Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lots of spyware malware [Solved]

Started by newcomer21 , Aug 09 2014 04:01 PM

  • This topic is locked This topic is locked

#1
newcomer21
Posted 09 August 2014 - 04:01 PM

newcomer21

    Member

  • Member
  • PipPipPip
  • 121 posts

The computer was receiving a BSOD and could not get it to boot at all even in safe mode.  So I did a repair with Windows disk and was able to repair the computer to be able to boot again.  When I finally got back in I downloaded MBAM and it found over 200 infections.  Allowed it to deal with those.  Then I downloaded Avast and did a boot scan and it found lots more.  All those were "moved to chest".  I tried to uninstall Microsoft Essentials but it said it was missing package so I couldn't get it to uninstall.  I assumed that package would be in the sp3 download.  I need to install sp3 since I had to do the repair and I thought I needed to make sure system was clean before doing that.  Here are the OTL logs.  Thanks for you help.

 

OTL logfile created on: 8/9/2014 4:15:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Documents and Settings\ShaReda Coleman\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.86% Memory free
3.84 Gb Paging File | 3.19 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): d:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 11.84 Gb Total Space | 9.70 Gb Free Space | 81.92% Space Free | Partition Type: NTFS
Drive D: | 38.78 Gb Total Space | 20.87 Gb Free Space | 53.83% Space Free | Partition Type: NTFS
 
Computer Name: SC-DALG4WVDDC4I | User Name: ShaReda Coleman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/09 16:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
PRC - [2014/08/08 22:52:29 | 004,085,896 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/08/08 22:51:45 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2013/02/04 12:24:12 | 000,620,480 | ---- | M] (Oberon Media ) -- D:\Program Files\GamesBar\update\SearchEngineProtection.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/07/13 19:17:11 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012/01/20 21:03:48 | 000,719,672 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2005/02/23 15:57:24 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- D:\Program Files\Creative\Mixer\CTSVolFE.exe
PRC - [2004/08/04 07:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/09 14:52:40 | 002,795,520 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\defs\14080901\algo.dll
MOD - [2014/08/08 22:51:48 | 019,329,904 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/08/08 22:51:46 | 000,301,152 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/07/13 19:17:14 | 002,003,424 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/10/04 22:42:36 | 000,086,016 | ---- | M] () -- D:\WINDOWS\system32\custmon32i.dll
MOD - [2007/10/09 19:17:44 | 000,139,264 | ---- | M] () -- D:\WINDOWS\system32\preflib.dll
MOD - [2007/10/09 19:17:36 | 000,753,664 | ---- | M] () -- D:\WINDOWS\system32\bcm1xsup.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2014/08/08 22:51:45 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/08/08 19:42:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/13 19:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- D:\DOCUME~1\SHARED~1\LOCALS~1\Temp\10072.sys -- (10072)
DRV - [2014/08/09 13:44:31 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/08/08 22:52:24 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/08/08 22:51:50 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/08/08 22:51:50 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/08/08 22:51:50 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/08/08 22:51:50 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/08/08 22:51:50 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/08/08 22:51:50 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/08/08 22:51:50 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/08 18:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- D:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys -- (ccSet_NST)
DRV - [2007/10/09 19:17:42 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/26 21:09:40 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006/11/21 04:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/01/04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/05/25 17:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 18:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 18:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}: "URL" = http://www.google.co...g}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.gamesag...play.com/?o=shp
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {89C9B53A-7A2E-4582-AD42-8035C7C098E3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2FDF580B-CCA1-4486-B170-BEDBFEEADC7A}: "URL" = http://websearch.ask...91-25FCF541B9EA
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.gamesag...q={searchTerms}
IE - HKCU\..\SearchScopes\{805A9C4F-9C99-47CE-AD38-33AE2AAAECF2}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{89C9B53A-7A2E-4582-AD42-8035C7C098E3}: "URL" = http://search.yahoo....310,16665,0,8,0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: [email protected]:9.0.2021.112
FF - prefs.js..keyword.URL: "http://search.mywebs...491&searchfor="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: D:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/08 22:51:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012/11/25 01:45:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012/09/18 18:31:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\FriendsChecker\Firefox\
 
[2012/07/30 18:14:03 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Extensions
[2014/08/09 16:10:27 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\extensions
[2012/11/14 21:11:17 | 000,002,336 | ---- | M] () -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml
[2012/08/19 14:17:57 | 000,002,220 | ---- | M] () -- D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml
[2012/07/30 18:13:53 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions
[2014/08/08 22:51:51 | 000,000,000 | ---D | M] (avast! Online Security) -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/07/13 19:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- D:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/24 22:59:28 | 000,002,465 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/24 22:59:28 | 000,002,253 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: www.google.com
 
O1 HOSTS File: ([2003/07/16 11:23:48 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSVolFE.exe] D:\Program Files\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [MSC] d:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2] D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [SearchEngineProtection] D:\Program Files\GamesBar\update\SearchEngineProtection.exe (Oberon Media )
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.0.53 24.116.2.50
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EBF4130B-D8A8-433E-B085-AF3B6CA6038C}: DhcpNameServer = 24.116.0.53 24.116.2.50
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: D:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/29 21:33:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell - "" = AutoRun
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0c3163ea-ea30-11e1-9711-0015c5b24a23}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell - "" = AutoRun
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{81df65e7-e58e-11e1-9702-0015c5b24a23}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/09 16:14:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
[2014/08/08 23:12:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2014/08/08 22:59:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\jumpshot.com
[2014/08/08 22:52:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/08/08 22:52:03 | 000,057,800 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 22:52:01 | 000,779,536 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 22:52:01 | 000,414,520 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 22:52:00 | 000,067,824 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 22:51:58 | 000,055,112 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 22:51:53 | 000,276,432 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 22:51:49 | 000,043,152 | ---- | C] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 22:45:28 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2014/08/08 22:44:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/08/08 22:32:49 | 000,000,000 | ---D | C] -- D:\Avenger
[2014/08/08 20:44:53 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/08 20:44:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/08 20:44:16 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/08/08 20:44:16 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2014/08/08 20:44:16 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes Anti-Malware
[2014/08/08 20:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/08/08 19:00:57 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2014/08/08 18:55:53 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\CatRoot_bak
[2014/08/08 17:55:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2014/08/08 17:49:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\Prefetch
[2014/08/08 17:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2014/08/08 17:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2014/08/08 17:46:23 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rw330ext.dll
[2014/08/08 17:44:29 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[9 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/09 16:21:00 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/08/09 16:14:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
[2014/08/09 16:10:31 | 000,001,801 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/08/09 16:09:06 | 000,001,919 | ---- | M] () -- D:\WINDOWS\epplauncher.mif
[2014/08/09 16:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At42.job
[2014/08/09 15:58:05 | 000,000,904 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/09 15:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At41.job
[2014/08/09 14:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At40.job
[2014/08/09 13:44:31 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/09 13:44:00 | 000,000,414 | ---- | M] () -- D:\WINDOWS\tasks\ProgramUpdateCheck.job
[2014/08/09 13:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At39.job
[2014/08/09 12:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At38.job
[2014/08/09 11:00:00 | 000,000,426 | ---- | M] () -- D:\WINDOWS\tasks\PC Optimizer Pro Scan.job
[2014/08/09 11:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At37.job
[2014/08/09 10:52:02 | 000,000,382 | -H-- | M] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/09 10:50:04 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2014/08/09 10:49:02 | 000,000,900 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/09 10:48:59 | 000,000,490 | ---- | M] () -- D:\WINDOWS\tasks\ParetoLogic Update Version3 Startup Task.job
[2014/08/09 10:48:59 | 000,000,430 | ---- | M] () -- D:\WINDOWS\tasks\PC Optimizer Pro startups.job
[2014/08/09 10:48:48 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2014/08/09 08:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At34.job
[2014/08/09 07:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At33.job
[2014/08/09 06:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At32.job
[2014/08/09 05:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At31.job
[2014/08/09 04:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At30.job
[2014/08/09 03:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At29.job
[2014/08/09 02:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At28.job
[2014/08/09 01:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At27.job
[2014/08/09 00:39:10 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At26.job
[2014/08/08 23:18:04 | 000,439,874 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2014/08/08 23:18:03 | 000,071,006 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2014/08/08 22:52:49 | 000,001,733 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/08 22:52:24 | 000,414,520 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 22:51:50 | 000,779,536 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 22:51:50 | 000,192,352 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 22:51:50 | 000,067,824 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 22:51:50 | 000,057,800 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 22:51:50 | 000,055,112 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 22:51:50 | 000,049,944 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 22:51:50 | 000,024,184 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 22:51:49 | 000,276,432 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 22:51:49 | 000,043,152 | ---- | M] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 22:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At48.job
[2014/08/08 21:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At47.job
[2014/08/08 20:44:26 | 000,000,777 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 20:25:01 | 000,000,414 | ---- | M] () -- D:\WINDOWS\tasks\At1.job
[2014/08/08 20:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At46.job
[2014/08/08 19:58:00 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/08/08 19:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At45.job
[2014/08/08 18:17:24 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2014/08/08 18:00:00 | 000,000,464 | ---- | M] () -- D:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/08/08 18:00:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At44.job
[2014/08/08 17:50:01 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At49.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At43.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At36.job
[2014/08/08 17:50:00 | 000,000,418 | ---- | M] () -- D:\WINDOWS\tasks\At35.job
[2014/08/08 17:49:21 | 000,317,952 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2014/08/08 17:48:04 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 17:48:00 | 000,000,288 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2014/08/08 17:43:16 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2014/08/08 17:43:14 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2014/08/08 17:43:14 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2014/08/08 17:42:54 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2014/08/08 17:39:22 | 000,022,720 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[9 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/08/08 22:52:49 | 000,001,733 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/08 22:52:16 | 000,000,382 | -H-- | C] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/08 22:52:02 | 000,192,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 22:52:00 | 000,049,944 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 22:51:59 | 000,024,184 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 20:44:26 | 000,000,777 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 20:25:01 | 000,000,062 | ---- | C] () -- D:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/08/08 17:48:06 | 000,013,006 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 17:46:13 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2014/08/08 17:45:39 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2014/08/08 17:45:27 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2014/08/08 17:45:26 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2014/08/08 17:45:23 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2014/08/08 17:45:07 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2014/08/08 17:44:57 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2014/08/08 17:44:51 | 000,094,208 | ---- | C] () -- D:\WINDOWS\System32\dllcache\fpencode.dll
[2014/08/08 17:44:33 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2014/08/08 17:41:37 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/08/08 17:23:48 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2014/08/08 17:23:48 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2014/08/08 17:23:48 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2014/08/08 17:23:48 | 000,141,702 | ---- | C] () -- D:\WINDOWS\System32\dllcache\netfx.cat
[2014/08/08 17:23:48 | 000,110,116 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tabletpc.cat
[2014/08/08 17:23:48 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2014/08/08 17:23:48 | 000,031,965 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mediactr.cat
[2014/08/08 17:23:48 | 000,031,281 | ---- | C] () -- D:\WINDOWS\System32\dllcache\FP4.CAT
[2014/08/08 17:23:48 | 000,024,209 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn7.cat
[2014/08/08 17:23:48 | 000,013,753 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IMS.CAT
[2014/08/08 17:23:48 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2014/08/08 17:23:48 | 000,011,651 | ---- | C] () -- D:\WINDOWS\System32\dllcache\msn9.cat
[2014/08/08 17:23:48 | 000,009,581 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2014/08/08 17:23:48 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2014/08/08 17:23:48 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2014/08/08 17:23:48 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2014/08/08 17:23:48 | 000,007,245 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2014/08/08 17:23:47 | 002,012,670 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5.CAT
[2014/08/08 17:23:47 | 000,502,724 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013/04/15 11:01:29 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\1AVSYdaJ.dat
[2013/04/15 11:01:13 | 000,000,001 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\edd47P0X.exe_.b
[2013/04/15 11:01:13 | 000,000,001 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\edd47P0X.exe.b
[2013/04/14 21:09:29 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\acrobat.exe
[2013/04/14 21:09:28 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe
[2013/04/03 20:26:49 | 000,105,324 | ---- | C] () -- D:\WINDOWS\System32\itusbcore.dat
[2013/04/03 20:26:49 | 000,000,197 | ---- | C] () -- D:\WINDOWS\System32\itlsvc.dat
[2013/04/03 20:22:42 | 000,235,000 | ---- | C] () -- D:\WINDOWS\System32\adodbupd.dat
[2013/03/17 20:41:13 | 000,066,048 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2013/02/09 22:38:56 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/09/23 17:56:34 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/19 14:17:30 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\custmon32i.dll
[2012/08/12 16:47:37 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v4814.dll
[2012/08/10 21:12:52 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
 
========== ZeroAccess Check ==========
 
[2013/04/14 21:09:41 | 000,002,048 | -HS- | M] () -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\@
[2013/04/14 21:13:52 | 000,000,000 | -HSD | M] -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\L
[2014/08/09 10:48:20 | 000,000,000 | -HSD | M] -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\U
[2013/04/17 18:25:35 | 000,000,804 | ---- | M] () -- D:\RECYCLER\S-1-5-18\$ac87065e10e5fd268e3a2c7a1bc4aa35\L\00000004.@
[2012/07/30 22:16:48 | 000,000,227 | RHS- | M] () -- D:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = D:\RECYCLER\S-1-5-21-1708537768-1563985344-1801674531-1003\$ac87065e10e5fd268e3a2c7a1bc4aa35\n.
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004/08/04 07:00:00 | 001,483,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\fastprox.dll -- [2004/08/04 07:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = D:\WINDOWS\system32\wbem\wbemess.dll -- [2004/08/04 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/03/17 20:35:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/01/13 15:28:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\APN
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Avanquest
[2014/08/08 22:45:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/08/19 14:16:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Babylon
[2012/07/30 20:43:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Broderbund Software
[2013/02/21 18:27:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Browser Manager
[2012/08/13 17:13:54 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/11 09:49:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DriverGenius
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF 7
[2012/09/01 21:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF Jobs
[2013/01/20 21:59:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\FilesOpened
[2013/02/04 12:24:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Oberon Media
[2012/11/25 01:00:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\ParetoLogic
[2013/03/03 07:43:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
[2014/08/08 18:42:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\RegWork
[2014/08/08 18:45:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Tarma Installer
[2014/08/08 23:12:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2012/08/19 14:16:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Babylon
[2012/12/29 18:46:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\com.jakks.spynet
[2012/11/25 01:01:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\DriverCure
[2014/08/09 08:41:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\DSite
[2013/02/04 12:24:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\encyclopediabritannicagamesbar
[2013/04/07 18:51:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\EurekaLog
[2012/09/01 21:28:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Expert PDF 7
[2014/08/08 22:32:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
[2013/04/15 11:28:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Fuetla
[2013/02/04 22:42:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\gamesagogo_w3i
[2014/08/08 22:27:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Ippe
[2013/04/03 20:26:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Izec
[2012/08/26 14:48:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\MusicOasis
[2013/02/04 12:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oberon Media
[2012/07/30 21:27:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oracle
[2013/02/18 21:25:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\PDF Reader Packages
[2012/11/05 16:39:39 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\PerformerSoft
[2013/02/18 21:26:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\SumatraPDF
[2013/04/03 20:22:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Taeq
[2012/08/26 14:53:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VideoBuzz
[2013/02/04 12:24:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VisicomToolBar
[2014/08/08 18:04:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
[2014/08/08 22:27:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Xoagek
 
========== Purity Check ==========
 
 

< End of report >
 

 

OTL Extras logfile created on: 8/9/2014 4:15:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Documents and Settings\ShaReda Coleman\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.99 Gb Total Physical Memory | 1.21 Gb Available Physical Memory | 60.86% Memory free
3.84 Gb Paging File | 3.19 Gb Available in Paging File | 83.21% Paging File free
Paging file location(s): d:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 11.84 Gb Total Space | 9.70 Gb Free Space | 81.92% Space Free | Partition Type: NTFS
Drive D: | 38.78 Gb Total Space | 20.87 Gb Free Space | 53.83% Space Free | Partition Type: NTFS
 
Computer Name: SC-DALG4WVDDC4I | User Name: ShaReda Coleman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\System32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\VTech\Community\System\PCTray.exe" = D:\Program Files\VTech\Community\System\PCTray.exe:*:Disabled:Vtech local server
"D:\WINDOWS\explorer.exe" = D:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer -- (Microsoft Corporation)
"C:\Microsoft_SDK\lib\include\iexploror.exe" = C:\Microsoft_SDK\lib\include\iexploror.exe:*:Enabled:iexploror
"D:\Program Files\Internet Explorer\IEXPLORE.EXE" = D:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"D:\Program Files\Mozilla Firefox\firefox.exe" = D:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"D:\Program Files\Google\Chrome\Application\chrome.exe" = D:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0564C76B-8E1F-4157-8654-B0F9F308BEE9}" = HP Deskjet 3050 J610 series Basic Device Software
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612B9183-67A9-4B44-9877-2F059E35B86A}" = Broadcom 440x 10/100 Integrated Controller
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{683214A6-4003-4C57-B55E-079FD77A185F}" = The Print Shop Deluxe 15 EEV
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{856480C9-2428-15E1-97BC-685EE2A7B8E6}" = MusicOasis
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{F2BBDD5D-7959-4F64-8737-F568092433F6}" = VideoBuzz
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = Expert PDF 7 Reader
"4569969E1360D2854474C661EF9B4D54F143EB16" = Windows Driver Package - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04)
"7-Zip" = 7-zip v9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avast" = avast! Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CTMBDemo_Audigy" = Sound Blaster Audigy ADVANCED MB Demo
"Dual Mode Camera_is1" = Uninstall Dual Mode Camera
"Files Opened" = Files Opened
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MIXERLITE" = Mixer
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MusicOasis" = MusicOasis
"NST" = Norton Safe Web Lite
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Creator" = PDF Creator
"SAMB_ADVMB_FILTER_DRV" = Sound Blaster ADVANCED MB Drivers
"Shockwave" = Shockwave
"Trusted Software Assistant_is1" = File Type Assistant
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PDF Reader" = PDF Reader
"PDF Reader Packages" = PDF Reader Packages
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 8/8/2014 11:31:01 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:04 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:05 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:07 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:08 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:08 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:13 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:31:19 PM | Computer Name = SC-DALG4WVDDC4I | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.2180, faulting
 module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
 
Error - 8/8/2014 11:42:02 PM | Computer Name = SC-DALG4WVDDC4I | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF56 Description:.  0x8004FF56.
 
Error - 8/9/2014 5:09:07 PM | Computer Name = SC-DALG4WVDDC4I | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x8004FF56 Description:.  0x8004FF56.
 
[ System Events ]
Error - 8/9/2014 3:49:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
 the following error:   %%126
 
Error - 8/9/2014 3:50:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
 with DCOM within the required timeout.
 
Error - 8/9/2014 3:50:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
 the following error:   %%126
 
Error - 8/9/2014 3:50:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
 with DCOM within the required timeout.
 
Error - 8/9/2014 3:50:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
 the following error:   %%126
 
Error - 8/9/2014 3:51:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
 with DCOM within the required timeout.
 
Error - 8/9/2014 3:51:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
 the following error:   %%126
 
Error - 8/9/2014 3:51:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
 with DCOM within the required timeout.
 
Error - 8/9/2014 3:51:33 AM | Computer Name = SC-DALG4WVDDC4I | Source = Service Control Manager | ID = 7023
Description = The Background Intelligent Transfer Service service terminated with
 the following error:   %%126
 
Error - 8/9/2014 3:52:03 AM | Computer Name = SC-DALG4WVDDC4I | Source = DCOM | ID = 10010
Description = The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register
 with DCOM within the required timeout.
 
 
< End of report >
 


  • 0

Advertisements

#2
Essexboy
Posted 10 August 2014 - 06:27 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, it looks as though you have an old zero access infection

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
NSIS_extraction.png
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
  • Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
    3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


    Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

  • 0

#3
newcomer21
Posted 10 August 2014 - 12:58 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Computer is running much smoother.  I would like to get sp3 installed.  Here is the log.

 

Thanks for you help,

 

ComboFix 14-08-06.02 - ShaReda Coleman 08/10/2014   9:32.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.2038.1206 [GMT -5:00]
Running from: d:\documents and settings\ShaReda Coleman\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\All Users\Application Data\edd47P0X.exe.b
d:\documents and settings\All Users\Application Data\edd47P0X.exe_.b
d:\program files\TelevisionFanaticEI
d:\program files\TelevisionFanaticEI\Installr\Cache\files.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FASTFREECONVERTERUPDT
.
.
(((((((((((((((((((((((((   Files Created from 2014-07-10 to 2014-08-10  )))))))))))))))))))))))))))))))
.
.
2014-08-09 23:53 . 2014-06-06 04:39    46704    ----a-w-    d:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2014-08-09 23:53 . 2014-06-06 04:38    93808    ----a-w-    d:\program files\Mozilla Firefox\webapprt-stub.exe
2014-08-09 23:53 . 2014-06-06 04:38    170960    ----a-w-    d:\program files\Mozilla Firefox\webapp-uninstaller.exe
2014-08-09 23:53 . 2014-06-06 04:38    28272    ----a-w-    d:\program files\Mozilla Firefox\plugin-hang-ui.exe
2014-08-09 23:53 . 2014-06-06 04:38    822384    ----a-w-    d:\program files\Mozilla Firefox\icuuc52.dll
2014-08-09 23:53 . 2014-06-06 04:38    1022576    ----a-w-    d:\program files\Mozilla Firefox\icuin52.dll
2014-08-09 23:53 . 2014-06-06 04:38    10594416    ----a-w-    d:\program files\Mozilla Firefox\icudt52.dll
2014-08-09 23:53 . 2014-06-06 04:38    75376    ----a-w-    d:\program files\Mozilla Firefox\breakpadinjector.dll
2014-08-09 04:12 . 2014-08-09 04:12    --------    d-----w-    d:\documents and settings\ShaReda Coleman\Application Data\AVAST Software
2014-08-09 03:59 . 2014-08-09 03:59    --------    d-----w-    d:\windows\jumpshot.com
2014-08-09 03:52 . 2014-08-09 03:51    57800    ----a-w-    d:\windows\system32\drivers\aswTdi.sys
2014-08-09 03:52 . 2014-08-09 03:51    192352    ----a-w-    d:\windows\system32\drivers\aswVmm.sys
2014-08-09 03:52 . 2014-08-09 03:52    414520    ----a-w-    d:\windows\system32\drivers\aswsp.sys
2014-08-09 03:52 . 2014-08-09 03:51    779536    ----a-w-    d:\windows\system32\drivers\aswSnx.sys
2014-08-09 03:52 . 2014-08-09 03:51    67824    ----a-w-    d:\windows\system32\drivers\aswMonFlt.sys
2014-08-09 03:52 . 2014-08-09 03:51    49944    ----a-w-    d:\windows\system32\drivers\aswRvrt.sys
2014-08-09 03:51 . 2014-08-09 03:51    24184    ----a-w-    d:\windows\system32\drivers\aswHwid.sys
2014-08-09 03:51 . 2014-08-09 03:51    55112    ----a-w-    d:\windows\system32\drivers\aswRdr.sys
2014-08-09 03:51 . 2014-08-09 03:51    276432    ----a-w-    d:\windows\system32\aswBoot.exe
2014-08-09 03:51 . 2014-08-09 03:51    43152    ----a-w-    d:\windows\avastSS.scr
2014-08-09 03:45 . 2014-08-09 03:45    --------    d-----w-    d:\program files\AVAST Software
2014-08-09 03:44 . 2014-08-09 03:45    --------    d-----w-    d:\documents and settings\All Users\Application Data\AVAST Software
2014-08-09 01:44 . 2014-08-09 18:44    110296    ----a-w-    d:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-09 01:44 . 2014-08-09 03:28    --------    d-----w-    d:\program files\Malwarebytes Anti-Malware
2014-08-09 01:44 . 2014-08-09 01:44    --------    d-----w-    d:\documents and settings\All Users\Application Data\Malwarebytes
2014-08-09 01:44 . 2014-05-12 12:26    53208    ----a-w-    d:\windows\system32\drivers\mbamchameleon.sys
2014-08-09 01:44 . 2014-05-12 12:25    23256    ----a-w-    d:\windows\system32\drivers\mbam.sys
2014-08-08 23:55 . 2014-08-08 23:55    --------    d-----w-    d:\windows\system32\CatRoot_bak
2014-08-08 22:57 . 2014-08-08 22:57    --------    d-----w-    d:\program files\GUM1D59.tmp
2014-08-08 22:47 . 2004-08-04 12:00    41600    -c--a-w-    d:\windows\system32\dllcache\weitekp9.dll
2014-08-08 22:47 . 2004-08-04 12:00    31232    -c--a-w-    d:\windows\system32\dllcache\weitekp9.sys
2014-08-08 22:45 . 2004-08-04 12:00    98304    -c--a-w-    d:\windows\system32\dllcache\msir3jp.dll
2014-08-08 22:44 . 2004-08-04 12:00    39936    -c--a-w-    d:\windows\system32\dllcache\hostmib.dll
2014-08-08 22:43 . 2001-08-18 03:36    5632    -c--a-w-    d:\windows\system32\dllcache\EXCH_adsiisex.dll
2014-08-08 22:41 . 2004-08-04 12:00    16384    -c--a-w-    d:\windows\system32\dllcache\isignup.exe
2014-08-08 22:41 . 2004-08-04 12:00    16384    ----a-w-    d:\program files\Internet Explorer\Connection Wizard\isignup.exe
2014-08-08 22:40 . 2004-08-04 12:00    32768    -c--a-w-    d:\windows\system32\dllcache\icwdl.dll
2014-08-08 22:40 . 2004-08-04 12:00    32768    ----a-w-    d:\program files\Internet Explorer\Connection Wizard\icwdl.dll
2014-08-08 22:40 . 2004-08-04 12:00    20480    -c--a-w-    d:\windows\system32\dllcache\inetwiz.exe
2014-08-08 22:40 . 2004-08-04 12:00    20480    ----a-w-    d:\program files\Internet Explorer\Connection Wizard\inetwiz.exe
2014-08-08 22:40 . 2004-08-04 12:00    86016    -c--a-w-    d:\windows\system32\dllcache\icwconn2.exe
2014-08-08 22:40 . 2004-08-04 12:00    86016    ----a-w-    d:\program files\Internet Explorer\Connection Wizard\icwconn2.exe
2014-08-08 22:40 . 2004-08-04 12:00    214528    -c--a-w-    d:\windows\system32\dllcache\icwconn1.exe
2014-08-08 22:40 . 2004-08-04 12:00    214528    ----a-w-    d:\program files\Internet Explorer\Connection Wizard\icwconn1.exe
2014-08-08 22:24 . 2004-08-04 12:00    24661    -c--a-w-    d:\windows\system32\dllcache\spxcoins.dll
2014-08-08 22:24 . 2004-08-04 12:00    24661    ----a-w-    d:\windows\system32\spxcoins.dll
2014-08-08 22:24 . 2004-08-04 12:00    13312    -c--a-w-    d:\windows\system32\dllcache\irclass.dll
2014-08-08 22:24 . 2004-08-04 12:00    13312    ----a-w-    d:\windows\system32\irclass.dll
2014-08-08 22:23 . 2004-08-04 12:00    13753    ----a-r-    d:\windows\SETE0.tmp
2014-08-08 22:23 . 2004-08-04 12:00    1086058    ----a-r-    d:\windows\SETD4.tmp
2014-08-08 22:23 . 2004-08-04 12:00    1042903    ----a-r-    d:\windows\SETD1.tmp
2014-08-08 22:23 . 2014-08-08 22:23    --------    d-s---w-    d:\windows\system32\config\systemprofile\History
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-09 00:42 . 2012-08-01 03:29    71344    ----a-w-    d:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-09 00:42 . 2012-08-01 03:29    699056    ----a-w-    d:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-09 03:51    578240    ----a-w-    d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="d:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-21 719672]
"SearchEngineProtection"="d:\program files\GamesBar\update\SearchEngineProtection.exe" [2013-02-04 620480]
"GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2"="d:\program files\Google\Chrome\Application\chrome.exe" [2014-07-15 860488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="d:\windows\System32\WLTRAY.exe" [2007-10-10 2183168]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"CTSVolFE.exe"="d:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"Persistence"="d:\windows\system32\igfxpers.exe" [2007-03-31 138008]
"APSDaemon"="d:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"MSC"="d:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"SigmatelSysTrayApp"="d:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"AvastUI.exe"="d:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-09 4085896]
.
d:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - d:\program files\Digital Line Detect\DLG.exe [2012-8-12 24576]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R0 aswRvrt;avast! Revert;d:\windows\system32\drivers\aswRvrt.sys [8/8/2014 10:52 PM 49944]
R0 aswVmm;avast! VM Monitor;d:\windows\system32\drivers\aswVmm.sys [8/8/2014 10:52 PM 192352]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [8/8/2014 10:52 PM 779536]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswsp.sys [8/8/2014 10:52 PM 414520]
R2 aswHwid;avast! HardwareID;d:\windows\system32\drivers\aswHwid.sys [8/8/2014 10:51 PM 24184]
R2 aswMonFlt;aswMonFlt;d:\windows\system32\drivers\aswMonFlt.sys [8/8/2014 10:52 PM 67824]
R2 NSL;Norton Safe Web Lite;d:\program files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [9/20/2012 6:05 PM 138760]
R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [8/8/2014 8:44 PM 23256]
S1 ccSet_NST;Norton Safe Web Lite Settings Manager;d:\windows\system32\drivers\NST\0200000.010\ccSetx86.sys [9/20/2012 6:05 PM 132744]
S2 10072;10072;\??\d:\docume~1\SHARED~1\LOCALS~1\Temp\10072.sys --> d:\docume~1\SHARED~1\LOCALS~1\Temp\10072.sys [?]
S2 IUNP;Intel® Management Services;d:\windows\System32\svchost.exe -k IUNSO [8/4/2004 7:00 AM 14336]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes Anti-Malware\mbamservice.exe [8/8/2014 8:44 PM 860472]
S4 MBAMScheduler;MBAMScheduler;d:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [8/8/2014 8:44 PM 1809720]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-09 04:59    1104200    ----a-w-    d:\program files\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-10 d:\windows\Tasks\Adobe Flash Player Updater.job
- d:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-01 00:42]
.
2014-08-09 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2014-08-10 d:\windows\Tasks\avast! Emergency Update.job
- d:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-09 03:51]
.
2014-08-10 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-09-18 23:30]
.
2014-08-10 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2012-09-18 23:30]
.
2014-08-10 d:\windows\Tasks\ProgramUpdateCheck.job
- d:\program files\File Type Assistant\tsassist.exe [2012-08-25 17:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.gamesagogo.iplay.com/?o=shp
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - d:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 24.116.0.53 24.116.2.50
FF - ProfilePath - d:\documents and settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ind=2012112422&id=Z7xdm050YYus&ptnrS=Z7xdm050YYus&si=4491&searchfor=
FF - ExtSQL: 2014-08-08 22:51; [email protected]; d:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2014-08-09 18:51; [email protected]; d:\documents and settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\extensions\[email protected]
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
SafeBoot-MsMpSvc
AddRemove-PDF Creator - d:\program\uninstpw.exe
AddRemove-PDF Reader - d:\program files\PDFReader\Uninstall\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-10 10:17
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: SAMSUNG_HM060HI rev.YD100-15 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
.
device: opened successfully
user: MBR read successfully
error: Read  A device attached to the system is not functioning.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x893942E2
user & kernel MBR OK
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NSL]
"ImagePath"="\"d:\program files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"d:\program files\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(912)
d:\windows\System32\BCMLogon.dll
.
------------------------ Other Running Processes ------------------------
.
d:\program files\AVAST Software\Avast\AvastSvc.exe
d:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
d:\windows\System32\WLTRYSVC.EXE
d:\windows\System32\bcmwltry.exe
d:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
d:\windows\system32\wscntfy.exe
d:\program files\iPod\bin\iPodService.exe
d:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2014-08-10  10:25:51 - machine was rebooted
ComboFix-quarantined-files.txt  2014-08-10 15:25
.
Pre-Run: 22,090,883,072 bytes free
Post-Run: 24,541,794,304 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin
.
- - End Of File - - 81CB0CC93100F1E17385AC65B0169550
8F558EB6672622401DA993E1E865C861
 


  • 0

#4
Essexboy
Posted 10 August 2014 - 02:00 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that should be the main bad boy out of the way, lets now attack the rest

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#5
newcomer21
Posted 10 August 2014 - 02:56 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-08-2014 01
Ran by ShaReda Coleman (administrator) on SC-DALG4WVDDC4I on 10-08-2014 15:43:17
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
(Symantec Corporation) D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
() D:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) D:\WINDOWS\system32\BCMWLTRY.EXE
(Yahoo! Inc.) D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Dell Inc.) D:\WINDOWS\system32\WLTRAY.EXE
(Sun Microsystems, Inc.) D:\Program Files\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) D:\Program Files\Creative\Mixer\CTSVolFE.exe
(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) D:\Program Files\Microsoft Security Client\msseces.exe
(SigmaTel, Inc.) D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Oberon Media ) D:\Program Files\GamesBar\update\SearchEngineProtection.exe
(BVRP Software) D:\Program Files\Digital Line Detect\DLG.exe
(Apple Inc.) D:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) D:\WINDOWS\system32\wbem\unsecapp.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1708537768-1563985344-1801674531-1003\...\Run: [OfficeSyncProcess] => D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-1563985344-1801674531-1003\...\Run: [SearchEngineProtection] => D:\Program Files\GamesBar\update\SearchEngineProtection.exe [620480 2013-02-04] (Oberon Media )
HKU\S-1-5-21-1708537768-1563985344-1801674531-1003\...\Run: [GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2] => D:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> D:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gamesag...play.com/?o=shp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
SearchScopes: HKCU - DefaultScope {89C9B53A-7A2E-4582-AD42-8035C7C098E3} URL = http://search.yahoo....310,16665,0,8,0
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {2FDF580B-CCA1-4486-B170-BEDBFEEADC7A} URL = http://websearch.ask...91-25FCF541B9EA
SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.gamesag...q={searchTerms}
SearchScopes: HKCU - {89C9B53A-7A2E-4582-AD42-8035C7C098E3} URL = http://search.yahoo....310,16665,0,8,0
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ ´Ñ;áa´[¦†8 º~RÙxœòÜ8'£-)x­ä­ URL =
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO: Norton Safe Web Lite BHO -> {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} -> D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Safe Web Lite - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Winsock: Catalog5 01 D:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50

FireFox:
========
FF ProfilePath: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ind=2012112422&id=Z7xdm050YYus&ptnrS=Z7xdm050YYus&si=4491&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> D:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\user.js
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml
FF Extension: Firefox Old Version Update Hotfix - D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\Extensions\[email protected] [2014-08-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-31]
FF HKLM\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - D:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF HKLM\...\Firefox\Extensions: [[email protected]] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-08]
FF HKCU\...\Firefox\Extensions: [[email protected]] - D:\Program Files\FriendsChecker\Firefox

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultNewTabURL:
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-08]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-08] (AVAST Software)
S2 IUNP; D:\WINDOWS\System32\svchost.exe [14336 2004-08-04] (Microsoft Corporation)
R2 JavaQuickStarterService; D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S4 MBAMScheduler; D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NSL; D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 wltrysvc; D:\WINDOWS\System32\bcmwltry.exe [1921024 2007-10-09] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; D:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-08] ()
R2 aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-08] (AVAST Software)
R1 aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-08] (AVAST Software)
R0 aswRvrt; D:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-08] ()
R1 aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-08] (AVAST Software)
R1 aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-08] (AVAST Software)
R1 aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-08] (AVAST Software)
R0 aswVmm; D:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-08] ()
R3 BCM43XX; D:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1123328 2007-10-09] (Broadcom Corp.)
S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
S1 ccSet_NST; D:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys [132744 2011-08-08] (Symantec Corporation)
R3 CTUSFSYN; D:\WINDOWS\System32\drivers\ctusfsyn.sys [158464 2005-05-25] (Creative Technology Ltd.)
S3 JL2005C; D:\WINDOWS\System32\Drivers\jl2005c.sys [68954 2007-01-26] (Windows ® 2000 DDK provider) [File not signed]
R3 MBAMProtector; D:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 monfilt; D:\WINDOWS\System32\drivers\monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S0 MpFilter; D:\WINDOWS\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
S3 Secdrv; D:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
R3 STHDA; D:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S2 10072; \??\D:\DOCUME~1\SHARED~1\LOCALS~1\Temp\10072.sys [X]
R3 catchme; \??\D:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-04] (Microsoft Corporation)
U3 mbr; \??\D:\DOCUME~1\SHARED~1\LOCALS~1\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 15:43 - 2014-08-10 15:44 - 00014484 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.txt
2014-08-10 15:43 - 2014-08-10 15:43 - 00000000 ____D () D:\FRST
2014-08-10 15:41 - 2014-08-10 15:42 - 01091072 _____ (Farbar) D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.exe
2014-08-10 10:25 - 2014-08-10 15:44 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00016745 _____ () D:\ComboFix.txt
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\NetworkService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\LocalService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\Default User\Local Settings\temp
2014-08-10 10:11 - 2014-08-10 10:11 - 00008192 ____H () D:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-08-10 10:11 - 2014-08-10 10:11 - 00000000 ____H () D:\WINDOWS\system32\config\SAM.tmp.LOG
2014-08-10 09:17 - 2011-06-26 01:45 - 00256000 _____ () D:\WINDOWS\PEV.exe
2014-08-10 09:17 - 2010-11-07 12:20 - 00208896 _____ () D:\WINDOWS\MBR.exe
2014-08-10 09:17 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) D:\WINDOWS\NIRCMD.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) D:\WINDOWS\SWREG.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) D:\WINDOWS\SWSC.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) D:\WINDOWS\SWXCACLS.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00098816 _____ () D:\WINDOWS\sed.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00080412 _____ () D:\WINDOWS\grep.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00068096 _____ () D:\WINDOWS\zip.exe
2014-08-10 09:16 - 2014-08-10 10:26 - 00000000 ____D () D:\Qoobox
2014-08-10 09:16 - 2014-08-10 10:22 - 00000000 ____D () D:\WINDOWS\erdnt
2014-08-10 09:15 - 2014-08-10 09:15 - 05568206 ____R (Swearware) D:\Documents and Settings\ShaReda Coleman\Desktop\ComboFix.exe
2014-08-09 16:43 - 2014-08-09 16:43 - 00088916 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.Txt
2014-08-09 16:43 - 2014-08-09 16:43 - 00039766 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\Extras.Txt
2014-08-09 16:14 - 2014-08-09 16:14 - 00602112 _____ (OldTimer Tools) D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
2014-08-08 23:12 - 2014-08-08 23:12 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
2014-08-08 22:59 - 2014-08-08 22:59 - 00000000 ____D () D:\WINDOWS\jumpshot.com
2014-08-08 22:52 - 2014-08-10 10:52 - 00000382 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-08 22:52 - 2014-08-08 22:52 - 00414520 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-08 22:52 - 2014-08-08 22:52 - 00001733 _____ () D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-08-08 22:52 - 2014-08-08 22:52 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-08 22:52 - 2014-08-08 22:51 - 00779536 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00192352 _____ () D:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00067824 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00057800 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00049944 _____ () D:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00276432 _____ (AVAST Software) D:\WINDOWS\system32\aswBoot.exe
2014-08-08 22:51 - 2014-08-08 22:51 - 00055112 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00043152 _____ (AVAST Software) D:\WINDOWS\avastSS.scr
2014-08-08 22:51 - 2014-08-08 22:51 - 00024184 _____ () D:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () D:\Program Files\AVAST Software
2014-08-08 22:44 - 2014-08-08 22:45 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-08 20:44 - 2014-08-09 13:44 - 00110296 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 20:44 - 2014-08-08 22:28 - 00000000 ____D () D:\Program Files\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000777 _____ () D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-08 20:44 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-08 20:44 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\mbam.sys
2014-08-08 20:25 - 2014-08-08 20:25 - 00000062 _____ () D:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-08-08 19:43 - 2014-08-08 19:49 - 331805736 _____ (Microsoft Corporation) D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
2014-08-08 19:00 - 2014-08-08 20:00 - 00000000 __HDC () D:\WINDOWS\$NtServicePackUninstall$
2014-08-08 18:55 - 2014-08-08 18:55 - 00000000 ____D () D:\WINDOWS\system32\CatRoot_bak
2014-08-08 18:01 - 2014-08-08 18:01 - 00001446 _____ () D:\WINDOWS\COM+.log
2014-08-08 17:57 - 2014-08-08 17:57 - 00000000 ____D () D:\Program Files\GUM1D59.tmp
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () D:\WINDOWS\system32\appmgmt
2014-08-08 17:48 - 2014-08-08 17:48 - 00013006 _____ () D:\WINDOWS\system32\wpa.bak
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winzm.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winsp.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winpy.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00079360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winar30.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00069120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wingb.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00065536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winime.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00041600 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\weitekp9.dll
2014-08-08 17:47 - 2004-08-04 07:00 - 00031232 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\weitekp9.sys
2014-08-08 17:47 - 2004-08-04 07:00 - 00028288 ____C () D:\WINDOWS\system32\dllcache\xjis.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00571392 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintlgnt.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00482304 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlgnt.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00456704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smtpsvc.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00455168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintsetp.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00426041 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\voicepad.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00363520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3svc.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00358400 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpincl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00259072 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpcl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00236544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smi2smir.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00229439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\multibox.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00188416 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpsmir.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00185344 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\thawbrkr.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00175104 ____C () D:\WINDOWS\system32\dllcache\pintlcsa.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00143422 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\softkey.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00131584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxviceo.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00111104 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mtstocom.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00103424 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\uihelper.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00101376 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\srusbusd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00086073 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\voicesub.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00083748 ____C () D:\WINDOWS\system32\dllcache\prcp.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00083748 ____C () D:\WINDOWS\system32\dllcache\prc.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00079872 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rwia330.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00079872 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rwia001.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00079360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\phon.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00077824 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\quick.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00076800 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wam51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00076288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\uniime.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00073728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00070144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlphr.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00067584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmigrate.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00065024 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\unicdime.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00053760 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlcsd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00053248 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamreg51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00053248 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\nextlink.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00048256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w32.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\svcext51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sspifilt.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00045056 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ssinc51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00044544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\nsepm.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00044032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintlphr.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00040448 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpthrd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00038912 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm9aw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00036927 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs411.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00032768 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmp.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smb6w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sma3w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pagecnt.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031232 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tools.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00030208 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm87w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00030208 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm81w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00029184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8cw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rw330ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm93w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm92w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm90w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8dw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8aw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm89w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\romanime.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00025088 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm59w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00024576 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\rw001ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00021896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdipx.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00020992 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\permchk.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00020736 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ramdisk.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00019464 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdspx.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\simptcp.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00016896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\status.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\quser.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smierrsm.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs404.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00015360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs804.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00014848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\register.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tsprof.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs412.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00013192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdasync.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00011264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxmcro.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tmigrate.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpstup.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00009728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\query.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamps51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmptrap.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pwsdata.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpmib.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxgl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3svapi.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smimsgif.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smierrsy.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00004608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3ctrs51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00004096 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\rpcref.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_seos.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2014-08-08 17:46 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 13463552 ____C () D:\WINDOWS\system32\dllcache\hwxjpn.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 10129408 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hwxkor.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 10096640 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hwxcht.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 01875968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\msir3jp.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 01158818 ____C () D:\WINDOWS\system32\dllcache\korwbrkr.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 00811064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjp81k.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00716856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpcus.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00471102 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imskdic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00368696 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpcic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00340023 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjp81.ime
2014-08-08 17:45 - 2004-08-04 07:00 - 00315452 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imskf.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00311359 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imepadsv.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00307257 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdct.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00274489 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjputyc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00268288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpext.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00262200 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjputy.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00257024 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infocomm.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00233527 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjprw.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00208952 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpmig.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00196665 ____C () D:\WINDOWS\system32\dllcache\imjpinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00155705 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdsvr.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00145408 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iische51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00134339 ____C () D:\WINDOWS\system32\dllcache\imekr.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 00106496 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrcic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00102463 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imepadsm.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00102456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imlang.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00098304 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\msir3jp.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00094720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekr61.ime
2014-08-08 17:45 - 2004-08-04 07:00 - 00092416 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mga.sys
2014-08-08 17:45 - 2004-08-04 07:00 - 00092032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mga.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00086016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrmbx.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00085504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\metada51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00081976 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdct.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00079872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iislog51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00070656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\korwbrkr.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00061440 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpod51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00060928 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisclex4.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00059904 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imkrinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00059392 ____C () D:\WINDOWS\system32\dllcache\imscinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00057398 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdadm.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00047066 ____C () D:\WINDOWS\system32\dllcache\ksc.nls
2014-08-08 17:45 - 2004-08-04 07:00 - 00045109 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpuex.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00044032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrmig.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00037888 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\md5filt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00035328 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iprip.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00033792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lmmib2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mdsync.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iscomlog.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00025088 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisadmin.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00022528 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lpdsvc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00022016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\logscrpt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iiscrmap.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lprmon.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00018432 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\jupiw.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetin51.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lonsint.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnecat.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iwrps.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infoctrs.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00008192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpmb51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\migregdb.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnecnt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnec95.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdibm02.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isapips.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisfecnv.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdlk41a.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iissync.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth3.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdlk41j.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinpun.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdax2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd106n.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd101a.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd101.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdvntc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdusa.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdurdu.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth0.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdsyr2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdsyr1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdintel.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdintam.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinmar.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinkan.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinhin.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinguj.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdindev.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdheb.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdfa.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbddiv2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbddiv1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda3.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdgeo.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdarmw.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdarme.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00003584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iismui.dll
2014-08-08 17:45 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 01677824 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chsbrkr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00838144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtbrkr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00562176 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsst.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00480256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintsetp.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00452096 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsapi.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00400384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsxp32.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00397312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxstiff.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00369664 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\asp51.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00331264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\aqueue.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00285184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscomex.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00267776 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxssvc.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00246272 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxst30.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00229376 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscover.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00218112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_g18030.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00198656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintime.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00195618 ____C () D:\WINDOWS\system32\dllcache\c_10002.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00192512 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxswzrd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00189986 ____C () D:\WINDOWS\system32\dllcache\c_1361.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00187938 ____C () D:\WINDOWS\system32\dllcache\c_20005.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00186402 ____C () D:\WINDOWS\system32\dllcache\c_20001.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00185378 ____C () D:\WINDOWS\system32\dllcache\c_20003.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180770 ____C () D:\WINDOWS\system32\dllcache\c_20932.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180258 ____C () D:\WINDOWS\system32\dllcache\c_20004.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180258 ____C () D:\WINDOWS\system32\dllcache\c_20000.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00177698 ____C () D:\WINDOWS\system32\dllcache\c_20949.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00177698 ____C () D:\WINDOWS\system32\dllcache\c_10003.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_20936.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_20002.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_10008.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173568 ____C () D:\WINDOWS\system32\dllcache\chtskf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00162850 ____C () D:\WINDOWS\system32\dllcache\c_10001.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00154112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsui.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00143360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsclnt.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00132608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsclntr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00125952 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpsv251.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00111104 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscfgwz.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00108827 ____C () D:\WINDOWS\system32\dllcache\hanja.lex
2014-08-08 17:44 - 2004-08-04 07:00 - 00108544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\appconf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00101888 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntagnt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00097792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtmbx.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00092160 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntwin.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00082172 ____C () D:\WINDOWS\system32\dllcache\bopomofo.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00078848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\dayi.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00078336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chajei.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00072192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscom.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00066728 ____C () D:\WINDOWS\system32\dllcache\big5.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_864.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_862.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_858.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_720.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_870.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_708.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_28596.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_21027.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_21025.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20924.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20880.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20871.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20838.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20833.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20424.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20423.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20420.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20297.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20290.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20285.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20284.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20280.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20278.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20277.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20273.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20269.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20108.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20107.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20106.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20105.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1149.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1148.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1147.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1146.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1145.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1144.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1143.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1142.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1141.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1140.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1047.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10021.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10005.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10004.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00057856 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esuimgd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00057399 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cplexe.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00056320 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\convlog.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00056320 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtskdic.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00055296 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsevent.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00054528 ____C (Philips Semiconductors GmbH) D:\WINDOWS\system32\dllcache\cap7146.sys
2014-08-08 17:44 - 2004-08-04 07:00 - 00045568 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\browscap.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00045056 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esunid.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00042496 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\davcdata.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00039936 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hostmib.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00036864 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hanjadic.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00033792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\controt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00032256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\gzip.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00031744 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esucmd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsroute.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00029184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\asptxn.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00027136 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsdrv.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00025856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\et4000.sys
2014-08-08 17:44 - 2004-08-04 07:00 - 00024064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntcmd.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00024064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\compfilt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00023552 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsmon.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00023552 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsext32.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00021504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintlgnt.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00020480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\counters.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0804.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0412.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0411.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt040d.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0404.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0401.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cprofile.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chgport.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00014848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\flattemp.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\exstrace.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chgusr.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chglogon.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00011264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxssend.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00010752 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_iscii.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\aspperf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00009728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\change.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\authfilt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsperf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpctrs2.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\f3ahvoas.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsres.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_is2022.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpmib.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftlx041e.dll
2014-08-08 17:44 - 2003-03-24 16:52 - 00094208 ____C () D:\WINDOWS\system32\dllcache\fpencode.dll
2014-08-08 17:44 - 2003-03-24 16:52 - 00024632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpadmcgi.exe
2014-08-08 17:44 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpadmdll.dll
2014-08-08 17:44 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-08-08 17:44 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-08-08 17:43 - 2014-08-08 17:43 - 00262144 _____ () D:\WINDOWS\system32\config\userdifr
2014-08-08 17:43 - 2014-08-08 17:43 - 00001024 ____H () D:\WINDOWS\system32\config\userdifr.LOG
2014-08-08 17:43 - 2004-08-04 07:00 - 00829440 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetmgr.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00290816 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\adsiis51.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00275968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\certwiz.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00169984 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisui.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00133632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrtl.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00094720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\certmap.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00076800 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\logui.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00076288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cnfgprts.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00068608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isatq.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00068608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisext51.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00064512 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iismap.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00049664 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\adrot.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\coadmin.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00043520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admwprox.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00030720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrstas.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00029696 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admexs.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00019968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetsloc.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisreset.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infoadmn.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00008192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\staxmem.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetmgr.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamregps.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpsapi2.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admxprox.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrstap.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00876653 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4awel.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00598071 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpmmc.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00184435 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4amsft.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00208896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpmmcsat.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00188494 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpcount.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00188480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cfgwiz.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00147513 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4apws.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00109328 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp98swin.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00102509 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4atxt.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00082035 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4anscp.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00049212 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4awebs.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00049210 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4areg.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00041020 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4avnb.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00032827 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tcptest.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00032826 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4avss.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpexedll.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\author.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admin.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020538 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpremadm.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00020536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\shtml.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\author.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admin.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016437 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\shtml.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tcptsat.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00014608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp98sadm.exe
2014-08-08 17:43 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-08-08 17:41 - 2014-08-08 17:41 - 00000786 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\WindowsShell.Manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\sapi.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\nwc.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\ncpa.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000488 ___RH () D:\WINDOWS\system32\logonui.exe.manifest
2014-08-08 17:41 - 2004-08-04 07:00 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isignup.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00214528 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwconn1.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00086016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwconn2.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00032768 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwdl.dll
2014-08-08 17:40 - 2004-08-04 07:00 - 00020480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetwiz.exe
2014-08-08 17:24 - 2004-08-04 07:00 - 00024661 ____C (Perle Systems Ltd.) D:\WINDOWS\system32\dllcache\spxcoins.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00024661 _____ (Perle Systems Ltd.) D:\WINDOWS\system32\spxcoins.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\irclass.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00013312 _____ (Microsoft Corporation) D:\WINDOWS\system32\irclass.dll
2014-08-08 17:23 - 2014-08-08 20:00 - 00409357 _____ () D:\WINDOWS\setupapi.log
2014-08-08 17:23 - 2004-08-04 07:00 - 02012670 ____C () D:\WINDOWS\system32\dllcache\NT5.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 01086058 ____R () D:\WINDOWS\SETD4.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 01086058 ____C () D:\WINDOWS\system32\dllcache\NTPRINT.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 01042903 ____R () D:\WINDOWS\SETD1.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 01042903 ____C () D:\WINDOWS\system32\dllcache\SP2.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00797189 ____C () D:\WINDOWS\system32\dllcache\NT5IIS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00502724 ____C () D:\WINDOWS\system32\dllcache\NT5INF.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00399645 ____C () D:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00141702 ____C () D:\WINDOWS\system32\dllcache\netfx.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00110116 ____C () D:\WINDOWS\system32\dllcache\tabletpc.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00037484 ____C () D:\WINDOWS\system32\dllcache\MW770.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00031965 ____C () D:\WINDOWS\system32\dllcache\mediactr.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00031281 ____C () D:\WINDOWS\system32\dllcache\FP4.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00024209 ____C () D:\WINDOWS\system32\dllcache\msn7.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00013753 ____R () D:\WINDOWS\SETE0.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 00013753 ____C () D:\WINDOWS\system32\dllcache\IMS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00013472 ____C () D:\WINDOWS\system32\dllcache\HPCRDP.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00011651 ____C () D:\WINDOWS\system32\dllcache\msn9.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00009581 ____C () D:\WINDOWS\system32\dllcache\MSMSGS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00008574 ____C () D:\WINDOWS\system32\dllcache\IASNT4.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00007382 ____C () D:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00007334 ____C () D:\WINDOWS\system32\dllcache\wmerrenu.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00007245 ____C () D:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\software.tmp.LOG
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\default.tmp.LOG
2014-08-08 12:20 - 2014-08-08 12:20 - 00000000 ____H () D:\WINDOWS\system32\config\system.tmp.LOG

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 15:44 - 2014-08-10 15:43 - 00014484 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.txt
2014-08-10 15:44 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\temp
2014-08-10 15:43 - 2014-08-10 15:43 - 00000000 ____D () D:\FRST
2014-08-10 15:42 - 2014-08-10 15:41 - 01091072 _____ (Farbar) D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.exe
2014-08-10 15:23 - 2012-07-30 13:06 - 00522627 _____ () D:\WINDOWS\WindowsUpdate.log
2014-08-10 15:21 - 2012-07-31 22:29 - 00000830 _____ () D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 14:58 - 2012-09-18 18:30 - 00000904 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 14:49 - 2012-07-30 18:13 - 00000000 ____D () D:\Program Files\Mozilla Firefox
2014-08-10 13:55 - 2012-07-30 18:18 - 00001919 _____ () D:\WINDOWS\epplauncher.mif
2014-08-10 13:44 - 2012-08-25 13:34 - 00000414 _____ () D:\WINDOWS\Tasks\ProgramUpdateCheck.job
2014-08-10 11:34 - 2013-02-09 22:38 - 00000664 _____ () D:\WINDOWS\system32\d3d9caps.dat
2014-08-10 10:52 - 2014-08-08 22:52 - 00000382 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-10 10:26 - 2014-08-10 09:16 - 00000000 ____D () D:\Qoobox
2014-08-10 10:25 - 2014-08-10 10:25 - 00016745 _____ () D:\ComboFix.txt
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\NetworkService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\LocalService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\Default User\Local Settings\temp
2014-08-10 10:22 - 2014-08-10 09:16 - 00000000 ____D () D:\WINDOWS\erdnt
2014-08-10 10:21 - 2012-07-29 21:41 - 00032504 _____ () D:\WINDOWS\SchedLgU.Txt
2014-08-10 10:18 - 2003-07-16 11:41 - 00000227 _____ () D:\WINDOWS\system.ini
2014-08-10 10:16 - 2012-09-18 18:30 - 00000900 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 10:16 - 2012-07-29 21:33 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT
2014-08-10 10:16 - 2012-07-29 16:13 - 00000159 _____ () D:\WINDOWS\wiadebug.log
2014-08-10 10:16 - 2012-07-29 16:13 - 00000049 _____ () D:\WINDOWS\wiaservc.log
2014-08-10 10:16 - 2003-07-16 11:46 - 00013006 _____ () D:\WINDOWS\system32\wpa.dbl
2014-08-10 10:15 - 2012-07-30 18:13 - 00000000 ____D () D:\Program Files\Mozilla Maintenance Service
2014-08-10 10:15 - 2012-07-29 16:08 - 00524288 _____ () D:\WINDOWS\system32\config\SECURITY.bak
2014-08-10 10:15 - 2012-07-29 16:08 - 00024576 _____ () D:\WINDOWS\system32\config\SAM.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 27525120 _____ () D:\WINDOWS\system32\config\software.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 04980736 _____ () D:\WINDOWS\system32\config\system.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 00786432 _____ () D:\WINDOWS\system32\config\default.bak
2014-08-10 10:14 - 2012-07-29 21:42 - 00000178 ___SH () D:\Documents and Settings\ShaReda Coleman\ntuser.ini
2014-08-10 10:14 - 2012-07-29 21:42 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman
2014-08-10 10:11 - 2014-08-10 10:11 - 00008192 ____H () D:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-08-10 10:11 - 2014-08-10 10:11 - 00000000 ____H () D:\WINDOWS\system32\config\SAM.tmp.LOG
2014-08-10 09:15 - 2014-08-10 09:15 - 05568206 ____R (Swearware) D:\Documents and Settings\ShaReda Coleman\Desktop\ComboFix.exe
2014-08-09 16:43 - 2014-08-09 16:43 - 00088916 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.Txt
2014-08-09 16:43 - 2014-08-09 16:43 - 00039766 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\Extras.Txt
2014-08-09 16:14 - 2014-08-09 16:14 - 00602112 _____ (OldTimer Tools) D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
2014-08-09 16:10 - 2013-03-10 00:44 - 00001801 _____ () D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-08-09 16:10 - 2013-03-03 07:32 - 00000000 ____D () D:\Program Files\FriendsChecker
2014-08-09 16:09 - 2012-09-18 18:35 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Temp
2014-08-09 13:44 - 2014-08-08 20:44 - 00110296 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 08:45 - 2012-07-30 22:16 - 00000000 ____D () D:\WINDOWS\Microsoft.NET
2014-08-09 08:41 - 2013-02-18 21:25 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\DSite
2014-08-08 23:18 - 2012-07-29 16:10 - 00519630 _____ () D:\WINDOWS\system32\PerfStringBackup.INI
2014-08-08 23:12 - 2014-08-08 23:12 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
2014-08-08 22:59 - 2014-08-08 22:59 - 00000000 ____D () D:\WINDOWS\jumpshot.com
2014-08-08 22:52 - 2014-08-08 22:52 - 00414520 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-08 22:52 - 2014-08-08 22:52 - 00001733 _____ () D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-08-08 22:52 - 2014-08-08 22:52 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-08 22:51 - 2014-08-08 22:52 - 00779536 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00192352 _____ () D:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00067824 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00057800 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00049944 _____ () D:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00276432 _____ (AVAST Software) D:\WINDOWS\system32\aswBoot.exe
2014-08-08 22:51 - 2014-08-08 22:51 - 00055112 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00043152 _____ (AVAST Software) D:\WINDOWS\avastSS.scr
2014-08-08 22:51 - 2014-08-08 22:51 - 00024184 _____ () D:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () D:\Program Files\AVAST Software
2014-08-08 22:45 - 2014-08-08 22:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-08 22:33 - 2012-09-18 18:30 - 00000000 ____D () D:\Program Files\Google
2014-08-08 22:32 - 2013-04-14 21:09 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
2014-08-08 22:32 - 2013-02-21 22:16 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Licenses
2014-08-08 22:28 - 2014-08-08 20:44 - 00000000 ____D () D:\Program Files\Malwarebytes Anti-Malware
2014-08-08 22:27 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Xoagek
2014-08-08 22:27 - 2013-04-03 20:22 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Ippe
2014-08-08 20:44 - 2014-08-08 20:44 - 00000777 _____ () D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-08 20:25 - 2014-08-08 20:25 - 00000062 _____ () D:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-08-08 20:02 - 2012-07-30 12:03 - 01022860 _____ () D:\WINDOWS\svcpack.log
2014-08-08 20:02 - 2012-07-29 16:10 - 01023461 _____ () D:\WINDOWS\FaxSetup.log
2014-08-08 20:00 - 2014-08-08 19:00 - 00000000 __HDC () D:\WINDOWS\$NtServicePackUninstall$
2014-08-08 20:00 - 2014-08-08 17:23 - 00409357 _____ () D:\WINDOWS\setupapi.log
2014-08-08 20:00 - 2012-07-30 12:07 - 00000000 ____D () D:\WINDOWS\system32\ReinstallBackups
2014-08-08 20:00 - 2012-07-29 16:10 - 00543670 _____ () D:\WINDOWS\ocgen.log
2014-08-08 19:58 - 2013-03-03 07:31 - 00000284 _____ () D:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-08-08 19:55 - 2012-07-29 16:11 - 00076174 _____ () D:\WINDOWS\MedCtrOC.log
2014-08-08 19:49 - 2014-08-08 19:43 - 331805736 _____ (Microsoft Corporation) D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
2014-08-08 19:42 - 2012-07-31 22:29 - 00699056 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-08 19:42 - 2012-07-31 22:29 - 00071344 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-08 18:55 - 2014-08-08 18:55 - 00000000 ____D () D:\WINDOWS\system32\CatRoot_bak
2014-08-08 18:44 - 2012-08-15 19:24 - 00000000 ____D () D:\Program Files\Yahoo!
2014-08-08 18:44 - 2012-08-15 19:24 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Yahoo!
2014-08-08 18:42 - 2012-11-14 21:10 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\RegWork
2014-08-08 18:42 - 2012-11-14 21:09 - 00000000 ____D () D:\Program Files\RegWork
2014-08-08 18:42 - 2012-09-19 22:49 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Norton
2014-08-08 18:39 - 2012-08-15 19:25 - 00000000 __SHD () D:\WINDOWS\system32\AI_RecycleBin
2014-08-08 18:11 - 2012-09-18 18:30 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Google
2014-08-08 18:11 - 2012-08-11 09:39 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Google
2014-08-08 18:04 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
2014-08-08 18:01 - 2014-08-08 18:01 - 00001446 _____ () D:\WINDOWS\COM+.log
2014-08-08 17:57 - 2014-08-08 17:57 - 00000000 ____D () D:\Program Files\GUM1D59.tmp
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () D:\WINDOWS\system32\appmgmt
2014-08-08 17:51 - 2012-07-29 21:30 - 00000000 ____D () D:\WINDOWS\system32\Restore
2014-08-08 17:49 - 2012-07-30 13:06 - 00090616 _____ () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-08 17:49 - 2012-07-29 21:29 - 00000000 ____D () D:\WINDOWS\Registration
2014-08-08 17:49 - 2012-07-29 16:08 - 00317952 _____ () D:\WINDOWS\system32\FNTCACHE.DAT
2014-08-08 17:49 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\inetsrv
2014-08-08 17:48 - 2014-08-08 17:48 - 00013006 _____ () D:\WINDOWS\system32\wpa.bak
2014-08-08 17:48 - 2012-07-29 16:11 - 00057632 _____ () D:\WINDOWS\ocmsn.log
2014-08-08 17:48 - 2012-07-29 16:11 - 00052101 _____ () D:\WINDOWS\tabletoc.log
2014-08-08 17:48 - 2012-07-29 16:10 - 01297011 _____ () D:\WINDOWS\iis6.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00486224 _____ () D:\WINDOWS\tsoc.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00367301 _____ () D:\WINDOWS\comsetup.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00223488 _____ () D:\WINDOWS\ntdtcsetup.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00004326 _____ () D:\WINDOWS\imsins.log
2014-08-08 17:48 - 2012-07-29 16:09 - 00289903 _____ () D:\WINDOWS\setupact.log
2014-08-08 17:43 - 2014-08-08 17:43 - 00262144 _____ () D:\WINDOWS\system32\config\userdifr
2014-08-08 17:43 - 2014-08-08 17:43 - 00001024 ____H () D:\WINDOWS\system32\config\userdifr.LOG
2014-08-08 17:43 - 2012-07-30 12:11 - 00316640 _____ () D:\WINDOWS\WMSysPr9.prx
2014-08-08 17:43 - 2012-07-30 12:11 - 00004371 _____ () D:\WINDOWS\wmsetup.log
2014-08-08 17:43 - 2012-07-29 21:33 - 00023392 _____ () D:\WINDOWS\system32\nscompat.tlb
2014-08-08 17:43 - 2012-07-29 21:33 - 00016832 _____ () D:\WINDOWS\system32\amcompat.tlb
2014-08-08 17:43 - 2012-07-29 21:33 - 00001607 _____ () D:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00001599 _____ () D:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00001507 _____ () D:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00000792 _____ () D:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00000398 _____ () D:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2014-08-08 17:42 - 2012-07-29 16:10 - 00004161 _____ () D:\WINDOWS\ODBCINST.INI
2014-08-08 17:41 - 2014-08-08 17:41 - 00000786 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\WindowsShell.Manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\sapi.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\nwc.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\ncpa.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000488 ___RH () D:\WINDOWS\system32\logonui.exe.manifest
2014-08-08 17:41 - 2012-07-29 21:32 - 00000488 ___RH () D:\WINDOWS\system32\WindowsLogon.manifest
2014-08-08 17:41 - 2012-07-29 21:31 - 00000749 ___RH () D:\WINDOWS\system32\cdplayer.exe.manifest
2014-08-08 17:41 - 2012-07-29 21:31 - 00000000 ___RD () D:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-08 17:41 - 2012-07-29 21:30 - 00000000 ____D () D:\WINDOWS\srchasst
2014-08-08 17:41 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\Movie Maker
2014-08-08 17:41 - 2012-07-29 15:50 - 00000000 ___RD () D:\WINDOWS\Web
2014-08-08 17:41 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\security
2014-08-08 17:41 - 2003-07-16 11:45 - 00000578 _____ () D:\WINDOWS\win.ini
2014-08-08 17:40 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\Outlook Express
2014-08-08 17:40 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\NetMeeting
2014-08-08 17:40 - 2012-07-29 21:29 - 00002577 _____ () D:\WINDOWS\sessmgr.setup.log
2014-08-08 17:40 - 2012-07-29 21:29 - 00000000 ____D () D:\Program Files\Common Files\System
2014-08-08 17:40 - 2012-07-29 16:11 - 00180106 _____ () D:\WINDOWS\netfxocm.log
2014-08-08 17:40 - 2012-07-29 16:10 - 00052594 _____ () D:\WINDOWS\msgsocm.log
2014-08-08 17:39 - 2012-07-29 21:29 - 00022720 _____ () D:\WINDOWS\system32\emptyregdb.dat
2014-08-08 17:39 - 2012-07-29 21:29 - 00000609 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-08-08 17:39 - 2012-07-29 21:27 - 00000000 ____D () D:\WINDOWS\system32\Com
2014-08-08 17:38 - 2012-07-29 21:29 - 00000706 _____ () D:\WINDOWS\DtcInstall.log
2014-08-08 17:38 - 2012-07-29 21:27 - 00000000 ____D () D:\Program Files\Windows NT
2014-08-08 17:38 - 2012-07-29 16:10 - 00346120 _____ () D:\WINDOWS\msmqinst.log
2014-08-08 17:37 - 2012-07-30 12:12 - 00000546 _____ () D:\WINDOWS\cmsetacl.log
2014-08-08 17:26 - 2012-07-29 16:09 - 00000121 _____ () D:\WINDOWS\setuperr.log
2014-08-08 17:24 - 2012-07-29 16:10 - 00002026 _____ () D:\WINDOWS\regopt.log
2014-08-08 17:24 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\software.tmp.LOG
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\default.tmp.LOG
2014-08-08 12:21 - 2012-07-29 15:56 - 28311552 _____ () D:\WINDOWS\system32\config\software.sav
2014-08-08 12:21 - 2012-07-29 15:56 - 06815744 _____ () D:\WINDOWS\system32\config\system.sav
2014-08-08 12:21 - 2012-07-29 15:56 - 00786432 _____ () D:\WINDOWS\system32\config\default.sav
2014-08-08 12:21 - 2012-07-29 15:55 - 00262144 _____ () D:\WINDOWS\system32\config\userdiff
2014-08-08 12:21 - 2012-07-29 15:55 - 00001024 ____H () D:\WINDOWS\system32\config\userdiff.LOG
2014-08-08 12:20 - 2014-08-08 12:20 - 00000000 ____H () D:\WINDOWS\system32\config\system.tmp.LOG
2014-08-08 12:20 - 2012-07-29 15:55 - 00001024 ____H () D:\WINDOWS\system32\config\TempKey.LOG
2014-08-08 12:20 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Help
2014-08-08 12:19 - 2012-07-30 12:10 - 00000000 ____D () D:\WINDOWS\peernet
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\usmt
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\mui
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Media
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\ime
2014-08-08 12:18 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\npp
2014-08-08 12:18 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\msagent
2014-08-08 12:14 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\twain_32
2014-08-08 12:13 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\icsxml
2014-08-08 12:12 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\ias
2014-08-08 12:12 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\1033
2014-08-08 12:11 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Driver Cache

Files to move or delete:
====================
D:\Documents and Settings\ShaReda Coleman\acrobat.exe
D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

Additon:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-08-2014 01
Ran by ShaReda Coleman at 2014-08-10 15:45:10
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-zip v9.20 (HKLM\...\7-Zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9FD050BA-79BD-42A4-9E24-E8E13F1C775F}) (Version:  - Microsoft)
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
Expert PDF 7 Reader (HKLM\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 7.0.1370.0 - Avanquest software)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: 2012.10.26.0 - ) <==== ATTENTION
Files Opened (HKLM\...\Files Opened) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{0564C76B-8E1F-4157-8654-B0F9F308BEE9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.1.0522.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.1.522.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version:  - )
Mixer (HKLM\...\MIXERLITE) (Version:  - )
Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MusicOasis (HKLM\...\MusicOasis) (Version: 1.0.3 - W3i, LLC)
MusicOasis (Version: 1.0.3 - W3i, LLC) Hidden
Norton Safe Web Lite (HKLM\...\NST) (Version: 2.0.0.16 - Symantec Corporation)
PDF Reader Packages (HKCU\...\PDF Reader Packages) (Version:  - ) <==== ATTENTION
Shockwave (HKLM\...\Shockwave) (Version:  - )
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Sound Blaster ADVANCED MB Drivers (HKLM\...\SAMB_ADVMB_FILTER_DRV) (Version:  - )
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo_Audigy) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Print Shop Deluxe 15 EEV (HKLM\...\{683214A6-4003-4C57-B55E-079FD77A185F}) (Version:  - Broderbund LLC)
Uninstall Dual Mode Camera (HKLM\...\Dual Mode Camera_is1) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
VideoBuzz (HKLM\...\{F2BBDD5D-7959-4F64-8737-F568092433F6}) (Version: 1.0.0 - W3i, LLC)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Driver Package - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()

==================== Restore Points  =========================

08-08-2014 22:49:53 System Checkpoint
08-08-2014 22:54:11 Removed Ask Toolbar.
08-08-2014 22:57:05 Removed BabylonObjectInstaller
08-08-2014 22:58:28 Removed CWA Reminder by We-Care.com v4.1.21.3
08-08-2014 22:58:59 Removed Cyber Spy Notebook
08-08-2014 23:07:47 Removed Delta Chrome Toolbar
08-08-2014 23:10:23 Removed NetAssistant
08-08-2014 23:39:42 Removed InstallIQ Updater
08-08-2014 23:43:59 Removed SpyNet Field Office
09-08-2014 03:45:28 avast! antivirus system restore point
10-08-2014 03:52:44 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2003-07-16 11:23 - 2014-08-10 10:16 - 00000027 ____A D:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\AppleSoftwareUpdate.job => D:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: D:\WINDOWS\Tasks\avast! Emergency Update.job => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\ProgramUpdateCheck.job => D:\Program Files\File Type Assistant\tsassist.exe

==================== Loaded Modules (whitelisted) =============

2014-08-08 22:51 - 2014-08-08 22:51 - 00301152 _____ () D:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-10 06:57 - 2014-08-10 06:57 - 02795520 _____ () D:\Program Files\AVAST Software\Avast\defs\14081000\algo.dll
2014-08-10 14:18 - 2014-08-10 14:18 - 02795520 _____ () D:\Program Files\AVAST Software\Avast\defs\14081001\algo.dll
2012-08-19 14:17 - 2011-10-04 22:42 - 00086016 _____ () D:\WINDOWS\system32\custmon32i.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-30 11:31 - 2007-10-09 19:17 - 00024064 _____ () D:\WINDOWS\System32\WLTRYSVC.EXE
2012-07-30 11:31 - 2007-10-09 19:17 - 00753664 _____ () D:\WINDOWS\System32\bcm1xsup.dll
2012-07-30 11:31 - 2007-10-09 19:17 - 00139264 _____ () D:\WINDOWS\System32\preflib.dll
2014-08-08 22:51 - 2014-08-08 22:51 - 19329904 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2012-07-30 18:13 - 2014-06-05 23:38 - 03852912 _____ () D:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video Controller
Description: Video Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]


System errors:
=============
Error: (08/09/2014 02:52:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:52:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:51:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:51:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:51:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:51:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:50:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:50:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:50:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:50:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================
Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378


==================== Memory info ===========================

Percentage of memory in use: 37%
Total physical RAM: 2038.37 MB
Available physical RAM: 1283.37 MB
Total Pagefile: 3930.92 MB
Available Pagefile: 3298.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:11.84 GB) (Free:9.69 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:38.78 GB) (Free:22.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 54 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=39 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Thanks!!!!


  • 0

#6
Essexboy
Posted 10 August 2014 - 03:11 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
On completion of these two runs you should be good to install SP3

Let me know of any problems after this

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:


SearchScopes: HKCU - ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­ URL =
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
FF SearchEngineOrder.1: Delta Search
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ind=2012112422&id=Z7xdm050YYus&ptnrS=Z7xdm050YYus&si=4491&searchfor=
FF user.js: detected! => D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\user.js
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
D:\Documents and Settings\ShaReda Coleman\acrobat.exe
D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe
Task: D:\WINDOWS\Tasks\ProgramUpdateCheck.job => D:\Program Files\File Type Assistant\tsassist.exe
D:\Program Files\File Type Assistant\
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#7
newcomer21
Posted 11 August 2014 - 06:50 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Here are the two logs.  I can not connect wireless anymore.  The networks are visible but when I try to connect it says "Windows is unable to connect to the selected network.  The network may no longer be in range.  Please refresh and try again."  The networks are in range, that is not the problem.  I am in the same room with the wireless modem. 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:10-08-2014 01
Ran by ShaReda Coleman at 2014-08-10 21:11:57 Run:1
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­ URL =
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
FF SearchEngineOrder.1: Delta Search
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ind=2012112422&id=Z7xdm050YYus&ptnrS=Z7xdm050YYus&si=4491&searchfor=
FF user.js: detected! => D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\user.js
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml
FF SearchPlugin: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
D:\Documents and Settings\ShaReda Coleman\acrobat.exe
D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe
Task: D:\WINDOWS\Tasks\ProgramUpdateCheck.job => D:\Program Files\File Type Assistant\tsassist.exe
D:\Program Files\File Type Assistant\
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­" => Key not found.
"HKCR\CLSID\ÛÆîZ§2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×(ä¼48иpatm6êo^Mp`Ëõ÷_i£w¾!Áûx¢8ÙjÀÿþ ´Ñ;áa´[¦8 º~RÙxòÜ8'£-)x­ä­" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
"HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} => value deleted successfully.
"HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}" => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox Keyword.URL deleted successfully.
D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\user.js => Moved successfully.
D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\askcom.xml => Moved successfully.
D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\searchplugins\BabylonMngr.xml => Moved successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
D:\Documents and Settings\ShaReda Coleman\acrobat.exe => Moved successfully.
D:\Documents and Settings\ShaReda Coleman\vlcplayer.exe => Moved successfully.
D:\WINDOWS\Tasks\ProgramUpdateCheck.job => Moved successfully.
D:\Program Files\File Type Assistant => Moved successfully.

=========  bitsadmin /reset /allusers =========

'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

EmptyTemp: => Removed 252 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

 

# AdwCleaner v3.304 - Report created 10/08/2014 at 21:29:56
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : ShaReda Coleman - SC-DALG4WVDDC4I
# Running from : D:\Documents and Settings\ShaReda Coleman\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : wltrysvc

***** [ Files / Folders ] *****

Folder Deleted : D:\Documents and Settings\All Users\Application Data\apn
Folder Deleted : D:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : D:\Documents and Settings\All Users\Application Data\Browser Manager
Folder Deleted : D:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : D:\Documents and Settings\All Users\Application Data\PC Optimizer Pro
Folder Deleted : D:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : D:\Documents and Settings\All Users\Start Menu\Programs\PC Optimizer Pro
Folder Deleted : D:\Program Files\Delta
Folder Deleted : D:\Program Files\File Type Helper
Folder Deleted : D:\Program Files\Free Offers from Freeze.com
Folder Deleted : D:\Program Files\GamesBar
Folder Deleted : D:\Program Files\ParetoLogic
Folder Deleted : D:\Program Files\Common Files\ParetoLogic
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\apn
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\FileTypeAssistant
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\visi_coupon
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Application Data\Babylon
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Application Data\DriverCure
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Application Data\DSite
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Application Data\PerformerSoft
Folder Deleted : D:\Documents and Settings\ShaReda Coleman\Start Menu\Programs\Browser Manager
File Deleted : D:\END
File Deleted : D:\Documents and Settings\All Users\Desktop\PC Optimizer Pro.lnk
File Deleted : D:\WINDOWS\system32\WLTRYSVC.EXE
File Deleted : D:\Documents and Settings\ShaReda Coleman\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Optimizer Pro.lnk

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\BrowserProtect
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchEngineProtection]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKCU\Software\e558c8be16eba41
Key Deleted : HKLM\SOFTWARE\e558c8be16eba41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\pc optimizer pro
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DSite
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Playbryte
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default\prefs.js ]

Line Deleted : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=110796&tt=bandext_3312_4&babsrc=HP_ss&mntrId=d8d7c5a70000000000000015c5b24a23");
Line Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ind=2012112422&id=Z7xdm050YYus&ptnrS=Z[...]
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=F3B17338-EFF9-4711-A3EF-D809B57A06F0&n=77ee6626&ptnrS=Z7xdm050YYus&si=4491");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.lastGuardTime", -1206452797);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.hp.numGuards", 1);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.installDate", "2012112422");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerId", "Z7xdm050YYus");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.partnerSubId", "4491");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.installation.toolbarId", "F3B17338-EFF9-4711-A3EF-D809B57A06F0");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.lastActivePing", "1407542821100");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.searchHistory", "bio poem lesson||microsoft 2010 will not appear?");
Line Deleted : user_pref("extensions.toolbar.mindspark._gtMembers_.weather.location", "30301");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "[email protected]");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.babylon.com/?affID=110796&tt=bandext_3312_4&babsrc=HP_ss&mntrId=d8d7c5a70000000000000015c5b24a23");

-\\ Google Chrome v36.0.1985.125

[ File : D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110796&tt=bandext_3312_4&babsrc=SP_ss&mntrId=d8d7c5a70000000000000015c5b24a23
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=BCPA&o=16145&locale=en_US&apn_uid=5B9C1FEE-37D6-4450-A9A8-36AF610C3684&apn_ptnrs=%5EQK&apn_sauid=F3C0B238-ADE3-4B14-A191-25FCF541B9EA&apn_dtid=%5EYYYYYY%5EYY%5EUS&q={searchTerms}
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119351&tt=bandext_3312_4&babsrc=SP_ss&mntrId=d8d7c5a70000000000000015c5b24a23
Deleted [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Deleted [Extension] : ippkomaaonokjnfjoikaemidanojkfmm

*************************

AdwCleaner[R0].txt - [10240 octets] - [10/08/2014 21:23:07]
AdwCleaner[R1].txt - [10301 octets] - [10/08/2014 21:29:12]
AdwCleaner[S0].txt - [10315 octets] - [10/08/2014 21:29:56]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [10376 octets] ##########
 


  • 0

#8
Essexboy
Posted 12 August 2014 - 07:00 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets reset the network files, was the loss before or after the AdwCleaner run ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew


Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download MiniToolBox, save it to your desktop and run it.
minitoolbox.JPG
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#9
newcomer21
Posted 12 August 2014 - 03:50 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

It happend after I ran Adwcleaner.  Now when I try to use the wireless it says to start the WCZ for windows to configure it for you.

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by ShaReda Coleman (administrator) on 12-08-2014 at 16:46:25
Running from "D:\Documents and Settings\ShaReda Coleman\Desktop"
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Connected)
Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : sc-dalg4wvddc4i

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : Yes

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller

        Physical Address. . . . . . . . . : 00-15-C5-B2-4A-23

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.8

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 24.116.0.53

                                            24.116.2.50

        Lease Obtained. . . . . . . . . . : Tuesday, August 12, 2014 4:43:08 PM

        Lease Expires . . . . . . . . . . : Tuesday, August 12, 2014 5:43:08 PM



Ethernet adapter Wireless Network Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card

        Physical Address. . . . . . . . . : 00-18-F3-49-FD-E8

Server:  c1dns.cableone.net
Address:  24.116.0.53

Name:    google.com
Addresses:  173.194.64.138, 173.194.64.102, 173.194.64.101, 173.194.64.113
      173.194.64.100, 173.194.64.139



Pinging google.com [173.194.64.100] with 32 bytes of data:



Reply from 173.194.64.100: bytes=32 time=41ms TTL=50

Reply from 173.194.64.100: bytes=32 time=43ms TTL=50



Ping statistics for 173.194.64.100:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 41ms, Maximum = 43ms, Average = 42ms

Server:  c1dns.cableone.net
Address:  24.116.0.53

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=82ms TTL=48

Reply from 98.139.183.24: bytes=32 time=86ms TTL=48



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 82ms, Maximum = 86ms, Average = 84ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 15 c5 b2 4a 23 ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 18 f3 49 fd e8 ...... Dell Wireless 1390 WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.8      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0      192.168.0.8     192.168.0.8      20
      192.168.0.0    255.255.255.0      192.168.0.8     192.168.0.8      20
      192.168.0.8  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255      192.168.0.8     192.168.0.8      20
        224.0.0.0        240.0.0.0      192.168.0.8     192.168.0.8      20
  255.255.255.255  255.255.255.255      192.168.0.8               3      1
  255.255.255.255  255.255.255.255      192.168.0.8     192.168.0.8      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 D:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 02 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 D:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 04 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 D:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 D:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 17 D:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/11/2014 06:36:24 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/11/2014 06:36:22 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:13 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:08 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:07 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]


System errors:
=============
Error: (08/09/2014 02:52:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:52:03 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:51:33 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:51:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:51:03 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:51:03 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:50:33 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:50:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:50:03 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:50:03 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.


Microsoft Office Sessions:
=========================
Error: (08/11/2014 06:36:24 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000

Error: (08/11/2014 06:36:22 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000

Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup)(User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup)(User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup)(User: )
Description: HRESULT:0x8004FF56
Description:.  0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:13 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:08 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:08 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:07 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378



=========================== Installed Programs ============================
7-zip v9.20 (HKLM\...\7-Zip) (Version: v9.20 - TUGUU SL)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version:  - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9FD050BA-79BD-42A4-9E24-E8E13F1C775F}) (Version:  - Microsoft)
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
Expert PDF 7 Reader (HKLM\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 7.0.1370.0 - Avanquest software)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: 2012.10.26.0 - )
Files Opened (HKLM\...\Files Opened) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{0564C76B-8E1F-4157-8654-B0F9F308BEE9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.1.0522.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.1.522.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version:  - )
Mixer (HKLM\...\MIXERLITE) (Version:  - )
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MusicOasis (HKLM\...\MusicOasis) (Version: 1.0.3 - W3i, LLC)
MusicOasis (Version: 1.0.3 - W3i, LLC) Hidden
Norton Safe Web Lite (HKLM\...\NST) (Version: 2.0.0.16 - Symantec Corporation)
PDF Reader Packages (HKCU\...\PDF Reader Packages) (Version:  - )
Shockwave (HKLM\...\Shockwave) (Version:  - )
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Sound Blaster ADVANCED MB Drivers (HKLM\...\SAMB_ADVMB_FILTER_DRV) (Version:  - )
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo_Audigy) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Print Shop Deluxe 15 EEV (HKLM\...\{683214A6-4003-4C57-B55E-079FD77A185F}) (Version:  - Broderbund LLC)
Uninstall Dual Mode Camera (HKLM\...\Dual Mode Camera_is1) (Version:  - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
VideoBuzz (HKLM\...\{F2BBDD5D-7959-4F64-8737-F568092433F6}) (Version: 1.0.0 - W3i, LLC)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Driver Package - Ricoh Company (rimsptsk) hdc  (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

========================= Devices: ================================

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video Controller
Description: Video Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 2038.37 MB
Available physical RAM: 1517.04 MB
Total Pagefile: 3930.98 MB
Available Pagefile: 3508.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1989.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:11.84 GB) (Free:9.69 GB) NTFS
2 Drive d: () (Fixed) (Total:38.78 GB) (Free:22.43 GB) NTFS

========================= Users: ========================================

User accounts for \\SC-DALG4WVDDC4I

Administrator            Guest                    HelpAssistant            
ShaReda Coleman          SUPPORT_388945a0         

========================= Minidump Files ==================================

D:\WINDOWS\Minidump\Mini081212-01.dmp

**** End of log ****
 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:10-08-2014 01
Ran by ShaReda Coleman at 2014-08-12 16:42:53 Run:2
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
*****************


=========  netsh advfirewall reset =========

The following command was not found: advfirewall reset.

========= End of CMD: =========


=========  netsh advfirewall set allprofiles state ON =========

The following command was not found: advfirewall set allprofiles state ON.

========= End of CMD: =========


=========  ipconfig /flushdns =========



Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the machine in order to complete the reset.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========



========= End of CMD: =========


=========  ipconfig /release =========



Windows IP Configuration



No operation can be performed on Wireless Network Connection while it has its media disconnected.



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        IP Address. . . . . . . . . . . . : 0.0.0.0

        Subnet Mask . . . . . . . . . . . : 0.0.0.0

        Default Gateway . . . . . . . . . :



Ethernet adapter Wireless Network Connection:



        Media State . . . . . . . . . . . : Media disconnected


========= End of CMD: =========


=========  ipconfig /renew =========



Windows IP Configuration



No operation can be performed on Wireless Network Connection while it has its media disconnected.



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        IP Address. . . . . . . . . . . . : 192.168.0.8

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1



Ethernet adapter Wireless Network Connection:



        Media State . . . . . . . . . . . : Media disconnected


========= End of CMD: =========


==== End of Fixlog ====

 

Thanks so much


  • 0

#10
Essexboy
Posted 13 August 2014 - 06:48 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Could you use the wizard to configure the wireless network and let me know the result

 

If that fails then could you go to Control Panel > Device Manager

Press the plus sign/arrow next to Network Adapters

Take a screenshot of that and post it here

 

Capture.JPG


  • 0

Advertisements

#11
newcomer21
Posted 13 August 2014 - 04:15 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

It will show the wireless networks in range but it still gives the message that It can't connect.  I can't figure out how to post an image on here.  It says I am not allowed to post image in this community. 


  • 0

#12
Essexboy
Posted 14 August 2014 - 06:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
As long as it is a jpg it should attach with no problems

Attach using the option at the bottom of the post
Capture.JPG
  • 0

#13
newcomer21
Posted 14 August 2014 - 04:47 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

Ok. Got it. 

Attached Thumbnails

  • wifi error copy.jpg
  • device mgr.jpg

  • 0

#14
Essexboy
Posted 15 August 2014 - 06:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two tasks now :

First :

In device manager right click the three items with the yellow triangles and select Uninstall
Reboot and the found new hardware will run and install the drivers fresh for those

Second :

In the network connections could you select the top network and see if that allows you to connect
  • 0

#15
newcomer21
Posted 15 August 2014 - 03:40 PM

newcomer21

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 121 posts

I would not connect.  Also, it said it couldn't find needed software to install the 3 items.

 

 

Attached Thumbnails

  • wireless screen shot.jpg
  • cannot install.jpg

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP