Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Lots of spyware malware [Solved]

Started by newcomer21 , Aug 09 2014 04:01 PM

This topic is locked

#16
Essexboy

Posted 16 August 2014 - 09:07 AM

GeekU Moderator

Retired Staff
69,964 posts

OK select system restore and restore back to the point created on 10th August created by combofix and we will start again

#17
newcomer21

Posted 16 August 2014 - 06:22 PM

Member

Topic Starter
Member
121 posts

Ok System restored to Aug. 10. Didn't know if you wanted me to try to connect to wifi, but I did try and it still gives same error.

#18
Essexboy

Posted 17 August 2014 - 04:08 AM

GeekU Moderator

Retired Staff
69,964 posts

Could you download and install the driver from here and then let me know if the net works

http://www.dell.com/...354&lid=4821909

#19
newcomer21

Posted 17 August 2014 - 06:56 AM

Member

Topic Starter
Member
121 posts

Yes Sir. That got it. We are back online wireless.

#20
Essexboy

Posted 17 August 2014 - 07:40 AM

GeekU Moderator

Retired Staff
69,964 posts

OK... Lets see what was returned if anything

Run FRST.
Select additions at the bottom
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please attach both logs generated.

#21
newcomer21

Posted 17 August 2014 - 02:35 PM

Member

Topic Starter
Member
121 posts

Ok here are your logs. Thanks again!!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-08-2014 03
Ran by ShaReda Coleman (administrator) on SC-DALG4WVDDC4I on 17-08-2014 15:31:17
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) D:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
(Symantec Corporation) D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
(Yahoo! Inc.) D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) D:\WINDOWS\system32\wscntfy.exe
(Dell Inc.) D:\WINDOWS\system32\WLTRAY.EXE
(Sun Microsystems, Inc.) D:\Program Files\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) D:\Program Files\Creative\Mixer\CTSVolFE.exe
(Apple Inc.) D:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) D:\Program Files\Microsoft Security Client\msseces.exe
(SigmaTel, Inc.) D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(BVRP Software) D:\Program Files\Digital Line Detect\DLG.exe
(Apple Inc.) D:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) D:\WINDOWS\system32\wbem\unsecapp.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
() D:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) D:\WINDOWS\system32\BCMWLTRY.EXE
(Intel Corporation) D:\WINDOWS\system32\igfxsrvc.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1708537768-1563985344-1801674531-1003\...\Run: [OfficeSyncProcess] => D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1708537768-1563985344-1801674531-1003\...\Run: [GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2] => D:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-08-06] (Google Inc.)
Startup: D:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> D:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gamesag...play.com/?o=shp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
SearchScopes: HKCU - {2FDF580B-CCA1-4486-B170-BEDBFEEADC7A} URL = http://websearch.ask...91-25FCF541B9EA
SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://start.gamesag...q={searchTerms}
SearchScopes: HKCU - {89C9B53A-7A2E-4582-AD42-8035C7C098E3} URL = http://search.yahoo....310,16665,0,8,0
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO: Norton Safe Web Lite BHO -> {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} -> D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - D:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Norton Safe Web Lite - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll (Symantec Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab
Winsock: Catalog5 01 D:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50

FireFox:
========
FF ProfilePath: D:\Documents and Settings\ShaReda Coleman\Application Data\Mozilla\Firefox\Profiles\yf7rdgrw.default
FF Homepage: hxxp://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> D:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 -> D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - d:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-07-31]
FF HKLM\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - D:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF HKLM\...\Firefox\Extensions: [[email protected]] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-08]
FF HKCU\...\Firefox\Extensions: [[email protected]] - D:\Program Files\FriendsChecker\Firefox

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR DefaultSearchKeyword: delta-search.com
CHR DefaultNewTabURL:
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-08] (AVAST Software)
S2 IUNP; D:\WINDOWS\System32\svchost.exe [14336 2004-08-04] (Microsoft Corporation)
R2 JavaQuickStarterService; D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161704 2012-07-05] (Oracle Corporation)
S4 MBAMScheduler; D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NSL; D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 wltrysvc; D:\WINDOWS\System32\bcmwltry.exe [1253376 2006-11-01] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; D:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-08-08] ()
R2 aswMonFlt; D:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-08-08] (AVAST Software)
R1 aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-08-08] (AVAST Software)
R0 aswRvrt; D:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-08-08] ()
R1 aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-08-08] (AVAST Software)
R1 aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-08-08] (AVAST Software)
R1 aswTdi; D:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-08-08] (AVAST Software)
R0 aswVmm; D:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-08-08] ()
R3 BCM43XX; D:\WINDOWS\System32\DRIVERS\bcmwl5.sys [604928 2006-10-12] (Broadcom Corporation)
S3 CCDECODE; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2004-08-03] (Microsoft Corporation)
S1 ccSet_NST; D:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys [132744 2011-08-08] (Symantec Corporation)
R3 CTUSFSYN; D:\WINDOWS\System32\drivers\ctusfsyn.sys [158464 2005-05-25] (Creative Technology Ltd.)
S3 JL2005C; D:\WINDOWS\System32\Drivers\jl2005c.sys [68954 2007-01-26] (Windows ® 2000 DDK provider) [File not signed]
R3 MBAMProtector; D:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 monfilt; D:\WINDOWS\System32\drivers\monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S0 MpFilter; D:\WINDOWS\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
S3 NdisIP; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2004-08-04] (Microsoft Corporation)
S3 Secdrv; D:\WINDOWS\System32\DRIVERS\secdrv.sys [27440 2004-08-04] ()
R3 STHDA; D:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
S2 10072; \??\D:\DOCUME~1\SHARED~1\LOCALS~1\Temp\10072.sys [X]
S3 catchme; \??\D:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; D:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 15:30 - 2014-08-17 15:31 - 00012636 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.txt
2014-08-17 15:29 - 2014-08-17 15:30 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Desktop\New Folder
2014-08-17 14:24 - 2014-08-17 14:24 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST-OlderVersion
2014-08-17 07:54 - 2014-08-17 07:55 - 00000000 ____D () D:\WINDOWS\LastGood
2014-08-17 07:54 - 2006-11-01 12:48 - 01060864 _____ (Microsoft Corporation) D:\WINDOWS\system32\MFC71.DLL
2014-08-17 07:54 - 2006-11-01 12:48 - 00499712 _____ (Microsoft Corporation) D:\WINDOWS\system32\MSVCP71.DLL
2014-08-17 07:54 - 2006-11-01 12:48 - 00348160 _____ (Microsoft Corporation) D:\WINDOWS\system32\MSVCR71.DLL
2014-08-17 07:54 - 2006-11-01 12:48 - 00089088 _____ (Microsoft Corporation) D:\WINDOWS\system32\ATL71.DLL
2014-08-17 07:54 - 2006-11-01 12:48 - 00020480 _____ () D:\WINDOWS\system32\WLTRYSVC.EXE
2014-08-17 07:53 - 2014-08-17 07:54 - 54730096 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\R140747.EXE
2014-08-11 18:34 - 2014-08-15 16:26 - 00000497 _____ () D:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-08-10 21:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) D:\WINDOWS\system32\sqlite3.dll
2014-08-10 21:22 - 2014-08-10 21:30 - 00000000 ____D () D:\AdwCleaner
2014-08-10 21:22 - 2014-08-10 21:22 - 01366203 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\AdwCleaner.exe
2014-08-10 15:43 - 2014-08-17 15:31 - 00000000 ____D () D:\FRST
2014-08-10 15:41 - 2014-08-17 14:24 - 01093632 _____ (Farbar) D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.exe
2014-08-10 14:49 - 2014-08-10 14:49 - 00000000 ____D () D:\Program Files\Mozilla Firefox
2014-08-10 10:25 - 2014-08-17 15:31 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00016745 _____ () D:\ComboFix.txt
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\NetworkService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\LocalService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\Default User\Local Settings\temp
2014-08-10 10:11 - 2014-08-10 10:11 - 00008192 ____H () D:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-08-10 10:11 - 2014-08-10 10:11 - 00000000 ____H () D:\WINDOWS\system32\config\SAM.tmp.LOG
2014-08-10 09:17 - 2011-06-26 01:45 - 00256000 _____ () D:\WINDOWS\PEV.exe
2014-08-10 09:17 - 2010-11-07 12:20 - 00208896 _____ () D:\WINDOWS\MBR.exe
2014-08-10 09:17 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) D:\WINDOWS\NIRCMD.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) D:\WINDOWS\SWREG.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) D:\WINDOWS\SWSC.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) D:\WINDOWS\SWXCACLS.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00098816 _____ () D:\WINDOWS\sed.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00080412 _____ () D:\WINDOWS\grep.exe
2014-08-10 09:17 - 2000-08-30 19:00 - 00068096 _____ () D:\WINDOWS\zip.exe
2014-08-10 09:16 - 2014-08-10 10:26 - 00000000 ____D () D:\Qoobox
2014-08-10 09:16 - 2014-08-10 10:22 - 00000000 ____D () D:\WINDOWS\erdnt
2014-08-10 09:15 - 2014-08-10 09:15 - 05568206 ____R (Swearware) D:\Documents and Settings\ShaReda Coleman\Desktop\ComboFix.exe
2014-08-09 16:14 - 2014-08-09 16:14 - 00602112 _____ (OldTimer Tools) D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
2014-08-08 23:12 - 2014-08-08 23:12 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
2014-08-08 22:59 - 2014-08-08 22:59 - 00000000 ____D () D:\WINDOWS\jumpshot.com
2014-08-08 22:52 - 2014-08-17 07:19 - 00000316 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-08 22:52 - 2014-08-16 19:19 - 00001733 _____ () D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-08-08 22:52 - 2014-08-08 22:52 - 00414520 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-08 22:52 - 2014-08-08 22:52 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-08 22:52 - 2014-08-08 22:51 - 00779536 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00192352 _____ () D:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00067824 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00057800 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-08 22:52 - 2014-08-08 22:51 - 00049944 _____ () D:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00276432 _____ (AVAST Software) D:\WINDOWS\system32\aswBoot.exe
2014-08-08 22:51 - 2014-08-08 22:51 - 00055112 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00043152 _____ (AVAST Software) D:\WINDOWS\avastSS.scr
2014-08-08 22:51 - 2014-08-08 22:51 - 00024184 _____ () D:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () D:\Program Files\AVAST Software
2014-08-08 22:44 - 2014-08-08 22:45 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-08 20:44 - 2014-08-09 13:44 - 00110296 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 20:44 - 2014-08-08 22:28 - 00000000 ____D () D:\Program Files\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000777 _____ () D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-08 20:44 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-08 20:44 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\mbam.sys
2014-08-08 20:25 - 2014-08-08 20:25 - 00000062 _____ () D:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-08-08 19:43 - 2014-08-08 19:49 - 331805736 _____ (Microsoft Corporation) D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
2014-08-08 19:00 - 2014-08-08 20:00 - 00000000 __HDC () D:\WINDOWS\$NtServicePackUninstall$
2014-08-08 18:55 - 2014-08-08 18:55 - 00000000 ____D () D:\WINDOWS\system32\CatRoot_bak
2014-08-08 18:01 - 2014-08-08 18:01 - 00001446 _____ () D:\WINDOWS\COM+.log
2014-08-08 17:57 - 2014-08-08 17:57 - 00000000 ____D () D:\Program Files\GUM1D59.tmp
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () D:\WINDOWS\system32\appmgmt
2014-08-08 17:48 - 2014-08-08 17:48 - 00013006 _____ () D:\WINDOWS\system32\wpa.bak
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winzm.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winsp.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00156672 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winpy.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00079360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winar30.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00069120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wingb.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00065536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\winime.ime
2014-08-08 17:47 - 2004-08-04 07:00 - 00041600 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\weitekp9.dll
2014-08-08 17:47 - 2004-08-04 07:00 - 00031232 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\weitekp9.sys
2014-08-08 17:47 - 2004-08-04 07:00 - 00028288 ____C () D:\WINDOWS\system32\dllcache\xjis.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00571392 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintlgnt.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00482304 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlgnt.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00456704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smtpsvc.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00455168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintsetp.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00426041 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\voicepad.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00363520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3svc.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00358400 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpincl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00259072 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpcl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00236544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smi2smir.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00229439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\multibox.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00188416 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpsmir.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00185344 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\thawbrkr.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00175104 ____C () D:\WINDOWS\system32\dllcache\pintlcsa.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00143422 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\softkey.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00131584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxviceo.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00111104 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mtstocom.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00103424 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\uihelper.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00101376 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\srusbusd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00086073 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\voicesub.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00083748 ____C () D:\WINDOWS\system32\dllcache\prcp.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00083748 ____C () D:\WINDOWS\system32\dllcache\prc.nls
2014-08-08 17:46 - 2004-08-04 07:00 - 00079872 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rwia330.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00079872 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rwia001.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00079360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\phon.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00077824 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\quick.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00076800 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wam51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00076288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\uniime.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00073728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00070144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlphr.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00067584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmigrate.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00065024 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\unicdime.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00053760 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pintlcsd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00053248 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamreg51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00053248 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\nextlink.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00048256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w32.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\svcext51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sspifilt.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00045056 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ssinc51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00044544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\nsepm.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00044032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tintlphr.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00040448 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpthrd.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00038912 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm9aw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00036927 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs411.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00032768 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmp.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smb6w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sma3w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pagecnt.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00031232 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tools.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00030208 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm87w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00030208 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm81w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00029184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8cw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Ricoh Co., Ltd.) D:\WINDOWS\system32\dllcache\rw330ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm93w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm92w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm90w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8dw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm8aw.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm89w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\romanime.ime
2014-08-08 17:46 - 2004-08-04 07:00 - 00025088 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\sm59w.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00024576 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\rw001ext.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00021896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdipx.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00020992 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\permchk.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00020736 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ramdisk.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00019464 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdspx.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\simptcp.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00016896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\status.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\quser.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smierrsm.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs404.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00015360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs804.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00014848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\register.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tsprof.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\padrs412.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00013192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tdasync.sys
2014-08-08 17:46 - 2004-08-04 07:00 - 00011264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxmcro.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tmigrate.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpstup.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00009728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\query.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamps51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmptrap.exe
2014-08-08 17:46 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pwsdata.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\snmpmib.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\pmxgl.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3svapi.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smimsgif.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\smierrsy.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00004608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\w3ctrs51.dll
2014-08-08 17:46 - 2004-08-04 07:00 - 00004096 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\rpcref.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_seos.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2014-08-08 17:46 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2014-08-08 17:46 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 13463552 ____C () D:\WINDOWS\system32\dllcache\hwxjpn.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 10129408 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hwxkor.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 10096640 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hwxcht.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 01875968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\msir3jp.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 01158818 ____C () D:\WINDOWS\system32\dllcache\korwbrkr.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 00811064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjp81k.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00716856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpcus.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00471102 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imskdic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00368696 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpcic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00340023 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjp81.ime
2014-08-08 17:45 - 2004-08-04 07:00 - 00315452 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imskf.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00311359 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imepadsv.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00307257 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdct.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00274489 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjputyc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00268288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpext.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00262200 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjputy.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00257024 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infocomm.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00233527 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjprw.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00208952 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpmig.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00196665 ____C () D:\WINDOWS\system32\dllcache\imjpinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00155705 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdsvr.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00145408 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iische51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00134339 ____C () D:\WINDOWS\system32\dllcache\imekr.lex
2014-08-08 17:45 - 2004-08-04 07:00 - 00106496 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrcic.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00102463 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imepadsm.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00102456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imlang.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00098304 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\msir3jp.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00094720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekr61.ime
2014-08-08 17:45 - 2004-08-04 07:00 - 00092416 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mga.sys
2014-08-08 17:45 - 2004-08-04 07:00 - 00092032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mga.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00086016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrmbx.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00085504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\metada51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00081976 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdct.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00079872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iislog51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00070656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\korwbrkr.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00061440 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpod51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00060928 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisclex4.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00059904 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imkrinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00059392 ____C () D:\WINDOWS\system32\dllcache\imscinst.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00057398 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpdadm.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00047066 ____C () D:\WINDOWS\system32\dllcache\ksc.nls
2014-08-08 17:45 - 2004-08-04 07:00 - 00045109 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imjpuex.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00044032 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\imekrmig.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00037888 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\md5filt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00035328 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iprip.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00033792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lmmib2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\mdsync.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00026624 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iscomlog.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00025088 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisadmin.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00022528 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lpdsvc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00022016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\logscrpt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iiscrmap.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lprmon.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00018432 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\jupiw.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetin51.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\lonsint.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnecat.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iwrps.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infoctrs.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00008192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\httpmb51.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\migregdb.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnecnt.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdnec95.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdibm02.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isapips.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisfecnv.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdlk41a.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iissync.exe
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth3.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdlk41j.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinpun.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdax2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd106n.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd101a.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbd101.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdvntc.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdusa.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdurdu.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdth0.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdsyr2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdsyr1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdintel.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdintam.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinmar.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinkan.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinhin.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdinguj.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdindev.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdheb.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdfa.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbddiv2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbddiv1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda3.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda2.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbda1.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdgeo.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdarmw.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00005120 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\kbdarme.dll
2014-08-08 17:45 - 2004-08-04 07:00 - 00003584 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iismui.dll
2014-08-08 17:45 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 01677824 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chsbrkr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00838144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtbrkr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00562176 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsst.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00480256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintsetp.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00452096 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsapi.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00400384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsxp32.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00397312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxstiff.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00369664 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\asp51.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00331264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\aqueue.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00285184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscomex.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00267776 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxssvc.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00246272 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxst30.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00229376 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscover.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00218112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_g18030.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00198656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintime.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00195618 ____C () D:\WINDOWS\system32\dllcache\c_10002.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00192512 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxswzrd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00189986 ____C () D:\WINDOWS\system32\dllcache\c_1361.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00187938 ____C () D:\WINDOWS\system32\dllcache\c_20005.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00186402 ____C () D:\WINDOWS\system32\dllcache\c_20001.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00185378 ____C () D:\WINDOWS\system32\dllcache\c_20003.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180770 ____C () D:\WINDOWS\system32\dllcache\c_20932.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180258 ____C () D:\WINDOWS\system32\dllcache\c_20004.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00180258 ____C () D:\WINDOWS\system32\dllcache\c_20000.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00177698 ____C () D:\WINDOWS\system32\dllcache\c_20949.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00177698 ____C () D:\WINDOWS\system32\dllcache\c_10003.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_20936.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_20002.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173602 ____C () D:\WINDOWS\system32\dllcache\c_10008.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00173568 ____C () D:\WINDOWS\system32\dllcache\chtskf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00162850 ____C () D:\WINDOWS\system32\dllcache\c_10001.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00154112 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsui.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00143360 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsclnt.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00132608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsclntr.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00125952 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpsv251.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00111104 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscfgwz.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00108827 ____C () D:\WINDOWS\system32\dllcache\hanja.lex
2014-08-08 17:44 - 2004-08-04 07:00 - 00108544 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\appconf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00101888 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntagnt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00097792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtmbx.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00092160 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntwin.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00082172 ____C () D:\WINDOWS\system32\dllcache\bopomofo.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00078848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\dayi.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00078336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chajei.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00072192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxscom.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00066728 ____C () D:\WINDOWS\system32\dllcache\big5.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_864.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_862.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_858.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066594 ____C () D:\WINDOWS\system32\dllcache\c_720.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_870.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_708.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_28596.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_21027.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_21025.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20924.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20880.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20871.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20838.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20833.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20424.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20423.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20420.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20297.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20290.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20285.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20284.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20280.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20278.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20277.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20273.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20269.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20108.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20107.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20106.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_20105.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1149.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1148.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1147.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1146.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1145.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1144.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1143.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1142.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1141.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1140.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_1047.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10021.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10005.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00066082 ____C () D:\WINDOWS\system32\dllcache\c_10004.nls
2014-08-08 17:44 - 2004-08-04 07:00 - 00057856 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esuimgd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00057399 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cplexe.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00056320 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\convlog.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00056320 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chtskdic.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00055296 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsevent.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00054528 ____C (Philips Semiconductors GmbH) D:\WINDOWS\system32\dllcache\cap7146.sys
2014-08-08 17:44 - 2004-08-04 07:00 - 00045568 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\browscap.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00045056 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esunid.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00042496 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\davcdata.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00039936 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hostmib.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00036864 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\hanjadic.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00033792 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\controt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00032256 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\gzip.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00031744 ____C (SEIKO EPSON CORP.) D:\WINDOWS\system32\dllcache\esucmd.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00031744 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsroute.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00029184 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\asptxn.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00027136 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsdrv.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00025856 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\et4000.sys
2014-08-08 17:44 - 2004-08-04 07:00 - 00024064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\evntcmd.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00024064 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\compfilt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00023552 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsmon.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00023552 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsext32.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00021504 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cintlgnt.ime
2014-08-08 17:44 - 2004-08-04 07:00 - 00020480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\counters.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0804.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0412.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0411.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt040d.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0404.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00019456 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\agt0401.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00018944 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cprofile.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00015872 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chgport.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00014848 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\flattemp.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\exstrace.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chgusr.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\chglogon.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00011264 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxssend.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00010752 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_iscii.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00010240 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\aspperf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00009728 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\change.exe
2014-08-08 17:44 - 2004-08-04 07:00 - 00009216 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\authfilt.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00008704 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsperf.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpctrs2.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\f3ahvoas.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fxsres.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006656 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\c_is2022.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpmib.dll
2014-08-08 17:44 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftlx041e.dll
2014-08-08 17:44 - 2003-03-24 16:52 - 00094208 ____C () D:\WINDOWS\system32\dllcache\fpencode.dll
2014-08-08 17:44 - 2003-03-24 16:52 - 00024632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpadmcgi.exe
2014-08-08 17:44 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpadmdll.dll
2014-08-08 17:44 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2014-08-08 17:44 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2014-08-08 17:43 - 2014-08-08 17:43 - 00262144 _____ () D:\WINDOWS\system32\config\userdifr
2014-08-08 17:43 - 2014-08-08 17:43 - 00001024 ____H () D:\WINDOWS\system32\config\userdifr.LOG
2014-08-08 17:43 - 2004-08-04 07:00 - 00829440 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetmgr.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00290816 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\adsiis51.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00275968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\certwiz.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00169984 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisui.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00133632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrtl.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00094720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\certmap.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00076800 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\logui.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00076288 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cnfgprts.ocx
2014-08-08 17:43 - 2004-08-04 07:00 - 00068608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isatq.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00068608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisext51.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00064512 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iismap.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00049664 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\adrot.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00046592 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\coadmin.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00043520 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admwprox.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00030720 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrstas.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00029696 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admexs.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00019968 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetsloc.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00014336 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisreset.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\infoadmn.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00008192 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\staxmem.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00007680 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetmgr.exe
2014-08-08 17:43 - 2004-08-04 07:00 - 00007168 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\wamregps.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\ftpsapi2.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00006144 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admxprox.dll
2014-08-08 17:43 - 2004-08-04 07:00 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\iisrstap.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00876653 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4awel.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00598071 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpmmc.dll
2014-08-08 17:43 - 2004-05-13 00:39 - 00184435 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4amsft.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00208896 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpmmcsat.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00188494 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpcount.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00188480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\cfgwiz.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00147513 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4apws.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00109328 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp98swin.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00102509 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4atxt.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00082035 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4anscp.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00049212 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4awebs.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00049210 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4areg.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00041020 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4avnb.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00032827 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tcptest.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00032826 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp4avss.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpexedll.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\author.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admin.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00020538 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fpremadm.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00020536 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\shtml.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\author.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\admin.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016437 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\shtml.exe
2014-08-08 17:43 - 2003-03-24 16:52 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\tcptsat.dll
2014-08-08 17:43 - 2003-03-24 16:52 - 00014608 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\fp98sadm.exe
2014-08-08 17:43 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2014-08-08 17:41 - 2014-08-08 17:41 - 00000786 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\WindowsShell.Manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\sapi.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\nwc.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\ncpa.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000488 ___RH () D:\WINDOWS\system32\logonui.exe.manifest
2014-08-08 17:41 - 2004-08-04 07:00 - 00016384 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\isignup.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00214528 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwconn1.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00086016 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwconn2.exe
2014-08-08 17:40 - 2004-08-04 07:00 - 00032768 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\icwdl.dll
2014-08-08 17:40 - 2004-08-04 07:00 - 00020480 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\inetwiz.exe
2014-08-08 17:24 - 2004-08-04 07:00 - 00024661 ____C (Perle Systems Ltd.) D:\WINDOWS\system32\dllcache\spxcoins.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00024661 _____ (Perle Systems Ltd.) D:\WINDOWS\system32\spxcoins.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00013312 ____C (Microsoft Corporation) D:\WINDOWS\system32\dllcache\irclass.dll
2014-08-08 17:24 - 2004-08-04 07:00 - 00013312 _____ (Microsoft Corporation) D:\WINDOWS\system32\irclass.dll
2014-08-08 17:23 - 2014-08-17 07:55 - 00429209 _____ () D:\WINDOWS\setupapi.log
2014-08-08 17:23 - 2004-08-04 07:00 - 02012670 ____C () D:\WINDOWS\system32\dllcache\NT5.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 01086058 ____R () D:\WINDOWS\SETD4.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 01086058 ____C () D:\WINDOWS\system32\dllcache\NTPRINT.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 01042903 ____R () D:\WINDOWS\SETD1.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 01042903 ____C () D:\WINDOWS\system32\dllcache\SP2.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00797189 ____C () D:\WINDOWS\system32\dllcache\NT5IIS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00502724 ____C () D:\WINDOWS\system32\dllcache\NT5INF.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00399645 ____C () D:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00141702 ____C () D:\WINDOWS\system32\dllcache\netfx.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00110116 ____C () D:\WINDOWS\system32\dllcache\tabletpc.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00037484 ____C () D:\WINDOWS\system32\dllcache\MW770.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00031965 ____C () D:\WINDOWS\system32\dllcache\mediactr.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00031281 ____C () D:\WINDOWS\system32\dllcache\FP4.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00024209 ____C () D:\WINDOWS\system32\dllcache\msn7.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00013753 ____R () D:\WINDOWS\SETE0.tmp
2014-08-08 17:23 - 2004-08-04 07:00 - 00013753 ____C () D:\WINDOWS\system32\dllcache\IMS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00013472 ____C () D:\WINDOWS\system32\dllcache\HPCRDP.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00011651 ____C () D:\WINDOWS\system32\dllcache\msn9.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00009581 ____C () D:\WINDOWS\system32\dllcache\MSMSGS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00008574 ____C () D:\WINDOWS\system32\dllcache\IASNT4.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00007382 ____C () D:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2014-08-08 17:23 - 2004-08-04 07:00 - 00007334 ____C () D:\WINDOWS\system32\dllcache\wmerrenu.cat
2014-08-08 17:23 - 2004-08-04 07:00 - 00007245 ____C () D:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\software.tmp.LOG
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\default.tmp.LOG
2014-08-08 12:20 - 2014-08-08 12:20 - 00000000 ____H () D:\WINDOWS\system32\config\system.tmp.LOG

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 15:31 - 2014-08-17 15:30 - 00012636 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.txt
2014-08-17 15:31 - 2014-08-10 15:43 - 00000000 ____D () D:\FRST
2014-08-17 15:31 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\temp
2014-08-17 15:30 - 2014-08-17 15:29 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Desktop\New Folder
2014-08-17 15:25 - 2012-07-30 13:06 - 00473942 _____ () D:\WINDOWS\WindowsUpdate.log
2014-08-17 15:21 - 2012-07-31 22:29 - 00000830 _____ () D:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-17 14:58 - 2012-09-18 18:30 - 00000904 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-17 14:24 - 2014-08-17 14:24 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Desktop\FRST-OlderVersion
2014-08-17 14:24 - 2014-08-10 15:41 - 01093632 _____ (Farbar) D:\Documents and Settings\ShaReda Coleman\Desktop\FRST.exe
2014-08-17 11:34 - 2013-02-09 22:38 - 00000664 _____ () D:\WINDOWS\system32\d3d9caps.dat
2014-08-17 07:56 - 2012-07-29 16:10 - 00519630 _____ () D:\WINDOWS\system32\PerfStringBackup.INI
2014-08-17 07:55 - 2014-08-17 07:54 - 00000000 ____D () D:\WINDOWS\LastGood
2014-08-17 07:55 - 2014-08-08 17:23 - 00429209 _____ () D:\WINDOWS\setupapi.log
2014-08-17 07:55 - 2012-07-30 12:07 - 00000000 ____D () D:\WINDOWS\system32\ReinstallBackups
2014-08-17 07:55 - 2012-07-30 11:31 - 00041736 _____ () D:\WINDOWS\bcmwl.log
2014-08-17 07:55 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Help
2014-08-17 07:54 - 2014-08-17 07:53 - 54730096 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\R140747.EXE
2014-08-17 07:19 - 2014-08-08 22:52 - 00000316 ____H () D:\WINDOWS\Tasks\avast! Emergency Update.job
2014-08-17 00:59 - 2013-03-10 00:44 - 00001813 _____ () D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-08-16 22:21 - 2012-07-29 21:41 - 00032176 _____ () D:\WINDOWS\SchedLgU.Txt
2014-08-16 19:19 - 2014-08-08 22:52 - 00001733 _____ () D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-08-16 19:18 - 2012-09-18 18:30 - 00000900 _____ () D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-16 19:18 - 2012-07-29 21:33 - 00000006 ____H () D:\WINDOWS\Tasks\SA.DAT
2014-08-16 19:18 - 2012-07-29 16:13 - 00000157 _____ () D:\WINDOWS\wiadebug.log
2014-08-16 19:18 - 2012-07-29 16:13 - 00000049 _____ () D:\WINDOWS\wiaservc.log
2014-08-16 19:18 - 2003-07-16 11:46 - 00013006 _____ () D:\WINDOWS\system32\wpa.dbl
2014-08-16 19:16 - 2012-07-29 21:42 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman
2014-08-16 19:16 - 2012-07-29 21:41 - 00000000 __SHD () D:\Documents and Settings\NetworkService
2014-08-16 19:16 - 2012-07-29 21:41 - 00000000 __SHD () D:\Documents and Settings\LocalService
2014-08-16 19:16 - 2012-07-29 21:29 - 00000000 ____D () D:\WINDOWS\Registration
2014-08-16 19:14 - 2012-07-30 21:17 - 00131072 _____ () D:\WINDOWS\system32\config\OAlerts.evt
2014-08-15 19:58 - 2013-03-03 07:31 - 00000284 _____ () D:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-08-15 16:26 - 2014-08-11 18:34 - 00000497 _____ () D:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-08-11 19:44 - 2013-02-13 23:42 - 00000000 ____D () D:\e
2014-08-11 19:44 - 2012-07-29 21:37 - 00000000 ____D () D:\DELL
2014-08-10 21:40 - 2012-07-29 21:42 - 00000178 ___SH () D:\Documents and Settings\ShaReda Coleman\ntuser.ini
2014-08-10 21:31 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\security
2014-08-10 21:30 - 2014-08-10 21:22 - 00000000 ____D () D:\AdwCleaner
2014-08-10 21:22 - 2014-08-10 21:22 - 01366203 _____ () D:\Documents and Settings\ShaReda Coleman\Desktop\AdwCleaner.exe
2014-08-10 21:19 - 2012-07-30 18:13 - 00000000 ____D () D:\Program Files\Mozilla Maintenance Service
2014-08-10 14:49 - 2014-08-10 14:49 - 00000000 ____D () D:\Program Files\Mozilla Firefox
2014-08-10 13:55 - 2012-07-30 18:18 - 00001919 _____ () D:\WINDOWS\epplauncher.mif
2014-08-10 10:26 - 2014-08-10 09:16 - 00000000 ____D () D:\Qoobox
2014-08-10 10:25 - 2014-08-10 10:25 - 00016745 _____ () D:\ComboFix.txt
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\NetworkService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\LocalService\Local Settings\temp
2014-08-10 10:25 - 2014-08-10 10:25 - 00000000 ____D () D:\Documents and Settings\Default User\Local Settings\temp
2014-08-10 10:22 - 2014-08-10 09:16 - 00000000 ____D () D:\WINDOWS\erdnt
2014-08-10 10:18 - 2003-07-16 11:41 - 00000227 _____ () D:\WINDOWS\system.ini
2014-08-10 10:15 - 2012-07-29 16:08 - 00524288 _____ () D:\WINDOWS\system32\config\SECURITY.bak
2014-08-10 10:15 - 2012-07-29 16:08 - 00024576 _____ () D:\WINDOWS\system32\config\SAM.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 27525120 _____ () D:\WINDOWS\system32\config\software.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 04980736 _____ () D:\WINDOWS\system32\config\system.bak
2014-08-10 10:15 - 2012-07-29 15:55 - 00786432 _____ () D:\WINDOWS\system32\config\default.bak
2014-08-10 10:11 - 2014-08-10 10:11 - 00008192 ____H () D:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-08-10 10:11 - 2014-08-10 10:11 - 00000000 ____H () D:\WINDOWS\system32\config\SAM.tmp.LOG
2014-08-10 09:15 - 2014-08-10 09:15 - 05568206 ____R (Swearware) D:\Documents and Settings\ShaReda Coleman\Desktop\ComboFix.exe
2014-08-09 16:14 - 2014-08-09 16:14 - 00602112 _____ (OldTimer Tools) D:\Documents and Settings\ShaReda Coleman\Desktop\OTL.exe
2014-08-09 16:10 - 2013-03-03 07:32 - 00000000 ____D () D:\Program Files\FriendsChecker
2014-08-09 16:09 - 2012-09-18 18:35 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Temp
2014-08-09 13:44 - 2014-08-08 20:44 - 00110296 _____ (Malwarebytes Corporation) D:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-09 08:45 - 2012-07-30 22:16 - 00000000 ____D () D:\WINDOWS\Microsoft.NET
2014-08-08 23:12 - 2014-08-08 23:12 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
2014-08-08 22:59 - 2014-08-08 22:59 - 00000000 ____D () D:\WINDOWS\jumpshot.com
2014-08-08 22:52 - 2014-08-08 22:52 - 00414520 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswsp.sys
2014-08-08 22:52 - 2014-08-08 22:52 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-08-08 22:51 - 2014-08-08 22:52 - 00779536 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswSnx.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00192352 _____ () D:\WINDOWS\system32\Drivers\aswVmm.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00067824 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00057800 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswTdi.sys
2014-08-08 22:51 - 2014-08-08 22:52 - 00049944 _____ () D:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00276432 _____ (AVAST Software) D:\WINDOWS\system32\aswBoot.exe
2014-08-08 22:51 - 2014-08-08 22:51 - 00055112 _____ (AVAST Software) D:\WINDOWS\system32\Drivers\aswRdr.sys
2014-08-08 22:51 - 2014-08-08 22:51 - 00043152 _____ (AVAST Software) D:\WINDOWS\avastSS.scr
2014-08-08 22:51 - 2014-08-08 22:51 - 00024184 _____ () D:\WINDOWS\system32\Drivers\aswHwid.sys
2014-08-08 22:45 - 2014-08-08 22:45 - 00000000 ____D () D:\Program Files\AVAST Software
2014-08-08 22:45 - 2014-08-08 22:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\AVAST Software
2014-08-08 22:33 - 2012-09-18 18:30 - 00000000 ____D () D:\Program Files\Google
2014-08-08 22:32 - 2013-04-14 21:09 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
2014-08-08 22:32 - 2013-02-21 22:16 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Licenses
2014-08-08 22:28 - 2014-08-08 20:44 - 00000000 ____D () D:\Program Files\Malwarebytes Anti-Malware
2014-08-08 22:27 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Xoagek
2014-08-08 22:27 - 2013-04-03 20:22 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Ippe
2014-08-08 20:44 - 2014-08-08 20:44 - 00000777 _____ () D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-08 20:44 - 2014-08-08 20:44 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-08-08 20:25 - 2014-08-08 20:25 - 00000062 _____ () D:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-08-08 20:02 - 2012-07-30 12:03 - 01022860 _____ () D:\WINDOWS\svcpack.log
2014-08-08 20:02 - 2012-07-29 16:10 - 01023461 _____ () D:\WINDOWS\FaxSetup.log
2014-08-08 20:00 - 2014-08-08 19:00 - 00000000 __HDC () D:\WINDOWS\$NtServicePackUninstall$
2014-08-08 20:00 - 2012-07-29 16:10 - 00543670 _____ () D:\WINDOWS\ocgen.log
2014-08-08 19:55 - 2012-07-29 16:11 - 00076174 _____ () D:\WINDOWS\MedCtrOC.log
2014-08-08 19:49 - 2014-08-08 19:43 - 331805736 _____ (Microsoft Corporation) D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
2014-08-08 19:42 - 2012-07-31 22:29 - 00699056 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-08 19:42 - 2012-07-31 22:29 - 00071344 _____ (Adobe Systems Incorporated) D:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-08 18:55 - 2014-08-08 18:55 - 00000000 ____D () D:\WINDOWS\system32\CatRoot_bak
2014-08-08 18:44 - 2012-08-15 19:24 - 00000000 ____D () D:\Program Files\Yahoo!
2014-08-08 18:44 - 2012-08-15 19:24 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Yahoo!
2014-08-08 18:42 - 2012-11-14 21:10 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\RegWork
2014-08-08 18:42 - 2012-11-14 21:09 - 00000000 ____D () D:\Program Files\RegWork
2014-08-08 18:42 - 2012-09-19 22:49 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Norton
2014-08-08 18:39 - 2012-08-15 19:25 - 00000000 __SHD () D:\WINDOWS\system32\AI_RecycleBin
2014-08-08 18:11 - 2012-09-18 18:30 - 00000000 ____D () D:\Documents and Settings\All Users\Application Data\Google
2014-08-08 18:11 - 2012-08-11 09:39 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\Google
2014-08-08 18:04 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
2014-08-08 18:01 - 2014-08-08 18:01 - 00001446 _____ () D:\WINDOWS\COM+.log
2014-08-08 17:57 - 2014-08-08 17:57 - 00000000 ____D () D:\Program Files\GUM1D59.tmp
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () D:\WINDOWS\system32\appmgmt
2014-08-08 17:51 - 2012-07-29 21:30 - 00000000 ____D () D:\WINDOWS\system32\Restore
2014-08-08 17:49 - 2012-07-30 13:06 - 00090616 _____ () D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-08 17:49 - 2012-07-29 16:08 - 00317952 _____ () D:\WINDOWS\system32\FNTCACHE.DAT
2014-08-08 17:49 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\inetsrv
2014-08-08 17:48 - 2014-08-08 17:48 - 00013006 _____ () D:\WINDOWS\system32\wpa.bak
2014-08-08 17:48 - 2012-07-29 16:11 - 00057632 _____ () D:\WINDOWS\ocmsn.log
2014-08-08 17:48 - 2012-07-29 16:11 - 00052101 _____ () D:\WINDOWS\tabletoc.log
2014-08-08 17:48 - 2012-07-29 16:10 - 01297011 _____ () D:\WINDOWS\iis6.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00486224 _____ () D:\WINDOWS\tsoc.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00367301 _____ () D:\WINDOWS\comsetup.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00223488 _____ () D:\WINDOWS\ntdtcsetup.log
2014-08-08 17:48 - 2012-07-29 16:10 - 00004326 _____ () D:\WINDOWS\imsins.log
2014-08-08 17:48 - 2012-07-29 16:09 - 00289903 _____ () D:\WINDOWS\setupact.log
2014-08-08 17:43 - 2014-08-08 17:43 - 00262144 _____ () D:\WINDOWS\system32\config\userdifr
2014-08-08 17:43 - 2014-08-08 17:43 - 00001024 ____H () D:\WINDOWS\system32\config\userdifr.LOG
2014-08-08 17:43 - 2012-07-30 12:11 - 00316640 _____ () D:\WINDOWS\WMSysPr9.prx
2014-08-08 17:43 - 2012-07-30 12:11 - 00004371 _____ () D:\WINDOWS\wmsetup.log
2014-08-08 17:43 - 2012-07-29 21:33 - 00023392 _____ () D:\WINDOWS\system32\nscompat.tlb
2014-08-08 17:43 - 2012-07-29 21:33 - 00016832 _____ () D:\WINDOWS\system32\amcompat.tlb
2014-08-08 17:43 - 2012-07-29 21:33 - 00001607 _____ () D:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00001599 _____ () D:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00001507 _____ () D:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00000792 _____ () D:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2014-08-08 17:43 - 2012-07-29 21:33 - 00000398 _____ () D:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2014-08-08 17:42 - 2012-07-29 16:10 - 00004161 _____ () D:\WINDOWS\ODBCINST.INI
2014-08-08 17:41 - 2014-08-08 17:41 - 00000786 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\WindowsShell.Manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\sapi.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\nwc.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000749 ___RH () D:\WINDOWS\system32\ncpa.cpl.manifest
2014-08-08 17:41 - 2014-08-08 17:41 - 00000488 ___RH () D:\WINDOWS\system32\logonui.exe.manifest
2014-08-08 17:41 - 2012-07-29 21:32 - 00000488 ___RH () D:\WINDOWS\system32\WindowsLogon.manifest
2014-08-08 17:41 - 2012-07-29 21:31 - 00000749 ___RH () D:\WINDOWS\system32\cdplayer.exe.manifest
2014-08-08 17:41 - 2012-07-29 21:31 - 00000000 ___RD () D:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-08 17:41 - 2012-07-29 21:30 - 00000000 ____D () D:\WINDOWS\srchasst
2014-08-08 17:41 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\Movie Maker
2014-08-08 17:41 - 2012-07-29 15:50 - 00000000 ___RD () D:\WINDOWS\Web
2014-08-08 17:41 - 2003-07-16 11:45 - 00000578 _____ () D:\WINDOWS\win.ini
2014-08-08 17:40 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\Outlook Express
2014-08-08 17:40 - 2012-07-29 21:30 - 00000000 ____D () D:\Program Files\NetMeeting
2014-08-08 17:40 - 2012-07-29 21:29 - 00002577 _____ () D:\WINDOWS\sessmgr.setup.log
2014-08-08 17:40 - 2012-07-29 21:29 - 00000000 ____D () D:\Program Files\Common Files\System
2014-08-08 17:40 - 2012-07-29 16:11 - 00180106 _____ () D:\WINDOWS\netfxocm.log
2014-08-08 17:40 - 2012-07-29 16:10 - 00052594 _____ () D:\WINDOWS\msgsocm.log
2014-08-08 17:39 - 2012-07-29 21:29 - 00022720 _____ () D:\WINDOWS\system32\emptyregdb.dat
2014-08-08 17:39 - 2012-07-29 21:29 - 00000609 _____ () D:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2014-08-08 17:39 - 2012-07-29 21:27 - 00000000 ____D () D:\WINDOWS\system32\Com
2014-08-08 17:38 - 2012-07-29 21:29 - 00000706 _____ () D:\WINDOWS\DtcInstall.log
2014-08-08 17:38 - 2012-07-29 21:27 - 00000000 ____D () D:\Program Files\Windows NT
2014-08-08 17:38 - 2012-07-29 16:10 - 00346120 _____ () D:\WINDOWS\msmqinst.log
2014-08-08 17:37 - 2012-07-30 12:12 - 00000546 _____ () D:\WINDOWS\cmsetacl.log
2014-08-08 17:26 - 2012-07-29 16:09 - 00000121 _____ () D:\WINDOWS\setuperr.log
2014-08-08 17:24 - 2012-07-29 16:10 - 00002026 _____ () D:\WINDOWS\regopt.log
2014-08-08 17:24 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\software.tmp.LOG
2014-08-08 12:21 - 2014-08-08 12:21 - 00000000 ____H () D:\WINDOWS\system32\config\default.tmp.LOG
2014-08-08 12:21 - 2012-07-29 15:56 - 28311552 _____ () D:\WINDOWS\system32\config\software.sav
2014-08-08 12:21 - 2012-07-29 15:56 - 06815744 _____ () D:\WINDOWS\system32\config\system.sav
2014-08-08 12:21 - 2012-07-29 15:56 - 00786432 _____ () D:\WINDOWS\system32\config\default.sav
2014-08-08 12:21 - 2012-07-29 15:55 - 00262144 _____ () D:\WINDOWS\system32\config\userdiff
2014-08-08 12:21 - 2012-07-29 15:55 - 00001024 ____H () D:\WINDOWS\system32\config\userdiff.LOG
2014-08-08 12:20 - 2014-08-08 12:20 - 00000000 ____H () D:\WINDOWS\system32\config\system.tmp.LOG
2014-08-08 12:20 - 2012-07-29 15:55 - 00001024 ____H () D:\WINDOWS\system32\config\TempKey.LOG
2014-08-08 12:19 - 2012-07-30 12:10 - 00000000 ____D () D:\WINDOWS\peernet
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\usmt
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\mui
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Media
2014-08-08 12:19 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\ime
2014-08-08 12:18 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\npp
2014-08-08 12:18 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\msagent
2014-08-08 12:14 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\twain_32
2014-08-08 12:13 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\icsxml
2014-08-08 12:12 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\ias
2014-08-08 12:12 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\system32\1033
2014-08-08 12:11 - 2012-07-29 15:50 - 00000000 ____D () D:\WINDOWS\Driver Cache

Some content of TEMP:
====================
D:\Documents and Settings\ShaReda Coleman\Local Settings\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

D:\WINDOWS\explorer.exe => File is digitally signed
D:\WINDOWS\system32\winlogon.exe => File is digitally signed
D:\WINDOWS\system32\svchost.exe => File is digitally signed
D:\WINDOWS\system32\services.exe => File is digitally signed
D:\WINDOWS\system32\User32.dll => File is digitally signed
D:\WINDOWS\system32\userinit.exe => File is digitally signed
D:\WINDOWS\system32\rpcss.dll => File is digitally signed
D:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-08-2014 03
Ran by ShaReda Coleman at 2014-08-17 15:32:51
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-zip v9.20 (HKLM\...\7-Zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 440x 10/100 Integrated Controller (HKLM\...\{612B9183-67A9-4B44-9877-2F059E35B86A}) (Version: 10.04.01 - Broadcom Corporation)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9FD050BA-79BD-42A4-9E24-E8E13F1C775F}) (Version: - Microsoft)
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.100.15.8 - Dell Inc.)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
Expert PDF 7 Reader (HKLM\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 7.0.1370.0 - Avanquest software)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: 2012.10.26.0 - ) <==== ATTENTION
Files Opened (HKLM\...\Files Opened) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{0564C76B-8E1F-4157-8654-B0F9F308BEE9}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java™ 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.1.0522.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.1.522.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
Mixer (HKLM\...\MIXERLITE) (Version: - )
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MusicOasis (HKLM\...\MusicOasis) (Version: 1.0.3 - W3i, LLC)
MusicOasis (Version: 1.0.3 - W3i, LLC) Hidden
Norton Safe Web Lite (HKLM\...\NST) (Version: 2.0.0.16 - Symantec Corporation)
PDF Reader Packages (HKCU\...\PDF Reader Packages) (Version: - ) <==== ATTENTION
Shockwave (HKLM\...\Shockwave) (Version: - )
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Sound Blaster ADVANCED MB Drivers (HKLM\...\SAMB_ADVMB_FILTER_DRV) (Version: - )
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo_Audigy) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Print Shop Deluxe 15 EEV (HKLM\...\{683214A6-4003-4C57-B55E-079FD77A185F}) (Version: - Broderbund LLC)
Uninstall Dual Mode Camera (HKLM\...\Dual Mode Camera_is1) (Version: - )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version: - Microsoft)
VideoBuzz (HKLM\...\{F2BBDD5D-7959-4F64-8737-F568092433F6}) (Version: 1.0.0 - W3i, LLC)
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04) (HKLM\...\4569969E1360D2854474C661EF9B4D54F143EB16) (Version: 11/14/2006 6.00.01.04 - Ricoh Company)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-1708537768-1563985344-1801674531-1003_Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\InprocServer32 -> D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2iexp.dll ()

==================== Restore Points =========================

08-08-2014 22:49:53 System Checkpoint
08-08-2014 22:54:11 Removed Ask Toolbar.
08-08-2014 22:57:05 Removed BabylonObjectInstaller
08-08-2014 22:58:28 Removed CWA Reminder by We-Care.com v4.1.21.3
08-08-2014 22:58:59 Removed Cyber Spy Notebook
08-08-2014 23:07:47 Removed Delta Chrome Toolbar
08-08-2014 23:10:23 Removed NetAssistant
08-08-2014 23:39:42 Removed InstallIQ Updater
08-08-2014 23:43:59 Removed SpyNet Field Office
09-08-2014 03:45:28 avast! antivirus system restore point
10-08-2014 03:52:44 System Checkpoint
11-08-2014 04:45:36 System Checkpoint
12-08-2014 05:31:31 System Checkpoint
13-08-2014 06:31:30 System Checkpoint
14-08-2014 07:31:30 System Checkpoint
15-08-2014 07:42:57 System Checkpoint
16-08-2014 08:29:42 System Checkpoint
17-08-2014 00:13:49 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2003-07-16 11:23 - 2014-08-10 10:16 - 00000027 ____A D:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: D:\WINDOWS\Tasks\Adobe Flash Player Updater.job => D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: D:\WINDOWS\Tasks\AppleSoftwareUpdate.job => D:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: D:\WINDOWS\Tasks\avast! Emergency Update.job => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => D:\Program Files\Google\Update\GoogleUpdate.exe
Task: D:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => D:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-08 22:51 - 2014-08-08 22:51 - 00301152 _____ () D:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-10 14:18 - 2014-08-10 14:18 - 02795520 _____ () D:\Program Files\AVAST Software\Avast\defs\14081001\algo.dll
2014-08-17 15:23 - 2014-08-17 15:23 - 02797568 _____ () D:\Program Files\AVAST Software\Avast\defs\14081701\algo.dll
2012-08-19 14:17 - 2011-10-04 22:42 - 00086016 _____ () D:\WINDOWS\system32\custmon32i.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-30 11:31 - 2006-11-01 12:48 - 00086016 _____ () D:\WINDOWS\System32\preflib.dll
2014-08-08 22:51 - 2014-08-08 22:51 - 19329904 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-17 07:54 - 2006-11-01 12:48 - 00020480 _____ () D:\WINDOWS\System32\WLTRYSVC.EXE
2012-07-30 11:31 - 2006-11-01 12:48 - 00757760 _____ () D:\WINDOWS\System32\bcm1xsup.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

Name: Video Controller (VGA Compatible)
Description: Video Controller (VGA Compatible)
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Video Controller
Description: Video Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Modem Device on High Definition Audio Bus
Description: Modem Device on High Definition Audio Bus
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2014 03:31:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 16.8.2014.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/15/2014 04:33:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 14.0.6129.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/13/2014 05:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: SC-DALG4WVDDC4I)
Description: Product: Microsoft Fix it 50469 -- This Microsoft Fix it does not apply to your operating system or application version.

Error: (08/11/2014 06:36:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/11/2014 06:36:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

Error: (08/08/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.2180, faulting module leyqvfes.dll, version 0.0.0.0, fault address 0x00021378.
Processing media-specific event for [rundll32.exe!ws!]

System errors:
=============
Error: (08/16/2014 07:19:30 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (08/16/2014 07:18:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ccSet_NST

Error: (08/16/2014 07:18:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Management Services service failed to start due to the following error:
%%1053

Error: (08/16/2014 07:18:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Intel® Management Services service to connect.

Error: (08/16/2014 07:18:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The 10072 service failed to start due to the following error:
%%2

Error: (08/15/2014 05:25:40 PM) (Source: ipnathlp) (EventID: 30005) (User: )
Description: The DHCP allocator has detected a DHCP server with IP address 192.168.0.1
on the same network as the interface with IP address 192.168.0.8.
The allocator has disabled itself on the interface in order to avoid
confusing DHCP clients.

Error: (08/09/2014 02:52:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:52:03 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/09/2014 02:51:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following error:
%%126

Error: (08/09/2014 02:51:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Microsoft Office Sessions:
=========================
Error: (08/17/2014 03:31:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST.exe16.8.2014.3hungapp0.0.0.000000000

Error: (08/15/2014 04:33:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE14.0.6129.5000hungapp0.0.0.000000000

Error: (08/13/2014 05:00:38 PM) (Source: MsiInstaller) (EventID: 10005) (User: SC-DALG4WVDDC4I)
Description: Product: Microsoft Fix it 50469 -- This Microsoft Fix it does not apply to your operating system or application version.(NULL)(NULL)(NULL)

Error: (08/11/2014 06:36:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000

Error: (08/11/2014 06:36:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.2180hungapp0.0.0.000000000

Error: (08/10/2014 01:55:30 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/09/2014 04:09:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/08/2014 10:42:02 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF56
Description:. 0x8004FF56.

Error: (08/08/2014 10:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

Error: (08/08/2014 10:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe5.1.2600.2180leyqvfes.dll0.0.0.000021378

==================== Memory info ===========================

Processor: Genuine Intel® CPU T2250 @ 1.73GHz
Percentage of memory in use: 23%
Total physical RAM: 2038.37 MB
Available physical RAM: 1563.05 MB
Total Pagefile: 3930.98 MB
Available Pagefile: 3552 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:11.84 GB) (Free:9.63 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:38.78 GB) (Free:21.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 54.5 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=38.8 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#22
Essexboy

Posted 17 August 2014 - 02:52 PM

GeekU Moderator

Retired Staff
69,964 posts

Looks good, as little appears to have been restored

How is the computer behaving now ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CHR DefaultSearchKeyword: delta-search.com
2014-08-08 18:04 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

#23
newcomer21

Posted 17 August 2014 - 04:39 PM

Member

Topic Starter
Member
121 posts

Computer running smoothly.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:16-08-2014 03
Ran by ShaReda Coleman at 2014-08-17 17:33:06 Run:3
Running from D:\Documents and Settings\ShaReda Coleman\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CHR DefaultSearchKeyword: delta-search.com
2014-08-08 18:04 - 2013-04-15 11:28 - 00000000 ____D () D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Chrome DefaultSearchKeyword deleted successfully.
D:\Documents and Settings\ShaReda Coleman\Application Data\Vyokc => Moved successfully.

========= bitsadmin /reset /allusers =========

'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

EmptyTemp: => Removed 171.7 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#24
Essexboy

Posted 18 August 2014 - 06:44 AM

GeekU Moderator

Retired Staff
69,964 posts

In that case methinks I will send you on your merry way

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Click Start then Run.
On Windows7 or Vista you may use Start Search field if Run is not available.
In the box copy/paste the following command:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

Then click OK (or press Enter ).
Wait for the uninstall process to complete.

Download and run Delfix

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

#25
newcomer21

Posted 18 August 2014 - 06:37 PM

Member

Topic Starter
Member
121 posts

Well, everything was great and then I installed sp3 and now I get this BSOD. See attached photo

Attached Thumbnails

#26
Essexboy

Posted 19 August 2014 - 07:04 AM

GeekU Moderator

Retired Staff
69,964 posts

Is this a continual BSOD or is it random.. Can you access normal windows ?

#27
newcomer21

Posted 19 August 2014 - 08:24 AM

Member

Topic Starter
Member
121 posts

Continual. system goes to this on every restart. Can not get to windows.

Edited by newcomer21, 19 August 2014 - 08:24 AM.

#28
Essexboy

Posted 19 August 2014 - 09:18 AM

GeekU Moderator

Retired Staff
69,964 posts

OK lets look for an older copy of that file and replace it

Download OTLPENet.exe to your desktop
Ensure that you have a blank CD in the drive
Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
Double-click on the OTLPE icon.
Select the Windows folder of the infected drive if it asks for a location
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start.
Drag and drop this attached scan.txt into the Custom scans and fixes box
scan.txt 30bytes 158 downloads
Press Run Scan to start the scan.
When finished, the file will be saved in drive C:\OTL.txt
Copy this file to your USB drive if you do not have internet connection on this system.
Right click the file and select send to : select the USB drive.
Confirm that it has copied to the USB drive by selecting it
You can backup any files that you wish from this OS
Please post the contents of the C:\OTL.txt file in your reply.

#29
newcomer21

Posted 19 August 2014 - 04:33 PM

Member

Topic Starter
Member
121 posts

I couldn't drag and drop so I just typed the info into the scan and fix box. Here is the log.

OTL logfile created on: 8/19/2014 6:20:09 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 87.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): d:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 11.84 Gb Total Space | 9.63 Gb Free Space | 81.29% Space Free | Partition Type: NTFS
Drive D: | 38.78 Gb Total Space | 22.25 Gb Free Space | 57.39% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (HidServ)
SRV - [2014/08/10 15:49:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/08/08 23:51:45 | 000,050,344 | ---- | M] (AVAST Software) [Auto] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/08/08 20:42:26 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/05/12 08:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 08:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Disabled] -- D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 15:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/05 23:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto] -- D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/08/10 16:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto] -- D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2009/01/07 19:21:00 | 000,026,144 | ---- | M] (Microsoft Corporation) [Auto] -- D:\WINDOWS\system32\spupdsvc.exe -- (spupdsvc)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - File not found [Kernel | Auto] -- -- (10072)
DRV - [2014/08/08 23:52:24 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System] -- D:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/08/08 23:51:50 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System] -- D:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/08/08 23:51:50 | 000,192,352 | ---- | M] () [Kernel | Boot] -- D:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/08/08 23:51:50 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto] -- D:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/08/08 23:51:50 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System] -- D:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/08/08 23:51:50 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System] -- D:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/08/08 23:51:50 | 000,049,944 | ---- | M] () [Kernel | Boot] -- D:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/08/08 23:51:50 | 000,024,184 | ---- | M] () [Kernel | Auto] -- D:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/05/12 08:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/08 19:38:11 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System] -- D:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys -- (ccSet_NST)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/01/26 22:09:40 | 000,068,954 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\jl2005c.sys -- (JL2005C)
DRV - [2006/11/21 05:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 01:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 20:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 18:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/10/12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006/01/04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2005/05/25 18:34:00 | 000,158,464 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2005/01/10 19:15:00 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005/01/10 19:15:00 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LocalService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\ShaReda_Coleman_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gamesag...play.com/?o=shp
IE - HKU\ShaReda_Coleman_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\systemprofile_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: D:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: D:\Documents and Settings\All Users\Application Data\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/08/16 20:18:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2014/08/10 15:49:16 | 000,000,000 | ---D | M]

[2014/08/10 15:49:12 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\browser\extensions
[2014/08/10 15:49:29 | 000,000,000 | ---D | M] (Default) -- D:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014/08/10 11:16:46 | 000,000,027 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\ShaReda_Coleman_ON_D\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - D:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [APSDaemon] D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTSVolFE.exe] D:\Program Files\Creative\Mixer\CTSVolFE.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [MSC] D:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] D:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKU\ShaReda_Coleman_ON_D..\Run: [GoogleChromeAutoLaunch_8CBC92FDCEB4B9D86F0A8AEBA6D2C4C2] D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\ShaReda_Coleman_ON_D..\Run: [OfficeSyncProcess] D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_1] D:\WINDOWS\System32\drmstor.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_2] D:\WINDOWS\System32\drmclien.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_4] D:\WINDOWS\System32\drmv2clt.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_5] D:\WINDOWS\System32\blackbox.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPDRM_Install_6] D:\WINDOWS\System32\msnetobj.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_10] D:\WINDOWS\System32\wmsdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_2] D:\WINDOWS\System32\wmnetmgr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_20] D:\WINDOWS\System32\wmadmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_21] D:\WINDOWS\System32\mpg4dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_22] D:\WINDOWS\System32\mp43dmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_23] D:\WINDOWS\System32\mp4sdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_24] D:\WINDOWS\System32\wmsdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_3] File not found
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_30] D:\WINDOWS\System32\laprxy.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_31] D:\WINDOWS\System32\logagent.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_32] D:\WINDOWS\System32\wmvcore.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_4] D:\WINDOWS\System32\wmvdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_5] D:\WINDOWS\System32\wmvdmoe2.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_6] D:\WINDOWS\System32\wmadmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_7] D:\WINDOWS\System32\wmspdmod.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_8] D:\WINDOWS\System32\wmspdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMFSDK_Install_9] D:\WINDOWS\System32\wmsdmoe.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_0] D:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_20] D:\WINDOWS\INF\unregmp2.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [OE_WMPWMP7_Install_9] D:\WINDOWS\system32\wmpasf.dll (Microsoft Corporation)
O4 - HKU\ShaReda_Coleman_ON_D..\RunOnce: [TSClientAXDisabler] D:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\ShaReda_Coleman_ON_D..\RunOnce: [TSClientMSIUninstaller] D:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\LocalService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ShaReda_Coleman_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\ShaReda_Coleman_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\ShaReda_Coleman_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\systemprofile_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.co.../DellSystem.CAB (DellSystem.Scanner)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.116.0.53 24.116.2.50
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/07/29 22:33:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2014/08/18 19:41:22 | 001,306,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msxml6.dll
[2014/08/18 19:41:22 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msxml6r.dll
[2014/08/18 19:41:15 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- D:\WINDOWS\System32\dllcache\sl_anet.acm
[2014/08/18 19:41:14 | 000,294,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msaud32.acm
[2014/08/18 19:41:12 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- D:\WINDOWS\System32\dllcache\l3codeca.acm
[2014/08/18 19:37:01 | 000,294,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dlimport.exe
[2014/08/18 18:57:13 | 000,000,000 | ---D | C] -- D:\WINDOWS\ERUNT
[2014/08/17 16:29:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ShaReda Coleman\Desktop\New Folder
[2014/08/17 08:54:48 | 001,060,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\MFC71.DLL
[2014/08/17 08:54:48 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\ATL71.DLL
[2014/08/10 22:23:52 | 000,536,576 | ---- | C] (SQLite Development Team) -- D:\WINDOWS\System32\sqlite3.dll
[2014/08/10 15:49:12 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[2014/08/10 10:16:15 | 000,000,000 | ---D | C] -- D:\WINDOWS\erdnt
[2014/08/09 00:12:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2014/08/08 23:59:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\jumpshot.com
[2014/08/08 23:52:48 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/08/08 23:52:03 | 000,057,800 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 23:52:01 | 000,779,536 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 23:52:01 | 000,414,520 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 23:52:00 | 000,067,824 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 23:51:58 | 000,055,112 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 23:51:53 | 000,276,432 | ---- | C] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 23:51:49 | 000,043,152 | ---- | C] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 23:45:28 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2014/08/08 23:44:33 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/08/08 21:44:53 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/08 21:44:23 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/08 21:44:16 | 000,053,208 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/08/08 21:44:16 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2014/08/08 21:44:16 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes Anti-Malware
[2014/08/08 21:44:16 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/08/08 20:43:06 | 331,805,736 | ---- | C] (Microsoft Corporation) -- D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
[2014/08/08 20:00:57 | 000,000,000 | -H-D | C] -- D:\WINDOWS\$NtServicePackUninstall$
[2014/08/08 18:55:39 | 000,000,000 | ---D | C] -- D:\WINDOWS\System32\appmgmt
[2014/08/08 18:47:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winzm.ime
[2014/08/08 18:47:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winsp.ime
[2014/08/08 18:47:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winpy.ime
[2014/08/08 18:47:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wingb.ime
[2014/08/08 18:47:01 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winime.ime
[2014/08/08 18:47:00 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\winar30.ime
[2014/08/08 18:47:00 | 000,041,600 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.dll
[2014/08/08 18:47:00 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\weitekp9.sys
[2014/08/08 18:46:59 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamps51.dll
[2014/08/08 18:46:57 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ext.dll
[2014/08/08 18:46:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3svapi.dll
[2014/08/08 18:46:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2014/08/08 18:46:56 | 000,426,041 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicepad.dll
[2014/08/08 18:46:56 | 000,086,073 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\voicesub.dll
[2014/08/08 18:46:56 | 000,048,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\w32.dll
[2014/08/08 18:46:48 | 000,076,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\uniime.dll
[2014/08/08 18:46:48 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\unicdime.ime
[2014/08/08 18:46:46 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tsprof.exe
[2014/08/08 18:46:45 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintsetp.exe
[2014/08/08 18:46:45 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlphr.exe
[2014/08/08 18:46:45 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tmigrate.dll
[2014/08/08 18:46:44 | 000,571,392 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tintlgnt.ime
[2014/08/08 18:46:44 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\thawbrkr.dll
[2014/08/08 18:46:43 | 000,021,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdipx.sys
[2014/08/08 18:46:43 | 000,019,464 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdspx.sys
[2014/08/08 18:46:43 | 000,013,192 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\tdasync.sys
[2014/08/08 18:46:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\status.dll
[2014/08/08 18:46:39 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\srusbusd.dll
[2014/08/08 18:46:37 | 000,143,422 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\softkey.dll
[2014/08/08 18:46:37 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2014/08/08 18:46:36 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\snmpstup.dll
[2014/08/08 18:46:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2014/08/08 18:46:34 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm9aw.dll
[2014/08/08 18:46:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smb6w.dll
[2014/08/08 18:46:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sma3w.dll
[2014/08/08 18:46:34 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsm.dll
[2014/08/08 18:46:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smimsgif.dll
[2014/08/08 18:46:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\smierrsy.dll
[2014/08/08 18:46:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm87w.dll
[2014/08/08 18:46:33 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm81w.dll
[2014/08/08 18:46:33 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8cw.dll
[2014/08/08 18:46:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm93w.dll
[2014/08/08 18:46:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm92w.dll
[2014/08/08 18:46:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm90w.dll
[2014/08/08 18:46:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8dw.dll
[2014/08/08 18:46:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm8aw.dll
[2014/08/08 18:46:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm89w.dll
[2014/08/08 18:46:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\sm59w.dll
[2014/08/08 18:46:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\simptcp.dll
[2014/08/08 18:46:26 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2014/08/08 18:46:25 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2014/08/08 18:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia330.dll
[2014/08/08 18:46:23 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- D:\WINDOWS\System32\dllcache\rwia001.dll
[2014/08/08 18:46:21 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\romanime.ime
[2014/08/08 18:46:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2014/08/08 18:46:20 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\register.exe
[2014/08/08 18:46:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quser.exe
[2014/08/08 18:46:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\quick.ime
[2014/08/08 18:46:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\query.exe
[2014/08/08 18:46:15 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxviceo.dll
[2014/08/08 18:46:14 | 000,482,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlgnt.ime
[2014/08/08 18:46:14 | 000,070,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlphr.exe
[2014/08/08 18:46:14 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmigrate.dll
[2014/08/08 18:46:14 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxmcro.dll
[2014/08/08 18:46:14 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pmxgl.dll
[2014/08/08 18:46:13 | 000,079,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\phon.ime
[2014/08/08 18:46:13 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pintlcsd.dll
[2014/08/08 18:46:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\permchk.dll
[2014/08/08 18:46:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\pagecnt.dll
[2014/08/08 18:46:11 | 000,036,927 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs411.dll
[2014/08/08 18:46:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs404.dll
[2014/08/08 18:46:11 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs804.dll
[2014/08/08 18:46:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\padrs412.dll
[2014/08/08 18:46:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2014/08/08 18:46:05 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\nextlink.dll
[2014/08/08 18:46:01 | 000,229,439 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\multibox.dll
[2014/08/08 18:45:55 | 001,875,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.lex
[2014/08/08 18:45:55 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\msir3jp.dll
[2014/08/08 18:45:46 | 000,092,416 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.sys
[2014/08/08 18:45:46 | 000,092,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mga.dll
[2014/08/08 18:45:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\mdsync.dll
[2014/08/08 18:45:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2014/08/08 18:45:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\logscrpt.dll
[2014/08/08 18:45:38 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\korwbrkr.dll
[2014/08/08 18:45:38 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdvntc.dll
[2014/08/08 18:45:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth3.dll
[2014/08/08 18:45:37 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth2.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdusa.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdurdu.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth1.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdth0.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2014/08/08 18:45:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2014/08/08 18:45:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecat.dll
[2014/08/08 18:45:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2014/08/08 18:45:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdnec95.dll
[2014/08/08 18:45:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinpun.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintel.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdintam.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinmar.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinkan.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinhin.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdinguj.dll
[2014/08/08 18:45:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdindev.dll
[2014/08/08 18:45:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdheb.dll
[2014/08/08 18:45:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdfa.dll
[2014/08/08 18:45:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv2.dll
[2014/08/08 18:45:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbddiv1.dll
[2014/08/08 18:45:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdgeo.dll
[2014/08/08 18:45:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbd101a.dll
[2014/08/08 18:45:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda3.dll
[2014/08/08 18:45:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda2.dll
[2014/08/08 18:45:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbda1.dll
[2014/08/08 18:45:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarmw.dll
[2014/08/08 18:45:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\kbdarme.dll
[2014/08/08 18:45:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\jupiw.dll
[2014/08/08 18:45:32 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iwrps.dll
[2014/08/08 18:45:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isapips.dll
[2014/08/08 18:45:29 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\infoctrs.dll
[2014/08/08 18:45:28 | 000,471,102 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskdic.dll
[2014/08/08 18:45:28 | 000,315,455 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imskf.dll
[2014/08/08 18:45:27 | 000,274,489 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputyc.dll
[2014/08/08 18:45:27 | 000,262,200 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjputy.exe
[2014/08/08 18:45:27 | 000,102,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imlang.dll
[2014/08/08 18:45:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imkrinst.exe
[2014/08/08 18:45:27 | 000,045,109 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpuex.exe
[2014/08/08 18:45:26 | 000,307,257 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.exe
[2014/08/08 18:45:26 | 000,233,527 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjprw.exe
[2014/08/08 18:45:26 | 000,208,952 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpmig.exe
[2014/08/08 18:45:26 | 000,155,705 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2014/08/08 18:45:25 | 000,716,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcus.dll
[2014/08/08 18:45:25 | 000,368,696 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpcic.dll
[2014/08/08 18:45:25 | 000,081,976 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdct.dll
[2014/08/08 18:45:25 | 000,057,398 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjpdadm.exe
[2014/08/08 18:45:24 | 000,811,064 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81k.dll
[2014/08/08 18:45:24 | 000,340,023 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imjp81.ime
[2014/08/08 18:45:24 | 000,311,359 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsv.exe
[2014/08/08 18:45:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrcic.dll
[2014/08/08 18:45:24 | 000,102,463 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imepadsm.dll
[2014/08/08 18:45:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmbx.dll
[2014/08/08 18:45:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekrmig.exe
[2014/08/08 18:45:23 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\imekr61.ime
[2014/08/08 18:45:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iissync.exe
[2014/08/08 18:45:23 | 000,003,584 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iismui.dll
[2014/08/08 18:45:22 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisclex4.dll
[2014/08/08 18:45:22 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iiscrmap.dll
[2014/08/08 18:45:15 | 010,129,408 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxkor.dll
[2014/08/08 18:45:01 | 010,096,640 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hwxcht.dll
[2014/08/08 18:44:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\hanjadic.dll
[2014/08/08 18:44:54 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsroute.dll
[2014/08/08 18:44:54 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxssend.exe
[2014/08/08 18:44:53 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxsclntr.dll
[2014/08/08 18:44:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2014/08/08 18:44:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2014/08/08 18:44:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftlx041e.dll
[2014/08/08 18:44:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\flattemp.exe
[2014/08/08 18:44:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2014/08/08 18:44:48 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\et4000.sys
[2014/08/08 18:44:47 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esuimgd.dll
[2014/08/08 18:44:47 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esunid.dll
[2014/08/08 18:44:47 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- D:\WINDOWS\System32\dllcache\esucmd.dll
[2014/08/08 18:44:39 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\dayi.ime
[2014/08/08 18:44:37 | 000,057,399 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cplexe.exe
[2014/08/08 18:44:37 | 000,020,480 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\counters.dll
[2014/08/08 18:44:37 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cprofile.exe
[2014/08/08 18:44:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\convlog.exe
[2014/08/08 18:44:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\controt.dll
[2014/08/08 18:44:34 | 000,480,256 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintsetp.exe
[2014/08/08 18:44:33 | 000,198,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintime.dll
[2014/08/08 18:44:33 | 000,097,792 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtmbx.dll
[2014/08/08 18:44:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtskdic.dll
[2014/08/08 18:44:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\cintlgnt.ime
[2014/08/08 18:44:32 | 001,677,824 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chsbrkr.dll
[2014/08/08 18:44:32 | 000,838,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chtbrkr.dll
[2014/08/08 18:44:31 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chajei.ime
[2014/08/08 18:44:31 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgport.exe
[2014/08/08 18:44:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chgusr.exe
[2014/08/08 18:44:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\chglogon.exe
[2014/08/08 18:44:31 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\change.exe
[2014/08/08 18:44:29 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- D:\WINDOWS\System32\dllcache\cap7146.sys
[2014/08/08 18:44:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_iscii.dll
[2014/08/08 18:44:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\c_is2022.dll
[2014/08/08 18:44:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\browscap.dll
[2014/08/08 18:44:18 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\authfilt.dll
[2014/08/08 18:44:07 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\asptxn.dll
[2014/08/08 18:44:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\aspperf.dll
[2014/08/08 18:44:06 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2014/08/08 18:43:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2014/08/08 18:43:56 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\adrot.dll
[2014/08/08 18:43:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\admxprox.dll
[2014/08/08 18:43:52 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\wamregps.dll
[2014/08/08 18:43:43 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetsloc.dll
[2014/08/08 18:43:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\inetmgr.exe
[2014/08/08 18:43:42 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisui.dll
[2014/08/08 18:43:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisreset.exe
[2014/08/08 18:43:42 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\iisrstap.dll
[2014/08/08 18:43:41 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2014/08/08 18:43:37 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\certmap.ocx
[2014/08/08 18:41:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\isignup.exe
[2014/08/08 18:24:08 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\spxcoins.dll
[2014/08/08 18:24:08 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- D:\WINDOWS\System32\dllcache\spxcoins.dll
[2014/08/08 18:24:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\irclass.dll
[2014/08/08 18:24:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\WINDOWS\System32\dllcache\irclass.dll
[6 D:\WINDOWS\Fonts\*.tmp files -> D:\WINDOWS\Fonts\*.tmp -> ]
[250 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[11 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/08/18 19:49:03 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2014/08/18 19:47:47 | 000,006,643 | ---- | M] () -- D:\WINDOWS\System32\spupdsvc.inf
[2014/08/18 19:41:40 | 000,000,000 | R--D | M] -- D:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2014/08/18 19:21:00 | 000,000,830 | ---- | M] () -- D:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/08/18 18:58:00 | 000,000,904 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/18 18:58:00 | 000,000,900 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/18 08:19:01 | 000,000,364 | -H-- | M] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/17 18:40:43 | 000,439,874 | ---- | M] () -- D:\WINDOWS\System32\perfh009.dat
[2014/08/17 18:40:43 | 000,071,006 | ---- | M] () -- D:\WINDOWS\System32\perfc009.dat
[2014/08/17 18:36:50 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2014/08/17 12:34:00 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2014/08/17 08:54:09 | 054,730,096 | ---- | M] () -- D:\Documents and Settings\ShaReda Coleman\Desktop\R140747.EXE
[2014/08/17 01:59:49 | 000,001,813 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2014/08/16 20:19:46 | 000,001,733 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/15 20:58:00 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014/08/15 17:26:25 | 000,000,497 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts.ics
[2014/08/10 14:55:30 | 000,001,919 | ---- | M] () -- D:\WINDOWS\epplauncher.mif
[2014/08/10 11:16:46 | 000,000,027 | ---- | M] () -- D:\WINDOWS\System32\drivers\etc\hosts
[2014/08/09 14:44:31 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/08/08 23:52:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/08/08 23:52:24 | 000,414,520 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswsp.sys
[2014/08/08 23:51:50 | 000,779,536 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswSnx.sys
[2014/08/08 23:51:50 | 000,192,352 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 23:51:50 | 000,067,824 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/08/08 23:51:50 | 000,057,800 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswTdi.sys
[2014/08/08 23:51:50 | 000,055,112 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\drivers\aswRdr.sys
[2014/08/08 23:51:50 | 000,049,944 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 23:51:50 | 000,024,184 | ---- | M] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 23:51:49 | 000,276,432 | ---- | M] (AVAST Software) -- D:\WINDOWS\System32\aswBoot.exe
[2014/08/08 23:51:49 | 000,043,152 | ---- | M] (AVAST Software) -- D:\WINDOWS\avastSS.scr
[2014/08/08 21:44:26 | 000,000,777 | ---- | M] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 21:44:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/08 21:25:01 | 000,000,062 | ---- | M] () -- D:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/08/08 20:49:39 | 331,805,736 | ---- | M] (Microsoft Corporation) -- D:\Documents and Settings\ShaReda Coleman\Desktop\windowsxp-kb936929-sp3-x86-enu.exe
[2014/08/08 20:42:25 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerApp.exe
[2014/08/08 20:42:25 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- D:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014/08/08 18:49:21 | 000,317,952 | ---- | M] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2014/08/08 18:48:45 | 000,004,326 | ---- | M] () -- D:\WINDOWS\imsins.BAK
[2014/08/08 18:48:04 | 000,013,006 | ---- | M] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 18:48:00 | 000,000,288 | ---- | M] () -- D:\WINDOWS\System32\$winnt$.inf
[2014/08/08 18:43:19 | 000,000,000 | R--D | M] -- D:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2014/08/08 18:43:16 | 000,316,640 | ---- | M] () -- D:\WINDOWS\WMSysPr9.prx
[2014/08/08 18:43:14 | 000,023,392 | ---- | M] () -- D:\WINDOWS\System32\nscompat.tlb
[2014/08/08 18:43:14 | 000,016,832 | ---- | M] () -- D:\WINDOWS\System32\amcompat.tlb
[2014/08/08 18:42:54 | 000,004,161 | ---- | M] () -- D:\WINDOWS\ODBCINST.INI
[2014/08/08 18:41:37 | 000,000,786 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/08/08 18:39:27 | 000,000,609 | ---- | M] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2014/08/08 18:39:22 | 000,022,720 | ---- | M] () -- D:\WINDOWS\System32\emptyregdb.dat
[250 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[11 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[1 D:\Program Files\*.tmp files -> D:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/08/18 19:43:53 | 000,006,643 | ---- | C] () -- D:\WINDOWS\System32\spupdsvc.inf
[2014/08/18 19:41:19 | 000,613,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.chm
[2014/08/18 19:41:19 | 000,067,374 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplayer.adm
[2014/08/18 19:41:19 | 000,010,457 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.hta
[2014/08/18 19:41:19 | 000,001,771 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmptour.css
[2014/08/18 19:41:19 | 000,000,855 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpocm.inf
[2014/08/18 19:41:19 | 000,000,420 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmploc.js
[2014/08/18 19:41:18 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud7.wav
[2014/08/18 19:41:18 | 000,343,204 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud6.wav
[2014/08/18 19:41:18 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud9.wav
[2014/08/18 19:41:18 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud8.wav
[2014/08/18 19:41:18 | 000,172,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud3.wav
[2014/08/18 19:41:18 | 000,086,196 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud5.wav
[2014/08/18 19:41:18 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud4.wav
[2014/08/18 19:41:18 | 000,086,180 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud2.wav
[2014/08/18 19:41:18 | 000,023,195 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmplay.chm
[2014/08/18 19:41:17 | 000,354,468 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmpaud1.wav
[2014/08/18 19:41:17 | 000,029,070 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmp.inf
[2014/08/18 19:41:16 | 000,300,969 | ---- | C] () -- D:\WINDOWS\System32\dllcache\viz.wmv
[2014/08/18 19:41:16 | 000,017,272 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmdm.inf
[2014/08/18 19:41:16 | 000,008,677 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm7.gif
[2014/08/18 19:41:16 | 000,007,892 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm9.gif
[2014/08/18 19:41:16 | 000,007,636 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm2.gif
[2014/08/18 19:41:16 | 000,007,369 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm4.gif
[2014/08/18 19:41:16 | 000,006,769 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmfsdk.inf
[2014/08/18 19:41:16 | 000,006,241 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm3.gif
[2014/08/18 19:41:16 | 000,006,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm6.gif
[2014/08/18 19:41:16 | 000,005,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm1.gif
[2014/08/18 19:41:16 | 000,004,193 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm8.gif
[2014/08/18 19:41:16 | 000,002,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wm5.gif
[2014/08/18 19:41:15 | 000,572,557 | ---- | C] () -- D:\WINDOWS\System32\dllcache\rtuner.wmv
[2014/08/18 19:41:15 | 000,066,725 | ---- | C] () -- D:\WINDOWS\System32\dllcache\revert.wmz
[2014/08/18 19:41:15 | 000,023,829 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tourbg.gif
[2014/08/18 19:41:15 | 000,017,489 | ---- | C] () -- D:\WINDOWS\System32\dllcache\videobg.gif
[2014/08/18 19:41:15 | 000,005,290 | ---- | C] () -- D:\WINDOWS\System32\dllcache\vidsamp.gif
[2014/08/18 19:41:15 | 000,003,187 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tour.js
[2014/08/18 19:41:15 | 000,002,469 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplay.gif
[2014/08/18 19:41:15 | 000,002,450 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpause.gif
[2014/08/18 19:41:15 | 000,002,375 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tplayh.gif
[2014/08/18 19:41:15 | 000,002,371 | ---- | C] () -- D:\WINDOWS\System32\dllcache\tpauseh.gif
[2014/08/18 19:41:15 | 000,001,398 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taon.gif
[2014/08/18 19:41:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taonh.gif
[2014/08/18 19:41:15 | 000,001,380 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoff.gif
[2014/08/18 19:41:15 | 000,001,367 | ---- | C] () -- D:\WINDOWS\System32\dllcache\taoffh.gif
[2014/08/18 19:41:15 | 000,001,148 | ---- | C] () -- D:\WINDOWS\System32\dllcache\snd.htm
[2014/08/18 19:41:15 | 000,000,908 | ---- | C] () -- D:\WINDOWS\System32\dllcache\skins.inf
[2014/08/18 19:41:14 | 000,375,519 | ---- | C] () -- D:\WINDOWS\System32\dllcache\nuskin.wmv
[2014/08/18 19:41:14 | 000,077,307 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plyr_err.chm
[2014/08/18 19:41:14 | 000,022,060 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npds.zip
[2014/08/18 19:41:14 | 000,001,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst6.wpl
[2014/08/18 19:41:14 | 000,001,477 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst5.wpl
[2014/08/18 19:41:14 | 000,001,474 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst3.wpl
[2014/08/18 19:41:14 | 000,001,451 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst12.wpl
[2014/08/18 19:41:14 | 000,001,448 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst4.wpl
[2014/08/18 19:41:14 | 000,001,250 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst1.wpl
[2014/08/18 19:41:14 | 000,001,049 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst2.wpl
[2014/08/18 19:41:14 | 000,001,046 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst7.wpl
[2014/08/18 19:41:14 | 000,001,036 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst8.wpl
[2014/08/18 19:41:14 | 000,000,789 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst11.wpl
[2014/08/18 19:41:14 | 000,000,787 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst10.wpl
[2014/08/18 19:41:14 | 000,000,784 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst9.wpl
[2014/08/18 19:41:14 | 000,000,783 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst13.wpl
[2014/08/18 19:41:14 | 000,000,775 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst14.wpl
[2014/08/18 19:41:14 | 000,000,733 | ---- | C] () -- D:\WINDOWS\System32\dllcache\plylst15.wpl
[2014/08/18 19:41:14 | 000,000,403 | ---- | C] () -- D:\WINDOWS\System32\dllcache\npdrmv2.zip
[2014/08/18 19:41:13 | 000,457,607 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mdlib.wmv
[2014/08/18 19:41:13 | 000,018,286 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplayer2.inf
[2014/08/18 19:41:13 | 000,002,778 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogoh.gif
[2014/08/18 19:41:13 | 000,002,545 | ---- | C] () -- D:\WINDOWS\System32\dllcache\mplogo.gif
[2014/08/18 19:41:12 | 000,381,425 | ---- | C] () -- D:\WINDOWS\System32\dllcache\copycd.wmv
[2014/08/18 19:41:12 | 000,184,959 | ---- | C] () -- D:\WINDOWS\System32\dllcache\compact.wmz
[2014/08/18 19:41:12 | 000,009,585 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.css
[2014/08/18 19:41:12 | 000,008,298 | ---- | C] () -- D:\WINDOWS\System32\dllcache\contents.htm
[2014/08/18 19:41:12 | 000,006,878 | ---- | C] () -- D:\WINDOWS\System32\dllcache\controls.js
[2014/08/18 19:41:12 | 000,005,971 | ---- | C] () -- D:\WINDOWS\System32\dllcache\events.js
[2014/08/18 19:41:12 | 000,000,999 | ---- | C] () -- D:\WINDOWS\System32\dllcache\bktrh.gif
[2014/08/18 19:41:12 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnth.gif
[2014/08/18 19:41:12 | 000,000,773 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cnt.gif
[2014/08/18 19:41:12 | 000,000,772 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cntd.gif
[2014/08/18 19:41:12 | 000,000,760 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapph.gif
[2014/08/18 19:41:12 | 000,000,717 | ---- | C] () -- D:\WINDOWS\System32\dllcache\cloapp.gif
[2014/08/17 08:54:43 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\WLTRYSVC.EXE
[2014/08/17 08:53:25 | 054,730,096 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\Desktop\R140747.EXE
[2014/08/08 23:52:49 | 000,001,733 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2014/08/08 23:52:16 | 000,000,364 | -H-- | C] () -- D:\WINDOWS\tasks\avast! Emergency Update.job
[2014/08/08 23:52:02 | 000,192,352 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswVmm.sys
[2014/08/08 23:52:00 | 000,049,944 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/08/08 23:51:59 | 000,024,184 | ---- | C] () -- D:\WINDOWS\System32\drivers\aswHwid.sys
[2014/08/08 21:44:26 | 000,000,777 | ---- | C] () -- D:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/08 21:25:01 | 000,000,062 | ---- | C] () -- D:\Documents and Settings\NetworkService\Application Data\WB.CFG
[2014/08/08 18:48:06 | 000,013,006 | ---- | C] () -- D:\WINDOWS\System32\wpa.bak
[2014/08/08 18:46:13 | 000,175,104 | ---- | C] () -- D:\WINDOWS\System32\dllcache\pintlcsa.dll
[2014/08/08 18:45:39 | 001,158,818 | ---- | C] () -- D:\WINDOWS\System32\dllcache\korwbrkr.lex
[2014/08/08 18:45:27 | 000,059,392 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imscinst.exe
[2014/08/08 18:45:26 | 000,196,665 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imjpinst.exe
[2014/08/08 18:45:23 | 000,134,339 | ---- | C] () -- D:\WINDOWS\System32\dllcache\imekr.lex
[2014/08/08 18:45:07 | 013,463,552 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hwxjpn.dll
[2014/08/08 18:44:57 | 000,108,827 | ---- | C] () -- D:\WINDOWS\System32\dllcache\hanja.lex
[2014/08/08 18:44:33 | 000,173,568 | ---- | C] () -- D:\WINDOWS\System32\dllcache\chtskf.dll
[2014/08/08 18:41:37 | 000,000,786 | ---- | C] () -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2014/08/08 18:23:48 | 001,042,903 | ---- | C] () -- D:\WINDOWS\System32\dllcache\SP2.CAT
[2014/08/08 18:23:48 | 000,797,189 | ---- | C] () -- D:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2014/08/08 18:23:48 | 000,399,645 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2014/08/08 18:23:48 | 000,037,484 | ---- | C] () -- D:\WINDOWS\System32\dllcache\MW770.CAT
[2014/08/08 18:23:48 | 000,013,472 | ---- | C] () -- D:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2014/08/08 18:23:48 | 000,008,574 | ---- | C] () -- D:\WINDOWS\System32\dllcache\IASNT4.CAT
[2014/08/08 18:23:48 | 000,007,382 | ---- | C] () -- D:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2014/08/08 18:23:48 | 000,007,334 | ---- | C] () -- D:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013/04/15 12:01:29 | 000,000,000 | ---- | C] () -- D:\Documents and Settings\All Users\Application Data\1AVSYdaJ.dat
[2013/04/03 21:26:49 | 000,105,324 | ---- | C] () -- D:\WINDOWS\System32\itusbcore.dat
[2013/04/03 21:26:49 | 000,000,197 | ---- | C] () -- D:\WINDOWS\System32\itlsvc.dat
[2013/04/03 21:22:42 | 000,235,000 | ---- | C] () -- D:\WINDOWS\System32\adodbupd.dat
[2013/03/17 21:41:13 | 000,066,048 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2013/02/09 23:38:56 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/09/23 18:56:34 | 000,014,336 | ---- | C] () -- D:\Documents and Settings\ShaReda Coleman\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/19 15:17:30 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\custmon32i.dll
[2012/08/12 17:47:37 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\igfxCoIn_v4814.dll
[2012/08/10 22:12:52 | 000,016,480 | ---- | C] () -- D:\WINDOWS\System32\rixdicon.dll
[2012/07/31 23:21:19 | 000,022,629 | ---- | C] () -- D:\WINDOWS\System32\CiFilter.ini
[2012/07/31 09:13:24 | 000,003,072 | ---- | C] () -- D:\WINDOWS\System32\iacenc.dll
[2012/07/30 12:31:45 | 000,086,016 | ---- | C] () -- D:\WINDOWS\System32\preflib.dll
[2012/07/30 12:31:44 | 000,757,760 | ---- | C] () -- D:\WINDOWS\System32\bcm1xsup.dll
[2012/07/29 22:40:22 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2012/07/29 22:29:22 | 000,022,720 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2012/07/29 17:10:55 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2012/07/29 17:08:55 | 000,317,952 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2007/01/03 13:48:24 | 000,049,152 | ---- | C] () -- D:\WINDOWS\System32\dec_jl6.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,249,270 | ---- | C] () -- D:\WINDOWS\System32\_008747_.tmp.dll
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,022,040 | ---- | C] () -- D:\WINDOWS\System32\_008715_.tmp.dll
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2003/07/16 12:35:06 | 000,439,874 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2003/07/16 12:35:03 | 000,071,006 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2003/07/16 12:33:18 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2013/04/15 21:03:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Application Data\BabylonToolbar
[2013/04/15 21:03:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Application Data\Delta
[2013/04/15 21:03:08 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Application Data\encyclopediabritannicagamesbar
[2013/04/15 21:04:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\NetworkService\Application Data\gamesagogo_w3i
[2013/04/14 22:31:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\LocalService\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
[2014/08/09 00:12:43 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\AVAST Software
[2012/12/29 19:46:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\com.jakks.spynet
[2013/02/04 13:24:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\encyclopediabritannicagamesbar
[2013/04/07 19:51:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\EurekaLog
[2012/09/01 22:28:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Expert PDF 7
[2014/08/08 23:32:49 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\fc8722bc-2fa9-46e9-99c4-03226a141795ad
[2013/04/15 12:28:54 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Fuetla
[2013/02/04 23:42:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\gamesagogo_w3i
[2014/08/08 23:27:53 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Ippe
[2013/04/03 21:26:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Izec
[2012/08/26 15:48:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\MusicOasis
[2013/02/04 13:24:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oberon Media
[2012/07/30 22:27:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Oracle
[2013/02/18 22:25:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\PDF Reader Packages
[2013/02/18 22:26:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\SumatraPDF
[2013/04/03 21:22:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Taeq
[2012/08/26 15:53:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VideoBuzz
[2013/02/04 13:24:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\VisicomToolBar
[2014/08/08 23:27:52 | 000,000,000 | ---D | M] -- D:\Documents and Settings\ShaReda Coleman\Application Data\Xoagek
[2013/03/17 21:35:44 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/01 22:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Avanquest
[2014/08/08 23:45:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/07/30 21:43:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Broderbund Software
[2012/08/13 18:13:54 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users\Application Data\CanonBJ
[2012/08/11 10:49:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\DriverGenius
[2012/09/01 22:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF 7
[2012/09/01 22:25:17 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Expert PDF Jobs
[2013/01/20 22:59:25 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\FilesOpened
[2013/02/04 13:24:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\Oberon Media
[2014/08/08 19:42:32 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users\Application Data\RegWork
[2014/08/18 08:19:01 | 000,000,364 | -H-- | M] () -- D:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: KDCOM.DLL >
[2004/08/04 08:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) MD5=945FBB881AE927A44DFD96440F2F4F44 -- D:\WINDOWS\system32\dllcache\kdcom.dll
[2004/08/04 08:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) MD5=945FBB881AE927A44DFD96440F2F4F44 -- D:\WINDOWS\system32\kdcom.dll
< End of report >

#30
Essexboy

Posted 20 August 2014 - 07:14 AM

GeekU Moderator

Retired Staff
69,964 posts

OK run OTLPE again and type in the following to the fixes box :

:files
D:\WINDOWS\system32\kdcom.dll|D:\WINDOWS\system32\dllcache\kdcom.dll /replace

Press run fix
Once it has completed try a fresh boot to normal windows