On doing the OTL process, it appears as if it has only produced the one log..unless I find another in my documents..
when I tried doing a log the other day without adding in any written content...it did produce 2 logs..
here is the one it produced..I deleted a few lines (about 10 ) that ref to documents that id produced on my computer..
-----------------------------------------------------
OTL logfile created on: 4/8/2014 3:07:31 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
510.21 Mb Total Physical Memory | 145.99 Mb Available Physical Memory | 28.61% Memory free
1.79 Gb Paging File | 1.25 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 1350 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 54.96 Gb Free Space | 73.75% Space Free | Partition Type: NTFS
Computer Name: NBS-30B3685D369 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Administrator\My Documents\Downloads\OTL (1).exe (OldTimer Tools)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Program Files\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\c88a9c08155e0fe13fa4675ba9eed317\Kies.Theme.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\b7e92223b1502c20e68c07be43a76c43\DummyStorePlugin.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\4d5263c496f474dc981a386267c77e2e\DevicePodcast.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\746041f530aaf98f93618712bc687cc2\DeviceVideo.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\0d0a0403f424c8903ae05bdc4157f431\DevicePhoto.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\78665ac46c0879af8aca0018d4d6367b\Kies.Common.DeviceServiceLib.FileService.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\4527b0c0e937128b049ba21752bf3a52\DeviceCommonLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\14f90c16ce998e65806eed10c715c081\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bfdb5843d107f699462b34c2f7146e6d\Kies.Common.DeviceServiceLib.Interface.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\aec4dafd7a0a578fbf78a686de7048a8\Kies.MVVM.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\c21251213ff07da13eb15e0f00036542\Kies.UI.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\27af83e8dc27ee77fd22031801f3c5f1\ASF_cSharpAPI.ni.dll ()
MOD - C:\WINDOWS\system32\devenum.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPrint.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetScan.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetImage.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetPDF.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\JetFunc.dll ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTSTRN.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTPCFG.DLL ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBTPP5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTUI5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTDR5C.DLL ()
MOD - C:\WINDOWS\system32\spool\drivers\w32x86\3\dlbtcfg.dll ()
MOD - C:\Program Files\Dell Photo AIO Printer 922\ConvDIB.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (dlbt_device) -- C:\WINDOWS\system32\dlbtcoms.exe (Dell)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (cerc6) -- File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (w70n51) -- C:\WINDOWS\system32\drivers\w70n51.sys (Intel® Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS (Conexant Systems, Inc.)
DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (STAC97) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.uk/
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1993962763-492894223-1957994488-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Documents and Settings\Administrator\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2008/04/14 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-1993962763-492894223-1957994488-500\..\Toolbar\WebBrowser: (no name) - {41564952-412D-5637-4300-7A786E7484D7} - No CLSID value found.
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-1993962763-492894223-1957994488-500..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKU\S-1-5-21-1993962763-492894223-1957994488-500..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-492894223-1957994488-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85C9E6FD-83DA-45BA-A356-DC03E982137A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/11/27 16:07:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/04/08 02:40:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\geektogo
[2014/03/27 20:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2014/03/27 19:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Citrix
[2014/03/23 19:36:26 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter bundle uninstaller
[2014/03/14 23:40:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Printers
[2014/03/14 23:20:55 | 000,471,040 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtpmui.dll
[2014/03/14 23:20:52 | 000,385,024 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcomm.dll
[2014/03/14 23:20:52 | 000,344,064 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcfg.exe
[2014/03/14 23:20:52 | 000,114,688 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtpplc.dll
[2014/03/14 23:20:51 | 001,040,384 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtusb1.dll
[2014/03/14 23:20:51 | 000,495,616 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbthbn1.dll
[2014/03/14 23:20:51 | 000,450,560 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtlmpm.dll
[2014/03/14 23:20:50 | 001,048,576 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtserv.dll
[2014/03/14 23:20:50 | 000,520,192 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcomc.dll
[2014/03/14 23:20:50 | 000,421,888 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtcoms.exe
[2014/03/14 23:20:50 | 000,126,976 | ---- | C] (Dell) -- C:\WINDOWS\System32\dlbtprox.dll
[2014/03/14 23:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Photo AIO Printer 922
[2014/03/14 23:20:11 | 000,000,000 | ---D | C] -- C:\Temp
[2014/03/14 23:18:55 | 000,000,000 | ---D | C] -- C:\Dell922
[2014/03/14 11:39:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Deputyship
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/08 02:34:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/08 02:29:07 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-1993962763-492894223-1957994488-500.job
[2014/04/08 02:22:42 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2014/04/08 02:22:36 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/08 02:22:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/04/08 01:21:06 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/04/04 02:12:58 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2014/03/30 10:06:51 | 000,445,046 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/03/30 10:06:51 | 000,071,082 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/03/27 22:33:31 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/23 19:39:25 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014/03/21 15:50:58 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 21st 2014.bmp
[2014/03/21 15:50:29 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 23rd 2014.bmp
[2014/03/21 15:47:03 | 002,359,350 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 2014.bmp
[2014/03/20 15:16:13 | 000,009,639 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Probe uk Mar 22 to 23rd 14 schedule.rtf
[2014/03/18 08:43:23 | 000,000,362 | ---- | M] () -- C:\WINDOWS\dellstat.ini
[2014/03/16 21:58:20 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/03/13 04:58:47 | 000,090,296 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/03/13 04:07:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/03/27 22:33:31 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/03/27 20:01:41 | 000,000,530 | ---- | C] () -- C:\WINDOWS\tasks\G2MUpdateTask-S-1-5-21-1993962763-492894223-1957994488-500.job
[2014/03/23 18:23:12 | 000,000,426 | ---- | C] () -- C:\AVScanner.ini
[2014/03/21 15:50:57 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 21st 2014.bmp
[2014/03/21 15:49:20 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 23rd 2014.bmp
[2014/03/21 15:45:36 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Megabus Mar 2014.bmp
[2014/03/20 15:16:10 | 000,009,639 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Probe uk Mar 22 to 23rd 14 schedule.rtf
[2014/03/14 23:42:10 | 000,000,362 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2014/03/14 23:20:53 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\dlbtih.exe
[2014/03/14 23:20:53 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbtvs.dll
[2014/03/14 23:20:53 | 000,000,929 | ---- | C] () -- C:\WINDOWS\System32\dlbt.loc
[2014/03/14 23:20:49 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbtcur.dll
[2014/03/14 23:20:49 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbtcu.dll
[2014/03/14 23:20:44 | 000,557,056 | ---- | C] () -- C:\WINDOWS\System32\dlbtjswr.dll
[2014/03/14 23:20:44 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dlbtcoin.dll
[2014/03/14 23:20:44 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\dlbtsnls.dll
[2014/03/14 23:20:40 | 000,401,408 | ---- | C] () -- C:\WINDOWS\System32\dlbtutil.dll
[2014/02/23 01:51:58 | 000,348,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1993962763-492894223-1957994488-500-0.dat
[2014/02/11 00:11:47 | 000,080,138 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/02/08 22:30:19 | 000,001,678 | ---- | C] () -- C:\Documents and Settings\Administrator\${LOGFILE}
[2014/01/23 19:31:12 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2014/01/23 19:31:08 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2014/01/23 19:31:08 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2014/01/23 19:31:08 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2014/01/23 19:31:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013/12/14 01:23:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/11/28 15:45:20 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013/11/27 16:15:50 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/11/27 15:58:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013/11/27 15:46:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013/11/27 15:44:11 | 000,090,296 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 08:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 08:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/29 12:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\driveridentifier
[2014/02/23 01:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Samsung
[2014/01/23 00:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2014/02/10 23:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2008/04/14 08:00:00 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 08:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 08:00:00 | 000,409,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2012/07/06 14:58:51 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2008/04/14 08:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 08:00:00 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2009/04/20 18:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2008/04/14 08:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2008/04/14 08:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 08:00:00 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 08:00:00 | 000,023,552 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 08:00:00 | 000,224,768 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 08:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 08:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/06/20 17:02:47 | 000,245,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2010/08/17 14:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 08:00:00 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 08:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2009/02/09 13:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2008/04/14 08:00:00 | 000,435,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 08:00:00 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 08:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 08:00:00 | 000,080,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2010/08/27 06:57:43 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2008/04/14 08:00:00 | 000,171,008 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 08:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 08:00:00 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 08:00:00 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 08:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2009/07/28 00:17:41 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2008/04/14 08:00:00 | 000,289,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 08:00:00 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 08:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 08:00:00 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/14 08:00:00 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 08:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2009/02/09 13:10:48 | 000,617,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/04/14 08:00:00 | 000,132,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/14 08:00:00 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2009/06/10 07:14:49 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
< %SYSTEMDRIVE%\*.exe >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 6056-A069
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices
02/14/2014 04:34 AM <JUNCTION> v4.0_4.0.0.0__b03f5f7f11d50a3a
0 File(s) 0 bytes
Directory of C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler
02/14/2014 04:24 AM <JUNCTION> v4.0_4.0.0.0__31bf3856ad364e35
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
2 Dir(s) 58,999,595,008 bytes free
< MD5 for: EXPLORER.EXE >
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 08:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: SERVICES >
[2008/04/14 08:00:00 | 000,007,116 | ---- | M] () MD5=95826940E657FE0567A8EC0F2A6AD11A -- C:\WINDOWS\system32\drivers\etc\services
< MD5 for: SERVICES.CFG >
[2012/09/23 21:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/12/21 07:04:16 | 000,559,392 | ---- | M] () MD5=F9FBA73F44366AB3514BD1985707F178 -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
< MD5 for: SERVICES.EXE >
[2009/02/06 12:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2008/04/14 08:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/06 12:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\WINDOWS\system32\services.exe
< MD5 for: SERVICES.LNK >
[2013/11/27 16:07:17 | 000,001,602 | ---- | M] () MD5=BCB6344D4FFA4B8E321ABE2ADEDE77FE -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\Services.lnk
< MD5 for: SERVICES.MSC >
[2008/04/14 08:00:00 | 000,033,464 | ---- | M] () MD5=E8089AA2A6F7FEE89B38C1F2D77BA6C6 -- C:\WINDOWS\system32\services.msc
< MD5 for: SVCHOST.EXE >
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 08:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 08:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 08:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< End of report >