Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

IE8 Not Responding cpu 99%

Started by Elizabeth23 , Jul 04 2013 03:21 AM

  • Please log in to reply

#1
Elizabeth23
Posted 04 July 2013 - 03:21 AM

Elizabeth23

    Member

  • Member
  • PipPipPip
  • 443 posts
XP Pro, sp3, fully updated and patched.

Lately IE 8 will freeze up (not responding) when I have more than 2 tabs open.

I looked in task manager at this time and cpu was 99 to 100 %

Normally, my IE usage is low and my system idle is mostly at 99% no matter how many tabs I have open.

I have Microsoft security essentials installed, updated daily, quick scan daily, full scan weekly, in last week ran full twice.

Also MBAM free installed, run quick scan approx 2xs a week full scan weekly.

Neither has found anything, ran Microsoft malicious software removal tool, nothing found

ran aswMbr, nothing found

ran mbam Chameleon, nothing found.
The only reason I ran so many was I assumed there must be some malware present or my IE would not be acting up.

We had a couple of power outages here lately and I ran checkdisk from the recovery console twice after power was restored, which I do after all power outages.

Did a clean install for the same reason (ie8) within the last month, using a slipstreamed cd.

OTL logfile created on: 7/4/2013 3:55:34 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ricky\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 77.11% Memory free
2.73 Gb Paging File | 2.47 Gb Available in Paging File | 90.36% Paging File free
Paging file location(s): C:\pagefile.sys 900 1000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 29.18 Gb Free Space | 78.33% Space Free | Partition Type: NTFS

Computer Name: RIC-LIZ | User Name: Ricky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/04 03:43:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ricky\Desktop\OTL.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/10/14 01:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011/10/14 01:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2008/04/14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2007/03/23 15:44:46 | 000,692,224 | ---- | M] () -- C:\WINDOWS\system32\lxdidrs.dll
MOD - [2007/03/15 23:08:12 | 000,113,664 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdidrpp.dll
MOD - [2007/02/09 14:07:06 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\lxdicnv4.dll
MOD - [2007/01/23 19:40:16 | 000,065,536 | ---- | M] () -- C:\WINDOWS\system32\lxdicaps.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/06/13 18:18:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/10/14 01:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 01:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2007/06/11 10:14:52 | 000,517,040 | ---- | M] ( ) [On_Demand | Stopped] -- C:\WINDOWS\system32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 10:14:42 | 000,099,248 | ---- | M] () [Disabled | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/07/04 02:29:01 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{38F65078-3AA5-44BA-9884-C88BC6D5463E}\MpKsla6ffa410.sys -- (MpKsla6ffa410)
DRV - [2013/06/19 22:51:09 | 000,035,144 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2010/09/01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2007/07/11 22:49:16 | 000,096,384 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2000/03/29 17:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = yahoo.com
IE - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2013/06/15 03:03:07 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\..Trusted Domains: ric-liz ([]file in Local intranet)
O15 - HKU\S-1-5-21-1343024091-1326574676-1417001333-1003\..Trusted Domains: secunia.com ([]https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1371148391671 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1371148901765 (MUWebControl Class)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} Reg Error: Key error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9683FE77-845F-4346-BC16-C1112154AC87}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Ricky\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ricky\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/06/13 10:11:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/04 03:51:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ricky\Recent
[2013/07/04 03:42:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ricky\Desktop\OTL.exe
[2013/07/03 22:54:03 | 003,306,678 | ---- | C] (Bart Lagerweij ) -- C:\Documents and Settings\Ricky\Desktop\pebuilder3110a.exe
[2013/07/01 12:48:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/01 08:08:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/06/29 07:56:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\My Downloads
[2013/06/28 15:24:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2013/06/28 12:12:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/06/28 12:08:01 | 000,000,000 | ---D | C] -- C:\temp
[2013/06/27 03:50:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/06/27 03:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2013/06/26 22:35:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2013/06/26 22:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/06/19 23:12:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Local Settings\Application Data\Secunia PSI
[2013/06/19 23:12:07 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013/06/19 14:46:10 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013/06/18 09:52:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\Glenn
[2013/06/18 09:52:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\jokes
[2013/06/18 09:51:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\Burning
[2013/06/18 09:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\Lexmark Productivity Studio
[2013/06/18 09:23:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\lx_cats
[2013/06/18 09:21:49 | 000,000,000 | ---D | C] -- C:\logs
[2013/06/18 09:20:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lexmark 3500-4500 Series
[2013/06/18 09:19:39 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 3500-4500 Series
[2013/06/17 00:25:24 | 000,000,000 | ---D | C] -- C:\Program Files\Support Tools
[2013/06/17 00:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Support Tools
[2013/06/14 17:48:26 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\My Documents\My Videos
[2013/06/14 16:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2013/06/14 16:37:19 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\Start Menu\Programs\Administrative Tools
[2013/06/14 13:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013/06/14 01:47:39 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ricky\IECompatCache
[2013/06/14 01:33:38 | 000,000,000 | ---D | C] -- C:\MWASPI
[2013/06/14 01:33:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\PIXELA
[2013/06/14 01:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\PIXELA
[2013/06/14 01:31:48 | 000,106,496 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\WINDOWS\System32\FPXS2Pro.dll
[2013/06/14 01:31:19 | 000,274,432 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\WINDOWS\System32\FFTIFF16.dll
[2013/06/14 01:31:19 | 000,155,648 | ---- | C] (FUJI PHOTO FILM CO., LTD.) -- C:\WINDOWS\System32\FFRAFLIB.DLL
[2013/06/14 01:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FinePixViewer
[2013/06/14 01:31:06 | 000,000,000 | ---D | C] -- C:\Program Files\FinePixViewer
[2013/06/14 01:30:47 | 000,081,924 | ---- | C] (FUJI PHOTO FILM CO.,LTD.) -- C:\WINDOWS\System32\drivers\VC4CB104.SYS
[2013/06/14 01:30:44 | 000,065,536 | ---- | C] (FUJIFILM) -- C:\WINDOWS\System32\FINFCHECK.dll
[2013/06/14 01:30:44 | 000,045,056 | ---- | C] (FUJIFILM) -- C:\WINDOWS\System32\FINFCOPY.dll
[2013/06/14 01:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\REGSHAVE
[2013/06/14 01:30:43 | 000,069,632 | ---- | C] (FUJIFILM) -- C:\WINDOWS\System32\FREGSHEX.DLL
[2013/06/14 01:30:43 | 000,045,056 | ---- | C] (FUJIFILM) -- C:\WINDOWS\System32\FCLKBTN.DLL
[2013/06/14 01:09:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FileASSASSIN
[2013/06/14 01:09:39 | 000,000,000 | ---D | C] -- C:\Program Files\FileASSASSIN
[2013/06/14 00:59:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\Malwarebytes
[2013/06/14 00:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/06/14 00:58:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/06/14 00:58:43 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/06/14 00:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/06/14 00:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/06/14 00:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/06/14 00:34:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013/06/14 00:24:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Defraggler
[2013/06/14 00:24:27 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013/06/13 23:50:16 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/06/13 23:50:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2013/06/13 23:49:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2013/06/13 22:44:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2013/06/13 22:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/06/13 22:15:55 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2013/06/13 22:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2013/06/13 22:14:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2013/06/13 17:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/06/13 17:34:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\Macromedia
[2013/06/13 17:34:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\Adobe
[2013/06/13 17:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Local Settings\Application Data\Adobe
[2013/06/13 15:11:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\training
[2013/06/13 15:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\Ricky
[2013/06/13 15:10:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\radio codes
[2013/06/13 15:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\PIX
[2013/06/13 15:10:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\FAST pix
[2013/06/13 15:10:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\Elizabeth
[2013/06/13 15:10:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\dot net
[2013/06/13 15:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\My Documents\bbie
[2013/06/13 13:53:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2013/06/13 13:35:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2013/06/13 13:33:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2013/06/13 13:18:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2013/06/13 13:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2013/06/13 13:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013/06/13 13:18:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013/06/13 13:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013/06/13 13:17:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/06/13 13:16:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/06/13 13:11:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013/06/13 13:01:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Local Settings\Application Data\ApplicationHistory
[2013/06/13 12:58:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2013/06/13 11:25:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2013/06/13 11:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013/06/13 11:25:05 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013/06/13 11:24:23 | 000,000,000 | ---D | C] -- C:\baa1792df2fb2eeeb7b16d
[2013/06/13 11:23:39 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013/06/13 11:23:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013/06/13 11:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Desktop\unused
[2013/06/13 11:11:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ricky\PrivacIE
[2013/06/13 11:10:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\PCHealth
[2013/06/13 11:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/06/13 11:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2013/06/13 11:08:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/06/13 11:08:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/06/13 11:07:18 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ricky\IETldCache
[2013/06/13 11:05:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/06/13 11:05:01 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/06/13 10:56:44 | 000,045,056 | ---- | C] (adi) -- C:\WINDOWS\System32\CleanUp.exe
[2013/06/13 10:56:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\VirtualEar
[2013/06/13 10:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\Analog Devices
[2013/06/13 10:54:32 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/06/13 10:54:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\OPTIONS
[2013/06/13 10:54:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\InstallShield
[2013/06/13 10:41:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/06/13 10:40:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Application Data\Identities
[2013/06/13 10:40:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\My Documents\My Pictures
[2013/06/13 10:40:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\My Documents\My Music
[2013/06/13 10:40:00 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Ricky\Application Data\Microsoft
[2013/06/13 10:40:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ricky\Application Data
[2013/06/13 10:40:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\Favorites
[2013/06/13 10:40:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Ricky\Cookies
[2013/06/13 10:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Local Settings\Application Data\Microsoft
[2013/06/13 10:40:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ricky\Desktop
[2013/06/13 10:39:59 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ricky\SendTo
[2013/06/13 10:39:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\Start Menu\Programs\Startup
[2013/06/13 10:39:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\Start Menu
[2013/06/13 10:39:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\My Documents
[2013/06/13 10:39:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ricky\Start Menu\Programs\Accessories
[2013/06/13 10:39:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Ricky\Templates
[2013/06/13 10:39:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Ricky\PrintHood
[2013/06/13 10:39:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Ricky\NetHood
[2013/06/13 10:39:59 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Ricky\Local Settings
[2013/06/13 10:38:04 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/06/13 10:37:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2013/06/13 10:37:39 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013/06/13 10:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2013/06/13 10:15:18 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/06/13 10:14:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2013/06/13 10:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/06/13 10:14:30 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2013/06/13 10:14:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2013/06/13 10:14:29 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2013/06/13 10:14:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2013/06/13 10:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2013/06/13 10:12:58 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2013/06/13 10:12:57 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2013/06/13 10:12:57 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2013/06/13 10:12:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2013/06/13 10:11:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2013/06/13 10:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2013/06/13 10:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2013/06/13 10:11:23 | 000,000,000 | ---D | C] -- C:\DELL
[2013/06/13 10:10:08 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2013/06/13 10:09:58 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2013/06/13 10:09:58 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2013/06/13 10:09:46 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2013/06/13 10:09:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2013/06/13 10:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2013/06/13 10:09:16 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2013/06/13 10:09:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2013/06/13 10:09:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2013/06/13 10:09:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2013/06/13 10:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2013/06/13 10:08:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2013/06/13 10:08:48 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2013/06/13 10:08:46 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2013/06/13 10:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2013/06/13 10:08:41 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2013/06/13 10:08:40 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2013/06/13 10:08:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2013/06/13 10:08:07 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2013/06/13 10:08:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2013/06/13 10:08:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2013/06/13 10:07:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2013/06/13 10:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2013/06/13 10:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2013/06/13 10:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2013/06/13 10:07:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2013/06/13 10:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2013/06/13 10:07:17 | 000,281,088 | ---- | C] (Cinematronics) -- C:\WINDOWS\System32\dllcache\pinball.exe
[2013/06/13 10:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2013/06/13 10:07:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/06/13 10:07:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013/06/13 10:07:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013/06/13 10:06:59 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2013/06/13 10:06:41 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2013/06/13 05:00:28 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2013/06/13 05:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2013/06/13 05:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2013/06/13 05:00:24 | 000,000,000 | R--D | C] -- C:\Program Files
[2013/06/13 05:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2013/06/13 05:00:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2013/06/13 05:00:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2013/06/13 05:00:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2013/06/13 05:00:04 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2013/06/13 05:00:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2013/06/13 05:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2013/06/13 05:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2013/06/13 04:59:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2013/06/13 04:59:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2013/06/13 04:59:45 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2013/06/13 04:59:45 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2013/06/13 04:59:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/06/13 04:59:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2013/06/13 04:53:48 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2013/06/13 04:53:48 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2013/06/13 04:53:48 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2013/06/13 04:53:48 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Network Diagnostic
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\L2Schemas
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ehome
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2013/06/13 04:53:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/04 03:43:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ricky\Desktop\OTL.exe
[2013/07/03 22:54:04 | 003,306,678 | ---- | M] (Bart Lagerweij ) -- C:\Documents and Settings\Ricky\Desktop\pebuilder3110a.exe
[2013/07/03 20:49:09 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013/07/03 15:16:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/03 15:16:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/03 05:13:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/01 08:28:42 | 000,503,256 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/01 08:28:42 | 000,088,954 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/06/29 09:49:05 | 000,133,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/28 23:30:50 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/06/26 22:35:33 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/23 16:15:04 | 000,000,102 | ---- | M] () -- C:\Documents and Settings\All Users\lxdi
[2013/06/20 21:58:08 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2013/06/19 23:21:12 | 000,000,753 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/06/19 22:51:09 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013/06/18 09:21:53 | 000,065,874 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2013/06/17 22:15:04 | 000,000,632 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/06/16 00:57:38 | 000,001,503 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Minesweeper.lnk
[2013/06/15 15:59:47 | 000,001,479 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Solitaire.lnk
[2013/06/15 03:03:07 | 000,000,732 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/15 01:57:09 | 000,001,508 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Hearts.lnk
[2013/06/15 01:38:26 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Freecell.lnk
[2013/06/14 19:59:16 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Spider Solitaire.lnk
[2013/06/14 17:48:23 | 000,000,800 | ---- | M] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/06/14 01:33:39 | 000,000,291 | ---- | M] () -- C:\WINDOWS\msfsetup.ini
[2013/06/14 01:09:40 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2013/06/14 00:59:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/14 00:24:29 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2013/06/13 23:36:08 | 000,000,298 | -HS- | M] () -- C:\BOOT.BAK
[2013/06/13 22:16:07 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/13 22:16:07 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/13 22:14:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/06/13 13:34:12 | 000,000,797 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Internet Explorer.lnk
[2013/06/13 12:57:13 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Event Viewer.lnk
[2013/06/13 11:12:30 | 000,000,154 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Shortcut to Folder Options.lnk
[2013/06/13 11:11:04 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/06/13 11:10:11 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Shortcut to Windows Firewall.lnk
[2013/06/13 11:07:20 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/13 10:40:12 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/06/13 10:23:43 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\DELL_DIM_3000.MRK
[2013/06/13 10:23:43 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\1028_DELL_DIM_3000.MRK
[2013/06/13 10:13:35 | 000,000,290 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/06/13 10:11:14 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/13 10:11:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/06/13 10:11:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/06/13 10:11:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013/06/13 10:11:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013/06/13 10:11:05 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/13 10:10:53 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/13 10:08:16 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/13 05:00:33 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013/06/09 15:59:11 | 000,260,288 | RHS- | M] () -- C:\cmldr
[2013/06/09 15:58:08 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/06/09 15:58:04 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2013/06/06 10:33:49 | 000,148,992 | ---- | M] () -- C:\Documents and Settings\Ricky\Desktop\Soukoban.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/26 22:35:33 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/06/23 16:13:39 | 000,000,102 | ---- | C] () -- C:\Documents and Settings\All Users\lxdi
[2013/06/19 23:21:12 | 000,000,753 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2013/06/19 23:21:12 | 000,000,716 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Secunia PSI.lnk
[2013/06/19 22:51:09 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013/06/18 09:21:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
[2013/06/18 09:21:23 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
[2013/06/18 09:20:34 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
[2013/06/18 09:20:34 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
[2013/06/18 09:20:34 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
[2013/06/18 09:19:55 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
[2013/06/18 09:19:55 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
[2013/06/18 09:19:55 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
[2013/06/18 09:19:55 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
[2013/06/18 09:19:54 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
[2013/06/18 09:19:54 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
[2013/06/18 09:19:54 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
[2013/06/18 09:19:54 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
[2013/06/18 09:19:53 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
[2013/06/18 09:19:53 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
[2013/06/18 09:19:53 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiih.exe
[2013/06/18 09:19:52 | 000,965,785 | ---- | C] () -- C:\WINDOWS\System32\lxdihelp.chm
[2013/06/18 09:19:52 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
[2013/06/18 09:19:52 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
[2013/06/18 09:19:51 | 000,517,040 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicoms.exe
[2013/06/18 09:19:51 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
[2013/06/18 09:19:50 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
[2013/06/18 09:19:50 | 000,340,912 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicfg.exe
[2013/06/18 09:19:50 | 000,065,874 | ---- | C] () -- C:\WINDOWS\System32\LexFiles.ulf
[2013/06/18 09:19:50 | 000,001,900 | ---- | C] () -- C:\WINDOWS\System32\lxdi.loc
[2013/06/15 02:54:15 | 000,000,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/06/14 23:22:17 | 000,209,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/06/14 17:48:23 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/06/14 14:23:15 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013/06/14 01:33:39 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2013/06/14 01:33:39 | 000,004,030 | ---- | C] () -- C:\WINDOWS\System\WINASPI.DLL
[2013/06/14 01:33:38 | 000,002,486 | ---- | C] () -- C:\WINDOWS\System\AS16POST.BIN
[2013/06/14 01:33:38 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2013/06/14 01:09:40 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FileASSASSIN.lnk
[2013/06/14 00:59:01 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/06/14 00:35:39 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/14 00:24:29 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2013/06/13 23:50:22 | 000,000,298 | -HS- | C] () -- C:\BOOT.BAK
[2013/06/13 23:50:19 | 000,260,288 | RHS- | C] () -- C:\cmldr
[2013/06/13 22:14:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013/06/13 18:45:43 | 000,001,490 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Spider Solitaire.lnk
[2013/06/13 18:45:38 | 000,001,479 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Solitaire.lnk
[2013/06/13 18:45:34 | 000,001,503 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Minesweeper.lnk
[2013/06/13 18:45:29 | 000,001,508 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Hearts.lnk
[2013/06/13 18:45:23 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Freecell.lnk
[2013/06/13 17:32:25 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/13 15:59:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/06/13 15:59:06 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013/06/13 13:31:31 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Internet Explorer.lnk
[2013/06/13 13:19:22 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013/06/13 13:12:42 | 000,000,632 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/06/13 12:57:06 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Event Viewer.lnk
[2013/06/13 11:12:30 | 000,000,154 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Shortcut to Folder Options.lnk
[2013/06/13 11:11:04 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013/06/13 11:10:57 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/06/13 11:10:11 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Shortcut to Windows Firewall.lnk
[2013/06/13 11:02:04 | 000,148,992 | ---- | C] () -- C:\Documents and Settings\Ricky\Desktop\Soukoban.exe
[2013/06/13 10:44:43 | 000,058,704 | ---- | C] () -- C:\WINDOWS\System32\igxpxk32.vp
[2013/06/13 10:44:43 | 000,024,736 | ---- | C] () -- C:\WINDOWS\System32\igxpxs32.vp
[2013/06/13 10:44:43 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/06/13 10:44:42 | 000,524,850 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/06/13 10:40:12 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/06/13 10:40:05 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Ricky\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/06/13 10:40:05 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Ricky\Start Menu\Programs\Internet Explorer.lnk
[2013/06/13 10:40:00 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\Ricky\Start Menu\Programs\Windows Media Player.lnk
[2013/06/13 10:23:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\DELL_DIM_3000.MRK
[2013/06/13 10:23:43 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\1028_DELL_DIM_3000.MRK
[2013/06/13 10:13:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/06/13 10:12:52 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013/06/13 10:12:36 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013/06/13 10:12:30 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013/06/13 10:12:30 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013/06/13 10:12:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013/06/13 10:12:20 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013/06/13 10:12:16 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013/06/13 10:12:13 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013/06/13 10:12:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013/06/13 10:11:14 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/06/13 10:11:14 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/06/13 10:11:14 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/06/13 10:11:14 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013/06/13 10:11:14 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013/06/13 10:11:04 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013/06/13 10:11:04 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013/06/13 10:11:03 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013/06/13 10:09:35 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013/06/13 10:09:24 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013/06/13 10:09:24 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013/06/13 10:09:19 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013/06/13 10:08:52 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013/06/13 10:08:16 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/06/13 10:07:32 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2013/06/13 10:07:32 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2013/06/13 10:07:32 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2013/06/13 10:07:32 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2013/06/13 10:07:32 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2013/06/13 10:07:32 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2013/06/13 10:07:32 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2013/06/13 10:07:32 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2013/06/13 10:07:32 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2013/06/13 10:07:32 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013/06/13 10:07:32 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2013/06/13 10:07:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013/06/13 10:07:30 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013/06/13 10:07:29 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013/06/13 10:07:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2013/06/13 05:00:33 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013/06/13 05:00:27 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/06/13 05:00:25 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013/06/13 05:00:25 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013/06/13 05:00:25 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013/06/13 05:00:25 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013/06/13 05:00:13 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013/06/13 05:00:02 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013/06/13 05:00:02 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013/06/13 05:00:02 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013/06/13 05:00:02 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2013/06/13 05:00:02 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2013/06/13 05:00:02 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013/06/13 05:00:02 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2013/06/13 05:00:02 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013/06/13 05:00:02 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2013/06/13 05:00:02 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013/06/13 05:00:02 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2013/06/13 05:00:02 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013/06/13 05:00:02 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013/06/13 05:00:02 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013/06/13 05:00:02 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013/06/13 05:00:02 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013/06/13 05:00:02 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/06/13 05:00:01 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013/06/13 05:00:01 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/06/13 04:59:26 | 000,133,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/06/13 04:58:39 | 000,000,282 | -HS- | C] () -- C:\boot.ini
[2013/06/13 04:58:35 | 000,000,290 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf

========== ZeroAccess Check ==========

[2013/06/13 11:23:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 06:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/28 12:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/06/18 09:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ricky\Application Data\Lexmark Productivity Studio

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
RKinner
Posted 06 July 2013 - 11:48 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.


Ron
  • 0

#3
Elizabeth23
Posted 07 July 2013 - 09:52 AM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
sorry for the late reply:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 95.31 0 K 16 K 0
Interrupts 3.13 0 K 0 K n/a Hardware Interrupts and DPCs
procexp.exe 1.56 20,356 K 26,152 K 6220 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
wmiprvse.exe 2,392 K 4,940 K 6308 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
winlogon.exe 7,544 K 5,128 K 644 Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
System 0 K 212 K 4
svchost.exe 3,092 K 5,152 K 860 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,848 K 4,536 K 948 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 29,760 K 41,736 K 1080 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,080 K 4,384 K 1148 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,476 K 3,980 K 1324 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 4,508 K 7,172 K 336 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
sua.exe 528 K 2,024 K 1304 Secunia Update Agent Secunia (Verified) Secunia
spoolsv.exe 3,408 K 8,744 K 1492 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 168 K 424 K 556 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smax4pnp.exe 2,560 K 4,908 K 1656 SMax4PNP MFC Application Analog Devices, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
services.exe 1,724 K 3,488 K 696 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
psia.exe 11,020 K 16,028 K 1992 Secunia PSI Agent Secunia (Verified) Secunia
psi_tray.exe 724 K 2,988 K 1684 Secunia PSI Tray Secunia (Verified) Secunia
msseces.exe 6,928 K 12,624 K 1676 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
MsMpEng.exe 70,620 K 66,916 K 1044 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 4,168 K 1,088 K 708 LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
iexplore.exe 147,620 K 162,220 K 4420 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe 6,444 K 1,340 K 5124 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 33,212 K 46,868 K 1792 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ctfmon.exe 936 K 4,016 K 1736 CTF Loader Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 1,724 K 4,328 K 620 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
alg.exe 1,128 K 3,580 K 1912 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
  • 0

#4
Elizabeth23
Posted 07 July 2013 - 10:00 AM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
this is process explorer when ie8 is not responding:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
iexplore.exe 98.46 48,792 K 57,540 K 3284 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
procexp.exe 1.54 14,520 K 13,344 K 8988 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts < 0.01 0 K 0 K n/a Hardware Interrupts and DPCs
wmiprvse.exe 2,204 K 4,868 K 6308 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
winlogon.exe 7,600 K 5,144 K 644 Windows NT Logon Application Microsoft Corporation (Verified) Microsoft Windows Component Publisher
System Idle Process 0 K 16 K 0
System 0 K 212 K 4
svchost.exe 1,848 K 4,536 K 948 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 29,560 K 41,532 K 1080 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 3,068 K 5,132 K 860 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 4,508 K 7,172 K 336 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,476 K 3,980 K 1324 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,080 K 4,388 K 1148 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
sua.exe 528 K 2,024 K 1304 Secunia Update Agent Secunia (Verified) Secunia
spoolsv.exe 3,328 K 8,720 K 1492 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smss.exe 168 K 424 K 556 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
smax4pnp.exe 2,560 K 4,908 K 1656 SMax4PNP MFC Application Analog Devices, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
services.exe 1,700 K 3,480 K 696 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Component Publisher
psia.exe 11,020 K 16,028 K 1992 Secunia PSI Agent Secunia (Verified) Secunia
psi_tray.exe 724 K 2,988 K 1684 Secunia PSI Tray Secunia (Verified) Secunia
msseces.exe 6,928 K 12,624 K 1676 Microsoft Security Client User Interface Microsoft Corporation (Verified) Microsoft Corporation
MsMpEng.exe 70,708 K 67,996 K 1044 Antimalware Service Executable Microsoft Corporation (Verified) Microsoft Corporation
lsass.exe 4,316 K 2,832 K 708 LSA Shell (Export Version) Microsoft Corporation (Verified) Microsoft Windows Component Publisher
iexplore.exe 7,060 K 9,692 K 5124 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe 20,612 K 28,224 K 7384 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
iexplore.exe 139,796 K 155,048 K 4420 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 34,696 K 48,800 K 1792 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ctfmon.exe 944 K 4,044 K 1736 CTF Loader Microsoft Corporation (Verified) Microsoft Windows Component Publisher
csrss.exe 1,724 K 4,196 K 620 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Component Publisher
alg.exe 1,128 K 3,580 K 1912 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher
  • 0

#5
RKinner
Posted 07 July 2013 - 10:20 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Open IE then Tools, Internet Options, Advanced and hit the Reset button. Close IE and reopen and see if it still hangs.
  • 0

#6
Elizabeth23
Posted 07 July 2013 - 11:17 AM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
Yes, still hanging, and have been getting lots of Script Running messages lately, I always choose stop running and it goes on, but I do not get this message everytime it is not responding.
  • 0

#7
RKinner
Posted 07 July 2013 - 11:20 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Did you change your home page to www.google.com? Does it still try to run a script then?
  • 0

#8
Elizabeth23
Posted 07 July 2013 - 11:48 AM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
OK, changed home page to google.com, issue still persists.

Let me be a little more specific, please.

Home page has never hung, BTW I use yahoo.com as my home page.

I generally have several tabs open at once, it is only lately that I can not do this anymore, I can get two or three tabs open before it will start to hang again.
  • 0

#9
RKinner
Posted 07 July 2013 - 12:37 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Do you have another browser you can use like Firefox or Chrome? Do you see the same behavior with them?

If you go into Tools, Internet Options, Security and under Internet, click on Custom Level then find the one that say Binary and script behaviors and change it to Disable then OK and restart IE does it still hang on you?
  • 0

#10
Elizabeth23
Posted 07 July 2013 - 04:39 PM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
Changing the security, binary and script actions to disabled, allowed the hang to last less time.

Which is something I forgot to mention, it is not responding, but if I am patient it will start up again, in approx 30 seconds, with the scripts disabled, it is down to 10 seconds

As for chrome and firefox, I really like Internet explorer, even if I can go no higher than ie8 with xp, but come april 2014, I will have to install one or the other to keep my security up to date, I am bombarded by adds to change everytime I use google search and everytime I come to this forum, I get advised to upgrade to Firefox.

So, you believe it is not an imbedded infection? That is all I wanted to know, please let me know your leanings. :)
  • 0

#11
RKinner
Posted 07 July 2013 - 04:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Can't imagine why you like IE. Have you ever tried Firefox with the AdBlock Plus add on? You should try a different browser to see if the problem is just IE. If it is then I would uninstall IE 8, redownload it and reinstall it.
  • 1

#12
Elizabeth23
Posted 07 July 2013 - 05:11 PM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
okay, I will do that tonight, thanks will post back with results.
  • 0

#13
Elizabeth23
Posted 07 July 2013 - 09:59 PM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
Thanks for the assistance, I uninstalled IE8 and then reinstalled, and it does not hang up (so far, 20minutes), so I guess it was something with ie8 and the updates, before I uninstalled,I checked out the updates listed in the control panel, then when I reinstalled, I checked the updates again, apparently I was missing 3 security updates, which I should not have been missing!!! I regularly check updates and Microsoft updates and I have Automatic updates turned on.

Well, at least that problem is solved, I have been thinking of another browser as a spare, but have not acted on it yet, will keep your advice in mind.

thanks again.
  • 0

#14
Elizabeth23
Posted 26 July 2013 - 10:12 PM

Elizabeth23

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 443 posts
Deleted test reply.

Edited by Elizabeth23, 26 July 2013 - 10:13 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP