Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PUP.BundleInstaller.DW [Solved]

Started by bytesize , Oct 17 2013 08:35 AM

  • This topic is locked This topic is locked

#1
bytesize
Posted 17 October 2013 - 08:35 AM

bytesize

    Member

  • Member
  • PipPip
  • 96 posts
Given friends PC because it was running slow, uninstalled all unecessary programs, updated java,ran MBAM it found 337 objects made up of the following-

Adware.Starware, PUM.Disabled.SecurityCenter, Rogue.RegTool, Adware.Comet, PUP.Optional.Bandoo, PUP.BundleInstaller.DW.

MBAM and Adwcleaner got rid of everything apart from PUP.BundleInstaller.DW

The pc won't let me install a new driver for the wired network card it goes through the motions then reverts back to old driver.

Here is the OTL Log

OTL logfile created on: 17/10/2013 14:28:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\E MCCABE\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1014.08 Mb Total Physical Memory | 260.31 Mb Available Physical Memory | 25.67% Memory free
2.38 Gb Paging File | 1.82 Gb Available in Paging File | 76.51% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.46 Gb Total Space | 49.54 Gb Free Space | 69.33% Space Free | Partition Type: NTFS

Computer Name: EDUANA | User Name: E MCCABE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/17 14:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\E MCCABE\Desktop\OTL.exe
PRC - [2013/10/16 19:49:09 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/10/07 19:54:20 | 004,908,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2013/09/15 23:08:30 | 000,895,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013/09/03 22:22:16 | 000,588,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013/08/20 23:03:42 | 000,728,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/11/20 07:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFIE.EXE
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/05 11:00:14 | 001,531,904 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2007/12/17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007/03/09 11:09:58 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe


========== Modules (No Company Name) ==========

MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2009/03/12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008/11/21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
MOD - [2007/11/28 04:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\RALINK\Common\acAuth.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe -- (vToolbarUpdater17.0.12)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/10/16 19:49:09 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/10/08 19:24:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/03 22:00:24 | 003,538,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/10/01 10:23:34 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/25 21:47:22 | 000,301,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2007/12/17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01)
SRV - [2007/01/11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdm.sys -- (k750mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2013/10/01 20:56:21 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013/09/10 22:11:44 | 000,022,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013/09/08 22:12:16 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/09/02 10:39:32 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/09/02 10:28:06 | 000,145,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/09/02 10:28:04 | 000,209,208 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/09/02 10:28:00 | 000,223,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/08/20 22:54:04 | 000,102,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/08/01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2009/06/17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 17:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2008/04/13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/01/15 21:50:50 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/07/13 09:56:08 | 000,230,784 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\U6000ALL.sys -- (U6000ALL)
DRV - [2007/06/19 08:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm)
DRV - [2007/06/19 08:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt)
DRV - [2007/06/19 08:51:18 | 000,097,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic)
DRV - [2007/06/19 08:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex)
DRV - [2007/06/19 08:51:18 | 000,021,928 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5)
DRV - [2007/06/19 08:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl)
DRV - [2007/06/19 08:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus)
DRV - [2007/01/01 21:03:00 | 000,086,368 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700obex.sys -- (W700obex)
DRV - [2007/01/01 21:02:59 | 000,097,056 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mdm.sys -- (W700mdm)
DRV - [2007/01/01 21:02:59 | 000,088,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mgmt.sys -- (W700mgmt)
DRV - [2007/01/01 21:02:59 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700bus.sys -- (W700bus)
DRV - [2007/01/01 21:02:59 | 000,009,264 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\W700mdfl.sys -- (W700mdfl)
DRV - [2006/04/28 23:53:20 | 000,056,792 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw99rc.sys -- (hcw99rc)
DRV - [2006/04/06 17:21:08 | 000,118,850 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw70bda.sys -- (HCW77BDA)
DRV - [2005/11/16 21:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/09/08 05:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/03/12 19:48:08 | 000,243,456 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (rt2500usb)
DRV - [2003/12/08 12:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn)
DRV - [2003/12/08 12:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
DRV - [2003/11/17 21:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 21:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 21:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co...-inc&channel=uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co...-inc&channel=uk
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search...p={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{06F15DE2-0E7A-42FF-AB7B-8E2E0C58BC86}: "URL" = http://www.google.co...z=1I7GGLL_en-GB
IE - HKCU\..\SearchScopes\{A312ADC2-DE96-431D-93D8-5B6FC00DCCAF}: "URL" = http://websearch.ask...78-522440EFE35E
IE - HKCU\..\SearchScopes\{D64A642D-3EDA-4D85-89DF-3D941A6A5219}: "URL" = http://www.tiscali.c...rom={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2321: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2379: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1483: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/10/01 10:23:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/10/16 19:50:09 | 000,000,000 | ---D | M]

[2008/09/06 14:06:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\E MCCABE\Application Data\Mozilla\Extensions
[2013/10/16 20:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\E MCCABE\Application Data\Mozilla\Firefox\Profiles\myzpsnvh.default-1381952312265\extensions
[2013/10/01 10:23:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/10/01 10:23:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/10/01 10:23:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre7\bin\jusched.exe File not found
O4 - HKCU..\Run: [Epson Stylus SX510W(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX510W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF56015B-782B-40EB-9ABD-CF28E18B89CA}: DhcpNameServer = 172.16.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2DBC7F4-F587-4D34-9D86-84BC27CB2FDF}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D7ED7527-9B58-441A-A967-99E371A2D3D3}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{68fce594-3f45-11e0-a8bc-00b08c05013b}\Shell - "" = AutoRun
O33 - MountPoints2\{68fce594-3f45-11e0-a8bc-00b08c05013b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{68fce594-3f45-11e0-a8bc-00b08c05013b}\Shell\AutoRun\command - "" = E:\TotalLock.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\TotalLock.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/17 14:27:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\E MCCABE\Desktop\OTL.exe
[2013/10/16 21:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013/10/16 21:15:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\E MCCABE\Application Data\Malwarebytes
[2013/10/16 21:15:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/10/16 21:15:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/10/16 21:15:00 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/10/16 21:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/16 20:56:36 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2013/10/16 20:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Deployment
[2013/10/16 20:40:35 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/16 20:00:36 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/16 19:56:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\E MCCABE\Recent
[2013/10/16 19:52:26 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/10/16 19:49:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/16 15:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/10/01 10:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/09/25 19:58:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\E MCCABE\Application Data\AVG2014
[2013/09/25 19:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2013/09/25 19:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Avg2014
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/17 14:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\E MCCABE\Desktop\OTL.exe
[2013/10/17 14:23:16 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/10/17 14:11:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/17 14:10:59 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/17 14:10:58 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/10/17 14:10:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/17 14:10:33 | 1063,407,616 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/16 22:49:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/16 21:19:41 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2013/10/16 21:15:04 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/16 20:58:00 | 000,473,392 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/16 20:58:00 | 000,084,786 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/16 19:52:29 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/10/16 19:27:27 | 000,309,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/16 15:04:04 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/10/16 14:32:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2013/10/06 13:41:02 | 000,000,246 | ---- | M] () -- C:\WINDOWS\tasks\Epson Printer Software Downloader.job
[2013/10/05 22:53:04 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/01 20:57:19 | 000,003,726 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2013/10/01 20:56:21 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2013/09/25 20:57:14 | 000,120,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgdiskx.sys
[2013/09/25 20:04:28 | 000,006,216 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2013/09/25 20:04:21 | 000,000,088 | RHS- | M] () -- C:\WINDOWS\System32\7061CE70D7.sys
[2013/09/24 11:56:17 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\prvlcl.dat
[2013/09/24 10:50:34 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[10 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/16 21:19:40 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
[2013/10/16 21:15:04 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/16 20:57:50 | 000,001,902 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2013/10/16 19:52:29 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/10/16 14:32:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
[2013/09/25 19:54:52 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
[2013/06/27 13:34:18 | 000,003,726 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2012/08/19 12:44:58 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\dt.dat
[2012/02/20 17:13:04 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010/05/05 14:45:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\prvlcl.dat
[2007/05/04 18:51:42 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 21:32:21 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/12/19 22:12:00 | 000,009,216 | ---- | C] () -- C:\Documents and Settings\E MCCABE\Application Data\dvd.bmk
[2006/08/06 13:28:47 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\E MCCABE\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/10 13:09:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 01:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 01:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/09/25 19:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2010/11/11 16:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/11/11 17:03:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2010/11/05 14:32:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/01/16 15:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FUJIFILM
[2013/10/17 14:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/11/13 20:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/11/05 14:40:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/11/13 22:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/11/13 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\AVG
[2013/09/25 19:58:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\AVG2014
[2012/03/24 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\Epson
[2006/07/01 16:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\Leadertech
[2009/04/13 13:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\MSNInstaller
[2011/10/12 20:18:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\Python-Eggs
[2007/01/01 21:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\Teleca
[2007/04/13 16:21:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\Template
[2012/09/26 21:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\TuneUp Software
[2009/05/31 19:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\E MCCABE\Application Data\VersionTracker Pro

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 0

Advertisements

#2
emeraldnzl
Posted 21 October 2013 - 02:41 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello bytesize,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
bytesize
Posted 21 October 2013 - 04:03 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Thanks for your time here are the logs you requested

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-10-2013 01
Ran by E MCCABE at 2013-10-21 22:52:20
Running from C:\Documents and Settings\E MCCABE\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
Could not list Security Center items. Check WMI.


==================== Installed Programs ======================

Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 8 (Version: 8.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0)
ARTEuro (Version: 1.00.0000)
AVG 2014 (Version: 14.0.3614)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
CCleaner (Version: 4.06)
CDDRV_Installer (Version: 4.60)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 56K V.9x DFVc Modem
ConstructionSkills (Version: 1.00.673)
Corel Photo Album 6 (Version: 6.33)
Defraggler (Version: 2.15)
Dell CinePlayer (Version: 3.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Support 5.0.0 (630)
Dell System Restore (Version: 2.00.0000)
Digital Line Detect (Version: 1.10)
Drv (Version: 1.00.0000)
Epson Easy Photo Print 2 (Version: 2.1.0.0)
Epson Event Manager (Version: 2.30.01)
Epson Printer Software Downloader
Epson Printer Software Downloader (Version: 2.0.0)
EPSON Scan
Epson Stylus SX510W_TX550W Manual
EPSON SX510W Series Printer Uninstall
EPSON Web-To-Page
EpsonNet Print (Version: 2.4i)
EpsonNet Setup (Version: 3.1c)
erLT (Version: 1.20.0137)
FUJIFILM MyFinePix Studio 2.0
Google Chrome (Version: 30.0.1599.101)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4410)
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.20.0000)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
KhalInstallWrapper (Version: 2.00.0000)
Learn2 Player (Uninstall Only)
Logitech SetPoint (Version: 4.80)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MCU (Version: 1.00.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Professional with FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works 7.0 (Version: 07.02.0620)
Modem Helper (Version: 2.40)
Mozilla Firefox 24.0 (x86 en-GB) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetWaiting (Version: 2.5.12)
PIF DESIGNER2.1
QuickTime (Version: 7.68.75.0)
RAF (Version: 1.00.0001)
Ralink Wireless LAN (Version: 1.00.0000)
RAW FILE CONVERTER EX powered by SILKYPIX (Version: 3)
RealPlayer
Roblox for E MCCABE
Roxio DLA (Version: 5.2.0)
Roxio MyDVD LE (Version: 6.1.6)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
ScanToWeb
Search Assist (Version: 1.00.0000)
Sky Broadband (Version: 1.0.0)
Sonic Activation Module (Version: 1.0)
Sonic Update Manager (Version: 3.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
URL Assistant
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Camera Maker (MR97310_VGA_DUAL_CAMERA) Image 07/18/2006 2.0.1.0 (Version: 2.0.1.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)

==================== Restore Points =========================

02-08-2013 16:10:30 System Checkpoint
03-08-2013 18:31:43 System Checkpoint
04-08-2013 19:12:36 System Checkpoint
05-08-2013 19:26:28 System Checkpoint
06-08-2013 20:04:33 System Checkpoint
08-08-2013 10:42:42 System Checkpoint
09-08-2013 12:46:23 System Checkpoint
11-08-2013 13:20:26 System Checkpoint
12-08-2013 14:08:28 System Checkpoint
13-08-2013 14:55:41 System Checkpoint
14-08-2013 18:52:21 System Checkpoint
14-08-2013 21:30:43 Software Distribution Service 3.0
16-08-2013 09:15:11 System Checkpoint
17-08-2013 10:31:27 System Checkpoint
18-08-2013 12:14:41 System Checkpoint
19-08-2013 15:14:59 System Checkpoint
20-08-2013 15:28:49 System Checkpoint
21-08-2013 18:57:46 System Checkpoint
23-08-2013 10:24:57 System Checkpoint
24-08-2013 12:57:31 System Checkpoint
25-08-2013 13:28:09 System Checkpoint
26-08-2013 14:02:22 System Checkpoint
27-08-2013 14:12:49 System Checkpoint
28-08-2013 17:58:12 System Checkpoint
28-08-2013 23:19:56 Software Distribution Service 3.0
30-08-2013 12:51:04 System Checkpoint
31-08-2013 14:36:03 System Checkpoint
01-09-2013 16:37:28 System Checkpoint
02-09-2013 17:02:21 System Checkpoint
03-09-2013 17:42:53 System Checkpoint
04-09-2013 17:45:45 System Checkpoint
05-09-2013 18:10:51 System Checkpoint
06-09-2013 18:13:50 System Checkpoint
08-09-2013 07:36:33 System Checkpoint
09-09-2013 19:48:10 System Checkpoint
11-09-2013 15:33:34 System Checkpoint
11-09-2013 21:31:45 Software Distribution Service 3.0
12-09-2013 19:24:53 Software Distribution Service 3.0
13-09-2013 20:15:02 System Checkpoint
13-09-2013 23:13:09 Software Distribution Service 3.0
15-09-2013 18:19:52 System Checkpoint
16-09-2013 18:29:53 System Checkpoint
17-09-2013 19:14:11 System Checkpoint
19-09-2013 14:31:00 System Checkpoint
20-09-2013 14:35:18 System Checkpoint
21-09-2013 15:57:48 System Checkpoint
22-09-2013 17:07:00 System Checkpoint
23-09-2013 17:48:04 System Checkpoint
24-09-2013 19:03:54 System Checkpoint
25-09-2013 18:51:55 Installed AVG 2014
25-09-2013 18:52:25 Removed AVG 2013
25-09-2013 18:53:06 Installed AVG 2014
25-09-2013 18:57:31 Removed AVG 2013
26-09-2013 19:28:43 System Checkpoint
27-09-2013 21:09:16 System Checkpoint
29-09-2013 12:44:22 System Checkpoint
30-09-2013 15:01:41 System Checkpoint
01-10-2013 15:11:21 System Checkpoint
02-10-2013 18:07:40 System Checkpoint
03-10-2013 18:17:44 System Checkpoint
04-10-2013 18:45:53 System Checkpoint
05-10-2013 19:08:28 System Checkpoint
06-10-2013 19:49:21 System Checkpoint
07-10-2013 20:04:24 System Checkpoint
09-10-2013 17:28:22 System Checkpoint
16-10-2013 14:10:28 Removed MagicTune Premium
16-10-2013 14:48:39 Removed Bonjour
16-10-2013 14:50:20 Removed iTunes
16-10-2013 15:01:16 Software Distribution Service 3.0
16-10-2013 18:41:35 Removed MultiScreen
16-10-2013 18:48:07 Removed Java™ 6 Update 20
16-10-2013 18:48:59 Installed Java 7 Update 45
16-10-2013 19:00:35 Removed Apple Application Support
16-10-2013 19:02:54 Removed Apple Mobile Device Support
16-10-2013 19:03:40 Removed Apple Software Update
16-10-2013 19:04:50 Removed J2SE Runtime Environment 5.0 Update 8
16-10-2013 19:05:44 Removed Java 2 Runtime Environment, SE v1.4.2_03

==================== Hosts content: ==========================

2004-08-10 12:51 - 2004-08-04 05:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{4D5CF44F-2218-42CE-B157-3ECC45EF40A7}.exe
Task: C:\WINDOWS\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-11-05 14:38 - 2009-03-12 16:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2010-11-05 14:38 - 2008-11-21 14:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2010-09-15 14:39 - 2009-07-20 12:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2008-09-10 11:52 - 2007-11-28 04:32 - 01163264 _____ () C:\Program Files\RALINK\Common\acAuth.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/16/2013 04:10:16 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2013 04:10:16 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2013 02:43:08 PM) (Source: Application Error) (User: )
Description: Faulting application magictune.exe, version 1.0.0.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00017fb6.
Processing media-specific event for [magictune.exe!ws!]

Error: (10/16/2013 02:32:32 PM) (Source: Application Error) (User: )
Description: Faulting application magictune.exe, version 1.0.0.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00017fb6.
Processing media-specific event for [magictune.exe!ws!]

Error: (09/10/2013 11:23:19 AM) (Source: MyWebSearchService) (User: )
Description: MyWebSearchService error: 1063StartServiceCtrlDispatcher failed.

Error: (08/22/2013 01:10:03 PM) (Source: Application Error) (User: )
Description: Fault bucket 223121472.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (08/22/2013 01:09:56 PM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (08/22/2013 01:09:30 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [explorer.exe!ws!]

Error: (07/25/2013 09:53:13 AM) (Source: Application Error) (User: )
Description: Fault bucket -1988371838.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (07/25/2013 09:52:52 AM) (Source: Application Error) (User: )
Description: Faulting application magictune.exe, version 1.0.0.1, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00017fb6.
Processing media-specific event for [magictune.exe!ws!]


System errors:
=============
Error: (10/21/2013 10:46:48 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.12 service failed to start due to the following error:
%%2

Error: (10/17/2013 02:11:00 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.12 service failed to start due to the following error:
%%2

Error: (10/16/2013 10:41:46 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
IntelIde

Error: (10/16/2013 10:41:42 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.12 service failed to start due to the following error:
%%2

Error: (10/16/2013 10:41:37 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/16/2013 10:10:11 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.12 service failed to start due to the following error:
%%2

Error: (10/16/2013 09:05:15 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.0.12 service failed to start due to the following error:
%%2

Error: (10/16/2013 04:00:53 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/16/2013 04:00:52 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126

Error: (10/16/2013 04:00:52 PM) (Source: Service Control Manager) (User: )
Description: The Application Management service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (10/16/2013 04:10:16 PM) (Source: crypt32)(User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2013 04:10:16 PM) (Source: crypt32)(User: )
Description: http://www.download....uthrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (10/16/2013 02:43:08 PM) (Source: Application Error)(User: )
Description: magictune.exe1.0.0.1ntdll.dll5.1.2600.605500017fb6

Error: (10/16/2013 02:32:32 PM) (Source: Application Error)(User: )
Description: magictune.exe1.0.0.1ntdll.dll5.1.2600.605500017fb6

Error: (09/10/2013 11:23:19 AM) (Source: MyWebSearchService)(User: )
Description: MyWebSearchService error: 1063StartServiceCtrlDispatcher failed.

Error: (08/22/2013 01:10:03 PM) (Source: Application Error)(User: )
Description: 223121472

Error: (08/22/2013 01:09:56 PM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (08/22/2013 01:09:30 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.55120.0.0.000000000

Error: (07/25/2013 09:53:13 AM) (Source: Application Error)(User: )
Description: -1988371838

Error: (07/25/2013 09:52:52 AM) (Source: Application Error)(User: )
Description: magictune.exe1.0.0.1ntdll.dll5.1.2600.605500017fb6


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 1014.08 MB
Available physical RAM: 551.86 MB
Total Pagefile: 2440.95 MB
Available Pagefile: 2037.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:71.46 GB) (Free:49.51 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 75 GB) (Disk ID: D0F4738C)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=71 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=DB)

==================== End Of Log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-10-2013 01
Ran by E MCCABE (administrator) on EDUANA on 21-10-2013 22:50:41
Running from C:\Documents and Settings\E MCCABE\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
(SEIKO EPSON CORPORATION) C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Ralink Technology, Corp.) C:\Program Files\RALINK\Common\RaUI.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [114688 2005-10-14] (Intel Corporation)
HKLM\...\Run: [Adobe Photo Downloader] - C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe [63712 2007-03-09] (Adobe Systems Incorporated)
HKLM\...\Run: [ISUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [EEventManager] - C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre7\bin\jusched.exe
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [EPSON SX510W Series] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "C:\WINDOWS\TEMP\E_SA1.tmp" /EF "HKCU"
HKCU\...\Run: [Epson Stylus SX510W(Network)] - C:\WINDOWS\TEMP\E_S85.tmp [194 2012-09-09] ()
MountPoints2: E - E:\TotalLock.exe
MountPoints2: {68fce594-3f45-11e0-a8bc-00b08c05013b} - E:\TotalLock.exe
HKU\Default User\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2004-07-19] (Gteko Ltd.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\RALINK\Common\RaUI.exe (Ralink Technology, Corp.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}
SearchScopes: HKCU - {A312ADC2-DE96-431D-93D8-5B6FC00DCCAF} URL = http://websearch.ask...78-522440EFE35E
SearchScopes: HKCU - {D64A642D-3EDA-4D85-89DF-3D941A6A5219} URL = http://www.tiscali.c...rom={startPage}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll (Dell Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File

FireFox:
========
FF ProfilePath: C:\Documents and Settings\E MCCABE\Application Data\Mozilla\Firefox\Profiles\myzpsnvh.default-1381952312265
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2321 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2379 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1483 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (TelevisionFanatic Installer Plugin Stub) - C:\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISB.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\DOCUME~1\EMCCAB~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\DOCUME~1\EMCCAB~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\DOCUME~1\EMCCAB~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 EPSON_EB_RPCV4_01; C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
S2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21361 2008-09-10] (Cisco Systems, Inc.)
S3 alcan5wn; C:\Windows\System32\DRIVERS\alcan5wn.sys [53600 2003-12-08] (THOMSON)
S3 alcaudsl; C:\Windows\System32\DRIVERS\alcaudsl.sys [70688 2003-12-08] (THOMSON)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120632 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209208 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [145720 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [223032 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102200 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-10-01] (AVG Technologies)
R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25628 2005-09-08] (Sonic Solutions)
R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5628 2005-08-25] (Sonic Solutions)
R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2005-09-08] (Sonic Solutions)
R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86524 2005-09-08] (Sonic Solutions)
R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14684 2005-09-08] (Sonic Solutions)
R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2005-09-08] (Sonic Solutions)
R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2005-08-25] (Sonic Solutions)
R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94332 2005-09-08] (Sonic Solutions)
R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [87036 2005-09-08] (Sonic Solutions)
R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2005-08-12] (Sonic Solutions)
S3 HCW77BDA; C:\Windows\System32\Drivers\hcw70bda.sys [118850 2006-04-06] (Hauppauge Computer Works, Inc.)
S3 hcw99rc; C:\Windows\System32\Drivers\hcw99rc.sys [56792 2006-04-28] (Hauppauge Computer Works, Inc.)
R3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302812 2005-10-14] (Intel Corporation)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 rt2500usb; C:\Windows\System32\DRIVERS\rt2500usb.sys [243456 2005-03-12] (Ralink Technology Inc.)
S3 RT73; C:\Windows\System32\DRIVERS\rt73.sys [459520 2008-01-15] (Ralink Technology, Corp.)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
S3 U6000ALL; C:\Windows\System32\DRIVERS\U6000ALL.sys [230784 2007-07-13] ()
S3 W700bus; C:\Windows\System32\DRIVERS\W700bus.sys [61536 2007-01-01] (MCCI)
S3 W700mdfl; C:\Windows\System32\DRIVERS\W700mdfl.sys [9264 2007-01-01] (MCCI)
S3 W700mdm; C:\Windows\System32\DRIVERS\W700mdm.sys [97056 2007-01-01] (MCCI)
S3 W700mgmt; C:\Windows\System32\DRIVERS\W700mgmt.sys [88560 2007-01-01] (MCCI)
S3 W700obex; C:\Windows\System32\DRIVERS\W700obex.sys [86368 2007-01-01] (MCCI)
S3 bvrp_pci; No ImagePath
S3 k750bus; system32\DRIVERS\k750bus.sys [x]
S3 k750mdfl; system32\DRIVERS\k750mdfl.sys [x]
S3 k750mdm; system32\DRIVERS\k750mdm.sys [x]
S3 k750mgmt; system32\DRIVERS\k750mgmt.sys [x]
S3 k750obex; system32\DRIVERS\k750obex.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]
S3 wanatw; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-21 22:50 - 2013-10-21 22:50 - 00000000 ____D C:\FRST
2013-10-21 22:49 - 2013-10-21 22:39 - 01087529 _____ (Farbar) C:\Documents and Settings\E MCCABE\Desktop\FRST.exe
2013-10-17 14:52 - 2013-10-17 14:52 - 00077632 _____ C:\Documents and Settings\E MCCABE\Desktop\OTL.Txt
2013-10-17 14:52 - 2013-10-17 14:52 - 00038828 _____ C:\Documents and Settings\E MCCABE\Desktop\Extras.Txt
2013-10-17 14:27 - 2013-10-17 14:27 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\E MCCABE\Desktop\OTL.exe
2013-10-16 21:19 - 2013-10-16 21:19 - 00001580 _____ C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
2013-10-16 21:19 - 2013-10-16 21:19 - 00000000 ____D C:\Program Files\Defraggler
2013-10-16 21:15 - 2013-10-16 21:15 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\E MCCABE\Application Data\Malwarebytes
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-16 21:15 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-10-16 20:57 - 2003-11-03 18:15 - 00001902 ____N C:\WINDOWS\system32\SetupBD.din
2013-10-16 20:56 - 2013-10-16 21:10 - 00000000 ____D C:\drvrtmp
2013-10-16 20:49 - 2013-10-16 21:01 - 00000000 ____D C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Deployment
2013-10-16 20:40 - 2013-10-16 21:02 - 00000000 ____D C:\AdwCleaner
2013-10-16 20:28 - 2013-10-21 22:48 - 00103683 _____ C:\WINDOWS\setupapi.log
2013-10-16 19:52 - 2013-10-16 19:52 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2013-10-16 19:52 - 2013-10-16 19:52 - 00000000 ____D C:\Program Files\CCleaner
2013-10-16 19:50 - 2013-10-16 19:49 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 19:50 - 2013-10-16 19:49 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-16 19:49 - 2013-10-16 19:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 19:49 - 2013-10-16 19:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 19:49 - 2013-10-16 19:49 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-16 19:49 - 2013-10-16 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-16 16:14 - 2013-10-16 16:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-16 16:14 - 2013-10-16 16:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-16 16:07 - 2013-10-16 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-16 16:05 - 2013-10-16 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-16 16:05 - 2013-10-16 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-16 15:04 - 2013-10-16 15:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-16 14:59 - 2013-08-09 01:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-16 14:59 - 2013-08-09 01:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-16 14:59 - 2013-08-09 01:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-16 14:59 - 2009-03-18 12:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-16 14:40 - 2013-07-17 01:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-16 14:40 - 2013-07-03 03:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-16 14:40 - 2013-07-03 02:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-16 14:32 - 2013-10-16 14:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2013-10-01 10:23 - 2013-10-02 19:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-25 19:58 - 2013-09-25 19:58 - 00000000 ____D C:\Documents and Settings\E MCCABE\Application Data\AVG2014
2013-09-25 19:54 - 2013-10-16 15:04 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-09-25 19:52 - 2013-09-25 19:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2014
2013-09-25 19:44 - 2013-09-25 21:37 - 00000000 ____D C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Avg2014

==================== One Month Modified Files and Folders =======

2013-10-21 22:51 - 2010-10-27 14:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2013-10-21 22:50 - 2013-10-21 22:50 - 00000000 ____D C:\FRST
2013-10-21 22:50 - 2010-02-12 20:01 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-21 22:48 - 2013-10-16 20:28 - 00103683 _____ C:\WINDOWS\setupapi.log
2013-10-21 22:47 - 2004-08-10 13:02 - 01612369 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-21 22:47 - 2004-08-10 12:51 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-21 22:46 - 2013-06-05 01:52 - 00000350 _____ C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-10-21 22:46 - 2010-02-12 20:01 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-21 22:46 - 2004-08-10 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-21 22:46 - 2004-08-10 12:59 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-10-21 22:46 - 2004-08-10 12:59 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-10-21 22:39 - 2013-10-21 22:49 - 01087529 _____ (Farbar) C:\Documents and Settings\E MCCABE\Desktop\FRST.exe
2013-10-17 15:23 - 2012-09-15 22:33 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-17 15:05 - 2013-07-12 16:11 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-10-17 14:52 - 2013-10-17 14:52 - 00077632 _____ C:\Documents and Settings\E MCCABE\Desktop\OTL.Txt
2013-10-17 14:52 - 2013-10-17 14:52 - 00038828 _____ C:\Documents and Settings\E MCCABE\Desktop\Extras.Txt
2013-10-17 14:27 - 2013-10-17 14:27 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\E MCCABE\Desktop\OTL.exe
2013-10-17 14:23 - 2004-08-10 13:08 - 00032358 _____ C:\WINDOWS\SchedLgU.Txt
2013-10-16 23:14 - 2006-07-01 15:18 - 00000278 ___SH C:\Documents and Settings\E MCCABE\ntuser.ini
2013-10-16 22:40 - 2012-01-26 00:44 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2585542$
2013-10-16 21:37 - 2004-08-10 13:09 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-16 21:19 - 2013-10-16 21:19 - 00001580 _____ C:\Documents and Settings\All Users\Desktop\Defraggler.lnk
2013-10-16 21:19 - 2013-10-16 21:19 - 00000000 ____D C:\Program Files\Defraggler
2013-10-16 21:17 - 2007-08-14 13:36 - 00000000 ____D C:\WINDOWS\pss
2013-10-16 21:15 - 2013-10-16 21:15 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\E MCCABE\Application Data\Malwarebytes
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-10-16 21:15 - 2013-10-16 21:15 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-10-16 21:12 - 2006-06-25 17:08 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-10-16 21:10 - 2013-10-16 20:56 - 00000000 ____D C:\drvrtmp
2013-10-16 21:03 - 2006-07-01 15:18 - 00000000 ____D C:\Documents and Settings\E MCCABE
2013-10-16 21:02 - 2013-10-16 20:40 - 00000000 ____D C:\AdwCleaner
2013-10-16 21:01 - 2013-10-16 20:49 - 00000000 ____D C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Deployment
2013-10-16 21:01 - 2006-07-01 15:18 - 00000000 ____D C:\Documents and Settings\E MCCABE\Start Menu\Programs\Dell
2013-10-16 20:58 - 2004-08-10 12:57 - 00568856 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-16 20:17 - 2006-06-25 17:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-10-16 20:06 - 2006-06-25 17:16 - 00000000 ____D C:\Program Files\Java
2013-10-16 20:03 - 2010-11-13 22:33 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Apple
2013-10-16 19:52 - 2013-10-16 19:52 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2013-10-16 19:52 - 2013-10-16 19:52 - 00000000 ____D C:\Program Files\CCleaner
2013-10-16 19:50 - 2006-06-25 17:16 - 00000000 ____D C:\Program Files\Common Files\Java
2013-10-16 19:49 - 2013-10-16 19:50 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-10-16 19:49 - 2013-10-16 19:50 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2013-10-16 19:49 - 2013-10-16 19:49 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-10-16 19:49 - 2013-10-16 19:49 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-10-16 19:49 - 2013-10-16 19:49 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-10-16 19:49 - 2013-10-16 19:49 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java
2013-10-16 19:27 - 2012-04-01 13:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-16 19:27 - 2004-08-10 12:57 - 00309992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-16 16:14 - 2013-10-16 16:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-16 16:14 - 2013-10-16 16:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-16 16:13 - 2013-07-27 23:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-16 16:09 - 2012-04-01 13:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
2013-10-16 16:09 - 2006-09-06 19:46 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-16 16:07 - 2013-10-16 16:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-16 16:05 - 2013-10-16 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-16 16:05 - 2013-10-16 16:05 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-16 16:05 - 2009-07-17 01:27 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-16 15:14 - 2012-02-23 11:51 - 00000000 ____D C:\Program Files\MagicTune Premium
2013-10-16 15:04 - 2013-10-16 15:04 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2013-10-16 15:04 - 2013-09-25 19:54 - 00000702 _____ C:\Documents and Settings\All Users\Desktop\AVG 2014.lnk
2013-10-16 14:32 - 2013-10-16 14:32 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2013-10-08 19:24 - 2012-09-15 22:33 - 00692616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-08 19:24 - 2011-06-08 18:48 - 00071048 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-06 13:41 - 2010-11-05 14:41 - 00000246 _____ C:\WINDOWS\Tasks\Epson Printer Software Downloader.job
2013-10-03 12:00 - 2012-04-24 20:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-02 19:51 - 2013-10-01 10:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-01 20:57 - 2013-06-27 13:34 - 00003726 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-01 20:57 - 2011-11-09 20:01 - 00000000 ____D C:\WINDOWS\system32\cache
2013-10-01 20:56 - 2012-08-30 19:11 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-09-26 13:34 - 2009-11-25 16:23 - 00000000 ___HD C:\$AVG
2013-09-25 21:37 - 2013-09-25 19:44 - 00000000 ____D C:\Documents and Settings\E MCCABE\Local Settings\Application Data\Avg2014
2013-09-25 20:57 - 2013-08-01 16:06 - 00120632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2013-09-25 20:04 - 2006-07-01 15:46 - 00006216 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2013-09-25 20:04 - 2006-07-01 15:46 - 00000088 __RSH C:\WINDOWS\system32\7061CE70D7.sys
2013-09-25 19:59 - 2009-04-13 13:16 - 00000000 ____D C:\Program Files\AVG
2013-09-25 19:58 - 2013-09-25 19:58 - 00000000 ____D C:\Documents and Settings\E MCCABE\Application Data\AVG2014
2013-09-25 19:56 - 2013-09-25 19:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG2014
2013-09-24 11:56 - 2010-05-05 14:45 - 00000000 ____C C:\Documents and Settings\E MCCABE\Local Settings\Application Data\prvlcl.dat
2013-09-24 11:00 - 2006-07-01 15:46 - 00047672 ____C C:\Documents and Settings\E MCCABE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-09-24 10:56 - 2004-08-10 12:51 - 00000227 _____ C:\WINDOWS\system.ini
2013-09-24 10:50 - 2006-06-25 17:05 - 00000211 __RSH C:\boot.ini
2013-09-24 10:50 - 2004-08-10 12:51 - 00000777 _____ C:\WINDOWS\win.ini
2013-09-23 23:36 - 2006-11-07 04:26 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-09-23 23:36 - 2004-08-10 12:51 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 19:33 - 2012-06-13 15:47 - 00522240 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-09-23 19:33 - 2010-06-13 21:08 - 00743424 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-09-23 19:33 - 2009-07-17 01:27 - 00247808 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-09-23 19:33 - 2009-07-17 01:27 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-09-23 19:33 - 2007-05-09 20:26 - 11113472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-09-23 19:33 - 2007-05-09 20:26 - 02006016 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-09-23 19:33 - 2007-05-09 20:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-09-23 19:33 - 2007-05-09 20:26 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-09-23 19:33 - 2006-11-07 22:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 19:33 - 2006-11-07 22:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 19:33 - 2006-11-07 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-09-23 19:33 - 2006-11-07 04:27 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-09-23 19:33 - 2006-10-17 13:05 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-09-23 19:33 - 2006-10-17 13:05 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-09-23 19:33 - 2006-10-17 13:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-09-23 19:33 - 2006-10-17 13:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-09-23 19:33 - 2006-10-17 12:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-23 19:33 - 2006-07-28 12:30 - 06017536 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-09-23 19:33 - 2006-07-25 21:42 - 01215488 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-09-23 19:33 - 2006-06-23 12:25 - 00920064 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-09-23 19:33 - 2006-06-23 12:25 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-09-23 19:33 - 2006-06-23 12:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-09-23 19:33 - 2006-06-23 12:25 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-09-23 19:33 - 2004-08-10 13:02 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 01469440 ____N (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-09-23 19:33 - 2004-08-10 12:51 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-09-23 19:33 - 2004-08-10 12:51 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-09-23 19:33 - 2004-08-10 12:50 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2013-09-23 19:33 - 2004-08-10 12:50 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2013-09-23 19:06 - 2004-08-10 12:51 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

Some content of TEMP:
====================
C:\Documents and Settings\E MCCABE\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\E MCCABE\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\E MCCABE\Local Settings\Temp\_is4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

I await further instructions
  • 0

#4
emeraldnzl
Posted 21 October 2013 - 04:23 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#5
bytesize
Posted 21 October 2013 - 04:54 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Here is the JRT log


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by E MCCABE on 21/10/2013 at 23:33:20.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A312ADC2-DE96-431D-93D8-5B6FC00DCCAF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/10/2013 at 23:42:40.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#6
emeraldnzl
Posted 21 October 2013 - 05:33 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#7
bytesize
Posted 22 October 2013 - 10:26 AM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Here is the combofix log as requested




9ComboFix 13-10-21.01 - E MCCABE 22/10/2013 13:08:50.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.634 [GMT 1:00]
Running from: c:\documents and settings\E MCCABE\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\E MCCABE\WINDOWS
C:\install.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\2f3e411fd2c73c39.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\31e1c5f85696bcad.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\54dfce114854a3f1.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5bf53eda020d117b.fb
c:\windows\system32\Cache\5c76130ecb16ed3d.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\72c0d74dcd4ddf74.fb
c:\windows\system32\Cache\8558209718c55c70.fb
c:\windows\system32\Cache\8a31306d3469076e.fb
c:\windows\system32\Cache\8b8b03baeee2996a.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\aca7ef799a6471c9.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b293b6b43940fccb.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4ae643056723518.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\c730d61b4276d479.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d50728fc04059d9e.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\df4f4e40c7be5ba0.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f892306b94e2a8d8.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET1A0.tmp
c:\windows\system32\SET1A1.tmp
c:\windows\system32\SET1A2.tmp
c:\windows\system32\SET1A6.tmp
c:\windows\system32\SET1A8.tmp
c:\windows\system32\SET2D.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-09-22 to 2013-10-22 )))))))))))))))))))))))))))))))
.
.
2013-10-21 22:33 . 2013-10-21 22:33 -------- d-----w- c:\windows\ERUNT
2013-10-21 21:50 . 2013-10-21 21:50 -------- d-----w- C:\FRST
2013-10-16 20:19 . 2013-10-16 20:19 -------- d-----w- c:\program files\Defraggler
2013-10-16 20:15 . 2013-10-16 20:15 -------- d-----w- c:\documents and settings\E MCCABE\Application Data\Malwarebytes
2013-10-16 20:15 . 2013-10-16 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2013-10-16 20:15 . 2013-10-16 20:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-16 20:15 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-16 19:56 . 2013-10-16 20:10 -------- d-----w- C:\drvrtmp
2013-10-16 19:49 . 2013-10-16 20:01 -------- d-----w- c:\documents and settings\E MCCABE\Local Settings\Application Data\Deployment
2013-10-16 19:40 . 2013-10-16 20:02 -------- d-----w- C:\AdwCleaner
2013-10-16 18:52 . 2013-10-16 18:52 -------- d-----w- c:\program files\CCleaner
2013-10-16 18:50 . 2013-10-16 18:49 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-16 18:49 . 2013-10-16 18:49 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-16 13:59 . 2009-03-18 11:02 30336 ------w- c:\windows\system32\dllcache\usbehci.sys
2013-10-16 13:59 . 2013-08-09 00:55 144128 ------w- c:\windows\system32\dllcache\usbport.sys
2013-10-16 13:59 . 2013-08-09 00:55 32384 ------w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-16 13:59 . 2013-08-09 00:55 5376 ------w- c:\windows\system32\dllcache\usbd.sys
2013-10-16 13:40 . 2013-07-03 02:12 25088 ------w- c:\windows\system32\dllcache\hidparse.sys
2013-10-16 13:40 . 2013-07-03 01:59 14976 ------w- c:\windows\system32\dllcache\usbscan.sys
2013-10-16 13:40 . 2013-07-17 00:58 123008 ------w- c:\windows\system32\dllcache\usbvideo.sys
2013-09-25 18:58 . 2013-09-25 18:58 -------- d-----w- c:\documents and settings\E MCCABE\Application Data\AVG2014
2013-09-25 18:52 . 2013-09-25 18:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2014
2013-09-25 18:44 . 2013-09-25 20:37 -------- d-----w- c:\documents and settings\E MCCABE\Local Settings\Application Data\Avg2014
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-08 18:24 . 2012-09-15 21:33 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-08 18:24 . 2011-06-08 17:48 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-01 19:56 . 2012-08-30 18:11 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-09-25 19:57 . 2013-08-01 15:06 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-09-23 18:33 . 2004-08-10 11:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2004-08-10 11:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2004-08-10 11:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2004-08-10 11:50 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2004-08-10 11:51 385024 ----a-w- c:\windows\system32\html.iec
2013-09-10 21:11 . 2011-12-23 12:32 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-08 21:12 . 2010-09-07 03:48 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-02 09:39 . 2010-09-07 03:48 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-09-02 09:28 . 2012-04-19 03:50 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-09-02 09:28 . 2011-12-23 12:32 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-09-02 09:28 . 2012-08-09 12:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-29 01:31 . 2004-08-10 11:51 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 21:54 . 2010-09-07 03:48 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-08-09 01:56 . 2004-08-10 11:51 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2004-08-03 22:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2006-07-29 21:31 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2001-08-17 13:03 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2004-08-10 11:51 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 13:18 . 2006-10-18 21:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-01 15:08 . 2010-09-07 03:49 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\atapi.sys
.
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[7] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[7] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[7] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[7] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\kbdclass.sys
[7] 2004-08-03 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[7] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[7] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[7] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[7] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
.
[7] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll
[7] 2012-07-06 . CFD4E51402DA9838B5A04AE680AF54A0 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\dllcache\browser.dll
[7] 2012-07-06 . FC6D1D80588D371F0321E15A75B2F8F2 . 78336 . . [5.1.2600.6260] . . c:\windows\$hf_mig$\KB2705219\SP3QFE\browser.dll
[7] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2705219$\browser.dll
[7] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[7] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[7] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[7] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[7] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[7] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[7] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 36739B39267914BA69AD0610A0299732 . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . 3516D8A18B36784B1005B950B84232E1 . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
.
[7] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[7] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[7] 2004-08-04 04:00 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[7] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[7] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[7] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[7] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[7] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . DA383FB39A6F1C445F3AFC94B3EB1248 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
.
[7] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[7] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[7] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[7] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[7] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[7] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[7] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
.
[7] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[7] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2006-08-25 . B0124CB21D28B1C9F678B566B6B57D92 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . C4E80875C1CF1222FC5EFD0314AE5C01 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[7] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[7] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[7] 2008-07-07 20:32 . 60D1A6342238378BFB7545C81EE3606C . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[7] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[7] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[7] 2008-07-07 20:06 . A4AB3DCA4A383F0DF4988ABDEB84F9A4 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[7] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
.
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[7] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[7] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[7] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:\windows\system32\kernel32.dll
[7] 2012-10-03 . 6FE42512AB1B89F32A7407F261B1D2D0 . 990208 . . [5.1.2600.6293] . . c:\windows\system32\dllcache\kernel32.dll
[7] 2012-10-03 . 6CBFEEB384F04681AF75F495AA48DD32 . 991744 . . [5.1.2600.6293] . . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll
[7] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\$NtUninstallKB2758857$\kernel32.dll
[7] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 09F7CB3687F86EDAA4CA081F7AB66C03 . 986112 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . A01F9CA902A88F7CED06884174D6419D . 984576 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . 0FDD84928A5DDE2510761B7EC76CCEC9 . 985088 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
.
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[7] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[7] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[7] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[7] 2013-09-23 . 579017CF9C919429188190DAE79BB8FC . 6017536 . . [8.00.6001.23532] . . c:\windows\SoftwareDistribution\Download\8234a21547c518ea07337bc5b7917628\SP3QFE\mshtml.dll
[7] 2013-09-23 . 579017CF9C919429188190DAE79BB8FC . 6017536 . . [8.00.6001.23532] . . c:\windows\system32\mshtml.dll
[7] 2013-09-23 . 579017CF9C919429188190DAE79BB8FC . 6017536 . . [8.00.6001.23532] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2013-08-08 . 4C9AFE1AE4112D260A3E7846C60C774D . 6017536 . . [8.00.6001.23520] . . c:\windows\ie8updates\KB2879017-IE8\mshtml.dll
[7] 2013-07-26 . 17965D48033D1A6E6320AA867351CC21 . 6017536 . . [8.00.6001.23515] . . c:\windows\ie8updates\KB2870699-IE8\mshtml.dll
[7] 2013-06-07 . 76A0CF7F71B56CF9CCF46536AFFE3E26 . 6017536 . . [8.00.6001.23507] . . c:\windows\ie8updates\KB2862772-IE8\mshtml.dll
[7] 2013-05-17 . 05CF1926E4E7B6D91D66BD5CD54FC1F0 . 6014976 . . [8.00.6001.23501] . . c:\windows\ie8updates\KB2846071-IE8\mshtml.dll
[7] 2013-05-07 . 6DD9251C4D427DE5EB828E0BFFB95C5A . 6015488 . . [8.00.6001.23487] . . c:\windows\ie8updates\KB2838727-IE8\mshtml.dll
[7] 2013-03-02 . 85FE43A44239E406D7BB9513569D4D00 . 6012416 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2847204-IE8\mshtml.dll
[7] 2013-03-02 . 990F4518E1607F445969C12F014E4E29 . 6013440 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\mshtml.dll
[7] 2013-03-01 . 937091E40652C6B1B6C1A71EB90C08E1 . 6011392 . . [8.00.6001.19403] . . c:\windows\ie8updates\KB2817183-IE8\mshtml.dll
[7] 2013-03-01 . AE3A26C04C794E5451ADF6872F7D48F4 . 6012928 . . [8.00.6001.23471] . . c:\windows\$hf_mig$\KB2809289-IE8\SP3QFE\mshtml.dll
[7] 2013-01-09 . 99E9E2606FB13ADB711935FE8E8E29C1 . 6011904 . . [8.00.6001.23468] . . c:\windows\$hf_mig$\KB2792100-IE8\SP3QFE\mshtml.dll
[7] 2013-01-08 . 727C9E97CB26879C17A30484C2C76E98 . 6010368 . . [8.00.6001.19400] . . c:\windows\ie8updates\KB2809289-IE8\mshtml.dll
[7] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:\windows\ie8updates\KB2792100-IE8\mshtml.dll
[7] 2013-01-06 . 14FD1CAEFB6D2749019AC2F54859568C . 6011392 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2799329-IE8\SP3QFE\mshtml.dll
[7] 2012-11-13 . 02D8509E2362D777DEBFFC05C022CBF2 . 6010880 . . [8.00.6001.23461] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll
[7] 2012-11-12 . 9C46E5C82F94D9AEDD2CE798F0DF1158 . 6008832 . . [8.00.6001.19393] . . c:\windows\ie8updates\KB2799329-IE8\mshtml.dll
[7] 2012-08-28 . DF3C3CA94CBC9DE07AC3EB49440A8D45 . 6008832 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\mshtml.dll
[7] 2012-08-28 . CF6B381C3518AB328382429CAE206D64 . 6010368 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll
[7] 2012-07-02 . 13D2E016B784730A98F24D6E5BEED22F . 6008320 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\mshtml.dll
[7] 2012-07-02 . DF599AC52B62DE001E42D36F92B45E68 . 6010368 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\mshtml.dll
[7] 2012-05-11 . 886B62A906B3967CBBF0FD2C833A30BF . 6007808 . . [8.00.6001.19258] . . c:\windows\ie8updates\KB2722913-IE8\mshtml.dll
[7] 2012-05-11 . 55F148B94246A77FB4AC33346671CAC8 . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll
[7] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll
[7] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll
[7] 2011-12-17 . A9259CD226283CD4F798C00909754A94 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll
[7] 2011-12-17 . 49B88A833ECA99EFBFFC5AAE5CC998ED . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll
[7] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll
[7] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[7] 2011-10-03 . 4963CB503600FC3BCBDBFBA51FBA1FAC . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[7] 2011-10-03 . 1240A6B7B470BED0AA6C9FEC7AB0EA26 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[7] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[7] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[7] 2011-05-30 . 22BA5235EA846EDA87F68A1DCC2BFCF9 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[7] 2011-05-30 . D0B1DB576941CB0B6669B8752FFAC79A . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[7] 2011-02-22 . 3422847AA07E37076A87D0B7D5044DC6 . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[7] 2011-02-22 . C2EF2335F1B6C2BE20A67D9098F6C9A1 . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[7] 2010-12-20 . 1EDCEC5D649DBAC37ED9FFB5A14CEB0C . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll
[7] 2010-12-20 . 2A2C070EC691CE410533A1DA7AA3CD86 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[7] 2010-11-06 . 864E69F32656A7121444BA0193D7B64B . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[7] 2010-11-06 . D7CCA87057901C87ED8CC40DDCC7FA1B . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
[7] 2010-09-10 . DE41132DA8E5A3CD57201C6F2175EC05 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
[7] 2010-09-10 . 8A03CC037E6B7D1796192815231B0C3F . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[7] 2010-06-24 . 94DC7E938C57F3C3D1BC4A0F68FC5830 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[7] 2010-06-24 . 4D7EF94795384CD2BBAAB078B7929FEA . 5951488 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\mshtml.dll
[7] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2183461-IE8\mshtml.dll
[7] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-25 . 7054F6ADC9B670887659F1561603B0D0 . 5944832 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2010-02-25 . 974772C74DA7C7A8E7C813A9908A845F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2009-12-21 . BE6EEBEF636773A8E7A82214E81C563A . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[7] 2009-12-21 . E6B64C6C729BBC38AB7CC92CE33F97A5 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . C0F9AC6FAB2C788FFEE3E69585A0E93F . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . CBB1EF54B86EDB78649909DD1699E5CA . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-22 . CDA69BC1C23B0EA033B989F67CB722FF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . A6CF28C6E0B6D10098AB601D85EE55E8 . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 0E49677EE57A928765FC47FFBACD5326 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . B68F6E6C66D17D9EDABF3D5DA71046DA . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . 5A32B43A48D6DCA339BF24105D9A028F . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . F25D866DD486AD30E05E5596CB363C3E . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-05-13 . EEAADAA744B20E68CF5EB4FBB4F8AFA9 . 5936128 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\mshtml.dll
[7] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 1290E417BF806185CC7B2845E78A104E . 5936128 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\mshtml.dll
[7] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\ie8\mshtml.dll
[7] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . 1BB754AB47B327DE8DBF2FA18C36357C . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . C7C3E41CC2F6EB4A629FE2184136C098 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
[7] 2009-01-16 . 3B413267DA8AE71C20E5EF3E54F74728 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . CC9D001B7370B292C35B366CA05B12B4 . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . 121EC39A64D64205A88C2C45B034B455 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . C79FAD61CD4A26ED5AA8C16D991C6FBD . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 . EACAEDEF6FA2A969DE5B36190D45396F . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 . B74F31A4BD83797D7A083F922169287D . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 1AD035E04A7068EC2820B055A3131ED8 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 . 25CC085720EE3617FD1F8AB9E2F7CAB2 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2008-04-23 . 8976CAB317105F7431B08EA32AB73C65 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2008-04-23 . 4D612FF5D3B7EEF200595AE6F95D5E68 . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[7] 2008-03-01 . AB2C88167D78D71D93558ACECB24CC7A . 3591680 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[7] 2008-03-01 . 4EE273E2B09317C1217EF0DB91F93534 . 3593216 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\mshtml.dll
[7] 2007-12-08 . A097C36412455F0C7E42377FAF8809B7 . 3592192 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\mshtml.dll
[7] 2007-12-07 . 976C46ED4A75FC66D9C596778898CE1E . 3593216 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\mshtml.dll
[7] 2007-10-30 . 54D8B404F17AA74C666F7F3AEF2AE459 . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[7] 2007-10-30 . 8AB7ECF59D6EBBE986277B65ED4A40A1 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB944533-IE7\mshtml.dll
[7] 2007-08-20 . E267EE248CDA7667C19001C069DE867B . 3584512 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[7] 2007-08-20 . AA8A4BD78D24FCDB96DDAEE3756AA372 . 3592192 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
[7] 2007-07-19 . BD609A26B683332A0E0E1445C5724851 . 3583488 . . [7.00.6000.16525] . . c:\windows\ie7updates\KB939653-IE7\mshtml.dll
[7] 2007-07-18 . 7CE243CFD47AD0DC431586CB8C542A11 . 3584000 . . [7.00.6000.20641] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\mshtml.dll
[7] 2007-05-08 . 1D4E3B86C601A2497C99790CC4D7DF26 . 3584000 . . [7.00.6000.20591] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\mshtml.dll
[7] 2007-05-08 . 5D90A7200F72DACE663EE78DE234FCC7 . 3583488 . . [7.00.6000.16481] . . c:\windows\ie7updates\KB937143-IE7\mshtml.dll
[7] 2007-03-07 . 190E1AE9B973049B12A67BAD478C770C . 3581952 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\mshtml.dll
[7] 2007-03-07 . DA297A862E5F093A07D37C05F608C686 . 3582976 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\mshtml.dll
[7] 2007-01-12 . 5D45318804A30CE9D6EA83066E84B4A7 . 3580416 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\mshtml.dll
[7] 2006-11-07 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\mshtml.dll
[-] 2006-10-23 . 88E1C15BB1A9ED3CBA4D6F2F408D5010 . 3061248 . . [6.00.2900.3020] . . c:\windows\ie7\mshtml.dll
[-] 2006-03-23 . ABCD123F888E4E97C8751378CCCC4F26 . 3055616 . . [6.00.2900.2873] . . c:\windows\$hf_mig$\KB912812\SP2QFE\mshtml.dll
[-] 2006-02-01 . 51C91AC189321A320FC4BC90B56255A3 . 3073024 . . [6.00.2900.2838] . . c:\windows\$hf_mig$\KB912945\SP2QFE\mshtml.dll
.
[7] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[7] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[7] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[7] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[7] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[7] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[7] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[7] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[7] 2008-06-20 . 097722F235A1FB698BF9234E01B52637 . 245248 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[7] 2008-06-20 . 1DFCA7713EA5A70D5D93B436AEA0317A . 245248 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[7] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[7] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
.
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[7] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[7] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[7] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[7] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[7] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[7] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[7] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[7] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[7] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[7] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[7] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[7] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 7AA4F6C00405DFC4B70ED4214E7D687B . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . B409909F6E2E8A7067076ED748ABF1E7 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
.
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[7] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[7] 2013-09-23 . D73F1BE00684E675571015B3A5880F5B . 920064 . . [8.00.6001.23532] . . c:\windows\SoftwareDistribution\Download\8234a21547c518ea07337bc5b7917628\SP3QFE\wininet.dll
[7] 2013-09-23 . D73F1BE00684E675571015B3A5880F5B . 920064 . . [8.00.6001.23532] . . c:\windows\system32\wininet.dll
[7] 2013-09-23 . D73F1BE00684E675571015B3A5880F5B . 920064 . . [8.00.6001.23532] . . c:\windows\system32\dllcache\wininet.dll
[7] 2013-08-08 . F1BD516A4446B737BAEFB9FBAA92F01A . 920064 . . [8.00.6001.23520] . . c:\windows\ie8updates\KB2879017-IE8\wininet.dll
[7] 2013-07-26 . D46E195D0C76D430D73576CDAC763F78 . 920064 . . [8.00.6001.23515] . . c:\windows\ie8updates\KB2870699-IE8\wininet.dll
[7] 2013-06-07 . C087CC88D7CD554409CBB5EBC29E8E38 . 920064 . . [8.00.6001.23507] . . c:\windows\ie8updates\KB2862772-IE8\wininet.dll
[7] 2013-05-07 . CE5BA470204A3176E60721C4B63B8DF3 . 920064 . . [8.00.6001.23499] . . c:\windows\ie8updates\KB2846071-IE8\wininet.dll
[7] 2013-04-16 . 5C4AAC5A91422C95522ECC6C26FB93C8 . 920064 . . [8.00.6001.23486] . . c:\windows\ie8updates\KB2838727-IE8\wininet.dll
[7] 2013-03-02 . DA5B96A293B006572209E5EAC9F3A045 . 916480 . . [8.00.6001.19412] . . c:\windows\ie8updates\KB2829530-IE8\wininet.dll
[7] 2013-03-02 . 43EADBA9F3CD2A5F01B189BD95FCDE95 . 920064 . . [8.00.6001.23480] . . c:\windows\$hf_mig$\KB2817183-IE8\SP3QFE\wininet.dll
[7] 2013-02-05 . 5AACF4B4DEE1972B7952E8A747122232 . 916480 . . [8.00.6001.19401] . . c:\windows\ie8updates\KB2817183-IE8\wininet.dll
[7] 2013-02-05 . BE30BEF4C13065D09772F9895FCB9D22 . 920064 . . [8.00.6001.23469] . . c:\windows\$hf_mig$\KB2809289-IE8\SP3QFE\wininet.dll
[7] 2012-12-26 . D175F91A4C98B8848818C9B5089F88A2 . 916480 . . [8.00.6001.19394] . . c:\windows\ie8updates\KB2809289-IE8\wininet.dll
[7] 2012-12-26 . B8BEF9519A1B124DEAF94081F6C5A767 . 920064 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2792100-IE8\SP3QFE\wininet.dll
[7] 2012-11-01 . 9AD88EA663124336E88EB031F917CE20 . 916992 . . [8.00.6001.19389] . . c:\windows\ie8updates\KB2792100-IE8\wininet.dll
[7] 2012-11-01 . ACC92628CFFF9BB6F8886329888014A8 . 920064 . . [8.00.6001.23458] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[7] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\wininet.dll
[7] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
[7] 2012-07-02 . C4300CB4D20B1159DC77E01E8A2525EC . 916992 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\wininet.dll
[7] 2012-07-02 . EFB2241DE3AA6480521A16D0CB67B0EC . 920064 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll
[7] 2012-05-16 . 6B1774334E2975AA60596E54F5EA1430 . 916992 . . [8.00.6001.19272] . . c:\windows\ie8updates\KB2722913-IE8\wininet.dll
[7] 2012-05-16 . 553AD35768CD27959391DD5AA82CEF6F . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll
[7] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll
[7] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll
[7] 2011-12-17 . F362D50FBDC6E34918DF41BDE1770E5C . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll
[7] 2011-12-17 . 84A48E9818E8440DDBFD8EEC37C8A937 . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll
[7] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll
[7] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[7] 2011-08-22 . 1A377838B4B468E37C3EEB5BAA24F925 . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[7] 2011-08-22 . 19630AEBBFAEB06984CAB91848270AAF . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[7] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[7] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[7] 2011-04-25 . CC951C2212A200475A587A440E0AA804 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[7] 2011-04-25 . 7F4F1697001B9E9A7924D219DC215903 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[7] 2011-02-22 . A9FA95F0D7F511959AC721E4843E5967 . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[7] 2011-02-22 . F192D49EEFE297FA858B2C774BA2291D . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[7] 2010-12-20 . 88014D62B5E3CDB0AC67948D86C926C8 . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll
[7] 2010-12-20 . 5504B4ECCE892EB82CD2C5FA71940AC1 . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[7] 2010-11-06 . 9357C4249F4810FB0E49C13387A8A77C . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[7] 2010-11-06 . 306A2B05EA9846278113964DC6E2C940 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll
[7] 2010-09-10 . 36FE8ABC59AAFBE20CBE54BC372F9429 . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll
[7] 2010-09-10 . 0555E190DCD06B8998E6DDCA42DAEB82 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[7] 2010-06-24 . 60237E50D575FBA9BEC9BC043F157149 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[7] 2010-06-24 . D3DEB6B2B424AC93DE3801EAEB21A9A5 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll
[7] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll
[7] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-25 . 7A42CFED96CDA7F2FB1A26D1F9F65775 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2010-02-25 . 4458D59F2B0369F4D3B137541D284041 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2009-12-21 . FF4241C74E0C0A5AFFFE05F584213ECB . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[7] 2009-12-21 . 5E1F666B8955FD77E65D65C4C4D882A3 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . 6AF52998B90F72FF2325D84D90EDA1CC . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . 75240F6EDBCE7B85DF66874407D38A4F . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-08-29 . CF0A5FE05BF614C24950D8FAEC1BC309 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . 972B226BDAD71C55F3CC9A72BBF8F1C1 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 7E8A47A2E6561274B83E257CE74803FD . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-07-03 . 38114DAB42FB2EB84D1726C42B8D80C5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-05-13 . 366C72AF6970DB7BB39AB0142BF09DB5 . 915456 . . [8.00.6001.18783] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3GDR\wininet.dll
[7] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . C0EB6850C8A02A154281749DC61FAF22 . 915456 . . [8.00.6001.22873] . . c:\windows\SoftwareDistribution\Download\97fe76a20161cb86e78057600e7c82a0\SP3QFE\wininet.dll
[7] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie8\wininet.dll
[7] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 28775945CCD53DEE280EF58DEA1A94C4 . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
[7] 2009-03-03 . C8667854873938CA13C986F16B0CD183 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2008-12-20 . 044E0A4E9FE97C0FB9AFE9C89E2A82E6 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . A82935D32D0672E8FF4E91AE398E901C . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 6741EAF7B7F110E803A6E38F6E5FA6B0 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . 0D5B75171FF51775B630A431B6C667E8 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 77C192FE56A70D7FA0247BA0A6201C32 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . EF8EBA98145BFA44E80D17A3B3453300 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2008-04-23 . F6589BE784647CFDBC22EA51CCB1A57A . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2008-04-23 . 41546B396A526918DA7995A02EA04E51 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[7] 2008-03-01 . AD21461AEF8244EDEC2EF18E55E1DCF3 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[7] 2008-03-01 . 6316C2F0C61271C8ABDFF7429174879E . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[7] 2007-12-07 . 806D274C9A6C3AAEA5EAE8E4AF841E04 . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll
[7] 2007-12-07 . B5B411BB229AE6EAD7652A32ED47BFB9 . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[7] 2007-10-10 . 30C1E0F34AD2972C72A01DB5C74AB065 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll
[7] 2007-10-10 . 0E5D918F87EFA7D2424D66B499C7EB04 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[7] 2007-08-20 . 774435E499D8E9643EC961A6103C361F . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[7] 2007-08-20 . 357D54BF94FE9D6D8505A96B5C2A3BCA . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
[7] 2007-06-27 . D6ED5E042C5207553E7F5E842918137F . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll
[7] 2007-06-27 . 8068CBB58FE60CC95AEB2CFF70178208 . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll
[7] 2007-04-25 . 431DEFBB4A3D7B0DC062C1B064623A2F . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll
[7] 2007-04-25 . 0586A7F0B2FDB94D624F399D4728E7C8 . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll
[7] 2007-03-07 . 5B35DAE6E4886F64D1DA58C4E3E01EB9 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll
[7] 2007-03-07 . B8F4DB39CA7353752F245379D285C80E . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll
[7] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\wininet.dll
[7] 2006-11-07 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\wininet.dll
[-] 2006-10-23 . 231EF4179ACABE486376B5CA893F1076 . 664576 . . [6.00.2900.3020] . . c:\windows\ie7\wininet.dll
[-] 2006-03-04 . C0845ECBF4F9164E618EE381B79C9032 . 663552 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll
[-] 2006-01-09 . DDE9597A3311748C1519444E2BC147BD . 662016 . . [6.00.2900.2823] . . c:\windows\$hf_mig$\KB912945\SP2QFE\wininet.dll
.
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[7] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[7] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[7] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[7] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . 7712DF0CDDE3A5AC89843E61CD5B3658 . 1033216 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 . 97BD6515465659FF8F3B7BE375B2EA87 . 1033216 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2013-08-05 . 59B408E5B8489B0B36A0D783D150EDCC . 1289728 . . [5.1.2600.6435] . . c:\windows\system32\ole32.dll
[7] 2013-08-05 . 59B408E5B8489B0B36A0D783D150EDCC . 1289728 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\$NtUninstallKB2876217$\ole32.dll
[7] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2005-07-26 . AB8231D13692AC5088EB9C226B0C0576 . 1285120 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll
[-] 2005-07-26 . A2F755E237FA2CDD748A80BFBE6657F3 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . 7440D29F257B7E44329343F944F2142C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
.
[7] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\usp10.dll
[7] 2013-07-10 . 1D845821F5ADB076831DE4C2818F858B . 406016 . . [1.0420.2600.6421] . . c:\windows\system32\dllcache\usp10.dll
[7] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\$NtUninstallKB2850869$\usp10.dll
[7] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[7] 2004-08-04 . 2EB58F9DCD6AB320B46744A4EA48B2D2 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
[7] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[7] 2004-08-03 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[7] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[7] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[7] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[7] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2006-12-19 . 6815DEF9B810AEFAC107EEAF72DA6F82 . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
[-] 2006-12-19 . 53D9184A21C5CBF600D918E51EF3A7E5 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll
.
[7] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[7] 2008-04-14 . AFFC87E2501FCE8F09D4C10BA6421CCF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[7] 2004-08-04 . B5331F2B6F37C66C29C847F3B94FF900 . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[7] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[7] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[7] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[7] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[7] 2010-12-09 . 15CE4DBC22FAB90B3CA5352AF1FFF81C . 718336 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
[7] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll
[7] 2010-12-09 . F8F0D25CA553E39DDE485D8FC7FCCE89 . 718336 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll
[7] 2009-02-09 . B0913005EE3FC15D7F72472D0B8A30EB . 715264 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[7] 2008-04-14 . 27D9ED8CB8B62D1E0A8E5ACE6CF52E2F . 706048 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll
[7] 2004-08-04 . BB5CBFFC096497506167BCE1D9690EF2 . 708096 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll
.
[7] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[7] 2008-04-14 . 5733177BCF16EE78B99543C9B0AB81EA . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[7] 2004-08-04 . D87041EAA67ECA4394F6D5D09C0C2885 . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[7] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[7] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[7] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[7] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[7] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[7] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[7] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[7] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[7] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[7] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[7] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[7] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[7] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[7] 2004-08-04 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
.
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[7] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[7] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[7] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[7] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[7] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[7] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:17 . 925F8B61ED301A317BA850EBEECBDAA0 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
.
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[7] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[7] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[7] 2006-10-18 21:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[7] 2006-10-18 21:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[7] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[7] 2004-08-11 00:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-04 04:00 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[7] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\system32\ntkrnlpa.exe
[7] 2013-07-04 . 4C47B37CF351FFEB1227CED0FF4751D5 . 2070144 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2013-05-03 . E9549ED22AC6A6D8A937DE88EA42646C . 2070144 . . [5.1.2600.6387] . . c:\windows\$NtUninstallKB2859537$\ntkrnlpa.exe
[7] 2013-03-07 . 9EBEDA306E5EABDABCFF8B695FCD4CD6 . 2070016 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntkrnlpa.exe
[7] 2013-03-07 . 9C8E896FCF103F943EB3F405A974447D . 2070016 . . [5.1.2600.6368] . . c:\windows\$NtUninstallKB2839229$\ntkrnlpa.exe
[7] 2013-01-07 . 1251D608DFCE4B6801AD27A59B74985C . 2069760 . . [5.1.2600.6335] . . c:\windows\$hf_mig$\KB2799494\SP3QFE\ntkrnlpa.exe
[7] 2013-01-07 . 864E6F476699C1E3E020CE66462785FE . 2069760 . . [5.1.2600.6335] . . c:\windows\$NtUninstallKB2813170$\ntkrnlpa.exe
[7] 2012-08-21 . B326D5E256D2F32B23E64F49DEBCE31B . 2069632 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe
[7] 2012-08-21 . B2D4FD49DDEF6DEF6900DAAC5730F425 . 2069632 . . [5.1.2600.6284] . . c:\windows\$NtUninstallKB2799494$\ntkrnlpa.exe
[7] 2012-05-04 . 8E99A0CE02C1BEDA6C0935A4DDE9CEAA . 2069120 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
[7] 2012-05-04 . 5DD80D56AF1CEFBFF4F25951069B55BB . 2069120 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntkrnlpa.exe
[7] 2012-04-11 . 063A0F8A90D8E2B802E5243FE9AABCF3 . 2069120 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
[7] 2012-04-11 . 0C9E44D256948FA68AE10D67984862CE . 2069120 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
[7] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[7] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
[7] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 84FF488E249DBD2050EB39EA81C6F5C2 . 2069376 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[7] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-08 . FFDCE1EEA79C678C40237D4E031E5B51 . 2066176 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 . A25E9B86EFFB2AF33BF51E676B68BFB0 . 2066048 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2007-02-28 . 4D3DBDCCBF97F5BA1E74F322B155C3BA . 2059392 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2005-03-02 . D8ABA3EAB509627E707A3B14F00FBB6B . 2056832 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
.
[7] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[7] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[7] 2004-08-04 04:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[7] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 36ACA6CDC19C95FF468A1426EB7F32F0 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . ACA5D98663D879C6BAAFCEA7E2F1B710 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[7] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[7] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[7] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[7] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[7] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[7] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[7] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[7] 2004-08-04 04:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[7] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[7] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[7] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[7] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[7] 2009-04-25 . 092A7F2B49A19ECCE5369D3CB2276148 . 636088 . . [7.00.6000.16850] . . c:\windows\ie8\iexplore.exe
.
.
[7] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\system32\ntoskrnl.exe
[7] 2013-07-04 . A4A50A53FFBFEC545CDA85E98AF2106B . 2193536 . . [5.1.2600.6419] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2013-05-03 . C97D686343987EEECB2600C15D4762E4 . 2193536 . . [5.1.2600.6387] . . c:\windows\$NtUninstallKB2859537$\ntoskrnl.exe
[7] 2013-03-07 . 9FC16E5EBFE88F3C844FFE2E6CB7F1E8 . 2193536 . . [5.1.2600.6368] . . c:\windows\$hf_mig$\KB2813170\SP3QFE\ntoskrnl.exe
[7] 2013-03-07 . 3FD65320312C8411B72E33DA8661D36A . 2193408 . . [5.1.2600.6368] . . c:\windows\$NtUninstallKB2839229$\ntoskrnl.exe
[7] 2013-01-07 . AE2FEE63789F5DF6B19DD9A39E26D03E . 2193152 . . [5.1.2600.6335] . . c:\windows\$hf_mig$\KB2799494\SP3QFE\ntoskrnl.exe
[7] 2013-01-07 . CB8E341AFD9042EE70E51715D9A23B1E . 2193024 . . [5.1.2600.6335] . . c:\windows\$NtUninstallKB2813170$\ntoskrnl.exe
[7] 2012-08-21 . ECA5980E1A78DBF9CB7F49F76791C0D1 . 2193024 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe
[7] 2012-08-21 . 49FB9F4A7CE25B82B1E00C402783F5C5 . 2192896 . . [5.1.2600.6284] . . c:\windows\$NtUninstallKB2799494$\ntoskrnl.exe
[7] 2012-05-04 . 099A0F80A563EBE935F4A9750F96C219 . 2192640 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
[7] 2012-05-04 . DDF0CB8CD3C6007CDF4AD8F0409ED930 . 2192640 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntoskrnl.exe
[7] 2012-04-11 . 8D061BB825BC606C2B1C6F7452D1BAAA . 2192640 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
[7] 2012-04-11 . 536168936EBF326E36C655EC5AE34B03 . 2192640 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
[7] 2011-10-25 . F512C662874D7545E5BD8005E6800A44 . 2192768 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[7] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
[7] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . 64C1ADF6DF629F340C5A439FE0EF8ED1 . 2192768 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[7] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-12-08 . 05BE3D9A71972223AFF6A3C823BA51B1 . 2189312 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 . 31914172342BFF330063F343AC6958FE . 2189184 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . 5A5C8DB4AA962C714C8371FBDF189FC9 . 2182144 . . [5.1.2600.3093] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2005-03-02 . 28187802B7C368C0D3AEF7D4C382AABB . 2179456 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
.
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[7] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[7] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[7] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[7] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[7] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . D9F097AA3B97034D3358A01B43E635B2 . 333824 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B6763F8534AC547CF1AF98AFDFF2EDC8 . 333824 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[7] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[7] 2004-08-04 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[7] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . B5D08C96B2DADAF5171FB69E341B272B . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 5F098BD2AE6B03044B085DECFFDF91EC . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[7] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[7] 2008-04-14 . 4E3D06D6E68EEDB52565080F55B460D3 . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[7] 2004-08-04 . A7F95A53EE055115DF03588997A47D4D . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-07 4908592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-9-15 813584]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe -s [2008-9-10 1531904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]
c:\documents and settings\E MCCABE\Start Menu\Programs\Dell\Dell System Detect.appref-ms [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2006-02-09 22:34 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2005-09-08 04:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 02:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 09:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 09:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 11:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-10-25 19:13 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool09\\ENEasyApp.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 04:50 145720]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [09/08/2012 13:56 223032]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [07/09/2010 04:48 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [01/08/2013 16:06 120632]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 209208]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/09/2010 04:48 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [07/09/2010 04:49 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30/08/2012 19:11 37664]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [25/09/2013 21:47 301152]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [15/09/2010 14:41 10384]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [03/10/2013 22:00 3538480]
S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe --> c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [?]
S3 HCW77BDA;Hauppauge Nova-T Stick DVB-T Tuner;c:\windows\system32\drivers\hcw70bda.sys [17/01/2007 19:12 118850]
S3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\system32\drivers\hcw99rc.sys [17/01/2007 19:14 56792]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [16/11/2008 00:52 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [16/11/2008 00:55 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [16/11/2008 00:55 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [16/11/2008 00:58 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [16/11/2008 01:00 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [16/11/2008 00:56 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [16/11/2008 00:59 97704]
S3 U6000ALL;U6000 TV Box(ALL);c:\windows\system32\drivers\U6000ALL.sys [23/02/2010 16:00 230784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 13:51 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 18:24]
.
2013-10-06 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 11:43]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 19:01]
.
2013-10-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 19:01]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.sky.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\E MCCABE\Application Data\Mozilla\Firefox\Profiles\myzpsnvh.default-1381952312265\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre7\bin\jusched.exe
MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
MSConfigStartUp-MultiScreen - c:\program files\MultiScreen\MultiScreen.exe
MSConfigStartUp-Sony Ericsson PC Suite - c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
MSConfigStartUp-SpeedTouch USB Diagnostics - c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_08\bin\jusched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-22 13:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(836)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Completion time: 2013-10-22 13:26:32
ComboFix-quarantined-files.txt 2013-10-22 12:26
.
Pre-Run: 53,192,183,808 bytes free
Post-Run: 53,480,345,600 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - B9A312E4BCCF7FB1777A7D54D1787584
5CB90281D1A59B251F6603134774EEC3
  • 0

#8
emeraldnzl
Posted 22 October 2013 - 12:32 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please run the System File Checker.

Follow these steps:

  • Click Start > Run and type sfc /scannow (note the space, it should be there), and then press ENTER.
  • Follow the prompts throughout the System File Checker process.
  • Restart your computer when System File Checker process is complete.
Next

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:


Driver::
vToolbarUpdater17.0.12

File::
c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe

Reboot::

Save this as CFScript.txt, in the same location as ComboFix.exe

Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt. Please post that here for further review.
  • 0

#9
bytesize
Posted 22 October 2013 - 06:13 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
The sfc /scannow ran ok from the run command box. Here is the combofix log


ComboFix 13-10-21.01 - E MCCABE 22/10/2013 23:45:35.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.428 [GMT 1:00]
Running from: c:\documents and settings\E MCCABE\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\E MCCABE\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_VTOOLBARUPDATER17.0.12
-------\Service_vToolbarUpdater17.0.12
.
.
((((((((((((((((((((((((( Files Created from 2013-09-22 to 2013-10-22 )))))))))))))))))))))))))))))))
.
.
2013-10-22 22:23 . 2008-04-14 00:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll
2013-10-22 22:23 . 2001-08-17 21:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll
2013-10-22 22:23 . 2008-04-14 00:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll
2013-10-22 22:23 . 2001-08-17 21:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe
2013-10-22 22:23 . 2001-08-17 21:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe
2013-10-22 22:23 . 2001-08-17 21:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe
2013-10-22 22:23 . 2001-08-17 11:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys
2013-10-22 22:23 . 2004-08-03 21:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys
2013-10-22 22:23 . 2004-08-03 21:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys
2013-10-22 22:22 . 2008-04-14 00:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2013-10-22 22:22 . 2008-04-13 18:36 8832 ----a-w- c:\windows\system32\dllcache\wmiacpi.sys
2013-10-22 22:22 . 2004-08-03 21:31 154624 ----a-w- c:\windows\system32\dllcache\wlluc48.sys
2013-10-22 22:22 . 2001-08-17 11:12 34890 ----a-w- c:\windows\system32\dllcache\wlandrv2.sys
2013-10-22 22:20 . 2001-08-17 12:28 64605 ----a-w- c:\windows\system32\dllcache\vvoice.sys
2013-10-22 22:20 . 2001-08-17 12:28 397502 ----a-w- c:\windows\system32\dllcache\vpctcom.sys
2013-10-22 22:20 . 2001-08-17 12:28 604253 ----a-w- c:\windows\system32\dllcache\vmodem.sys
2013-10-22 22:20 . 2001-08-17 11:14 249402 ----a-w- c:\windows\system32\dllcache\vinwm.sys
2013-10-22 22:20 . 2001-08-17 12:49 24576 ----a-w- c:\windows\system32\dllcache\viairda.sys
2013-10-22 22:20 . 2001-08-17 12:28 687999 ----a-w- c:\windows\system32\dllcache\usrwdxjs.sys
2013-10-22 22:20 . 2001-08-17 12:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys
2013-10-22 22:20 . 2001-08-17 12:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys
2013-10-22 22:20 . 2001-08-17 12:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys
2013-10-22 22:20 . 2001-08-17 12:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys
2013-10-22 22:20 . 2001-08-17 12:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys
2013-10-22 22:18 . 2001-08-17 21:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll
2013-10-22 22:17 . 2001-08-17 13:01 241664 ----a-w- c:\windows\system32\dllcache\tosdvd02.sys
2013-10-22 22:16 . 2001-08-17 21:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll
2013-10-22 22:15 . 2001-08-17 21:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll
2013-10-22 22:14 . 2001-08-17 11:10 35913 ----a-w- c:\windows\system32\dllcache\smcirda.sys
2013-10-22 22:13 . 2001-08-17 13:56 150144 ----a-w- c:\windows\system32\dllcache\sis6306v.dll
2013-10-22 22:13 . 2001-08-17 11:50 68608 ----a-w- c:\windows\system32\dllcache\sis6306p.sys
2013-10-22 22:13 . 2001-08-17 13:56 252032 ----a-w- c:\windows\system32\dllcache\sis300iv.dll
2013-10-22 22:13 . 2001-08-17 11:50 101760 ----a-w- c:\windows\system32\dllcache\sis300ip.sys
2013-10-22 22:13 . 2004-08-04 04:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll
2013-10-22 22:13 . 2001-07-21 13:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys
2013-10-22 22:13 . 2001-07-21 13:29 18400 ----a-w- c:\windows\system32\dllcache\sgsmld.sys
2013-10-22 22:13 . 2001-08-17 11:51 98080 ----a-w- c:\windows\system32\dllcache\sgiulnt5.sys
2013-10-22 22:13 . 2001-08-17 21:36 386560 ----a-w- c:\windows\system32\dllcache\sgiul50.dll
2013-10-22 22:13 . 2001-08-17 11:19 36480 ----a-w- c:\windows\system32\dllcache\sfmanm.sys
2013-10-22 22:13 . 2001-08-17 12:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2013-10-22 22:13 . 2001-08-17 12:48 17664 ----a-w- c:\windows\system32\dllcache\sermouse.sys
2013-10-22 22:13 . 2001-08-17 21:36 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2013-10-22 22:11 . 2001-08-17 21:36 62496 ----a-w- c:\windows\system32\dllcache\s3mtrio.dll
2013-10-22 22:10 . 2001-08-17 21:36 23040 ----a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2013-10-22 22:09 . 2001-08-17 12:51 16128 ----a-w- c:\windows\system32\dllcache\pscr.sys
2013-10-22 22:08 . 2001-08-17 11:11 35328 ----a-w- c:\windows\system32\dllcache\pcntpci5.sys
2013-10-22 22:07 . 2001-08-17 12:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys
2013-10-22 22:07 . 2001-08-17 11:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys
2013-10-22 22:07 . 2001-08-17 11:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys
2013-10-22 22:07 . 2001-08-17 11:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys
2013-10-22 22:07 . 2008-04-13 18:46 61696 ----a-w- c:\windows\system32\dllcache\ohci1394.sys
2013-10-22 22:07 . 2001-08-17 11:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys
2013-10-22 22:07 . 2001-08-17 21:36 123776 ----a-w- c:\windows\system32\dllcache\nv3.dll
2013-10-22 22:07 . 2001-08-17 21:36 38912 ----a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2013-10-22 22:07 . 2001-08-17 11:49 51552 ----a-w- c:\windows\system32\dllcache\ntgrip.sys
2013-10-22 22:07 . 2001-08-17 12:47 9344 ----a-w- c:\windows\system32\dllcache\ntapm.sys
2013-10-22 22:07 . 2001-08-17 12:53 7552 ----a-w- c:\windows\system32\dllcache\nsmmc.sys
2013-10-22 22:07 . 2008-04-13 18:54 28672 ----a-w- c:\windows\system32\dllcache\nscirda.sys
2013-10-22 22:05 . 2001-08-17 11:11 52255 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys
2013-10-22 22:05 . 2001-08-17 12:50 75520 ----a-w- c:\windows\system32\dllcache\mxport.sys
2013-10-22 22:05 . 2001-08-17 21:36 7168 ----a-w- c:\windows\system32\dllcache\mxport.dll
2013-10-22 22:05 . 2001-08-17 12:49 19968 ----a-w- c:\windows\system32\dllcache\mxnic.sys
2013-10-22 22:05 . 2001-08-17 21:36 19968 ----a-w- c:\windows\system32\dllcache\mxicfg.dll
2013-10-22 22:05 . 2001-08-17 12:50 21888 ----a-w- c:\windows\system32\dllcache\mxcard.sys
2013-10-22 22:05 . 2001-08-17 11:50 103296 ----a-w- c:\windows\system32\dllcache\mtxvideo.sys
2013-10-22 22:05 . 2008-04-13 18:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys
2013-10-22 22:05 . 2001-08-17 12:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys
2013-10-22 22:05 . 2001-08-17 13:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys
2013-10-22 22:04 . 2008-04-13 18:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys
2013-10-22 22:04 . 2001-08-17 13:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys
2013-10-22 22:04 . 2001-08-17 12:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys
2013-10-22 22:04 . 2008-04-13 18:46 51200 ----a-w- c:\windows\system32\dllcache\msdv.sys
2013-10-22 22:02 . 2001-08-17 12:28 797500 ----a-w- c:\windows\system32\dllcache\ltsmt.sys
2013-10-22 22:01 . 2001-08-17 21:36 37376 ----a-w- c:\windows\system32\dllcache\kousd.dll
2013-10-22 22:01 . 2008-04-14 00:11 253952 ----a-w- c:\windows\system32\dllcache\kdsusd.dll
2013-10-22 22:01 . 2008-04-14 00:11 48640 ----a-w- c:\windows\system32\dllcache\kdsui.dll
2013-10-22 22:01 . 2004-08-04 04:00 5632 ----a-w- c:\windows\system32\dllcache\kbdusa.dll
2013-10-22 22:00 . 2004-08-04 04:00 18432 ----a-w- c:\windows\system32\dllcache\jupiw.dll
2013-10-22 22:00 . 2001-08-17 12:49 26624 ----a-w- c:\windows\system32\dllcache\irstusb.sys
2013-10-22 22:00 . 2001-08-17 12:51 18688 ----a-w- c:\windows\system32\dllcache\irsir.sys
2013-10-22 22:00 . 2008-04-14 00:11 28160 ----a-w- c:\windows\system32\dllcache\irmon.dll
2013-10-22 22:00 . 2001-08-17 12:49 23552 ----a-w- c:\windows\system32\dllcache\irmk7.sys
2013-10-22 22:00 . 2008-04-14 00:12 151552 ----a-w- c:\windows\system32\dllcache\irftp.exe
2013-10-22 22:00 . 2008-04-13 18:54 88192 ----a-w- c:\windows\system32\dllcache\irda.sys
2013-10-22 22:00 . 2001-08-17 11:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys
2013-10-22 22:00 . 2001-08-17 21:36 90200 ----a-w- c:\windows\system32\dllcache\io8ports.dll
2013-10-22 22:00 . 2001-08-17 12:50 38784 ----a-w- c:\windows\system32\dllcache\io8.sys
2013-10-22 22:00 . 2001-08-17 12:47 13056 ----a-w- c:\windows\system32\dllcache\inport.sys
2013-10-22 21:59 . 2001-08-17 21:36 372824 ----a-w- c:\windows\system32\dllcache\iconf32.dll
2013-10-22 21:59 . 2001-08-17 13:06 100992 ----a-w- c:\windows\system32\dllcache\icam5usb.sys
2013-10-22 21:59 . 2001-08-17 21:36 20480 ----a-w- c:\windows\system32\dllcache\icam5ext.dll
2013-10-22 21:59 . 2001-08-17 21:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll
2013-10-22 21:59 . 2001-08-17 13:06 154496 ----a-w- c:\windows\system32\dllcache\icam4usb.sys
2013-10-22 21:59 . 2001-08-17 21:36 61952 ----a-w- c:\windows\system32\dllcache\icam4ext.dll
2013-10-22 21:59 . 2001-08-17 21:36 91136 ----a-w- c:\windows\system32\dllcache\icam4com.dll
2013-10-22 21:59 . 2001-08-17 21:36 26624 ----a-w- c:\windows\system32\dllcache\icam3ext.dll
2013-10-22 21:59 . 2001-08-17 13:05 141056 ----a-w- c:\windows\system32\dllcache\icam3.sys
2013-10-22 21:59 . 2001-08-17 13:06 38528 ----a-w- c:\windows\system32\dllcache\ibmvcap.sys
2013-10-22 21:58 . 2001-08-17 11:12 109085 ----a-w- c:\windows\system32\dllcache\ibmtrp.sys
2013-10-22 21:58 . 2001-08-17 11:12 100936 ----a-w- c:\windows\system32\dllcache\ibmtok.sys
2013-10-22 21:58 . 2001-08-17 21:34 9216 ----a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2013-10-22 21:58 . 2001-08-17 11:11 28700 ----a-w- c:\windows\system32\dllcache\ibmexmp.sys
2013-10-22 21:58 . 2004-08-03 21:29 161020 ----a-w- c:\windows\system32\dllcache\i81xnt5.sys
2013-10-22 21:58 . 2008-04-14 00:11 702845 ----a-w- c:\windows\system32\dllcache\i81xdnt5.dll
2013-10-22 21:58 . 2001-08-17 11:49 58592 ----a-w- c:\windows\system32\dllcache\i740nt5.sys
2013-10-22 21:58 . 2001-08-17 13:56 353184 ----a-w- c:\windows\system32\dllcache\i740dnt5.dll
2013-10-22 21:58 . 2001-08-17 12:28 488383 ----a-w- c:\windows\system32\dllcache\hsf_v124.sys
2013-10-22 21:58 . 2001-08-17 12:28 50751 ----a-w- c:\windows\system32\dllcache\hsf_tone.sys
2013-10-22 21:58 . 2001-08-17 12:28 73279 ----a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2013-10-22 21:58 . 2001-08-17 12:28 44863 ----a-w- c:\windows\system32\dllcache\hsf_soar.sys
2013-10-22 21:56 . 2001-08-17 21:36 89088 ----a-w- c:\windows\system32\dllcache\hpgt33.dll
2013-10-22 21:55 . 2001-08-17 21:36 92160 ----a-w- c:\windows\system32\dllcache\fuusd.dll
2013-10-22 21:54 . 2001-08-17 12:52 7040 ----a-w- c:\windows\system32\dllcache\exabyte2.sys
2013-10-22 21:53 . 2001-08-17 11:10 25159 ----a-w- c:\windows\system32\dllcache\elnk3.sys
2013-10-22 21:52 . 2001-08-17 11:11 29696 ----a-w- c:\windows\system32\dllcache\dm9pci5.sys
2013-10-22 21:51 . 2001-08-17 21:36 110592 ----a-w- c:\windows\system32\dllcache\dc260usd.dll
2013-10-22 21:50 . 2008-04-13 18:36 13952 ----a-w- c:\windows\system32\dllcache\cmbatt.sys
2013-10-22 21:49 . 2001-08-17 12:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2013-10-22 21:48 . 2001-08-17 11:49 26624 ----a-w- c:\windows\system32\dllcache\ativxbar.sys
2013-10-22 21:47 . 2001-08-17 13:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2013-10-21 22:33 . 2013-10-21 22:33 -------- d-----w- c:\windows\ERUNT
2013-10-21 21:50 . 2013-10-21 21:50 -------- d-----w- C:\FRST
2013-10-16 20:19 . 2013-10-16 20:19 -------- d-----w- c:\program files\Defraggler
2013-10-16 20:15 . 2013-10-16 20:15 -------- d-----w- c:\documents and settings\E MCCABE\Application Data\Malwarebytes
2013-10-16 20:15 . 2013-10-16 20:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-08 18:24 . 2012-09-15 21:33 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-08 18:24 . 2011-06-08 17:48 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-01 19:56 . 2012-08-30 18:11 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-09-25 19:57 . 2013-08-01 15:06 120632 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-09-23 18:33 . 2004-08-10 11:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2004-08-10 11:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2004-08-10 11:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2004-08-10 11:50 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2004-08-10 11:51 385024 ----a-w- c:\windows\system32\html.iec
2013-09-10 21:11 . 2011-12-23 12:32 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-09-08 21:12 . 2010-09-07 03:48 27448 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-09-02 09:39 . 2010-09-07 03:48 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-09-02 09:28 . 2012-04-19 03:50 145720 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-09-02 09:28 . 2011-12-23 12:32 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-09-02 09:28 . 2012-08-09 12:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-29 01:31 . 2004-08-10 11:51 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-20 21:54 . 2010-09-07 03:48 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-08-09 01:56 . 2004-08-10 11:51 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2004-08-03 22:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2006-07-29 21:31 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2001-08-17 13:03 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2004-08-10 11:51 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 13:18 . 2006-10-18 21:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-08-01 15:08 . 2010-09-07 03:49 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2009-04-07 673616]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-10-07 4908592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-9-15 813584]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe -s [2008-9-10 1531904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect]
c:\documents and settings\E MCCABE\Start Menu\Programs\Dell\Dell System Detect.appref-ms [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2006-02-09 22:34 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2005-09-08 04:20 122940 ----a-w- c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 02:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 09:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 09:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 11:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-10-25 19:13 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool09\\ENEasyApp.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19/04/2012 04:50 145720]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [09/08/2012 13:56 223032]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [07/09/2010 04:48 27448]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [01/08/2013 16:06 120632]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23/12/2011 13:32 209208]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23/12/2011 13:32 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07/09/2010 04:48 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [07/09/2010 04:49 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30/08/2012 19:11 37664]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [25/09/2013 21:47 301152]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [15/09/2010 14:41 10384]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [03/10/2013 22:00 3538480]
S3 HCW77BDA;Hauppauge Nova-T Stick DVB-T Tuner;c:\windows\system32\drivers\hcw70bda.sys [17/01/2007 19:12 118850]
S3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\system32\drivers\hcw99rc.sys [17/01/2007 19:14 56792]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [16/11/2008 00:52 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [16/11/2008 00:55 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [16/11/2008 00:55 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [16/11/2008 00:58 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [16/11/2008 01:00 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [16/11/2008 00:56 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [16/11/2008 00:59 97704]
S3 U6000ALL;U6000 TV Box(ALL);c:\windows\system32\drivers\U6000ALL.sys [23/02/2010 16:00 230784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 13:51 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-15 18:24]
.
2013-10-22 c:\windows\Tasks\Epson Printer Software Downloader.job
- c:\program files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26 11:43]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 19:01]
.
2013-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 19:01]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.sky.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: dell.com
FF - ProfilePath - c:\documents and settings\E MCCABE\Application Data\Mozilla\Firefox\Profiles\myzpsnvh.default-1381952312265\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-10-23 00:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(836)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
- - - - - - - > 'explorer.exe'(2644)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
c:\documents and settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Completion time: 2013-10-23 00:40:19 - machine was rebooted
ComboFix-quarantined-files.txt 2013-10-22 23:40
ComboFix2.txt 2013-10-22 12:26
.
Pre-Run: 52,814,561,280 bytes free
Post-Run: 52,690,014,208 bytes free
.
- - End Of File - - 180C490BE58DADEA404A9F1D93A4ADF3
5CB90281D1A59B251F6603134774EEC3
  • 0

#10
emeraldnzl
Posted 22 October 2013 - 06:21 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your computer is now.

  • 0

Advertisements

#11
bytesize
Posted 23 October 2013 - 08:41 AM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Here is the ESET log, when I started the scan the remove infection box was ticked removed tick because that wasn't in your instructions was that ok. The computer is running a bit better. Does ESET delete the infections when it uninstalls.




ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=33b1f99d36e0c94a9240b0760dd65ceb
# engine=15596
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-23 12:47:19
# local_time=2013-10-23 01:47:19 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=87486
# found=70
# cleaned=0
# scan_time=7466
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyWebSearch\bar\c.bin\MWSOEMON.EXE.vir"
sh=CC58AAA4D83DF49405481685B1DC81F661555716 ft=1 fh=aa131a65a087aa94 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyWebSearch\bar\c.bin\MWSOESTB.DLL.vir"
sh=38A6B92B9972311CE872814FD9C66FAEFA0EA467 ft=1 fh=1e15ad8a177b2f24 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll.vir"
sh=5408427EB7F7C237112D6D1B43CBD94D284D0F2A ft=1 fh=779be9eb498d6830 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll.vir"
sh=C6DA3DC8713ED168E4A53F19EABB6B9D4FC392DB ft=1 fh=dcb51e3aa98c50e8 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll.vir"
sh=F055FF796839A348BB44A177769D928F883FDE33 ft=1 fh=aeccde3f0f4ae592 vn="a variant of Win32/Toolbar.MyWebSearch.O application" ac=I fn="C:\Documents and Settings\E MCCABE\Desktop\PopularScreensaversSetup2.3.50.22.ZRfox000(3).exe"
sh=97F903E772743720C0CF23DB3DFDE2FD18BA8A2B ft=1 fh=4c9d104236d5f5bb vn="Win32/Adware.1ClickDownload.AO application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\lshunterAppsSetup31(1).exe"
sh=97F903E772743720C0CF23DB3DFDE2FD18BA8A2B ft=1 fh=4c9d104236d5f5bb vn="Win32/Adware.1ClickDownload.AO application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\lshunterAppsSetup31.exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94(1).exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94(2).exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94.exe"
sh=0D110DF20B07C8C461874D7B4E6D7D4A460A7F9A ft=1 fh=a66b35dc147c5c37 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(43)(1).exe"
sh=0D110DF20B07C8C461874D7B4E6D7D4A460A7F9A ft=1 fh=a66b35dc147c5c37 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(43).exe"
sh=7B7A1987C964BBAE382D50181C98494C73395F40 ft=1 fh=ef5057fc95458b61 vn="Win32/Adware.Yontoo.D application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(7)(1).exe"
sh=7B7A1987C964BBAE382D50181C98494C73395F40 ft=1 fh=ef5057fc95458b61 vn="Win32/Adware.Yontoo.D application" ac=I fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(7).exe"
sh=511DEFD57D3B3D083697039B7CAB9D1FFF1F3C72 ft=1 fh=1929231a581c77b8 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195596.dll"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195597.scr"
sh=A74E14A6FD67E8C6AB5858EEECBAA047904221FD ft=1 fh=e2c9228ffc446a06 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195606.DLL"
sh=E57E0A90B08549439AF9E50D3CFA48D040779D6F ft=1 fh=d4846ea3e9fb754d vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195609.DLL"
sh=742A35C7D3CEDCD0EAF424B35FB5E861643210F0 ft=1 fh=c71c00113b3184d1 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195610.DLL"
sh=553B35576446475C5E1CA2549354A611CF3FB8FB ft=1 fh=5a8cda7259e77902 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195611.DLL"
sh=9D20A21F10E9E31AFCC580650AA965E3FF7C6D94 ft=1 fh=76076fee823aa314 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195612.DLL"
sh=9AD5F60105A1BDE49C9B915CAC7E804F33EE3982 ft=1 fh=dd92b60c04889f4b vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195613.DLL"
sh=8A4A45FC9A710289FF5309A60A0507F1032D2B80 ft=1 fh=d3594cc9e4e9159a vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195614.DLL"
sh=445B42BB7BDB14EBB75440A1E8E3D279BFDCDA62 ft=1 fh=3529f5e4f04be097 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195615.DLL"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195616.SCR"
sh=93E20BB88CAC959D7FD413D8DD51ACF19DF99942 ft=1 fh=c936f90f3a23a386 vn="Win32/Toolbar.MyWebSearch.G application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195617.DLL"
sh=FC697ECB7EE466F4C2BC66961AF0240C56730E68 ft=1 fh=c71c00111c08fe88 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195618.DLL"
sh=2489008EF2E8FB7A3BDF6014D4488D01629C7034 ft=1 fh=d7ef78037507461b vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195619.DLL"
sh=C216D5B6DB62743EBA1B84CA8DB1CE6CB42FDFF4 ft=1 fh=e822bf6716f5afd1 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195620.EXE"
sh=24A361CFF9FC7E940D5817490B0FBFB0D6928939 ft=1 fh=d34880e2efd5cdfb vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195621.DLL"
sh=0ABBC8D0284780BFA10D09F8B78C4964FFAFFECD ft=1 fh=d578256827d91e55 vn="Win32/FunWeb application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195622.DLL"
sh=28931A6A82C761C251DEC903EBFB0FCB94D63022 ft=1 fh=906c34476b4f9bff vn="Win32/Toolbar.MyWebSearch.H application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195623.DLL"
sh=8EEB7D03AE1FBAE6998A3DEDF21FD621B48C9578 ft=1 fh=b190b3232ec4d19f vn="Win32/Toolbar.MyWebSearch.I application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195624.DLL"
sh=667B3CFCD047176E948DC7056A545E7CE3DC38F0 ft=1 fh=7eaaa37c78560f6a vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195626.DLL"
sh=5D7A2184B0E8FE0D6006FEF4700A1D41AAF68452 ft=1 fh=0e0e43c796d28c6d vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195627.DLL"
sh=6494F541D7682C5569A1C7DA498A4A607A003F13 ft=1 fh=c8db75f80b0c0d21 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195628.EXE"
sh=1A0649B6A37D532071D3E2A7F5ECE29B5F36FF65 ft=1 fh=1b71a8d67cd955de vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195630.DLL"
sh=47E7C028A3F829E20494654B3F4A034BA11C4397 ft=1 fh=6cc2fc00e72dbc2b vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195631.DLL"
sh=F2B67CCF6E62D640E31AAF979E56B24C0CAB7516 ft=1 fh=0b9ca4a449c310a9 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195632.DLL"
sh=1453515E1F71CE526EA83DF46C2FFE970DF29215 ft=1 fh=024582d11c82112c vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195633.DLL"
sh=B3211F87B9B0D0F9BB6B611906A7BF0C4BC3E336 ft=1 fh=b3e227129862b5a6 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195634.EXE"
sh=5E5FB13E75FC1B00DB34E6641AB4D4BFB36D8836 ft=1 fh=9386dffc121e5e2a vn="Win32/Toolbar.MyWebSearch.J application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195635.EXE"
sh=A16A427308EA5996DB667DE471CF18CFD4E23419 ft=1 fh=fa41e2c006b744e8 vn="a variant of Win32/Toolbar.MyWebSearch.I application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195636.EXE"
sh=E5BEE813F6494507AF05872A4CF56F56EDD6D13B ft=1 fh=1f74e574de749002 vn="Win32/Toolbar.MyWebSearch.J application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195637.DLL"
sh=F562A0EFF8F7D5540EFAE723A3A33CF3271B1EAB ft=1 fh=f8ca7493dce6d55e vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195638.EXE"
sh=01F1F3D8B5A7D177E0FD811F412B68388ACFEF46 ft=1 fh=56c800c16a3070c0 vn="a variant of Win32/Toolbar.MyWebSearch.B application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195639.DLL"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195640.SCR"
sh=66AF20B8640C74D12BDBDB07E943F31E41B6E941 ft=1 fh=d34880e2987dca9e vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195641.DLL"
sh=7F75EF1813926D477FF60583E5CC70EC1B9CB5FE ft=1 fh=fd14191ce01b49f3 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195643.EXE"
sh=6494F541D7682C5569A1C7DA498A4A607A003F13 ft=1 fh=c8db75f80b0c0d21 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195644.EXE"
sh=CDCC8F30DFF915B43CD262E7EB8195F75C0D4B8B ft=1 fh=d421a6dd748dd29d vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195645.EXE"
sh=47E7C028A3F829E20494654B3F4A034BA11C4397 ft=1 fh=6cc2fc00e72dbc2b vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195647.DLL"
sh=1453515E1F71CE526EA83DF46C2FFE970DF29215 ft=1 fh=024582d11c82112c vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195648.DLL"
sh=534A1873DF950D3AB4D61E31FDEEB01CE0951371 ft=1 fh=0db9f3a3ddb4d328 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195649.EXE"
sh=38352B247EDDC4E2D2E3DAAFF7C12FCF19BD2BD7 ft=1 fh=d276bcbaf6bda73c vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195650.EXE"
sh=6585B0A915133EE05938ACD86F58ECBB993673E9 ft=1 fh=9d1a3a66630a25d8 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195651.EXE"
sh=ECB455EFC6B5035D479E9BC651D69321287ECC59 ft=1 fh=7b5e2698ed928316 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195652.DLL"
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195653.EXE"
sh=719F451443AD9D3DD3611F2A7F35FFAE6DD05026 ft=1 fh=0f3a327f043f1eae vn="a variant of Win32/Toolbar.MyWebSearch.K application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195655.exe"
sh=E68F399966A03ACF117BED291645DD69AF9CFFE2 ft=1 fh=d5672e3f6d60dcaa vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195683.DLL"
sh=EEF277F9FBAE216A258D8AFADC527143F53FFB3D ft=1 fh=5a3382b5a0c868be vn="Win32/Toolbar.MyWebSearch.G application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195684.DLL"
sh=9A5C43D2ABC17F74B736C72077A69CC656A0E129 ft=1 fh=aa39d1dabb16c696 vn="Win32/Toolbar.MyWebSearch.K application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195685.DLL"
sh=95D736F4DEE94BAD19FA80C12E9452F07D9958A9 ft=1 fh=5621d2b8e144ad22 vn="probably a variant of Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195686.DLL"
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195976.EXE"
sh=CC58AAA4D83DF49405481685B1DC81F661555716 ft=1 fh=aa131a65a087aa94 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195977.DLL"
sh=38A6B92B9972311CE872814FD9C66FAEFA0EA467 ft=1 fh=1e15ad8a177b2f24 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195978.dll"
sh=5408427EB7F7C237112D6D1B43CBD94D284D0F2A ft=1 fh=779be9eb498d6830 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195979.dll"
sh=C6DA3DC8713ED168E4A53F19EABB6B9D4FC392DB ft=1 fh=dcb51e3aa98c50e8 vn="Win32/Toolbar.MyWebSearch application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195980.dll"
sh=9A5C43D2ABC17F74B736C72077A69CC656A0E129 ft=1 fh=aa39d1dabb16c696 vn="Win32/Toolbar.MyWebSearch.K application" ac=I fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0196151.dll"
  • 0

#12
emeraldnzl
Posted 23 October 2013 - 11:54 AM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Here is the ESET log, when I started the scan the remove infection box was ticked removed tick because that wasn't in your instructions was that ok.


Oh dear, we need those infections removed.

Please run the scan again and this time leave the remove infection box checked. :)
  • 0

#13
bytesize
Posted 23 October 2013 - 03:13 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Here you go removed the files this time

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=33b1f99d36e0c94a9240b0760dd65ceb
# engine=15605
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-10-23 08:26:04
# local_time=2013-10-23 09:26:04 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=87690
# found=70
# cleaned=70
# scan_time=6276
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\MyWebSearch\bar\c.bin\MWSOEMON.EXE.vir"
sh=CC58AAA4D83DF49405481685B1DC81F661555716 ft=1 fh=aa131a65a087aa94 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\MyWebSearch\bar\c.bin\MWSOESTB.DLL.vir"
sh=38A6B92B9972311CE872814FD9C66FAEFA0EA467 ft=1 fh=1e15ad8a177b2f24 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll.vir"
sh=5408427EB7F7C237112D6D1B43CBD94D284D0F2A ft=1 fh=779be9eb498d6830 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll.vir"
sh=C6DA3DC8713ED168E4A53F19EABB6B9D4FC392DB ft=1 fh=dcb51e3aa98c50e8 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\TelevisionFanaticEI\Installr\1.bin\NP64EISb.dll.vir"
sh=F055FF796839A348BB44A177769D928F883FDE33 ft=1 fh=aeccde3f0f4ae592 vn="a variant of Win32/Toolbar.MyWebSearch.O application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\Desktop\PopularScreensaversSetup2.3.50.22.ZRfox000(3).exe"
sh=97F903E772743720C0CF23DB3DFDE2FD18BA8A2B ft=1 fh=4c9d104236d5f5bb vn="Win32/Adware.1ClickDownload.AO application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\lshunterAppsSetup31(1).exe"
sh=97F903E772743720C0CF23DB3DFDE2FD18BA8A2B ft=1 fh=4c9d104236d5f5bb vn="Win32/Adware.1ClickDownload.AO application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\lshunterAppsSetup31.exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94(1).exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94(2).exe"
sh=AEEBDFFF8EC7375018D796FE8490DBEB32F6F38C ft=1 fh=3b6cddc2574b2cab vn="Win32/Adware.1ClickDownload.AO application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsAppsInstall94.exe"
sh=0D110DF20B07C8C461874D7B4E6D7D4A460A7F9A ft=1 fh=a66b35dc147c5c37 vn="Win32/Adware.1ClickDownload.W application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(43)(1).exe"
sh=0D110DF20B07C8C461874D7B4E6D7D4A460A7F9A ft=1 fh=a66b35dc147c5c37 vn="Win32/Adware.1ClickDownload.W application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(43).exe"
sh=7B7A1987C964BBAE382D50181C98494C73395F40 ft=1 fh=ef5057fc95458b61 vn="Win32/Adware.Yontoo.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(7)(1).exe"
sh=7B7A1987C964BBAE382D50181C98494C73395F40 ft=1 fh=ef5057fc95458b61 vn="Win32/Adware.Yontoo.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Documents and Settings\E MCCABE\My Documents\Downloads\VipBoxSportsApp_setup(7).exe"
sh=511DEFD57D3B3D083697039B7CAB9D1FFF1F3C72 ft=1 fh=1929231a581c77b8 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195596.dll"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195597.scr"
sh=A74E14A6FD67E8C6AB5858EEECBAA047904221FD ft=1 fh=e2c9228ffc446a06 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195606.DLL"
sh=E57E0A90B08549439AF9E50D3CFA48D040779D6F ft=1 fh=d4846ea3e9fb754d vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195609.DLL"
sh=742A35C7D3CEDCD0EAF424B35FB5E861643210F0 ft=1 fh=c71c00113b3184d1 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195610.DLL"
sh=553B35576446475C5E1CA2549354A611CF3FB8FB ft=1 fh=5a8cda7259e77902 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195611.DLL"
sh=9D20A21F10E9E31AFCC580650AA965E3FF7C6D94 ft=1 fh=76076fee823aa314 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195612.DLL"
sh=9AD5F60105A1BDE49C9B915CAC7E804F33EE3982 ft=1 fh=dd92b60c04889f4b vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195613.DLL"
sh=8A4A45FC9A710289FF5309A60A0507F1032D2B80 ft=1 fh=d3594cc9e4e9159a vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195614.DLL"
sh=445B42BB7BDB14EBB75440A1E8E3D279BFDCDA62 ft=1 fh=3529f5e4f04be097 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195615.DLL"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195616.SCR"
sh=93E20BB88CAC959D7FD413D8DD51ACF19DF99942 ft=1 fh=c936f90f3a23a386 vn="Win32/Toolbar.MyWebSearch.G application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195617.DLL"
sh=FC697ECB7EE466F4C2BC66961AF0240C56730E68 ft=1 fh=c71c00111c08fe88 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195618.DLL"
sh=2489008EF2E8FB7A3BDF6014D4488D01629C7034 ft=1 fh=d7ef78037507461b vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195619.DLL"
sh=C216D5B6DB62743EBA1B84CA8DB1CE6CB42FDFF4 ft=1 fh=e822bf6716f5afd1 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195620.EXE"
sh=24A361CFF9FC7E940D5817490B0FBFB0D6928939 ft=1 fh=d34880e2efd5cdfb vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195621.DLL"
sh=0ABBC8D0284780BFA10D09F8B78C4964FFAFFECD ft=1 fh=d578256827d91e55 vn="Win32/FunWeb application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195622.DLL"
sh=28931A6A82C761C251DEC903EBFB0FCB94D63022 ft=1 fh=906c34476b4f9bff vn="Win32/Toolbar.MyWebSearch.H application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195623.DLL"
sh=8EEB7D03AE1FBAE6998A3DEDF21FD621B48C9578 ft=1 fh=b190b3232ec4d19f vn="Win32/Toolbar.MyWebSearch.I application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195624.DLL"
sh=667B3CFCD047176E948DC7056A545E7CE3DC38F0 ft=1 fh=7eaaa37c78560f6a vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195626.DLL"
sh=5D7A2184B0E8FE0D6006FEF4700A1D41AAF68452 ft=1 fh=0e0e43c796d28c6d vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195627.DLL"
sh=6494F541D7682C5569A1C7DA498A4A607A003F13 ft=1 fh=c8db75f80b0c0d21 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195628.EXE"
sh=1A0649B6A37D532071D3E2A7F5ECE29B5F36FF65 ft=1 fh=1b71a8d67cd955de vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195630.DLL"
sh=47E7C028A3F829E20494654B3F4A034BA11C4397 ft=1 fh=6cc2fc00e72dbc2b vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195631.DLL"
sh=F2B67CCF6E62D640E31AAF979E56B24C0CAB7516 ft=1 fh=0b9ca4a449c310a9 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195632.DLL"
sh=1453515E1F71CE526EA83DF46C2FFE970DF29215 ft=1 fh=024582d11c82112c vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195633.DLL"
sh=B3211F87B9B0D0F9BB6B611906A7BF0C4BC3E336 ft=1 fh=b3e227129862b5a6 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195634.EXE"
sh=5E5FB13E75FC1B00DB34E6641AB4D4BFB36D8836 ft=1 fh=9386dffc121e5e2a vn="Win32/Toolbar.MyWebSearch.J application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195635.EXE"
sh=A16A427308EA5996DB667DE471CF18CFD4E23419 ft=1 fh=fa41e2c006b744e8 vn="a variant of Win32/Toolbar.MyWebSearch.I application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195636.EXE"
sh=E5BEE813F6494507AF05872A4CF56F56EDD6D13B ft=1 fh=1f74e574de749002 vn="Win32/Toolbar.MyWebSearch.J application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195637.DLL"
sh=F562A0EFF8F7D5540EFAE723A3A33CF3271B1EAB ft=1 fh=f8ca7493dce6d55e vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195638.EXE"
sh=01F1F3D8B5A7D177E0FD811F412B68388ACFEF46 ft=1 fh=56c800c16a3070c0 vn="a variant of Win32/Toolbar.MyWebSearch.B application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195639.DLL"
sh=F4C2C0AAA13C9A4EE6FF2DBC13EEF3020751F503 ft=1 fh=7362a140c35fba11 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195640.SCR"
sh=66AF20B8640C74D12BDBDB07E943F31E41B6E941 ft=1 fh=d34880e2987dca9e vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195641.DLL"
sh=7F75EF1813926D477FF60583E5CC70EC1B9CB5FE ft=1 fh=fd14191ce01b49f3 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195643.EXE"
sh=6494F541D7682C5569A1C7DA498A4A607A003F13 ft=1 fh=c8db75f80b0c0d21 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195644.EXE"
sh=CDCC8F30DFF915B43CD262E7EB8195F75C0D4B8B ft=1 fh=d421a6dd748dd29d vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195645.EXE"
sh=47E7C028A3F829E20494654B3F4A034BA11C4397 ft=1 fh=6cc2fc00e72dbc2b vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195647.DLL"
sh=1453515E1F71CE526EA83DF46C2FFE970DF29215 ft=1 fh=024582d11c82112c vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195648.DLL"
sh=534A1873DF950D3AB4D61E31FDEEB01CE0951371 ft=1 fh=0db9f3a3ddb4d328 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195649.EXE"
sh=38352B247EDDC4E2D2E3DAAFF7C12FCF19BD2BD7 ft=1 fh=d276bcbaf6bda73c vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195650.EXE"
sh=6585B0A915133EE05938ACD86F58ECBB993673E9 ft=1 fh=9d1a3a66630a25d8 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195651.EXE"
sh=ECB455EFC6B5035D479E9BC651D69321287ECC59 ft=1 fh=7b5e2698ed928316 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195652.DLL"
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195653.EXE"
sh=719F451443AD9D3DD3611F2A7F35FFAE6DD05026 ft=1 fh=0f3a327f043f1eae vn="a variant of Win32/Toolbar.MyWebSearch.K application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195655.exe"
sh=E68F399966A03ACF117BED291645DD69AF9CFFE2 ft=1 fh=d5672e3f6d60dcaa vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195683.DLL"
sh=EEF277F9FBAE216A258D8AFADC527143F53FFB3D ft=1 fh=5a3382b5a0c868be vn="Win32/Toolbar.MyWebSearch.G application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195684.DLL"
sh=9A5C43D2ABC17F74B736C72077A69CC656A0E129 ft=1 fh=aa39d1dabb16c696 vn="Win32/Toolbar.MyWebSearch.K application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195685.DLL"
sh=95D736F4DEE94BAD19FA80C12E9452F07D9958A9 ft=1 fh=5621d2b8e144ad22 vn="probably a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195686.DLL"
sh=AB86ADA4FC136255EDF950B9ADF3D380C60EBD8D ft=1 fh=861a6b132a858fd9 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195976.EXE"
sh=CC58AAA4D83DF49405481685B1DC81F661555716 ft=1 fh=aa131a65a087aa94 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195977.DLL"
sh=38A6B92B9972311CE872814FD9C66FAEFA0EA467 ft=1 fh=1e15ad8a177b2f24 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195978.dll"
sh=5408427EB7F7C237112D6D1B43CBD94D284D0F2A ft=1 fh=779be9eb498d6830 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195979.dll"
sh=C6DA3DC8713ED168E4A53F19EABB6B9D4FC392DB ft=1 fh=dcb51e3aa98c50e8 vn="Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0195980.dll"
sh=9A5C43D2ABC17F74B736C72077A69CC656A0E129 ft=1 fh=aa39d1dabb16c696 vn="Win32/Toolbar.MyWebSearch.K application (cleaned by deleting - quarantined)" ac=C fn="C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1983\A0196151.dll"
  • 0

#14
emeraldnzl
Posted 23 October 2013 - 04:31 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Much better. :)

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 0

#15
bytesize
Posted 24 October 2013 - 04:39 AM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Here is the security check log



Results of screen317's Security Check version 0.99.74
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG 2014
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.117
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox (24.0)
Google Chrome 30.0.1599.101
Google Chrome 30.0.1599.69
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP