrator\Desktop\Old Firefox Data
2015-10-11 18:23 - 2015-10-11 18:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2015-10-11 18:23 - 2015-10-11 18:23 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
2015-10-11 18:16 - 2015-10-11 18:16 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg
2015-10-11 18:14 - 2015-10-11 18:47 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2015-10-11 18:14 - 2015-10-11 18:27 - 00000000 ____D C:\Documents and Settings\Administrator
2015-10-11 18:14 - 2015-10-11 18:14 - 00000020 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2015-10-11 18:14 - 2015-10-11 18:14 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2015-10-11 18:14 - 2015-10-11 15:01 - 00001599 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-10-11 18:14 - 2015-10-03 20:13 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2015-10-11 18:14 - 2015-10-03 20:13 - 00000000 ___RD C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2015-10-11 18:13 - 2015-10-11 18:13 - 00000000 ____D C:\WINDOWS\CSC
2015-10-11 17:34 - 2015-10-11 17:34 - 00000803 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Internet Explorer.lnk
2015-10-11 17:34 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Local Settings\Application Data\Avg
2015-10-11 17:34 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Application Data\AVG
2015-10-11 17:33 - 2015-10-11 17:34 - 00000738 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Outlook Express.lnk
2015-10-11 17:33 - 2015-10-11 17:33 - 00000000 __SHD C:\Documents and Settings\Billfred\IETldCache
2015-10-11 17:32 - 2015-10-11 17:34 - 00000178 ___SH C:\Documents and Settings\Billfred\ntuser.ini
2015-10-11 17:32 - 2015-10-11 17:34 - 00000000 ___RD C:\Documents and Settings\Billfred\Start Menu\Programs\Accessories
2015-10-11 17:32 - 2015-10-11 17:34 - 00000000 ____D C:\Documents and Settings\Billfred\Local Settings\Temp
2015-10-11 17:32 - 2015-10-11 17:33 - 00000792 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Windows Media Player.lnk
2015-10-11 17:32 - 2015-10-11 17:33 - 00000000 ____D C:\Documents and Settings\Billfred
2015-10-11 17:32 - 2015-10-11 15:01 - 00001599 _____ C:\Documents and Settings\Billfred\Start Menu\Programs\Remote Assistance.lnk
2015-10-11 17:29 - 2015-10-11 17:29 - 00000828 _____ C:\Documents and Settings\All Users\Desktop\AVG Anti-Rootkit Free.lnk
2015-10-11 17:29 - 2015-10-11 17:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG Anti-Rootkit Free
2015-10-11 17:29 - 2007-01-18 13:00 - 00003968 _____ (GRISOFT, s.r.o.) C:\WINDOWS\system32\Drivers\AvgArCln.sys
2015-10-11 17:27 - 2015-09-15 13:52 - 00042920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2015-10-11 17:26 - 2015-10-11 17:26 - 00001776 _____ C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp.lnk
2015-10-11 17:26 - 2015-10-11 17:26 - 00000000 ____D C:\Program Files\GRISOFT
2015-10-11 17:26 - 2015-10-11 17:26 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC TuneUp
2015-10-11 13:00 - 2015-10-11 13:00 - 00000000 ___RD C:\Documents and Settings\All Users\Start Menu\Programs\Shortcut to Engineering
2015-10-11 02:51 - 2015-10-11 02:51 - 00000930 _____ C:\Documents and Settings\William Howard\Desktop\JRT.txt
2015-10-10 19:17 - 2015-10-10 19:17 - 00002204 _____ C:\Documents and Settings\William Howard\Desktop\pw2.txt
2015-10-10 19:10 - 2008-04-14 05:42 - 00151552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe
2015-10-10 19:10 - 2008-04-14 05:42 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\irftp.exe
2015-10-10 19:10 - 2008-04-14 05:42 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll
2015-10-10 19:10 - 2008-04-14 05:42 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshirda.dll
2015-10-10 19:10 - 2008-04-14 05:41 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll
2015-10-10 19:10 - 2008-04-14 05:41 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2015-10-10 19:10 - 2008-04-14 00:21 - 00101120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthpan.sys
2015-10-10 19:10 - 2008-04-14 00:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rfcomm.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-10-10 19:10 - 2008-04-14 00:16 - 00017024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys
2015-10-10 19:10 - 2008-04-14 00:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthEnum.sys
2015-10-10 17:44 - 2015-10-10 17:44 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\DigitalVolcano
2015-10-10 17:43 - 2015-10-10 17:43 - 00000853 _____ C:\Documents and Settings\All Users\Desktop\Duplicate Cleaner Free.lnk
2015-10-10 17:43 - 2015-10-10 17:43 - 00000000 ____D C:\Program Files\Duplicate Cleaner
2015-10-10 17:43 - 2015-10-10 17:43 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Duplicate Cleaner Free
2015-10-10 17:00 - 2015-10-10 17:00 - 00025000 _____ C:\Documents and Settings\William Howard\Desktop\monkeyfeedsTiger.jpeg
2015-10-10 16:50 - 2015-10-10 16:50 - 00049717 _____ C:\Documents and Settings\William Howard\Desktop\motivation.jpeg
2015-10-10 13:57 - 2015-10-10 13:57 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\SketchUp
2015-10-10 13:56 - 2015-10-10 13:56 - 00001903 _____ C:\Documents and Settings\All Users\Desktop\Style Builder 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00001817 _____ C:\Documents and Settings\All Users\Desktop\LayOut 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00001754 _____ C:\Documents and Settings\All Users\Desktop\SketchUp 2013.lnk
2015-10-10 13:56 - 2015-10-10 13:56 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 2013
2015-10-10 13:55 - 2015-10-10 13:55 - 00000000 ____D C:\Program Files\SketchUp
2015-10-10 13:55 - 2015-10-10 13:55 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SketchUp
2015-10-10 13:41 - 2015-10-10 13:41 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Google
2015-10-10 13:41 - 2015-10-10 13:41 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Google
2015-10-10 13:36 - 2015-10-10 13:36 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-10-10 13:31 - 2015-10-10 13:31 - 00001853 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth.lnk
2015-10-10 13:30 - 2015-10-11 18:07 - 00000898 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-10 13:30 - 2015-10-11 17:35 - 00000902 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-10 13:29 - 2015-10-10 13:30 - 00000000 ____D C:\Program Files\Google
2015-10-10 13:26 - 2015-10-10 13:26 - 00000000 ____D C:\WINDOWS\system32\URTTEMP
2015-10-10 13:21 - 2015-10-10 16:06 - 00065536 _____ C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-10-10 13:21 - 2015-10-10 16:06 - 00065536 _____ C:\WINDOWS\system32\config\EventForwarding-Operational.Evt
2015-10-10 13:18 - 2015-10-10 13:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2808679$
2015-10-10 13:18 - 2015-10-10 13:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2492386$
2015-10-10 13:16 - 2015-10-10 13:19 - 00065536 _____ C:\WINDOWS\system32\config\Windows .evt
2015-10-10 13:16 - 2015-10-10 13:19 - 00065536 _____ C:\WINDOWS\system32\config\Microsof.evt
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 __HDC C:\WINDOWS\$968930Uinstall_KB968930$
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-10-10 13:16 - 2015-10-10 13:16 - 00000000 ____D C:\WINDOWS\$NtUninstallKB968930$
2015-10-10 13:15 - 2015-10-10 13:17 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Office
2015-10-10 13:15 - 2015-10-10 13:15 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2015-10-10 13:14 - 2015-10-10 13:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Engieering
2015-10-10 13:13 - 2015-10-10 13:16 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\IT
2015-10-10 12:58 - 2015-10-10 12:58 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-10-10 12:58 - 2015-10-10 12:58 - 00000000 ____D C:\Program Files\CCleaner
2015-10-09 18:52 - 2015-10-09 18:52 - 00001749 _____ C:\Documents and Settings\All Users\Desktop\Lexmark Z700-P700 Series Solution Center.lnk
2015-10-09 18:49 - 2015-10-09 18:49 - 00000105 _____ C:\WINDOWS\lexstat.ini
2015-10-09 18:47 - 2003-09-10 03:54 - 00073728 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxblpwr.dll
2015-10-09 18:47 - 2003-08-29 15:20 - 00200192 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lexlmpm.dll
2015-10-09 18:47 - 2003-08-29 14:57 - 00197120 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEX2KUSB.DLL
2015-10-09 18:47 - 2003-08-29 14:54 - 00307200 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCES.EXE
2015-10-09 18:47 - 2003-08-29 14:51 - 00147456 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXBCE.DLL
2015-10-09 18:47 - 2003-08-29 14:50 - 00174592 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPPS.EXE
2015-10-09 18:47 - 2003-08-29 14:49 - 00201216 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXP2P32.DLL
2015-10-09 18:47 - 2003-03-26 15:22 - 00286720 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\lxblcomm.dll
2015-10-09 18:47 - 2002-11-13 16:40 - 00040960 _____ C:\WINDOWS\system32\lxblvs.dll
2015-10-09 18:45 - 2015-10-09 18:45 - 00000000 ____D C:\Program Files\Lexmark Z700-P700 Series
2015-10-09 18:45 - 2003-09-10 04:24 - 00069632 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLCU.DLL
2015-10-09 18:45 - 2003-09-10 04:11 - 00090112 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLCUR.DLL
2015-10-09 18:45 - 2003-09-10 04:09 - 00454656 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLJSWR.DLL
2015-10-09 18:45 - 2003-09-10 03:58 - 00339968 _____ (Lexmark International Inc.) C:\WINDOWS\system32\LXBLUTIL.DLL
2015-10-09 18:45 - 2003-08-29 15:07 - 00155648 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LEXPING.EXE
2015-10-09 18:45 - 2003-03-26 15:27 - 00544768 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLLSNT.EXE
2015-10-09 18:45 - 2003-03-26 15:25 - 00217088 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLLCNT.DLL
2015-10-09 18:45 - 2003-03-26 15:24 - 00286720 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLPMNT.DLL
2015-10-09 18:45 - 2003-03-26 15:23 - 00086016 _____ C:\WINDOWS\system32\LXBLIH.EXE
2015-10-09 18:45 - 2003-03-26 15:22 - 00126976 _____ (Lexmark International, Inc.) C:\WINDOWS\system32\LXBLCFG.EXE
2015-10-09 18:45 - 2003-03-26 15:19 - 00077824 _____ C:\WINDOWS\system32\LXBLLCNP.DLL
2015-10-09 18:45 - 2003-01-23 15:13 - 00000451 _____ C:\WINDOWS\system32\LXBL.LOC
2015-10-09 18:45 - 2003-01-22 17:54 - 00649156 _____ C:\WINDOWS\system32\LXBLDRV.HLP
2015-10-09 18:45 - 2003-01-20 16:53 - 01303179 _____ C:\WINDOWS\system32\LXBLLPA.HLP
2015-10-09 18:45 - 2002-10-30 17:48 - 00000200 _____ C:\WINDOWS\system32\LXBLMA.CNT
2015-10-09 18:45 - 2002-10-30 17:46 - 00003589 _____ C:\WINDOWS\system32\LXBLLPA.CNT
2015-10-09 18:45 - 2002-10-30 16:58 - 00002216 _____ C:\WINDOWS\system32\LXBLDRV.CNT
2015-10-09 18:45 - 2002-07-19 12:10 - 00983101 _____ (Microsoft Corporation) C:\WINDOWS\system32\LXBLGF.DLL
2015-10-09 18:45 - 2001-01-19 16:50 - 00040960 _____ C:\WINDOWS\system32\INSTMON.EXE
2015-10-09 18:36 - 2015-10-09 18:36 - 00000000 ____D C:\Documents and Settings\William Howard\WINDOWS
2015-10-09 18:36 - 1997-04-08 20:08 - 00299520 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
2015-10-09 18:33 - 2015-10-09 18:33 - 00001739 _____ C:\Documents and Settings\All Users\Desktop\Lexmark Photo Center.lnk
2015-10-09 18:33 - 2015-10-09 18:33 - 00000000 ____D C:\Program Files\Lexmark
2015-10-09 18:31 - 2015-10-10 17:36 - 00000000 ____D C:\Documents and Settings\William Howard\Desktop\Emma
2015-10-09 18:22 - 2015-10-09 18:22 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-10-09 18:13 - 2015-10-11 17:29 - 00000528 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-10-09 18:13 - 2015-10-09 18:13 - 00000000 ___RD C:\Documents and Settings\William Howard\My Documents\RocketLifeNetwork
2015-10-09 18:12 - 2015-10-09 18:13 - 00002063 _____ C:\Documents and Settings\William Howard\Desktop\HP Photo Creations.lnk
2015-10-09 18:12 - 2015-10-09 18:13 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Visan
2015-10-09 18:12 - 2015-10-09 18:13 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\HP Photo Creations
2015-10-09 18:12 - 2015-10-09 18:12 - 00000000 ____D C:\Documents and Settings\William Howard\Start Menu\Programs\HP
2015-10-09 17:59 - 2015-05-21 07:02 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-10-09 17:59 - 2015-05-21 07:02 - 00089984 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-10-07 23:25 - 2015-10-07 23:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-10-07 23:24 - 2015-10-07 23:24 - 00000000 __HDC C:\WINDOWS\$NtUninstallwinusb0100$
2015-10-07 23:19 - 2015-10-07 23:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2015-10-07 23:18 - 2008-03-21 13:57 - 00014640 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2015-10-07 23:17 - 2015-10-07 23:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01007$
2015-10-07 23:11 - 2010-12-21 06:55 - 01112288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2015-10-07 23:11 - 2010-12-21 06:55 - 00581192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2015-10-07 23:01 - 2015-10-07 23:01 - 00000000 ____D C:\Program Files\Samsung
2015-10-07 22:50 - 2015-10-07 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Samsung
2015-10-07 22:16 - 2015-10-07 22:16 - 00029696 _____ C:\Documents and Settings\William Howard\Desktop\Timber Truss Calculations.xls
2015-10-07 21:04 - 2015-10-07 21:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB961118$
2015-10-07 19:56 - 2008-04-14 05:42 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusd.dll
2015-10-07 19:56 - 2001-08-17 22:36 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpusb.dll
2015-10-06 20:53 - 2015-10-06 20:53 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\OpenOffice
2015-10-06 20:30 - 2015-10-06 20:31 - 00014336 _____ C:\Documents and Settings\William Howard\Desktop\Timber Calculations.xls
2015-10-06 20:03 - 2015-10-11 17:14 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-06 20:03 - 2015-10-06 20:03 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-06 20:03 - 2015-10-06 20:03 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-06 20:03 - 2015-10-06 20:03 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Macromedia
2015-10-06 20:01 - 2015-10-06 20:01 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Temp
2015-10-06 20:01 - 2015-10-06 20:01 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Adobe
2015-10-06 20:00 - 2015-10-06 20:08 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
2015-10-06 20:00 - 2015-10-06 20:00 - 00001734 _____ C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
2015-10-06 19:59 - 2015-10-06 20:08 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-10-06 19:59 - 2015-10-06 19:59 - 00000000 ____D C:\Program Files\Adobe
2015-10-06 19:58 - 2015-10-06 20:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2015-10-06 19:57 - 2015-10-06 20:03 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Adobe
2015-10-05 20:30 - 2015-10-05 20:31 - 00000000 ____D C:\c53558e94c8b9dacb4948bea8ca5
2015-10-05 19:45 - 2015-10-05 19:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2345886$
2015-10-05 19:44 - 2015-10-05 19:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB970430$
2015-10-05 19:11 - 2015-10-05 19:11 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-10-04 17:30 - 2015-10-04 17:30 - 00000877 _____ C:\Documents and Settings\All Users\Desktop\OpenOffice 4.1.1.lnk
2015-10-04 17:28 - 2015-10-04 17:28 - 00000000 ____D C:\Program Files\OpenOffice 4
2015-10-04 17:26 - 2015-10-04 17:26 - 00000000 ____D C:\Documents and Settings\William Howard\Desktop\OpenOffice 4.1.1 (en-GB) Installation Files
2015-10-04 16:42 - 2015-10-04 16:42 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-10-04 16:42 - 2015-10-04 16:42 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Visan
2015-10-04 16:41 - 2015-10-05 19:59 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\HpUpdate
2015-10-04 16:41 - 2015-10-04 16:41 - 00001957 _____ C:\Documents and Settings\All Users\Desktop\HP Deskjet 2540 series.lnk
2015-10-04 16:41 - 2015-10-04 16:41 - 00000904 _____ C:\Documents and Settings\All Users\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
2015-10-04 16:41 - 2014-03-06 11:48 - 00597512 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 02525368 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\HPScanTRDrv_DJ2540.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00536760 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsC211.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00417464 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPWia1_DJ2540.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00271032 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkstsC211LM.dll
2015-10-04 16:41 - 2012-12-16 01:43 - 00222904 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkcoiC211.dll
2015-10-04 16:41 - 2012-12-15 23:45 - 02220216 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpinkinsC211.exe
2015-10-04 16:40 - 2015-10-04 19:16 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\vlc
2015-10-04 16:40 - 2015-10-04 16:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2015-10-04 16:39 - 2015-10-04 16:41 - 00000000 ____D C:\Program Files\HP
2015-10-04 16:39 - 2015-10-04 16:39 - 00000057 _____ C:\Documents and Settings\All Users\Application Data\Ament.ini
2015-10-04 16:30 - 2015-10-07 20:37 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2015-10-04 16:30 - 2015-10-04 16:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-04 16:30 - 2015-10-04 16:30 - 00000000 ____D C:\Program Files\MSBuild
2015-10-04 16:08 - 2015-10-04 16:08 - 00001768 _____ C:\Documents and Settings\William Howard\Desktop\Framework.lnk
2015-10-04 16:07 - 2015-10-07 20:07 - 00000000 ____D C:\Program Files\Wolsink
2015-10-04 15:58 - 2015-10-04 15:58 - 00000000 ____D C:\WINDOWS\system32\Data
2015-10-04 15:58 - 2008-04-14 00:15 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2015-10-04 15:58 - 2008-04-14 00:15 - 00010624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gameenum.sys
2015-10-04 15:58 - 2006-09-23 08:06 - 00020480 _____ (Creative Technology Ltd) C:\WINDOWS\INRES.DLL
2015-10-04 15:58 - 2006-09-23 08:06 - 00002092 ____R C:\WINDOWS\system32\P16X.ini
2015-10-04 15:58 - 2006-09-23 08:06 - 00000026 ____R C:\WINDOWS\system32\ctzapxx.ini
2015-10-04 15:58 - 2001-08-17 13:57 - 00016128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\modemcsa.sys
2015-10-04 15:58 - 2001-08-17 13:57 - 00016128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MODEMCSA.sys
2015-10-04 15:57 - 2015-10-04 15:57 - 00000000 ____D C:\Program Files\Creative
2015-10-04 15:57 - 2008-04-14 05:42 - 00286792 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slextspk.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00286792 _____ (Smart Link) C:\WINDOWS\system32\slextspk.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00188508 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slgen.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00188508 _____ (Smart Link) C:\WINDOWS\system32\SLGen.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073832 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slcoinst.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073832 _____ (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2015-10-04 15:57 - 2008-04-14 05:42 - 00073796 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slserv.exe
2015-10-04 15:57 - 2008-04-14 05:42 - 00073796 _____ (Smart Link) C:\WINDOWS\system32\slserv.exe
2015-10-04 15:57 - 2008-04-14 05:42 - 00032866 _____ (Smart Link) C:\WINDOWS\system32\slrundll.exe
2015-10-04 15:57 - 2008-04-13 23:53 - 01309184 ____C (Smart Link) C:\WINDOWS\system32\dllcache\mtlstrm.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 01309184 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00404990 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slntamr.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00404990 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00180360 ____C (Smart Link) C:\WINDOWS\system32\dllcache\ntmtlfax.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00180360 _____ (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00126686 ____C (Smart Link) C:\WINDOWS\system32\dllcache\mtlmnt5.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00126686 _____ (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00095424 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slnthal.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00095424 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013776 ____C (Smart Link) C:\WINDOWS\system32\dllcache\recagent.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013776 _____ (Smart Link) C:\WINDOWS\system32\Drivers\RecAgent.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013240 ____C (Smart Link) C:\WINDOWS\system32\dllcache\slwdmsup.sys
2015-10-04 15:57 - 2008-04-13 23:53 - 00013240 _____ (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2015-10-04 15:04 - 2015-10-04 15:04 - 00001690 _____ C:\Documents and Settings\All Users\Desktop\AutoCAD 2007.lnk
2015-10-04 15:03 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\AnswerWorks 4.0
2015-10-04 15:00 - 2015-10-04 15:04 - 00000000 ____D C:\Program Files\AutoCAD 2007
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\Autodesk
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Autodesk
2015-10-04 15:00 - 2015-10-04 15:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Autodesk
2015-10-04 14:58 - 2015-10-04 15:05 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2015-10-04 14:58 - 2015-10-04 14:58 - 00001781 _____ C:\Documents and Settings\All Users\Start Menu\Autodesk DWF Viewer.lnk
2015-10-04 14:58 - 2015-10-04 14:58 - 00001781 _____ C:\Documents and Settings\All Users\Desktop\Autodesk DWF Viewer.lnk
2015-10-04 14:58 - 2015-10-04 14:58 - 00000000 ____D C:\Program Files\Autodesk
2015-10-04 14:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-10-04 14:55 - 2015-10-04 16:42 - 00000000 ____D C:\Documents and Settings\William Howard\Local Settings\Application Data\HP
2015-10-04 14:53 - 2015-10-11 01:29 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2015-10-04 14:52 - 2015-10-04 14:52 - 00000376 _____ C:\WINDOWS\ODBC.INI
2015-10-04 14:52 - 2015-10-04 14:52 - 00000063 _____ C:\WINDOWS\mdm.ini
2015-10-04 14:51 - 2015-10-04 14:51 - 00000000 ____D C:\Documents and Settings\William Howard\My Documents\SIWPortable
2015-10-04 14:51 - 2015-10-04 14:51 - 00000000 _____ C:\WINDOWS\NSREX.INI
2015-10-04 14:49 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\Common Files\Designer
2015-10-04 14:49 - 2015-10-04 14:49 - 00000000 ____D C:\WINDOWS\system32\Viewers
2015-10-04 14:49 - 2015-10-04 14:49 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2015-10-04 14:48 - 2015-10-04 14:48 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-04 14:48 - 2015-10-04 14:48 - 00000000 ____D C:\Program Files\Snapshot Viewer
2015-10-04 14:47 - 2015-10-04 15:03 - 00000000 ____D C:\Program Files\Microsoft Office
2015-10-04 14:47 - 2015-10-04 14:47 - 00000000 ____D C:\WINDOWS\Twain32
2015-10-04 14:47 - 2015-10-04 14:47 - 00000000 ____D C:\Documents and Settings\William Howard\Application Data\Microsoft Web Folders
2015-10-04 14:46 - 2015-10-04 14:46 - 00000903 _____ C:\Documents and Settings\All Users\Desktop\Virtual CloneDrive.lnk
ersonal Email Scanner
