Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HELP! Can't get rid of a virus! [Closed]


  • This topic is locked This topic is locked

#16
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

I have not updated anything for xp in a very long time.

I rather use my flash drive instead of putting it on my desktop. I will start putting them on the desktop.

I used HitmanPro to get rid of (supposedly) the moneypak virus and my boot sector virus. I used it on July 6th.

The flash drive i am using was the only one big enough for hitmanpro, so once i used it i copied it over and deleted it from the flash drive.


  • 0

Advertisements


#17
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts
Thank you for the information.

Please proceed with ComboFix.
  • 0

#18
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

Yes, Because this computer was never fully updated.

I did not know if it mattered, I will put them on the desktop now.

July 6th was the first time I ran HitmanPro, also G;/ is named HitmanPro.

 Here is your Combofix report

ComboFix 14-07-16.02 - Test 07/17/2014   0:29.1.1 - x86
Running from: c:\documents and settings\Test\Desktop\ComboFix.exe
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\pcdfdata
c:\documents and settings\All Users\Application Data\pcdfdata\defs.bin
c:\documents and settings\All Users\Application Data\pcdfdata\vl.bin
c:\documents and settings\Jayson\Application Data\wincreen.jpg
c:\documents and settings\Jayson\Local Settings\Application Data\chromeupdate.crx
c:\documents and settings\Jayson\WINDOWS
c:\documents and settings\Jayson_2\Application Data\wincreen.jpg
c:\documents and settings\Jayson_2\Local Settings\Application Data\chromeupdate.crx
c:\documents and settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
c:\documents and settings\Jayson_2\WINDOWS
c:\documents and settings\Test\Local Settings\Application Data\chromeupdate.crx
c:\documents and settings\Test\WINDOWS
c:\program files\DefaultTab
c:\program files\DefaultTab\DefaultTab.crx
c:\program files\DefaultTab\DefaultTabSearch.exe
c:\program files\DefaultTab\uid
c:\windows\_ds1.tmp
c:\windows\assembly\GAC\Desktop.ini
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\rnaph.dll
c:\windows\system32\SET5E.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\sstray.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_DEFAULTTABSEARCH
-------\Service_DefaultTabSearch
.
.
(((((((((((((((((((((((((   Files Created from 2014-06-17 to 2014-07-17  )))))))))))))))))))))))))))))))
.
.
2014-07-15 09:19 . 2014-07-15 09:22 -------- d-----w- C:\FRST
2014-07-15 06:30 . 2014-07-15 06:55 -------- d-----w- c:\windows\SxsCaPendDel
2014-07-09 09:34 . 2014-07-09 09:34 0 ----a-w- c:\windows\DXT13.tmp
2014-07-09 09:34 . 2014-07-09 09:34 0 ----a-w- c:\windows\DXT12.tmp
2014-07-09 09:34 . 2014-07-09 09:34 0 ----a-w- c:\windows\DXT11.tmp
2014-07-09 09:34 . 2014-07-09 09:34 0 ----a-w- c:\windows\DXT1.tmp
2014-07-08 07:24 . 2014-07-08 07:24 -------- d-----w- C:\LemonT
2014-07-07 11:18 . 2008-03-05 21:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2014-07-07 11:18 . 2007-10-22 09:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2014-07-07 11:18 . 2007-10-12 21:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2014-07-07 11:18 . 2007-10-02 15:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2014-07-07 11:18 . 2007-10-12 21:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2014-07-07 11:18 . 2007-07-20 00:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2014-07-07 11:18 . 2007-07-20 00:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2014-07-07 11:18 . 2007-07-20 00:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2014-07-07 11:12 . 2014-07-07 11:16 -------- d--h--w- c:\windows\msdownld.tmp
2014-07-07 11:12 . 2014-07-09 05:37 -------- d-----w- c:\documents and settings\Jayson_2\Application Data\Systweak
2014-07-07 11:10 . 2014-07-09 04:40 -------- d-----w- c:\program files\focusbase
2014-07-07 10:44 . 2014-07-07 10:44 -------- d-----w- c:\program files\Auran
2014-07-07 10:43 . 2003-11-11 00:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2014-07-07 10:43 . 2003-11-11 00:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2014-07-07 10:43 . 2003-11-11 00:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2014-07-07 10:43 . 2003-11-11 00:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2014-07-07 10:43 . 2003-11-11 00:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2014-07-07 10:43 . 2014-07-07 10:43 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2014-07-07 10:43 . 2014-07-07 10:43 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2014-07-07 10:18 . 2014-07-09 09:36 -------- d-----w- C:\Games
2014-07-07 08:17 . 2014-07-07 08:17 -------- d-----w- c:\program files\HitmanPro
2014-07-07 07:29 . 2014-07-07 08:23 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2014-06-20 02:45 . 2014-07-17 06:43 -------- d-----w- c:\documents and settings\Test
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-16 02:24 . 2012-11-16 02:24 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2009-04-01 04:47 . 2009-02-18 18:30 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-19 198160]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2007-02-26 249856]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-02-28 15360]
.
c:\documents and settings\Jayson_2\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2008-8-22 256000]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2/18/2008 1:37 PM 149352]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [1/12/2008 8:32 PM 23888]
S3 WLAN(WLAN);XPC 802.11b/g Wireless Kit Driver(WLAN);c:\windows\system32\drivers\ZD1211U.sys [8/16/2005 3:50 PM 278016]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BITS
*NewlyCreated* - COMHOST
*NewlyCreated* - WS2IFSL
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-28 21:52 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]
.
2014-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-01 21:25]
.
2014-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-01 21:25]
.
2013-05-30 c:\windows\Tasks\Norton Security Scan for Jayson.job
- c:\program files\Norton Security Scan\Nss.exe [2008-09-19 10:18]
.
2014-07-17 c:\windows\Tasks\ReclaimerResumeInstallLogin_Jayson.job
- c:\documents and settings\Jayson\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-27 02:12]
.
2014-07-16 c:\windows\Tasks\ReclaimerResumeInstall_Jayson.job
- c:\documents and settings\Jayson\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe [2013-03-27 02:12]
.
2014-07-17 c:\windows\Tasks\User_Feed_Synchronization-{BF42D0B3-AEA6-4540-BB80-648BE8B01EAB}.job
- c:\windows\system32\msfeedssync.exe [2007-08-14 01:36]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = <-loopback>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - 
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKLM-Run-nForce Tray Options - sstray.exe
SafeBoot-79403860.sys
AddRemove-ssmwin32.exe - e:\wep\uninstal\DeIsL1.isu
AddRemove-{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2} - c:\games\EAUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-07-17 04:04
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2672)
c:\windows\system32\WININET.dll
c:\progra~1\COMMON~1\SYMANT~1\ANTISPAM\ASOEHOOK.DLL
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Symantec Shared\ccProxy.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Nero\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
.
**************************************************************************
.
Completion time: 2014-07-17  04:09:18 - machine was rebooted
ComboFix-quarantined-files.txt  2014-07-17 10:09
.
Pre-Run: 44,308,844,544 bytes free
Post-Run: 53,654,274,048 bytes free
.
- - End Of File - - C9F68F7E9DC33B6A823B5F01AB0ED928
8F558EB6672622401DA993E1E865C861

  • 0

#19
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson, 

 
FRST is currently saved in the wrong location. Please navigate to G:\, right-click FRST.exe and click Cut. Now navigate to your Desktop, right-click your Desktop and click paste
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
     
    start
    HKU\.DEFAULT\...409d6c4515e9\InprocServer32: [Default-shell32] C:\WINDOWS\TEMP\sdtpofv\scbvstv\wow.dll ATTENTION! ====> ZeroAccess?
    C:\WINDOWS\TEMP\sdtpofv
    2014-07-07 02:23 - 2006-02-28 06:00 - 00000000 __SHD () C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}
    ZeroAccess:
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\@
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
    C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\L\[email protected]
    ZeroAccess:
    C:\Windows\assembly\GAC\Desktop.ini
    Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
    Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
    cmd: netsh winsock reset
    () C:\Program Files\DefaultTab\DefaultTabSearch.exe
    R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [568832 2012-11-14] () [File not signed]
    C:\Program Files\DefaultTab
    2014-07-07 02:07 - 2014-07-07 02:07 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
    2014-07-15 02:08 - 2012-11-14 19:50 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
    Startup: C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
    Startup: C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe (
    C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
    C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe
    SearchScopes: HKLM - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
    SearchScopes: HKLM - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
    SearchScopes: HKLM - {a17cc547-016c-4a35-a95b-de64acafa170} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
    SearchScopes: HKCU - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
    SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
    SearchScopes: HKCU - {a17cc547-016c-4a35-a95b-de64acafa170} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
    FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\WebSearchober115578.xml
    FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁 [2012-11-01]
    2014-07-07 05:10 - 2014-07-08 22:40 - 00000000 ____D () C:\Program Files\focusbase
    Toolbar: HKLM - No Name - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} -  No File
    2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT13.tmp
    2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT12.tmp
    2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT11.tmp
    2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT1.tmp
    C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRun.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRunGUI.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\contentDATs.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\drm_dyndata_7360012.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\eauninstall.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\First15.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\installhelper.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_1.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_2.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\jre-7u9-windows-i586-iftw.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\mssinstaller.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\SecurityScan_Release.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\SetupDataMngr_Searchqu.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf16.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf32.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\SIntfNT.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\SRAssetsHelper.dll
    C:\Documents and Settings\Jayson\Local Settings\Temp\The Sims 2_uninst.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\VP6Install.exe
    C:\Documents and Settings\Jayson\Local Settings\Temp\VP6VFW.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347d.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347m.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347p.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347v.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\24rgo3hifftye7tt.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\6_Offer_13.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRun.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRunGUI.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\BackupSetup.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\dplinst.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dialogs.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7350006.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7360012.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7370007.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAD1.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAInstall.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\eauninstall.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\First15.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\livingplayif_StubInstaller.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\occci.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\SC4_uninst.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\SimCity 4 Deluxe_uninst.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf16.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf32.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntfNT.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite52831.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\TFR4E.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\The_Weather_Channel_Application.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\UninstallEADM.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\vcredist_x86.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6Install.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6VFW.dll
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is1.exe
    C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is45.exe
    C:\Documents and Settings\Test\Local Settings\Temp\AtiCimUn.exe
    C:\Documents and Settings\Test\Local Settings\Temp\AutoRun.exe
    C:\Documents and Settings\Test\Local Settings\Temp\AutoRunGUI.dll
    C:\Documents and Settings\Test\Local Settings\Temp\eauninstall.exe
    C:\Documents and Settings\Test\Local Settings\Temp\System.Data.SQLite.dll
    C:\Documents and Settings\Test\Local Settings\Temp\The Sims 2_uninst.exe
    2014-07-07 20:49 - 2014-07-07 20:51 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Systweak
    Folder: C:\WINDOWS\SxsCaPendDel
    Folder: C:\Program Files\Auran
    Folder: C:\Documents and Settings\Jayson_2\Application Data\Zeag
    Reboot:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Double-click FRST.exe to run the programme.
  • Click Fix.
  • Upon completion, your computer will reboot. If not, please manually reboot.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
nSymGHK.png Folder Options 

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Control Folders and click OK.
  • Click View. Under Hidden files and folders
  • Place a checkmark next to Show hidden files, folders and drives.
  • Remove the checkmark next to Hide extensions for known file types.
  • Remove the checkmark next to Hide protected operating system Files (Recommended).
  • Click Apply followed by OK.
     

STEP 3
nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\WINDOWS\system32\drivers\aslm75.sys
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
     

STEP 4
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Double-click FRST.exe to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • VirusTotal Results
  • FRST.txt
  • Addition.txt

  • 0

#20
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-07-2014 01
Ran by Test at 2014-07-18 00:56:04 Run:1
Running from C:\Documents and Settings\Test\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
start
HKU\.DEFAULT\...409d6c4515e9\InprocServer32: [Default-shell32] C:\WINDOWS\TEMP\sdtpofv\scbvstv\wow.dll ATTENTION! ====> ZeroAccess?
C:\WINDOWS\TEMP\sdtpofv
2014-07-07 02:23 - 2006-02-28 06:00 - 00000000 __SHD () C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}
ZeroAccess:
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\@
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\L\[email protected]
ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
cmd: netsh winsock reset
() C:\Program Files\DefaultTab\DefaultTabSearch.exe
R2 DefaultTabSearch; C:\Program Files\DefaultTab\DefaultTabSearch.exe [568832 2012-11-14] () [File not signed]
C:\Program Files\DefaultTab
2014-07-07 02:07 - 2014-07-07 02:07 - 00000552 _____ () C:\WINDOWS\system32\d3d8caps.dat
2014-07-15 02:08 - 2012-11-14 19:50 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
Startup: C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe (Leader Technologies)
Startup: C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe (
C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe
SearchScopes: HKLM - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
SearchScopes: HKLM - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
SearchScopes: HKLM - {a17cc547-016c-4a35-a95b-de64acafa170} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKCU - DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=24-10-2012
SearchScopes: HKCU - {a17cc547-016c-4a35-a95b-de64acafa170} URL = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\WebSearchober115578.xml
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁 [2012-11-01]
2014-07-07 05:10 - 2014-07-08 22:40 - 00000000 ____D () C:\Program Files\focusbase
Toolbar: HKLM - No Name - !{ba00b7b1-0351-477a-b948-23e3ee5a73d4} -  No File
2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT13.tmp
2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT12.tmp
2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT11.tmp
2014-07-09 03:34 - 2014-07-09 03:34 - 00000000 _____ () C:\WINDOWS\DXT1.tmp
C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\contentDATs.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\drm_dyndata_7360012.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\First15.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_1.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_2.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\jre-7u9-windows-i586-iftw.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\mssinstaller.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\SecurityScan_Release.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\SetupDataMngr_Searchqu.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf16.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf32.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\SIntfNT.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\Jayson\Local Settings\Temp\The Sims 2_uninst.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Jayson\Local Settings\Temp\VP6VFW.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347d.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347m.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347p.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347v.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\24rgo3hifftye7tt.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\6_Offer_13.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\dplinst.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dialogs.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7350006.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7360012.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7370007.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAD1.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\First15.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\livingplayif_StubInstaller.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\occci.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\SC4_uninst.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\SimCity 4 Deluxe_uninst.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf16.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf32.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntfNT.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite52831.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\TFR4E.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\The_Weather_Channel_Application.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\UninstallEADM.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\vcredist_x86.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6Install.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6VFW.dll
C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is1.exe
C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is45.exe
C:\Documents and Settings\Test\Local Settings\Temp\AtiCimUn.exe
C:\Documents and Settings\Test\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Test\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Test\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Test\Local Settings\Temp\System.Data.SQLite.dll
C:\Documents and Settings\Test\Local Settings\Temp\The Sims 2_uninst.exe
2014-07-07 20:49 - 2014-07-07 20:51 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Systweak
Folder: C:\WINDOWS\SxsCaPendDel
Folder: C:\Program Files\Auran
Folder: C:\Documents and Settings\Jayson_2\Application Data\Zeag
Reboot:
end
*****************
 
'HKU\.DEFAULT\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}' => Key deleted successfully.
"C:\WINDOWS\TEMP\sdtpofv" => File/Directory not found.
C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f} => Moved successfully.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\@" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\U\[email protected]" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Application Data\{9d9b2814-7282-178e-0d6b-da8ece8c4c0f}\L\[email protected]" => File/Directory not found.
"C:\Windows\assembly\GAC\Desktop.ini" => File/Directory not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
Winsock: Catalog5 entry 000000000003\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
 
=========  netsh winsock reset =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the machine in order to complete the reset.
 
 
========= End of CMD: =========
 
C:\Program Files\DefaultTab\DefaultTabSearch.exe => No running process found
DefaultTabSearch => Service not found.
"C:\Program Files\DefaultTab" => File/Directory not found.
C:\WINDOWS\system32\d3d8caps.dat => Moved successfully.
C:\WINDOWS\system32\d3d9caps.dat => Moved successfully.
C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe not found.
Startup: C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe ( not found.
"C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe" => File/Directory not found.
C:\Documents and Settings\Jayson_2\Start Menu\Programs\Startup\PowerReg Scheduler.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}' => Key deleted successfully.
'HKCR\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a17cc547-016c-4a35-a95b-de64acafa170}' => Key deleted successfully.
'HKCR\CLSID\{a17cc547-016c-4a35-a95b-de64acafa170}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}' => Key deleted successfully.
'HKCR\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a17cc547-016c-4a35-a95b-de64acafa170}' => Key deleted successfully.
'HKCR\CLSID\{a17cc547-016c-4a35-a95b-de64acafa170}'=> Key not found.
C:\Program Files\mozilla firefox\searchplugins\WebSearchober115578.xml => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁 => Moved successfully.
C:\Program Files\focusbase => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{ba00b7b1-0351-477a-b948-23e3ee5a73d4} => value deleted successfully.
'HKCR\CLSID\!{ba00b7b1-0351-477a-b948-23e3ee5a73d4}'=> Key not found.
C:\WINDOWS\DXT13.tmp => Moved successfully.
C:\WINDOWS\DXT12.tmp => Moved successfully.
C:\WINDOWS\DXT11.tmp => Moved successfully.
C:\WINDOWS\DXT1.tmp => Moved successfully.
"C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRun.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\AutoRunGUI.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\contentDATs.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\drm_dyndata_7360012.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\eauninstall.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\First15.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\installhelper.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_1.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\install_flashplayer11x32_mssd_aih_2.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\jre-7u9-windows-i586-iftw.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\mssinstaller.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SecurityScan_Release.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SetupDataMngr_Searchqu.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf16.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SIntf32.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SIntfNT.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\SRAssetsHelper.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\The Sims 2_uninst.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\VP6Install.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson\Local Settings\Temp\VP6VFW.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347d.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347m.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347p.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\124kkk290347v.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\24rgo3hifftye7tt.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\6_Offer_13.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRun.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\AutoRunGUI.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\BackupSetup.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\dplinst.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dialogs.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7350006.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7360012.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\drm_dyndata_7370007.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAD1.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\EAInstall.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\eauninstall.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\First15.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\gamesBar-silent-setup.rmumbojumbo.amumbojumbo.dl.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\livingplayif_StubInstaller.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\occci.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\SC4_uninst.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\SimCity 4 Deluxe_uninst.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf16.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntf32.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\SIntfNT.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\System.Data.SQLite52831.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\TFR4E.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\The_Weather_Channel_Application.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\UninstallEADM.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\vcredist_x86.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6Install.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\VP6VFW.dll" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is1.exe" => File/Directory not found.
"C:\Documents and Settings\Jayson_2\Local Settings\Temp\_is45.exe" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\AtiCimUn.exe" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\AutoRun.exe" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\AutoRunGUI.dll" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\eauninstall.exe" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\System.Data.SQLite.dll" => File/Directory not found.
"C:\Documents and Settings\Test\Local Settings\Temp\The Sims 2_uninst.exe" => File/Directory not found.
C:\Documents and Settings\Test\Application Data\Systweak => Moved successfully.
 
========================= Folder: C:\WINDOWS\SxsCaPendDel ========================
 
 
====== End of Folder: ======
 
 
========================= Folder: C:\Program Files\Auran ========================
 
2014-07-07 04:44 - 2014-07-07 04:54 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition
2014-07-07 04:44 - 2014-07-07 04:54 - 1288623 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\assets.tdx
2014-07-07 04:44 - 2006-06-29 15:59 - 31265187 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\data.ja
2014-07-07 04:47 - 2014-07-07 04:47 - 0000078 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\JetLog.txt
2014-07-07 04:47 - 2014-07-07 04:47 - 0000016 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\localdata.tmp
2014-07-07 04:47 - 2014-07-07 04:47 - 0000004 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\messages.dat
2014-07-07 04:44 - 2005-11-18 11:41 - 1060864 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\MFC71.dll
2014-07-07 04:44 - 2005-11-18 11:42 - 0348160 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\msvcr71.dll
2014-07-07 04:44 - 2005-11-28 10:57 - 0011346 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\readme.htm
2014-07-07 04:44 - 2005-11-18 11:42 - 0347199 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\readmeback.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0035771 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\readmelogo.gif
2014-07-07 04:44 - 2006-06-29 15:29 - 1892663 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\trains.ja
2014-07-07 04:48 - 2014-07-07 04:54 - 0000052 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Trainz.cfg
2014-07-07 04:44 - 2005-11-18 11:42 - 0000115 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\trainzoptions.txt
2014-07-07 04:44 - 2005-11-18 11:44 - 0040960 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\TRS2006Demo.exe
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin
2014-07-07 04:44 - 2006-06-29 14:36 - 0008704 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\DebugInterface_7c.dll
2014-07-07 04:44 - 2006-06-29 14:37 - 0053248 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\DebugSupport_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0086016 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\DSMoviePlayer_7c.dll
2014-07-07 04:44 - 2006-06-29 14:41 - 0049152 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\gse.exe
2014-07-07 04:44 - 2005-11-18 11:36 - 0137728 _____ (Intel Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\ijl10.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0139264 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\InputSystem_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0025600 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\InputWin32_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0077824 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\InterfaceResources_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0679936 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\InterfaceSystem_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0114688 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Kernel_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0073728 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\KernelResource_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0024576 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\KernelResources_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0368640 _____ (Auran) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\KernelStandard_7c.dll
2014-07-07 04:44 - 2006-06-29 14:43 - 1929216 _____ (Auran) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Launcher.exe
2014-07-07 04:44 - 2006-06-29 14:36 - 0049152 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Lexer_7c.dll
2014-07-07 04:44 - 2005-11-18 11:41 - 0843776 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\libeay32.dll
2014-07-07 04:44 - 2005-11-18 11:36 - 1060864 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\MFC71.dll
2014-07-07 04:44 - 2005-11-18 11:36 - 0499712 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\msvcp71.dll
2014-07-07 04:44 - 2005-11-18 11:36 - 0348160 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\msvcr71.dll
2014-07-07 04:44 - 2005-11-18 11:36 - 0049152 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\openGLextensions.exe
2014-07-07 04:44 - 2005-11-18 11:36 - 0026734 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\plugins.ini
2014-07-07 04:44 - 2006-06-29 14:36 - 0045056 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Render2DCore_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0901120 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Render3DCore_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0438272 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Render3DExtension_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0638976 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Render3DFoundation_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0245760 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\RenderDirectX_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0368640 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\RenderDirectX9_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0270336 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\RenderOpenGL_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0704512 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\RenderSystem_7c.dll
2014-07-07 04:44 - 2006-06-29 14:41 - 0449760 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Resources.ja
2014-07-07 04:44 - 2006-06-29 14:36 - 0212992 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\SoundCore_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0040960 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\SoundDS3D_7c.dll
2014-07-07 04:44 - 2006-06-29 14:36 - 0031744 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\SoundDS8_7c.dll
2014-07-07 04:44 - 2005-11-18 11:41 - 0159744 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\ssleay32.dll
2014-07-07 04:44 - 2006-06-29 14:52 - 4599808 _____ (Auran) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\Trainz.exe
2014-07-07 04:44 - 2005-11-18 11:41 - 0368640 _____ (Auran) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TrainzDiag.exe
2014-07-07 04:44 - 2005-11-18 11:41 - 0245408 _____ (Microsoft Corporation) C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\unicows.dll
2014-07-07 04:44 - 2006-06-29 14:37 - 0212992 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\WaterSystem_7c.dll
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData
2014-07-07 04:44 - 2005-11-18 11:41 - 0003341 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\category-class.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000152 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\category-era.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000942 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\category-region.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000029 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\changeability.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0044947 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\container.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000014 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\controlmethod.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000029 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\deraillevel.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000020 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\faces.txt
2014-07-07 04:44 - 2006-04-18 08:54 - 0011082 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\inheritance.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000026 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\intance-type.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0031928 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\kind.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000087 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\mesh-kind.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0010150 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\newForminfo.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000511 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\newFormTemplate.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000020 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\nightmode.txt
2014-07-07 04:44 - 2006-06-29 16:02 - 0000126 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\personalDetails.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000028 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\smoke-mode.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0010116 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\stringtable.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0000089 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Bin\TETData\weather.txt
2014-07-07 04:46 - 2014-07-07 04:54 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache
2014-07-07 04:46 - 2006-06-29 16:02 - 0000004 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\messages.dat
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\bookmarks
2014-07-07 04:46 - 2014-07-07 04:46 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\internet
2014-07-07 04:46 - 2006-06-29 16:02 - 0000000 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\internet\cachefile.txt
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\libraries
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\sessions
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\syslibs
2014-07-07 04:47 - 2014-07-07 04:47 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\water
2014-07-07 04:47 - 2005-11-18 11:42 - 3276913 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Cache\water\kuid -1 6353.anim
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd
2014-07-07 04:44 - 2005-11-18 11:42 - 1440056 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\Manual_htm.bmp
2014-07-07 04:44 - 2005-11-18 11:42 - 0001896 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\manuals.htm
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images
2014-07-07 04:44 - 2005-11-18 11:42 - 0005935 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\adobe_link.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0055935 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\box_link.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0001953 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\getacro.gif
2014-07-07 04:44 - 2005-11-18 11:42 - 0120366 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0098226 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_01.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0035742 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_02.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0035310 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_04.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0075243 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_05.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0003537 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_06.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0077662 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_07.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0000585 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_08.gif
2014-07-07 04:44 - 2005-11-18 11:42 - 0019889 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_10.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0019710 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\manual_cd.jpg
2014-07-07 04:44 - 2005-11-18 11:42 - 0000043 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\images\spacer.gif
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\inc
2014-07-07 04:44 - 2005-11-18 11:42 - 0002723 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\inc\scripts.js
2014-07-07 04:44 - 2005-11-18 11:42 - 0001112 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\inc\styles.css
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\manuals
2014-07-07 04:44 - 2005-11-18 11:42 - 18137591 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Docs\manuals_cd\manuals\TRS2006_Manual.pdf
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\editing
2014-07-07 04:46 - 2014-07-07 04:47 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries
2014-07-07 04:47 - 2006-06-29 15:59 - 0001500 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\asset.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0027760 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\BaseIndustry.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0015396 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\BaseIndustryInfo.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0009640 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\BasePortal.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0004704 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Bogey.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007536 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\browser.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006972 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\buildable.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0009560 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Cabin.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0048232 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\common.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007344 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ConditionalScenarioBehavior.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0026964 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ConsistHelperInfo.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007172 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ConsistListHelper.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002256 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Constructors.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006444 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Crossing.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0016356 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DefaultLocomotiveCabin.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0022736 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DefaultSteamCabin.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0015780 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DriverCharacter.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0003032 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DriverCommand.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0004476 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DriverCommands.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0004040 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\DriverScheduleCommand.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0000720 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Flags.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0026404 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\GenericIndustry.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0020976 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\GenericPassengerStation.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006164 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\gs.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001404 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\GSTrackSearch.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0014372 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\HTMLPropertyHandler.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0012176 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\industry.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0026596 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryProductInfoCollection.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005208 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryProductInfoComplete.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0015660 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryProductInfoProcess.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0011520 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryProductInfoQueues.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002604 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryProductInfoTracks.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0012688 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IndustryTrainController.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0010044 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\interface.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0009736 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IPICProcess.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0003220 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IPICQueue.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002028 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\IPICTrack.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006716 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\junction.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006664 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\JunctionBase.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0000708 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\kuid.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001400 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\KUIDList.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002648 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Library.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0077080 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ListItemPropertyHandler.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007708 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\LoadingReport.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0013096 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\locomotive.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005632 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\log.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005440 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\MapObject.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001060 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Menu.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006336 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\MeshObject.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001812 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ModuleScript.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0012504 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\navigate.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0012968 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\OAChat.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005936 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ObjectiveList.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002780 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\OnlineAccess.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002708 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\OnlineGroup.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0014228 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\PassengerStationInfo.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002000 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\permit.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0004180 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ProductFilter.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002976 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ProductQueue.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0003080 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\PropertyBrowser.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005324 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\PropertyObject.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001932 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Requirement.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0003992 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\scenario.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006000 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\ScenarioBehavior.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007048 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\SceneryWithTrack.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0008228 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\schedule.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0007856 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\SessionVariables.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006312 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\signal.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0003252 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Soup.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005024 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\stringtable.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002344 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\timetable.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002284 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\Track.gsl
2014-07-07 04:46 - 2006-06-29 15:59 - 0005784 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\trackmark.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006540 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\trackside.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0072684 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\train.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0025408 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\TrainHelperInfo.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002736 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\TrainTimetable.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0000856 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\trainz.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0002292 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\TrainzGameObject.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0005780 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\trigger.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0006676 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\turntable.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0034072 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\vehicle.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0021508 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\VehicleHelperInfo.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0013448 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\WaybillManager.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0009016 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\world.gsl
2014-07-07 04:47 - 2006-06-29 15:59 - 0001236 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Libraries\world1.gsl
2014-07-07 04:48 - 2014-07-07 04:48 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\local
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts
2014-07-07 04:44 - 2005-11-18 11:42 - 0003396 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\asset.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0044172 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\BaseIndustry.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0017929 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\BaseIndustryInfo.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001129 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\BasePortal.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0000181 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Bogey.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0016506 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\browser.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003271 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\buildable.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0007260 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Cabin.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0078112 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\common.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006700 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ConditionalScenarioBehavior.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0034259 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ConsistHelperInfo.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003469 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ConsistListHelper.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003062 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Constructors.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001519 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Crossing.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0008309 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DefaultLocomotiveCabin.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0016913 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DefaultSteamCabin.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0021364 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DriverCharacter.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003874 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DriverCommand.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005061 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DriverCommands.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0009386 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\DriverScheduleCommand.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003418 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Flags.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0050167 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\GenericIndustry.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0014174 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\GenericPassengerStation.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0014537 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\gs.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003044 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\GSTrackSearch.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0029582 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\HTMLPropertyHandler.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0019794 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\industry.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0039321 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryProductInfoCollection.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0004911 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryProductInfoComplete.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0010877 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryProductInfoProcess.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0004150 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryProductInfoQueues.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001905 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryProductInfoTracks.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0017802 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IndustryTrainController.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0018189 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\interface.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003195 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IPICProcess.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003272 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IPICQueue.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001841 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\IPICTrack.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001513 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\junction.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006474 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\JunctionBase.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001685 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\kuid.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0002673 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\KUIDList.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0010560 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Library.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0110818 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ListItemPropertyHandler.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003403 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\LoadingReport.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005508 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\locomotive.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0007308 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\log.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0002430 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\MapObject.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0002635 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Menu.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0010656 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\MeshObject.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0000445 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ModuleScript.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0018486 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\navigate.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0016240 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\OAChat.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005232 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ObjectiveList.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0008365 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\OnlineAccess.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0004646 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\OnlineGroup.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0014341 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\PassengerStationInfo.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006616 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\permit.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006438 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ProductFilter.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005614 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ProductQueue.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0002773 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\PropertyBrowser.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0023648 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\PropertyObject.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0003630 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Requirement.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0007626 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\scenario.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0010790 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\ScenarioBehavior.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0004607 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\SceneryWithTrack.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0021619 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\schedule.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0007657 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\SessionVariables.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0004925 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\signal.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006026 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Soup.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0014216 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\stringtable.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0006713 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\timetable.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005143 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\Track.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001253 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\trackmark.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005512 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\trackside.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0128655 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\train.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0028829 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\TrainHelperInfo.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0005533 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\TrainTimetable.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0000805 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\trainz.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001726 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\TrainzGameObject.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001158 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\trigger.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001717 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\turntable.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0065182 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\vehicle.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0020009 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\VehicleHelperInfo.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0012699 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\WaybillManager.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0034302 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\world.gs
2014-07-07 04:44 - 2005-11-18 11:42 - 0001523 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Scripts\world1.gs
2014-07-07 04:44 - 2014-07-07 04:54 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings
2014-07-07 04:44 - 2005-11-18 11:42 - 0000911 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\driverdefaults.txt
2014-07-07 04:44 - 2005-11-18 11:42 - 0001796 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\driversettings.txt
2014-07-07 04:44 - 2005-11-18 11:41 - 0013084 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\keyboard.txt
2014-07-07 04:44 - 2006-06-29 16:02 - 0000036 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\kuid.txt
2014-07-07 04:44 - 2006-06-29 16:02 - 0000033 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\Surveyor.Opt
2014-07-07 04:44 - 2005-11-18 11:42 - 0001479 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\surveyorconsists.txt
2014-07-07 04:44 - 2014-07-07 04:48 - 0000048 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\tuning.dat
2014-07-07 04:54 - 2014-07-07 04:54 - 0000147 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\Settings\userd.txt
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Tmp
2014-07-07 04:44 - 2006-06-29 08:59 - 0590904 ____R () C:\Program Files\Auran\Trainz Driver - North American Edition\Tmp\trainz1.bmp
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\Video
2014-07-07 04:44 - 2014-07-07 04:46 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\World
2014-07-07 04:44 - 2006-06-29 15:30 - 6148982 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\World\Core.ja
2014-07-07 04:44 - 2006-06-29 15:57 - 1776238894 _____ () C:\Program Files\Auran\Trainz Driver - North American Edition\World\demo.ja
2014-07-07 04:44 - 2014-07-07 04:44 - 0000000 ____D () C:\Program Files\Auran\Trainz Driver - North American Edition\World\Custom
 
====== End of Folder: ======
 
 
========================= Folder: C:\Documents and Settings\Jayson_2\Application Data\Zeag ========================
 
2014-06-19 11:29 - 2014-06-19 11:29 - 0003930 _____ () C:\Documents and Settings\Jayson_2\Application Data\Zeag\ahuk.ets
2014-06-19 11:29 - 2014-06-19 11:29 - 0005647 _____ () C:\Documents and Settings\Jayson_2\Application Data\Zeag\ahuk.tmp
 
====== End of Folder: ======
 
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 

https://www.virustot...sis/1405623994/

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-07-2014 01
Ran by Test (administrator) on JAYSON on 18-07-2014 01:16:14
Running from C:\Documents and Settings\Test\Desktop
Platform: Microsoft Windows XP Home Edition Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(BL) C:\Program Files\lg_fwupdate\fwupdate.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [51048 2008-10-17] (Symantec Corporation)
HKLM\...\Run: [osCheck] => C:\Program Files\Norton 360\osCheck.exe [988512 2008-02-26] (Symantec Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [413696 2009-01-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2009-02-18] (RealNetworks, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [LGODDFU] => C:\Program Files\lg_fwupdate\fwupdate.exe [249856 2007-02-26] (BL)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.69 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord [2009-02-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-04-16]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\26.0.1410.43\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java™ Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-19]
CHR Extension: (Google Drive) - C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-19]
CHR Extension: (YouTube) - C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-19]
CHR Extension: (Google Search) - C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-19]
CHR Extension: (Gmail) - C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-19]
CHR HKLM\...\Chrome\Extension: [cdjbnddbclciabnckgeahmneohjlahdm] - C:\Documents and Settings\Jayson_2\Local Settings\Application Data\chromeupdate.crx [2014-06-19]
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx [2014-06-19]
CHR HKLM\...\Chrome\Extension: [pbkdpahkifcigckmhiafindmaflfifgm] - C:\Documents and Settings\Jayson\Local Settings\Application Data\Coupon Companion\Chrome\Coupon Companion.crx [2012-10-01]
 
========================== Services (Whitelisted) =================
 
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-21] (Symantec Corporation)
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 ccProxy; C:\Program Files\Common Files\Symantec Shared\ccProxy.exe [214888 2008-02-18] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2007-08-22] (Symantec Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [161768 2012-11-01] (Oracle Corporation)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
R2 LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-13] ()
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1245064 2009-02-18] ()
S3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 aslm75; C:\WINDOWS\system32\drivers\aslm75.sys [6272 1997-04-22] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R2 CO_Mon; C:\WINDOWS\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2009-03-13] (Symantec Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-03] (Microsoft Corporation)
R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-03] (Conexant Systems, Inc.)
R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-03] (Conexant Systems, Inc.)
R4 InCDfs; C:\WINDOWS\System32\drivers\InCDFs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\drivers\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\System32\drivers\InCDRm.sys [38440 2007-11-26] (Nero AG)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090726.022\NAVENG.SYS [87888 2009-07-15] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20090726.022\NAVEX15.SYS [875728 2009-07-15] (Symantec Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-03] (Microsoft Corporation)
R3 nvax; C:\WINDOWS\System32\drivers\nvax.sys [48640 2004-05-25] (NVIDIA Corporation)
S3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [70656 2003-06-06] (NVIDIA Corporation)
R3 nvnforce; C:\WINDOWS\System32\drivers\nvapu.sys [396032 2004-05-25] (NVIDIA Corporation)
R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [18688 2003-03-19] (NVIDIA Corporation)
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [447024 2008-09-05] (Symantec Corporation)
S3 SQTECH905C; C:\WINDOWS\System32\Drivers\Capt905c.sys [38937 2005-03-24] (Service & Quality Technology.) [File not signed]
S3 SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [279088 2008-01-31] (Symantec Corporation)
S3 SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [317616 2008-01-31] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [43696 2008-01-31] (Symantec Corporation)
R3 SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [13616 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [124464 2009-02-18] (Symantec Corporation)
S3 SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [96560 2009-02-19] (Symantec Corporation)
S3 SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [38576 2009-02-19] (Symantec Corporation)
S3 SYMIDSCO; C:\Program Files\Common Files\Symantec Shared\SymcData\ipsdefs\20090730.002\SymIDSco.sys [251768 2009-04-20] (Symantec Corporation)
S3 SymIM; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2009-02-19] (Symantec Corporation)
R3 SymIMMP; C:\WINDOWS\System32\DRIVERS\SymIM.sys [31280 2009-02-19] (Symantec Corporation)
R0 symlcbrd; C:\WINDOWS\System32\drivers\symlcbrd.sys [10344 2012-08-06] (Symantec Corporation)
S3 SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [37424 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [22320 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [184496 2009-02-19] (Symantec Corporation)
R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-03] (Conexant Systems, Inc.)
S3 WLAN(WLAN); C:\WINDOWS\System32\DRIVERS\zd1211u.sys [278016 2005-08-16] (ZyDAS Technology Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 RT73; system32\DRIVERS\rt73.sys [X]
U3 TlntSvr; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-18 01:16 - 2014-07-18 01:17 - 00018364 _____ () C:\Documents and Settings\Test\Desktop\FRST.txt
2014-07-18 01:06 - 2014-07-18 01:06 - 00000120 _____ () C:\Documents and Settings\Test\Desktop\webpage.txt
2014-07-18 01:00 - 2014-07-18 01:00 - 00094208 _____ () C:\WINDOWS\Minidump\Mini071814-01.dmp
2014-07-17 04:09 - 2014-07-17 04:09 - 00011484 _____ () C:\ComboFix.txt
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Jayson\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\temp
2014-07-17 00:51 - 2014-07-17 00:51 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-07-16 21:09 - 2014-07-16 21:09 - 00000000 _RSHD () C:\cmdcons
2014-07-16 21:09 - 2006-08-18 18:30 - 00000211 _____ () C:\Boot.bak
2014-07-16 21:09 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-07-16 21:06 - 2011-06-26 00:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-07-16 21:06 - 2010-11-07 11:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-07-16 21:06 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-07-16 21:06 - 2000-08-30 18:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-07-16 21:02 - 2014-07-17 04:09 - 00000000 ____D () C:\Qoobox
2014-07-16 21:01 - 2014-07-17 04:07 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-16 21:01 - 2014-07-16 08:53 - 05221447 ____R (Swearware) C:\Documents and Settings\Test\Desktop\ComboFix.exe
2014-07-16 21:01 - 2014-07-14 15:08 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Test\Desktop\aswMBR.exe
2014-07-16 21:01 - 2014-07-14 15:07 - 01076736 _____ (Farbar) C:\Documents and Settings\Test\Desktop\FRST.exe
2014-07-16 07:05 - 2014-07-16 02:06 - 00140872 _____ () C:\Documents and Settings\Test\My Documents\Untitled.skb
2014-07-16 02:06 - 2014-07-16 07:05 - 00309242 _____ () C:\Documents and Settings\Test\My Documents\Untitled.skp
2014-07-16 01:21 - 2014-07-16 01:21 - 00287204 _____ () C:\Documents and Settings\Test\My Documents\AutoSave_Untitled_1.skp
2014-07-15 23:29 - 2014-07-16 01:12 - 00287108 _____ () C:\Documents and Settings\Test\My Documents\AutoSave_Untitled.skp
2014-07-15 03:19 - 2014-07-18 01:16 - 00000000 ____D () C:\FRST
2014-07-15 02:06 - 2014-07-15 02:16 - 00053135 _____ () C:\Documents and Settings\Test\Desktop\DxDiag.txt
2014-07-15 00:54 - 2014-07-15 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google
2014-07-15 00:47 - 2014-07-15 00:47 - 00001762 _____ () C:\Documents and Settings\All Users\Desktop\SketchUp 8.lnk
2014-07-15 00:47 - 2014-07-15 00:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 8
2014-07-15 00:30 - 2014-07-15 00:55 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-07-15 00:19 - 2014-07-15 00:19 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Google
2014-07-14 00:22 - 2014-07-14 00:22 - 00102400 _____ () C:\WINDOWS\Minidump\Mini071414-01.dmp
2014-07-09 03:37 - 2014-07-09 03:37 - 00000831 _____ () C:\Documents and Settings\Test\Desktop\LEGOLAND.lnk
2014-07-09 03:37 - 2014-07-09 03:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\LEGOLANDDeInstKey
2014-07-09 03:36 - 2014-07-09 03:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\LEGO Media
2014-07-09 03:34 - 2014-06-19 21:26 - 00000039 _____ () C:\WINDOWS\wininit.bak
2014-07-09 00:13 - 2014-07-09 00:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070914-01.dmp
2014-07-08 22:53 - 2014-07-08 22:53 - 00102400 _____ () C:\WINDOWS\Minidump\Mini070814-01.dmp
2014-07-08 05:15 - 2014-07-08 05:16 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Microsoft Games
2014-07-08 05:15 - 2014-07-08 05:15 - 00001475 _____ () C:\Documents and Settings\All Users\Desktop\Zoo Tycoon 2.lnk
2014-07-08 05:15 - 2014-07-08 05:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Games
2014-07-08 01:24 - 2014-07-08 01:24 - 00000000 ____D () C:\LemonT
2014-07-08 01:24 - 2014-07-08 01:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MumboJumbo
2014-07-08 00:17 - 2014-07-08 00:21 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\.minecraft
2014-07-07 20:55 - 2014-07-07 20:55 - 00000000 ____D () C:\Documents and Settings\Test\My Documents\EA Games
2014-07-07 20:48 - 2014-07-07 20:48 - 00043720 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-07-07 05:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-07-07 05:19 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-07-07 05:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-07-07 05:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-07-07 05:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-07-07 05:19 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-07-07 05:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-07-07 05:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-07-07 05:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2014-07-07 05:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2014-07-07 05:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2014-07-07 05:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2014-07-07 05:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2014-07-07 05:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2014-07-07 05:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2014-07-07 05:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2014-07-07 05:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2014-07-07 05:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2014-07-07 05:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2014-07-07 05:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2014-07-07 05:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2014-07-07 05:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2014-07-07 05:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2014-07-07 05:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2014-07-07 05:19 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2014-07-07 05:19 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2014-07-07 05:19 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2014-07-07 05:19 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2014-07-07 05:19 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2014-07-07 05:19 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2014-07-07 05:19 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2014-07-07 05:19 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2014-07-07 05:19 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2014-07-07 05:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2014-07-07 05:19 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2014-07-07 05:19 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2014-07-07 05:19 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2014-07-07 05:19 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2014-07-07 05:19 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2014-07-07 05:19 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2014-07-07 05:19 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2014-07-07 05:19 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2014-07-07 05:19 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2014-07-07 05:19 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2014-07-07 05:19 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2014-07-07 05:19 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2014-07-07 05:19 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2014-07-07 05:19 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2014-07-07 05:18 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2014-07-07 05:18 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2014-07-07 05:18 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2014-07-07 05:18 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2014-07-07 05:18 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2014-07-07 05:18 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2014-07-07 05:18 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2014-07-07 05:18 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2014-07-07 05:12 - 2014-07-08 23:37 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Application Data\Systweak
2014-07-07 05:12 - 2014-07-07 05:16 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-07 05:02 - 2014-07-07 05:45 - 00053207 _____ () C:\Documents and Settings\Jayson_2\Desktop\DxDiag.txt
2014-07-07 04:44 - 2014-07-07 04:44 - 00000000 ____D () C:\Program Files\Auran
2014-07-07 04:42 - 2014-07-07 04:51 - 00001478 _____ () C:\Documents and Settings\All Users\Desktop\The Sims 2 University.lnk
2014-07-07 04:24 - 2014-07-07 04:24 - 00001521 _____ () C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
2014-07-07 04:23 - 2014-07-07 04:23 - 00000000 ____D () C:\Documents and Settings\Jayson_2\My Documents\EA Games
2014-07-07 04:18 - 2014-07-09 03:36 - 00000000 ____D () C:\Games
2014-07-07 04:05 - 2014-07-07 04:05 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-04.dmp
2014-07-07 02:23 - 2014-07-08 23:37 - 00010100 _____ () C:\WINDOWS\system32\.crusader
2014-07-07 02:19 - 2014-07-06 12:25 - 10278752 _____ (SurfRight B.V.) C:\Documents and Settings\Test\Desktop\HitmanPro.exe
2014-07-07 02:17 - 2014-07-07 02:17 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-07 01:58 - 2014-07-07 01:58 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-03.dmp
2014-07-07 01:29 - 2014-07-07 02:23 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-07-07 01:27 - 2014-07-07 01:26 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-02.dmp
2014-07-07 00:33 - 2014-07-07 00:33 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-01.dmp
2014-07-06 22:55 - 2014-07-06 22:55 - 00043720 _____ () C:\Documents and Settings\Test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-06-19 21:39 - 2008-04-13 18:12 - 00343040 _____ (Microsoft Corporation) C:\Documents and Settings\Test\Desktop\mspaint.exe
2014-06-19 21:20 - 2014-07-15 00:54 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Adobe
2014-06-19 21:20 - 2014-07-08 01:13 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Adobe
2014-06-19 21:17 - 2014-06-19 21:17 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Sun
2014-06-19 21:17 - 2014-06-19 21:17 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Sun
2014-06-19 21:04 - 2014-06-19 21:04 - 00102400 _____ () C:\WINDOWS\Minidump\Mini061914-02.dmp
2014-06-19 20:51 - 2014-07-09 09:34 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Google
2014-06-19 20:46 - 2014-07-18 01:00 - 00000000 ____D () C:\Documents and Settings\Test\Start Menu\Programs\CyberLink DVD Suite
2014-06-19 20:46 - 2014-06-19 20:46 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Symantec
2014-06-19 20:46 - 2014-06-19 20:46 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Real
2014-06-19 20:45 - 2014-07-18 01:17 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Temp
2014-06-19 20:45 - 2014-07-18 00:57 - 00000178 ___SH () C:\Documents and Settings\Test\ntuser.ini
2014-06-19 20:45 - 2014-07-17 00:43 - 00000000 ____D () C:\Documents and Settings\Test
2014-06-19 20:45 - 2014-06-19 20:51 - 00001813 _____ () C:\Documents and Settings\Test\Desktop\Google Chrome.lnk
2014-06-19 20:45 - 2014-06-19 20:45 - 00000738 _____ () C:\Documents and Settings\Test\Start Menu\Programs\Outlook Express.lnk
2014-06-19 20:45 - 2014-06-19 20:45 - 00000000 ___RD () C:\Documents and Settings\Test\Start Menu\Programs\Accessories
2014-06-19 20:45 - 2012-08-24 12:39 - 00001599 _____ () C:\Documents and Settings\Test\Start Menu\Programs\Remote Assistance.lnk
2014-06-19 20:29 - 2014-06-19 20:29 - 00102400 _____ () C:\WINDOWS\Minidump\Mini061914-01.dmp
 
==================== One Month Modified Files and Folders =======
 
2014-07-18 01:17 - 2014-07-18 01:16 - 00018364 _____ () C:\Documents and Settings\Test\Desktop\FRST.txt
2014-07-18 01:17 - 2014-06-19 20:45 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Temp
2014-07-18 01:16 - 2014-07-15 03:19 - 00000000 ____D () C:\FRST
2014-07-18 01:15 - 2012-08-15 08:07 - 00000428 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{BF42D0B3-AEA6-4540-BB80-648BE8B01EAB}.job
2014-07-18 01:08 - 2006-08-18 18:34 - 01797102 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-18 01:06 - 2014-07-18 01:06 - 00000120 _____ () C:\Documents and Settings\Test\Desktop\webpage.txt
2014-07-18 01:03 - 2006-08-18 18:38 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-07-18 01:00 - 2014-07-18 01:00 - 00094208 _____ () C:\WINDOWS\Minidump\Mini071814-01.dmp
2014-07-18 01:00 - 2014-06-19 20:46 - 00000000 ____D () C:\Documents and Settings\Test\Start Menu\Programs\CyberLink DVD Suite
2014-07-18 01:00 - 2012-12-26 16:16 - 00000414 _____ () C:\WINDOWS\Tasks\ReclaimerResumeInstallLogin_Jayson.job
2014-07-18 01:00 - 2012-10-01 15:25 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-18 01:00 - 2012-09-21 16:28 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-18 01:00 - 2010-04-05 19:24 - 00000265 _____ () C:\WINDOWS\lgfwup.ini
2014-07-18 01:00 - 2010-04-05 19:24 - 00000000 ____D () C:\Program Files\lg_fwupdate
2014-07-18 01:00 - 2006-08-18 18:38 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-18 01:00 - 2006-08-18 12:44 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2014-07-18 01:00 - 2006-08-18 12:44 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-18 01:00 - 2006-02-28 06:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-18 00:57 - 2014-06-19 20:45 - 00000178 ___SH () C:\Documents and Settings\Test\ntuser.ini
2014-07-18 00:57 - 2006-08-18 18:38 - 00032372 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-17 05:49 - 2012-10-01 15:25 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 04:09 - 2014-07-17 04:09 - 00011484 _____ () C:\ComboFix.txt
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Jayson\Local Settings\temp
2014-07-17 04:09 - 2014-07-17 04:09 - 00000000 ____D () C:\Documents and Settings\Guest\Local Settings\temp
2014-07-17 04:09 - 2014-07-16 21:02 - 00000000 ____D () C:\Qoobox
2014-07-17 04:08 - 2006-08-18 12:42 - 00525946 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-17 04:07 - 2014-07-16 21:01 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-17 04:04 - 2006-02-28 06:00 - 00000296 _____ () C:\WINDOWS\system.ini
2014-07-17 00:52 - 2006-08-18 12:40 - 00262144 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2014-07-17 00:52 - 2006-08-18 12:40 - 00262144 _____ () C:\WINDOWS\system32\config\SAM.bak
2014-07-17 00:52 - 2006-08-18 12:39 - 29622272 _____ () C:\WINDOWS\system32\config\software.bak
2014-07-17 00:52 - 2006-08-18 12:39 - 10747904 _____ () C:\WINDOWS\system32\config\system.bak
2014-07-17 00:52 - 2006-08-18 12:39 - 00786432 _____ () C:\WINDOWS\system32\config\default.bak
2014-07-17 00:51 - 2014-07-17 00:51 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-07-17 00:51 - 2014-07-17 00:51 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2014-07-17 00:43 - 2014-06-19 20:45 - 00000000 ____D () C:\Documents and Settings\Test
2014-07-16 21:09 - 2014-07-16 21:09 - 00000000 _RSHD () C:\cmdcons
2014-07-16 21:09 - 2006-08-18 12:39 - 00000327 __RSH () C:\boot.ini
2014-07-16 08:53 - 2014-07-16 21:01 - 05221447 ____R (Swearware) C:\Documents and Settings\Test\Desktop\ComboFix.exe
2014-07-16 07:05 - 2014-07-16 02:06 - 00309242 _____ () C:\Documents and Settings\Test\My Documents\Untitled.skp
2014-07-16 02:06 - 2014-07-16 07:05 - 00140872 _____ () C:\Documents and Settings\Test\My Documents\Untitled.skb
2014-07-16 01:21 - 2014-07-16 01:21 - 00287204 _____ () C:\Documents and Settings\Test\My Documents\AutoSave_Untitled_1.skp
2014-07-16 01:12 - 2014-07-15 23:29 - 00287108 _____ () C:\Documents and Settings\Test\My Documents\AutoSave_Untitled.skp
2014-07-15 23:13 - 2012-12-26 16:16 - 00000414 _____ () C:\WINDOWS\Tasks\ReclaimerResumeInstall_Jayson.job
2014-07-15 02:16 - 2014-07-15 02:06 - 00053135 _____ () C:\Documents and Settings\Test\Desktop\DxDiag.txt
2014-07-15 02:13 - 2006-08-18 12:41 - 01646902 _____ () C:\WINDOWS\setupapi.log
2014-07-15 02:11 - 2006-08-18 20:12 - 00000278 ___SH () C:\Documents and Settings\Jayson_2\ntuser.ini
2014-07-15 02:07 - 2010-04-05 19:19 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Start Menu\Programs\CyberLink DVD Suite
2014-07-15 00:55 - 2014-07-15 00:30 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-07-15 00:54 - 2014-07-15 00:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google
2014-07-15 00:54 - 2014-06-19 21:20 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Adobe
2014-07-15 00:47 - 2014-07-15 00:47 - 00001762 _____ () C:\Documents and Settings\All Users\Desktop\SketchUp 8.lnk
2014-07-15 00:47 - 2014-07-15 00:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 8
2014-07-15 00:47 - 2012-10-01 15:25 - 00000000 ____D () C:\Program Files\Google
2014-07-15 00:19 - 2014-07-15 00:19 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Google
2014-07-14 15:08 - 2014-07-16 21:01 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Test\Desktop\aswMBR.exe
2014-07-14 15:07 - 2014-07-16 21:01 - 01076736 _____ (Farbar) C:\Documents and Settings\Test\Desktop\FRST.exe
2014-07-14 00:22 - 2014-07-14 00:22 - 00102400 _____ () C:\WINDOWS\Minidump\Mini071414-01.dmp
2014-07-09 09:34 - 2014-06-19 20:51 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Google
2014-07-09 03:37 - 2014-07-09 03:37 - 00000831 _____ () C:\Documents and Settings\Test\Desktop\LEGOLAND.lnk
2014-07-09 03:37 - 2014-07-09 03:37 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\LEGOLANDDeInstKey
2014-07-09 03:36 - 2014-07-09 03:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\LEGO Media
2014-07-09 03:36 - 2014-07-07 04:18 - 00000000 ____D () C:\Games
2014-07-09 03:34 - 2006-08-18 18:48 - 00041511 _____ () C:\WINDOWS\DirectX.log
2014-07-09 00:13 - 2014-07-09 00:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070914-01.dmp
2014-07-08 23:37 - 2014-07-07 05:12 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Application Data\Systweak
2014-07-08 23:37 - 2014-07-07 02:23 - 00010100 _____ () C:\WINDOWS\system32\.crusader
2014-07-08 22:53 - 2014-07-08 22:53 - 00102400 _____ () C:\WINDOWS\Minidump\Mini070814-01.dmp
2014-07-08 05:16 - 2014-07-08 05:15 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Microsoft Games
2014-07-08 05:15 - 2014-07-08 05:15 - 00001475 _____ () C:\Documents and Settings\All Users\Desktop\Zoo Tycoon 2.lnk
2014-07-08 05:15 - 2014-07-08 05:15 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Games
2014-07-08 05:15 - 2006-08-18 18:45 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-08 05:15 - 2006-08-18 18:33 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-07-08 01:24 - 2014-07-08 01:24 - 00000000 ____D () C:\LemonT
2014-07-08 01:24 - 2014-07-08 01:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\MumboJumbo
2014-07-08 01:14 - 2009-02-18 13:37 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-07-08 01:14 - 2007-05-31 19:10 - 00000000 ____D () C:\Program Files\MyDSC2
2014-07-08 01:14 - 2006-08-18 18:31 - 00000000 ____D () C:\Program Files\Messenger
2014-07-08 01:13 - 2014-06-19 21:20 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Adobe
2014-07-08 01:12 - 2009-02-23 14:50 - 00000376 _____ () C:\WINDOWS\ODBC.INI
2014-07-08 00:21 - 2014-07-08 00:17 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\.minecraft
2014-07-07 20:55 - 2014-07-07 20:55 - 00000000 ____D () C:\Documents and Settings\Test\My Documents\EA Games
2014-07-07 20:48 - 2014-07-07 20:48 - 00043720 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-07-07 05:58 - 2006-08-18 20:12 - 00000000 ____D () C:\Documents and Settings\Jayson_2
2014-07-07 05:45 - 2014-07-07 05:02 - 00053207 _____ () C:\Documents and Settings\Jayson_2\Desktop\DxDiag.txt
2014-07-07 05:40 - 2006-08-18 18:45 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-07-07 05:16 - 2014-07-07 05:12 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-07-07 04:51 - 2014-07-07 04:42 - 00001478 _____ () C:\Documents and Settings\All Users\Desktop\The Sims 2 University.lnk
2014-07-07 04:47 - 2006-08-18 18:32 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-07-07 04:44 - 2014-07-07 04:44 - 00000000 ____D () C:\Program Files\Auran
2014-07-07 04:24 - 2014-07-07 04:24 - 00001521 _____ () C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
2014-07-07 04:23 - 2014-07-07 04:23 - 00000000 ____D () C:\Documents and Settings\Jayson_2\My Documents\EA Games
2014-07-07 04:05 - 2014-07-07 04:05 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-04.dmp
2014-07-07 02:23 - 2014-07-07 01:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-07-07 02:17 - 2014-07-07 02:17 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-07 01:58 - 2014-07-07 01:58 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-03.dmp
2014-07-07 01:26 - 2014-07-07 01:27 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-02.dmp
2014-07-07 00:33 - 2014-07-07 00:33 - 00094208 _____ () C:\WINDOWS\Minidump\Mini070714-01.dmp
2014-07-06 22:55 - 2014-07-06 22:55 - 00043720 _____ () C:\Documents and Settings\Test\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-07-06 12:25 - 2014-07-07 02:19 - 10278752 _____ (SurfRight B.V.) C:\Documents and Settings\Test\Desktop\HitmanPro.exe
2014-06-19 22:00 - 2006-08-18 12:42 - 01366079 _____ () C:\WINDOWS\FaxSetup.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00744350 _____ () C:\WINDOWS\ocgen.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00547177 _____ () C:\WINDOWS\tsoc.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00467577 _____ () C:\WINDOWS\comsetup.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00291530 _____ () C:\WINDOWS\ntdtcsetup.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00210688 _____ () C:\WINDOWS\iis6.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00078135 _____ () C:\WINDOWS\ocmsn.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00071317 _____ () C:\WINDOWS\msgsocm.log
2014-06-19 22:00 - 2006-08-18 12:42 - 00003739 _____ () C:\WINDOWS\imsins.log
2014-06-19 21:58 - 2006-08-18 12:40 - 00174074 _____ () C:\WINDOWS\setupact.log
2014-06-19 21:46 - 2006-08-18 20:08 - 00004732 _____ () C:\WINDOWS\entpack.ini
2014-06-19 21:43 - 2008-03-24 10:41 - 00000000 ____D () C:\Documents and Settings\Guest
2014-06-19 21:26 - 2014-07-09 03:34 - 00000039 _____ () C:\WINDOWS\wininit.bak
2014-06-19 21:26 - 2006-08-18 18:45 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-19 21:26 - 2006-08-18 12:33 - 00000000 ___RD () C:\WINDOWS\Web
2014-06-19 21:19 - 2013-03-10 14:46 - 00000000 ____D () C:\Documents and Settings\Jayson_2\My Documents\My Games
2014-06-19 21:17 - 2014-06-19 21:17 - 00000000 ____D () C:\Documents and Settings\Test\Local Settings\Application Data\Sun
2014-06-19 21:17 - 2014-06-19 21:17 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Sun
2014-06-19 21:17 - 2006-08-18 18:32 - 00070433 _____ () C:\WINDOWS\wmsetup.log
2014-06-19 21:04 - 2014-06-19 21:04 - 00102400 _____ () C:\WINDOWS\Minidump\Mini061914-02.dmp
2014-06-19 21:00 - 2009-03-13 12:55 - 00000000 ____D () C:\Program Files\Norton Security Scan
2014-06-19 20:51 - 2014-06-19 20:45 - 00001813 _____ () C:\Documents and Settings\Test\Desktop\Google Chrome.lnk
2014-06-19 20:46 - 2014-06-19 20:46 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Symantec
2014-06-19 20:46 - 2014-06-19 20:46 - 00000000 ____D () C:\Documents and Settings\Test\Application Data\Real
2014-06-19 20:45 - 2014-06-19 20:45 - 00000738 _____ () C:\Documents and Settings\Test\Start Menu\Programs\Outlook Express.lnk
2014-06-19 20:45 - 2014-06-19 20:45 - 00000000 ___RD () C:\Documents and Settings\Test\Start Menu\Programs\Accessories
2014-06-19 20:45 - 2006-08-18 18:40 - 00000178 ___SH () C:\Documents and Settings\Jayson\ntuser.ini
2014-06-19 20:43 - 2012-10-01 15:18 - 00000000 ____D () C:\Documents and Settings\Jayson\Start Menu\Programs\CyberLink DVD Suite
2014-06-19 20:29 - 2014-06-19 20:29 - 00102400 _____ () C:\WINDOWS\Minidump\Mini061914-01.dmp
2014-06-19 11:49 - 2009-02-18 11:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2014-06-19 11:29 - 2012-11-15 19:52 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Application Data\Zeag
2014-06-19 11:25 - 2012-10-23 15:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
2014-06-19 11:11 - 2013-03-10 14:46 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Local Settings\Application Data\My Games
2014-06-19 10:13 - 2014-01-18 00:31 - 02250054 _____ () C:\Documents and Settings\Jayson_2\Application Data\wincreen.bmp
2014-06-19 10:04 - 2012-01-01 10:36 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Desktop\fav's
2014-06-19 10:03 - 2012-08-24 11:38 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Desktop\Important stuff
 
==================== Bamital & volsnap Check =================
 
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-07-2014 01
Ran by Test at 2014-07-18 01:18:06
Running from C:\Documents and Settings\Test\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton 360 (Disabled - Up to date) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 (Disabled) {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}
 
==================== Installed Programs ======================
 
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.268 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AppCore (Version: 2.0.0.79 - Symantec Corporation) Hidden
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS Probe V2.21.08 (HKLM\...\ASUS Probe V2.21.08) (Version:  - )
Backup (Version: 1.0.0.382 - Symantec Corporation) Hidden
Bonus (Version: 2.1.0.55 - Symantec Corporation) Hidden
CC_ccProxyExt (Version: 107.0.5.5 - Symantec) Hidden
ccCommon (Version: 107.0.5.5 - Symantec) Hidden
ccPxyCore (Version: 107.0.5.5 - Symantec) Hidden
CIB (Version: 2.1.0.55 - Symantec Corporation) Hidden
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
DirectX Media Runtime 5.1 (HKLM\...\DirectXMediaRuntime) (Version:  - )
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 26.0.1410.43 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Juno (HKLM\...\{92F36672-245D-11D5-AC74-00105A0CF83E}) (Version:  - Juno Online Services, Inc.)
LEGOLAND (HKLM\...\LEGOLANDDeInstKey) (Version:  - )
Lemonade Tycoon 2 (HKLM\...\Lemonade Tycoon 2) (Version:  - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 6.01.0723.01 - )
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.1.234 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.4.1.238 - Symantec Corporation) Hidden
Managed DirectX (0900) (Version: 4.09.00.0900 - Microsoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 16.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
MyDSC2 (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.00.000 - )
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51033}) (Version: 7.03.0920 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Norton 360 (Symantec Corporation) (HKLM\...\SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}) (Version: 2.0.0.242 - Symantec Corporation)
Norton 360 (Version: 2.0.0.242 - Symantec Corporation) Hidden
Norton 360 HTMLHelp (Version: 2.0.0.175 - Symantec Corporation) Hidden
Norton Add-on Pack (Symantec Corporation) (HKLM\...\SymSetup.{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}) (Version: 2.1.0.55 - Symantec Corporation)
Norton AntiSpam (Version: 2.1.0.55 - Symantec Corporation) Hidden
Norton AntiVirus Help (Version: 15.0 - Symantec Corporation) Hidden
Norton Confidential Core (Version: 2.6.0.3 - Symantec Corporation) Hidden
Norton Security Scan (Symantec Corporation) (HKLM\...\NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}) (Version: 2.0.0 - Symantec Corporation)
Norton Security Scan (Version: 2.0.0 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA System Utility (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Utility (Version: 1.00.0000 - NVIDIA Corporation) Hidden
Parental Control (Version: 2.1.0.55 - Symantec Corporation) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
QuickTime (HKLM\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
QuickTime 3.0 (HKLM\...\QuickTime 3.0) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Shockwave (HKLM\...\Shockwave) (Version:  - )
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
SPBBC 32bit (Version: 4.1.0.15 - Symantec Corporation) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Real Time Storage Protection Component (Version: 10.2.3.9 - Symantec Corporation) Hidden
Symantec Technical Support Controls (Version: 3.5.3 - Symantec Corporation) Hidden
SymNet (Version: 8.0.3.4 - Symantec Corporation) Hidden
The Sims 2 (HKLM\...\{40C03514-89C3-41BA-0090-3B440256DB87}) (Version:  - )
Trainz Driver - North American Edition (HKLM\...\{884CF242-39EC-4AB3-8785-13948CC89B94}) (Version: 1.00.000 - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB894391) (HKLM\...\KB894391) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB900485) (HKLM\...\KB900485) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB904942) (HKLM\...\KB904942) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB908531) (HKLM\...\KB908531) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB910437) (HKLM\...\KB910437) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB911164) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB911280) (HKLM\...\KB911280) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB916595) (HKLM\...\KB916595) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB920872) (HKLM\...\KB920872) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB922582) (HKLM\...\KB922582) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925720) (HKLM\...\KB925720) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925876) (HKLM\...\KB925876) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB930916) (HKLM\...\KB930916) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB932823-v3) (HKLM\...\KB932823-v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB938828) (HKLM\...\KB938828) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Format SDK Hotfix - KB891122 (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Hotfix - KB873339 (HKLM\...\KB873339) (Version: 20041117.092459 - Microsoft Corporation)
Windows XP Hotfix - KB885835 (HKLM\...\KB885835) (Version: 20041027.181713 - Microsoft Corporation)
Windows XP Hotfix - KB885836 (HKLM\...\KB885836) (Version: 20041028.173203 - Microsoft Corporation)
Windows XP Hotfix - KB886185 (HKLM\...\KB886185) (Version: 20041021.090540 - Microsoft Corporation)
Windows XP Hotfix - KB887472 (HKLM\...\KB887472) (Version: 20041014.162858 - Microsoft Corporation)
Windows XP Hotfix - KB888302 (HKLM\...\KB888302) (Version: 20041207.111426 - Microsoft Corporation)
Windows XP Hotfix - KB890859 (HKLM\...\KB890859) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB891781 (HKLM\...\KB891781) (Version: 20050110.165439 - Microsoft Corporation)
Zoo Tycoon 2 - Ultimate Collection (HKLM\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (Version: 1.00.0000 - Microsoft Game Studios) Hidden
 
==================== Restore Points  =========================
 
19-06-2014 16:11:56 Restore Operation
19-06-2014 16:29:24 Removed Zoo Tycoon 2 - Ultimate Collection
19-06-2014 16:53:21 Removed Zoo Tycoon 2 - Ultimate Collection
19-06-2014 17:17:54 Removed Mall Tycoon 3
20-06-2014 03:31:13 Removed Zoo Tycoon 2 - Ultimate Collection
07-07-2014 07:39:50 Checkpoint by HitmanPro
07-07-2014 07:42:58 Checkpoint by HitmanPro
07-07-2014 07:47:58 Checkpoint by HitmanPro
07-07-2014 07:49:24 Checkpoint by HitmanPro
07-07-2014 09:57:24 Restore Operation
07-07-2014 09:58:19 Restore Operation
07-07-2014 10:44:22 Installed Trainz Driver - North American Edition
07-07-2014 11:17:44 Installed DirectX
07-07-2014 11:40:31 Rollback to an unsigned driver
08-07-2014 10:50:48 Installed Zoo Tycoon 2 - Ultimate Collection
09-07-2014 11:49:47 System Checkpoint
15-07-2014 06:13:02 System Checkpoint
15-07-2014 06:16:49 Installed SketchUp Pro 8
15-07-2014 06:28:42 Removed SketchUp Pro 8
15-07-2014 06:46:44 Installed SketchUp 8
17-07-2014 10:57:47 System Checkpoint
 
==================== Hosts content: ==========================
 
2006-02-28 06:00 - 2014-07-17 04:04 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Norton Security Scan for Jayson.job => C:\Program Files\Norton Security Scan\Nss.exe
Task: C:\WINDOWS\Tasks\ReclaimerResumeInstallLogin_Jayson.job => C:\Documents and Settings\Jayson\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\ReclaimerResumeInstall_Jayson.job => C:\Documents and Settings\Jayson\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{BF42D0B3-AEA6-4540-BB80-648BE8B01EAB}.job => C:\WINDOWS\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2006-02-28 06:00 - 2008-03-24 22:50 - 00355112 _____ () C:\WINDOWS\system32\msjetoledb40.dll
2010-04-05 19:19 - 2007-05-13 20:54 - 00272024 ____N () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: NVIDIA nForce MCP Networking Controller
Description: NVIDIA nForce MCP Networking Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Nvidia
Service: NVENET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: RAID Controller
Description: RAID Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/16/2014 08:55:30 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 03:02:40 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 01:25:28 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 01:16:02 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 11:11:18 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:41:09 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:28:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application aswMBR.exe, version 1.0.1.2041, faulting module aswMBR.exe, version 1.0.1.2041, fault address 0x000059d0.
Processing media-specific event for [aswMBR.exe!ws!]
 
Error: (07/15/2014 03:06:51 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:05:15 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 02:48:48 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
 
System errors:
=============
Error: (07/18/2014 01:01:00 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 1000000a, parameter1 80d50cdc, parameter2 00000002, parameter3 00000000, parameter4 804f97a7.
 
Error: (07/17/2014 04:05:34 AM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (07/16/2014 01:13:53 AM) (Source: 0) (EventID: 108) (User: )
Description: \Device\Video0displayati2dvag
 
Error: (07/15/2014 02:29:30 AM) (Source: 0) (EventID: 108) (User: )
Description: \Device\Video0displayati2dvag
 
Error: (07/14/2014 00:23:05 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 100000ea, parameter1 82858428, parameter2 82b8bf60, parameter3 f88c6cb4, parameter4 00000001.
 
Error: (07/09/2014 00:14:02 AM) (Source: System Error) (EventID: 1003) (User: )
Description: Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.
 
Error: (07/09/2014 00:00:17 AM) (Source: 0) (EventID: 877) (User: )
Description: DATABASE OPEN FAILED
 
Error: (07/08/2014 11:28:20 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort0
 
Error: (07/08/2014 11:27:44 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort0
 
Error: (07/08/2014 11:20:42 PM) (Source: 0) (EventID: 9) (User: )
Description: \Device\Ide\IdePort0
 
 
Microsoft Office Sessions:
=========================
Error: (07/16/2014 08:55:30 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/16/2014 03:02:40 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/16/2014 01:25:28 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/16/2014 01:16:02 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/15/2014 11:11:18 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/15/2014 03:41:09 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/15/2014 03:28:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: aswMBR.exe1.0.1.2041aswMBR.exe1.0.1.2041000059d0
 
Error: (07/15/2014 03:06:51 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/15/2014 03:05:15 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
Error: (07/15/2014 02:48:48 AM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 48%
Total physical RAM: 511.48 MB
Available physical RAM: 263.38 MB
Total Pagefile: 1250.88 MB
Available Pagefile: 1031.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.46 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.52 GB) (Free:50 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (ZT2UCD1) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:1.01 GB) (Free:1.01 GB) FAT32
Drive f: (Sims2EP1_1) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 75 GB) (Disk ID: 049D049C)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1 GB) (Disk ID: 20AE20AD)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
 
==================== End Of Log ============================

  • 0

#21
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson,
 
Your logs indicate your anti-virus (Norton 360) is disabled. Please attempt to enable it. 

STEP 1
U5NwUGc.png Manually Removing Chrome Extension

  • Open Chrome.
  • Type chrome://extensions/ into the URL bar. 
  • Click the cCN6rtf.png button next to the following extensions (if present).
    • chromeupdate
    • DefaultTab
    • Coupon Companion
       

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    C:\Documents and Settings\Jayson\Local Settings\Application Data\Coupon Companion
    2014-07-07 05:12 - 2014-07-08 23:37 - 00000000 ____D () C:\Documents and Settings\Jayson_2\Application Data\Systweak
    C:\Documents and Settings\Jayson_2\Application Data\Zeag
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Double-click FRST.exe to run the programme.
  • Click Fix.
  • Upon completion, your computer will reboot. If not, please manually reboot.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 3
gxJsKn9.png Farbar Service Scanner (FSS)

  • Please download FSS and save the file to your desktop.
  • Double-click FSS.exe to run the programme.
  • Ensure the following items are checked:
    • H5woOOZ.png.
    • TA6BLVm.png.
    • e1PK1mD.png.
    • mQdJltp.png.
    • 7wCHunX.png.
    • wU6iCZ5.png.
  • Click YMLYaf6.png.
  • A log (FSS.txt) will be created on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did you enable Norton 360?
  • Did you remove the Chrome extensions?
  • Fixlog.txt
  • FSS.txt

  • 0

#22
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

I can not enable Norton, it is beyond expired. I am not willing to replace it as of now.

I did not have any of previously said extensions.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-07-2014 01

Ran by Test at 2014-07-18 23:51:40 Run:2

Running from C:\Documents and Settings\Test\Desktop

Boot Mode: Normal

 

==============================================

 

Content of fixlist:

*****************

start

C:\Documents and Settings\Jayson\Local Settings\Application Data\Coupon Companion => Moved successfully.

C:\Documents and Settings\Jayson_2\Application Data\Systweak => Moved successfully.

C:\Documents and Settings\Jayson_2\Application Data\Zeag => Moved successfully.

 

==== End of Fixlog ====

 

Farbar Service Scanner Version: 10-06-2014
Ran by Test (administrator) on 19-07-2014 at 00:09:03
Running from "C:\Documents and Settings\Test\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is unreachable
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall" registry value does not exist.
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed
C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
C:\WINDOWS\system32\netman.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\srsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed
C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\wuauserv.dll => File is digitally signed
C:\WINDOWS\system32\qmgr.dll => File is digitally signed
C:\WINDOWS\system32\es.dll => File is digitally signed
C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
 
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4) 
0x09000000050000000100000002000000030000000400000008000000060000000700000009000000
IpSec Tag value is correct.
 
**** End of log ****

Edited by xplocast1, 18 July 2014 - 12:13 PM.

  • 0

#23
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson,

Please provide an update on your computer after carrying out the following steps.

  • Are you able to enter Safe Mode or not?
  • Are you experiencing any issues with Internet connectivity?
     

I can not enable Norton, it is beyond expired. I am not willing to replace it as of now.

Accessing the Internet without an active anti-virus is inadvisable. I can recommend some free alternatives towards the end.
 

I did not have any of previously said extensions.

Okay, that is fine.

STEP 1
zrguS2W.png Tweaking Registry Backup

  • Please download Tweaking.com Registry Backup and save the file to your desktop.
  • Double-click on the file and follow the prompts.
  • Once installed, double-click on the Tweaking.com Registry Backup icon.
  • The tool should automatically open to the Backup Registry tab. If not, click the Backup Registry tab.
  • Press Backup Now.
  • Once complete, the tool will tell you that Successful */* Files Backed Up.
  • You have now successfully backed up your Registry.
     

STEP 2
GIRjHjL.png Reg Fix

  • Press the Windows Key pdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=dword:00000001
  • Click Format. Ensure Wordwrap is unchecked.
  • Click File, Save As and name the file regfix.reg.
  • Select All Files as the Save as type.
  • Save the file to your desktop.
  • Locate regfix.reg on your desktop. Right-click the file and click Merge with the Registry.
  • Accept any prompts.
  • Reboot your computer for the changes to take effect.
  • Please re-run Farbar Service Scanner (FSS) and post the log generated.
     

STEP 3
rzqZvBe.png MiniToolBox

  • Please download MiniToolBox and save the file to your desktop.
  • Close any open windows.
  • Double-click MiniToolBox.exe to run the programme.
  • Check the following items:
    • njvAG80.png
    • 6N6QY9z.png
    • zmWTIXg.png
    • VAFn5gg.png
    • AtULTyM.png
    • 4roTXa5.png
    • kLju9nY.png
    • chxHkm0.png
    • 6KiAnDw.png
    • bKYHfhP.png
    • rO2mCup.png & Ii0HSu5.png
  • Click 9Z8u2SR.png.
  • A log (Result.txt) will be created on your desktop. Copy the contents of the log and paste in your next reply.
     

======================================================

STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did the .reg file merge successfully?
  • FSS.txt
  • Result.txt
  • Update on computer

  • 0

#24
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

The file did merge successfully.

 

 

Farbar Service Scanner Version: 10-06-2014
Ran by Test (administrator) on 19-07-2014 at 05:23:26
Running from "C:\Documents and Settings\Test\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\afd.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\netbt.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\tcpip.sys => File is digitally signed
C:\WINDOWS\system32\Drivers\ipsec.sys => File is digitally signed
C:\WINDOWS\system32\dnsrslvr.dll => File is digitally signed
C:\WINDOWS\system32\ipnathlp.dll => File is digitally signed
C:\WINDOWS\system32\netman.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\srsvc.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\sr.sys => File is digitally signed
C:\WINDOWS\system32\wscsvc.dll => File is digitally signed
C:\WINDOWS\system32\wbem\WMIsvc.dll => File is digitally signed
C:\WINDOWS\system32\wuauserv.dll => File is digitally signed
C:\WINDOWS\system32\qmgr.dll => File is digitally signed
C:\WINDOWS\system32\es.dll => File is digitally signed
C:\WINDOWS\system32\cryptsvc.dll => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
 
Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) SYMTDI(8) Tcpip(4) 
0x09000000050000000100000002000000030000000400000008000000060000000700000009000000
IpSec Tag value is correct.
 
**** End of log ****
 
MiniToolBox by Farbar  Version: 06-07-2014
Ran by Test (administrator) on 19-07-2014 at 05:26:32
Running from "C:\Documents and Settings\Test\Desktop"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Disconnected)
NVIDIA nForce MCP Networking Controller = Local Area Connection (Disconnected)
XPC 802.11b/g Wireless Kit = Wireless Network Connection 3 (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection 3"
 
set address name="Wireless Network Connection 3" source=dhcp 
set dns name="Wireless Network Connection 3" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 3" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : JAYSON
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : hsd1.ut.comcast.net.
 
 
 
Ethernet adapter Wireless Network Connection 3:
 
 
 
        Connection-specific DNS Suffix  . : hsd1.ut.comcast.net.
 
        Description . . . . . . . . . . . : XPC 802.11b/g Wireless Kit #2
 
        Physical Address. . . . . . . . . : 00-03-1B-58-09-16
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.0.109
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.0.1
 
        DHCP Server . . . . . . . . . . . : 192.168.0.1
 
        DNS Servers . . . . . . . . . . . : 192.168.0.1
 
        Lease Obtained. . . . . . . . . . : Saturday, July 19, 2014 5:22:54 AM
 
        Lease Expires . . . . . . . . . . : Sunday, July 20, 2014 5:22:54 AM
 
Server:  dlinkrouter.hsd1.ut.comcast.net
Address:  192.168.0.1
 
Name:    google.com
Addresses:  74.125.239.137, 74.125.239.135, 74.125.239.130, 74.125.239.142
 74.125.239.129, 74.125.239.131, 74.125.239.134, 74.125.239.128, 74.125.239.133
 74.125.239.132, 74.125.239.136
 
 
 
Pinging google.com [74.125.239.136] with 32 bytes of data:
 
 
 
Reply from 74.125.239.136: bytes=32 time=38ms TTL=55
 
Reply from 74.125.239.136: bytes=32 time=55ms TTL=55
 
 
 
Ping statistics for 74.125.239.136:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 38ms, Maximum = 55ms, Average = 46ms
 
Server:  dlinkrouter.hsd1.ut.comcast.net
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
 
 
Reply from 206.190.36.45: bytes=32 time=55ms TTL=49
 
Reply from 206.190.36.45: bytes=32 time=57ms TTL=49
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 55ms, Maximum = 57ms, Average = 56ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 03 1b 58 09 16 ...... XPC 802.11b/g Wireless Kit #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.109  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.0.0    255.255.255.0    192.168.0.109   192.168.0.109  25
    192.168.0.109  255.255.255.255        127.0.0.1       127.0.0.1  25
    192.168.0.255  255.255.255.255    192.168.0.109   192.168.0.109  25
        224.0.0.0        240.0.0.0    192.168.0.109   192.168.0.109  25
  255.255.255.255  255.255.255.255    192.168.0.109   192.168.0.109  1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/16/2014 08:55:30 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 03:02:40 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 01:25:28 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/16/2014 01:16:02 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 11:11:18 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:41:09 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:28:57 AM) (Source: Application Error) (User: )
Description: Faulting application aswMBR.exe, version 1.0.1.2041, faulting module aswMBR.exe, version 1.0.1.2041, fault address 0x000059d0.
Processing media-specific event for [aswMBR.exe!ws!]
 
Error: (07/15/2014 03:06:51 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 03:05:15 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
Error: (07/15/2014 02:48:48 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts.  This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.
 
 
System errors:
=============
Error: (07/19/2014 04:05:31 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (07/18/2014 01:01:00 AM) (Source: System Error) (User: )
Description: Error code 1000000a, parameter1 80d50cdc, parameter2 00000002, parameter3 00000000, parameter4 804f97a7.
 
Error: (07/17/2014 04:05:34 AM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
 
Error: (07/16/2014 01:13:53 AM) (Source: 0) (User: )
Description: \Device\Video0displayati2dvag
 
Error: (07/15/2014 02:29:30 AM) (Source: 0) (User: )
Description: \Device\Video0displayati2dvag
 
Error: (07/14/2014 00:23:05 AM) (Source: System Error) (User: )
Description: Error code 100000ea, parameter1 82858428, parameter2 82b8bf60, parameter3 f88c6cb4, parameter4 00000001.
 
Error: (07/09/2014 00:14:02 AM) (Source: System Error) (User: )
Description: Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.
 
Error: (07/09/2014 00:00:17 AM) (Source: 0) (User: )
Description: DATABASE OPEN FAILED
 
Error: (07/08/2014 11:28:20 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0
 
Error: (07/08/2014 11:27:44 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0
 
 
Microsoft Office Sessions:
=========================
Error: (07/16/2014 08:55:30 PM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/16/2014 03:02:40 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/16/2014 01:25:28 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/16/2014 01:16:02 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/15/2014 11:11:18 PM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/15/2014 03:41:09 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/15/2014 03:28:57 AM) (Source: Application Error)(User: )
Description: aswMBR.exe1.0.1.2041aswMBR.exe1.0.1.2041000059d0
 
Error: (07/15/2014 03:06:51 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/15/2014 03:05:15 AM) (Source: WinMgmt)(User: )
Description: 
 
Error: (07/15/2014 02:48:48 AM) (Source: WinMgmt)(User: )
Description: 
 
 
 
=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.3.300.268 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AppCore (Version: 2.0.0.79 - Symantec Corporation) Hidden
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASUS Probe V2.21.08 (HKLM\...\ASUS Probe V2.21.08) (Version:  - )
Backup (Version: 1.0.0.382 - Symantec Corporation) Hidden
Bonus (Version: 2.1.0.55 - Symantec Corporation) Hidden
CC_ccProxyExt (Version: 107.0.5.5 - Symantec) Hidden
ccCommon (Version: 107.0.5.5 - Symantec) Hidden
ccPxyCore (Version: 107.0.5.5 - Symantec) Hidden
CIB (Version: 2.1.0.55 - Symantec Corporation) Hidden
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
DirectX Media Runtime 5.1 (HKLM\...\DirectXMediaRuntime) (Version:  - )
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 26.0.1410.43 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Juno (HKLM\...\{92F36672-245D-11D5-AC74-00105A0CF83E}) (Version:  - Juno Online Services, Inc.)
LEGOLAND (HKLM\...\LEGOLANDDeInstKey) (Version:  - )
Lemonade Tycoon 2 (HKLM\...\Lemonade Tycoon 2) (Version:  - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 6.01.0723.01 - )
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.1.234 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.4.1.238 - Symantec Corporation) Hidden
Managed DirectX (0900) (Version: 4.09.00.0900 - Microsoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 16.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 16.0.2 (x86 en-US)) (Version: 16.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 16.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
MyDSC2 (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.00.000 - )
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51033}) (Version: 7.03.0920 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Norton 360 (Symantec Corporation) (HKLM\...\SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}) (Version: 2.0.0.242 - Symantec Corporation)
Norton 360 (Version: 2.0.0.242 - Symantec Corporation) Hidden
Norton 360 HTMLHelp (Version: 2.0.0.175 - Symantec Corporation) Hidden
Norton Add-on Pack (Symantec Corporation) (HKLM\...\SymSetup.{420F8FCF-8F5E-4518-A5B3-FBBD56B98FEC}) (Version: 2.1.0.55 - Symantec Corporation)
Norton AntiSpam (Version: 2.1.0.55 - Symantec Corporation) Hidden
Norton AntiVirus Help (Version: 15.0 - Symantec Corporation) Hidden
Norton Confidential Core (Version: 2.6.0.3 - Symantec Corporation) Hidden
Norton Security Scan (Symantec Corporation) (HKLM\...\NSSSetup.{3FADAA19-E595-44CA-A072-58B6B0851768}) (Version: 2.0.0 - Symantec Corporation)
Norton Security Scan (Version: 2.0.0 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA System Utility (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Utility (Version: 1.00.0000 - NVIDIA Corporation) Hidden
Parental Control (Version: 2.1.0.55 - Symantec Corporation) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
QuickTime (HKLM\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
QuickTime 3.0 (HKLM\...\QuickTime 3.0) (Version:  - )
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Shockwave (HKLM\...\Shockwave) (Version:  - )
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
SPBBC 32bit (Version: 4.1.0.15 - Symantec Corporation) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec Real Time Storage Protection Component (Version: 10.2.3.9 - Symantec Corporation) Hidden
Symantec Technical Support Controls (Version: 3.5.3 - Symantec Corporation) Hidden
SymNet (Version: 8.0.3.4 - Symantec Corporation) Hidden
The Sims 2 (HKLM\...\{40C03514-89C3-41BA-0090-3B440256DB87}) (Version:  - )
Trainz Driver - North American Edition (HKLM\...\{884CF242-39EC-4AB3-8785-13948CC89B94}) (Version: 1.00.000 - )
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB894391) (HKLM\...\KB894391) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB900485) (HKLM\...\KB900485) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB904942) (HKLM\...\KB904942) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB908531) (HKLM\...\KB908531) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB910437) (HKLM\...\KB910437) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB911164) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB911280) (HKLM\...\KB911280) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB916595) (HKLM\...\KB916595) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB920872) (HKLM\...\KB920872) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB922582) (HKLM\...\KB922582) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925720) (HKLM\...\KB925720) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB925876) (HKLM\...\KB925876) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB930916) (HKLM\...\KB930916) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB932823-v3) (HKLM\...\KB932823-v3) (Version: 3 - Microsoft Corporation)
Update for Windows XP (KB938828) (HKLM\...\KB938828) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version:  - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Format SDK Hotfix - KB891122 (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Hotfix - KB873339 (HKLM\...\KB873339) (Version: 20041117.092459 - Microsoft Corporation)
Windows XP Hotfix - KB885835 (HKLM\...\KB885835) (Version: 20041027.181713 - Microsoft Corporation)
Windows XP Hotfix - KB885836 (HKLM\...\KB885836) (Version: 20041028.173203 - Microsoft Corporation)
Windows XP Hotfix - KB886185 (HKLM\...\KB886185) (Version: 20041021.090540 - Microsoft Corporation)
Windows XP Hotfix - KB887472 (HKLM\...\KB887472) (Version: 20041014.162858 - Microsoft Corporation)
Windows XP Hotfix - KB888302 (HKLM\...\KB888302) (Version: 20041207.111426 - Microsoft Corporation)
Windows XP Hotfix - KB890859 (HKLM\...\KB890859) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB891781 (HKLM\...\KB891781) (Version: 20050110.165439 - Microsoft Corporation)
Zoo Tycoon 2 - Ultimate Collection (HKLM\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (Version: 1.00.0000 - Microsoft Game Studios) Hidden
 
========================= Devices: ================================
 
Name: NVIDIA nForce MCP Networking Controller
Description: NVIDIA nForce MCP Networking Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Nvidia
Service: NVENET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: RAID Controller
Description: RAID Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
**** End of log ****
 

  • 0

#25
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts

I can not get into Safe Mode. It freezes(?) on the bootup(?). a list of drivers(?) scrolls up the screen.

The bottom one says..

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\System32\Drivers\Mup.sys

 

I have no problems with my internet on the device.


  • 0

Advertisements


#26
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson,
 
This issue may indicate a hard drive problem. I do not believe it is malware-related.
 
xMgeHyNE.png.pagespeed.ic.49_rDPUa_4.png CHKDSK

  • Click Start and type CMD in the Search Bar. Open CMD.exe.
  • In the command window type the following and press Enter on your keyboard.
    chkdsk c: /r
  • If you are prompted to schedule CHKDSK to run the next time the computer restarts, type y and press Enter on your keyboard.
  • Type Exit and press Enter on your keyboard.
  • Restart your computer. CHKDSK will automatically run.
  • Note: This process can take up to an hour
  • Upon completion, and once you are back into Windows, press the Windows Key xpdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time. Type eventvwr.msc and click OK.
  • Once opened, click Windows Logs followed by Application. In the 3rd column on the right-hand pane, locate and click Source
  • Scroll through the column and locate the most recent entry (depending on your Operating System):
    • Winlogon (Windows XP)
    • Wininit (Windows Vista/7)
    • Chkdsk (Windows W8)
  • Double-click the entry, click Copy and paste in your next reply.

  • 0

#27
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 7/20/2014
Time: 3:25:21 AM
User: N/A
Computer: JAYSON
Description:
Checking file system on C:
The type of the file system is NTFS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
Cleaning up 1 unused index entries from index $SII of file 0x9.
Cleaning up 1 unused index entries from index $SDH of file 0x9.
Cleaning up 1 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
 
  78140128 KB total disk space.
  25586808 KB in 62614 files.
     21256 KB in 9812 indexes.
         0 KB in bad sectors.
    259832 KB in use by the system.
     65536 KB occupied by the log file.
  52272232 KB available on disk.
 
      4096 bytes in each allocation unit.
  19535032 total allocation units on disk.
  13068058 allocation units available on disk.
 
Internal Info:
90 e2 02 00 f5 1a 01 00 c1 8c 01 00 00 00 00 00  ................
89 01 00 00 02 00 00 00 d4 03 00 00 00 00 00 00  ................
e6 6f dd 03 00 00 00 00 10 dc be 40 00 00 00 00  [email protected]
44 6d c1 05 00 00 00 00 52 32 3e 67 03 00 00 00  Dm......R2>g....
d4 bd ac c3 02 00 00 00 8a 2c 85 7c 06 00 00 00  .........,.|....
99 9e 36 00 00 00 00 00 a0 39 07 00 96 f4 00 00  ..6......9......
00 00 00 00 00 e0 b1 19 06 00 00 00 54 26 00 00  ............T&..
 
Windows has finished checking your disk.
Please wait while your computer restarts.
 
 
For more information, see Help and Support Center at http://go.microsoft....link/events.asp.

  • 0

#28
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson,
 
The CHKDSK log indicates that your Hard Drive is OK.
 
Please remove all removable media (USB drives, CD/DVDs, etc) from the machine, and attempt to boot into Safe Mode. Let me know if you receive the same error or not. If you receive the error, please carry out the following FRST Script as instructed in STEP 1. If you do not receive the error, please skip STEP 1.
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37"
    Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys"
    Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader"
    Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot"
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Double-click FRST.exe to run the programme.
  • Click Fix.
  • Upon completion, your computer will reboot. If not, please manually reboot.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your desktop.
  • Double-click AdwCleaner.exe to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files prior to running JRT.
  • Double-click JRT.exe to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Copy the contents of JRT.txt and paste in your next reply.
     

======================================================

STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Do you still receive the Safe Mode error having removed all removable media?
  • (Fixlog.txt - if applicable)
  • AdwCleaner[S0].txt
  • JRT.txt

  • 0

#29
xplocast1

xplocast1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
No it still will not work. i removed all cds and dvds, and all usbs.
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:14-07-2014 01
Ran by Test at 2014-07-21 03:27:47 Run:3
Running from C:\Documents and Settings\Test\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
start
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader"
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot"
end
*****************
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37" =========
 
 
Permanently delete the registry key SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37 (Y/N)? 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys" =========
 
 
Permanently delete the registry key SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys (Y/N)? 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader" =========
 
 
Permanently delete the registry key SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader (Y/N)? 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot" =========
 
 
Permanently delete the registry key SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot (Y/N)? 
The operation completed successfully
 
 
========= End of Reg: =========
 
 
==== End of Fixlog ====
 
# AdwCleaner v3.216 - Report created 21/07/2014 at 03:37:53
# Updated 17/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Test - JAYSON
# Running from : C:\Documents and Settings\Test\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\speedypc software
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Jayson\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Documents and Settings\Jayson_2\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\Jayson_2\Application Data\speedypc software
File Deleted : C:\Documents and Settings\Jayson\Application Data\Mozilla\Firefox\Profiles\pntesn1b.default\Extensions\[email protected]
File Deleted : C:\Documents and Settings\Jayson\Application Data\Mozilla\Firefox\Profiles\pntesn1b.default\searchplugins\search-here.xml
File Deleted : C:\Documents and Settings\Jayson\Application Data\Mozilla\Firefox\Profiles\pntesn1b.default\user.js
File Deleted : C:\Documents and Settings\Jayson_2\Application Data\Mozilla\Firefox\Profiles\2zss4rw9.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\speedypc software
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v7.0.6000.17055
 
 
-\\ Google Chrome v26.0.1410.43
 
[ File : C:\Documents and Settings\Jayson\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Homepage] : hxxp://www.searchnu.com/406
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
 
[ File : C:\Documents and Settings\Jayson_2\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
 
[ File : C:\Documents and Settings\Test\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
 
*************************
 
AdwCleaner[R0].txt - [3836 octets] - [21/07/2014 03:34:55]
AdwCleaner[S0].txt - [3839 octets] - [21/07/2014 03:37:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3899 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Test on Mon 07/21/2014 at  3:45:52.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\boost_interprocess"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cdjbnddbclciabnckgeahmneohjlahdm
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pbkdpahkifcigckmhiafindmaflfifgm
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/21/2014 at  3:56:16.00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#30
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Jayson,
 
As previously mentioned, I don't believe your issue with Safe Mode is malware-related. I'd like to proceed with the following malware scans to ensure no malware is present on your computer. Once confirmed, I'll direct you to a subforum where you can receive non-malware assistance on fixing the issue with your Safe Mode. 
 
STEP 1
CXrghb6.png Update/Remove Java

  • Download the latest version of j8JVMVP.jpg Java from here.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for and uninstall the following programmes (if present):
    • Java 7 Update 9
    • Java™ 6 Update 31
    • JavaFX 2.1.1 
       

STEP 2
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Please download Malwarebytes Anti-Malware Free to your desktop.
  • Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. 
  • Launch the programme and select Update.
  • Once updated, click the Settings tab and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 3
GzlsbnV.png ESET Online Scan
Note: This scan will take a significant amount of time to complete. Please do not browse the Internet whilst your resident protection is disabled.

  • Please download ESET Online Scan and save the file to your desktop.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then press Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settingsPlace a checkmark next to Scan archivesScan for potentially unsafe applications and Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your desktop, naming it something unique such as MyEsetScan.
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did Java update/remove successfully? 
  • MBAM Scan log
  • ESET Online Scan log

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP