Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Malware or virus need help [Solved]

Started by Pat_54 , Nov 20 2014 03:13 AM

  • This topic is locked This topic is locked

#1
Pat_54
Posted 20 November 2014 - 03:13 AM

Pat_54

    Member

  • Member
  • PipPipPip
  • 212 posts

Hi

 

I'll try to explain what happened. My computer had gotten so cluttered with junk and I was running wins xp pro. and knew that I needed to clean it up and it was beginning to have a mind of its own so before I tried to installing wins 7. I decided to wipe the hard drive and reinstall to factory specs then after installing a few things I would do a wins 7 install. Here's where my nightmare begins. I deleted hard drive had the recovery disk to the computer, they were for wins xp media center service pack 2. I did manage to get that much accomplished but I then tried to reinstall wins xp pro and which starts but when it asks me to put in key code it says invalid. Did several different things but nothing worked still the same thing invalid key. I know it's a good disk and it was bought thru microsoft so who knows why it won't work but that wasn't my only problem. After downloading microsoft updates, spyware, antivirus, malwarebytes and other several programs I needed and had tons of problems doing but managed to get it done. Now when I get on the internet computer totally freezes on web sites. I can't move mouse, can't close site. Nothing, just stops reponding almost like it died. I literally have to press and hold power button and restart computer. After restarting can search internet for  awhile then all of a sudden be on a site and there it is froze. I want to install wins 7 but not until I get this worked out. I'm afraid I have a virus or something is doing this but not sure what. I have ran avast antivirus several times, malwarebytes and antispyware a few cookies and pup malware has come up but the programs took care of those so I think. Can you please help me if you can. I downloaded otl and here are those results. Thanks Pat.

 

( update) Omg. Just today on starting the computer I had to start it three times before it finally would let me do anything. It just kept freezing up. I had to power off and back on before it finally started to work. It will power up to desktop but then just freezes or stops responding, have no idea whats going on. Please help.(update) This thing is getting worse. I had spybot search and destroy downloaded on laptop upon opening computer today avast started a boot scan and found spybot search and destroy is infected with win32 solimba-s pup. win32 pup-gen. all which was on desktop, documents and settings, system volume info. I had it delete all so not sure if I did more good or bad. Please any help would be greatly appreciated. 

 

(another update) I noticed when I go to any website when I click on something or a link, my mouse sounds like it is double clicking. I here click click.

 

OTL logfile created on: 11/20/2014 3:30:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 73.22% Memory free
3.84 Gb Paging File | 3.45 Gb Available in Paging File | 89.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.35 Gb Total Space | 47.92 Gb Free Space | 68.12% Space Free | Partition Type: NTFS
Drive D: | 4.17 Gb Total Space | 1.49 Gb Free Space | 35.74% Space Free | Partition Type: FAT32
 
Computer Name: GATEWAY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/20 03:29:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2014/11/11 17:45:08 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2014/10/26 00:33:23 | 006,692,632 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2014/10/26 00:05:42 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/10/26 00:05:07 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/10/24 00:26:14 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
PRC - [2014/07/22 18:47:10 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2014/07/21 11:22:02 | 002,462,160 | ---- | M] (Paramount Software UK Ltd) -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2014/07/20 20:39:26 | 001,154,112 | ---- | M] (Ruiware LLC) -- C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
PRC - [2014/07/15 09:46:00 | 000,786,256 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2012/11/29 16:07:16 | 015,642,512 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2012/07/04 19:10:06 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/09/14 08:00:28 | 000,577,536 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006/08/02 02:38:30 | 000,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/08/02 02:32:44 | 000,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/08/02 02:27:54 | 000,479,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/03/14 15:42:18 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/03/14 15:40:52 | 001,376,340 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/02/13 11:23:38 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/11/05 04:47:00 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/19 15:02:15 | 002,902,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14111901\algo.dll
MOD - [2014/10/26 00:05:10 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/01/02 01:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/11/27 11:12:46 | 001,210,256 | ---- | M] () -- C:\Program Files\Ralink\Common\RaWLAPI.dll
MOD - [2011/02/04 16:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2010/06/29 10:34:56 | 000,480,608 | ---- | M] () -- C:\WINDOWS\system32\DiagFunc.dll
MOD - [2008/04/14 04:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 04:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/08/02 02:26:20 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/08/02 02:24:54 | 000,348,160 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/06/23 15:07:08 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2006/03/14 15:43:44 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2014/11/11 17:45:08 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2014/11/06 19:09:45 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/26 00:05:07 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/10/24 00:26:14 | 000,196,608 | ---- | M] (New Boundary Technologies, Inc.) [Auto | Running] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2014/07/22 18:47:10 | 000,142,648 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2014/07/21 11:22:02 | 002,462,160 | ---- | M] (Paramount Software UK Ltd) [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2014/07/15 09:46:00 | 000,786,256 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012/07/06 18:20:54 | 001,863,680 | ---- | M] (Ralink) [On_Demand | Stopped] -- C:\Program Files\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2012/07/04 19:10:06 | 000,372,736 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2014/10/30 05:44:06 | 000,152,952 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psmounterex.sys -- (PSMounterEx)
DRV - [2014/10/26 00:05:30 | 000,777,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/10/26 00:05:30 | 000,411,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/10/26 00:05:30 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014/10/26 00:05:11 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/10/26 00:05:11 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/10/26 00:05:11 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/10/26 00:05:11 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/10/26 00:05:11 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/10/24 00:18:37 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2014/07/21 11:50:16 | 000,013,528 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pssnap.sys -- (pssnap)
DRV - [2014/07/21 11:35:24 | 000,012,248 | ---- | M] (Paramount Software UK Ltd) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PSVolAcc.sys -- (PSVolAcc)
DRV - [2012/10/25 09:43:10 | 000,026,336 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2012/08/20 10:16:20 | 001,249,888 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2006/09/14 08:03:52 | 000,980,736 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006/08/02 03:27:48 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/07/06 21:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/03/14 15:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 15:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 15:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 15:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 15:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 15:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 15:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/13 11:26:02 | 001,106,888 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.safesear....&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...s=PTB&M=NX860XL
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.safesear....&q={searchTerms}
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.safesear....&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.safesear....&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.safesear....&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.safesear....&q={searchTerms}
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/10/26 00:05:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2014/11/11 22:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2014/11/11 22:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tqxbj8ku.default\extensions
[2014/11/11 22:28:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/11/11 22:28:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/10/26 00:05:13 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
O1 HOSTS File: ([2004/08/10 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [Power2GoExpress] NA File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - HKCU..\Run: [WinPatrol] C:\Program Files\Ruiware\WinPatrol\winpatrol.exe (Ruiware LLC)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1414261654420 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_65)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E4BE848-2F23-454A-B945-66FFBB59857D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2F10648-E7E8-4A4A-BCBF-8EEA49673397}: DhcpNameServer = 192.168.1.1 192.168.2.1 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/06/17 04:41:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/09/13 19:15:24 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/20 03:29:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/11/19 14:00:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2014/11/18 00:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\driverview
[2014/11/18 00:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2014/11/18 00:11:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
[2014/11/17 06:06:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/11/17 05:53:04 | 001,166,232 | ---- | C] (Magical Jelly Bean                                          ) -- C:\Documents and Settings\Administrator\Desktop\KeyFinderInstaller.exe
[2014/11/17 02:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\gBurner
[2014/11/17 02:50:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\gBurner
[2014/11/17 02:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\gBurner
[2014/11/11 22:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
[2014/11/11 22:28:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Mozilla
[2014/11/11 22:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/11/11 22:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2014/11/11 22:28:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/11/11 18:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
[2014/11/11 17:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Oracle
[2014/11/11 17:45:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/11/11 17:45:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2014/11/11 17:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/11/07 18:59:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2014/11/06 17:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations
[2014/11/06 17:36:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Component
[2014/11/06 17:35:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Fast Browser
[2014/11/04 10:25:29 | 002,178,112 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\Scutum.dll
[2014/11/04 10:25:29 | 001,608,768 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\RaCertMgr.dll
[2014/11/04 10:25:29 | 000,185,696 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\W32N55.dll
[2014/11/04 10:25:29 | 000,151,552 | ---- | C] (Ralink Tech) -- C:\WINDOWS\System32\RalinkGina.dll
[2014/11/04 10:25:29 | 000,026,336 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\Scutum50.sys
[2014/11/04 10:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ralink Wireless
[2014/11/04 10:24:55 | 001,249,888 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt2870.sys
[2014/11/04 10:24:55 | 000,238,944 | ---- | C] (Ralink Technology, Inc.) -- C:\WINDOWS\System32\RaCoInst.dll
[2014/11/04 10:24:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2014/11/04 10:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Ralink
[2014/11/04 10:24:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\InstallShield
[2014/11/01 17:29:51 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/11/01 17:29:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/01 17:29:29 | 000,054,360 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014/11/01 17:29:29 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014/11/01 17:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/11/01 17:29:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2014/11/01 03:15:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\jagexcache1
[2014/11/01 01:00:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\jagexcache
[2014/11/01 00:57:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun
[2014/11/01 00:27:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2014/10/31 22:50:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/10/31 22:50:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/10/31 22:49:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2014/10/31 22:47:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2014/10/31 22:36:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2014/10/31 22:36:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Sun
[2014/10/30 06:18:02 | 000,152,952 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\psmounterex.sys
[2014/10/28 23:01:46 | 000,000,000 | ---D | C] -- C:\boot
[2014/10/28 23:01:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Macrium
[2014/10/28 23:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Macrium
[2014/10/28 22:54:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2014/10/28 22:53:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Macrium
[2014/10/28 22:52:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2014/10/28 17:50:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Hardwood Euchre
[2014/10/28 17:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\SilverCreekCommonFiles
[2014/10/28 17:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Hardwood Euchre
[2014/10/27 00:45:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Nero_AG
[2014/10/27 00:44:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Nero
[2014/10/27 00:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Nero
[2014/10/27 00:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2014/10/27 00:34:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2014/10/27 00:34:32 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2014/10/27 00:34:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nero
[2014/10/27 00:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/10/27 00:24:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2014/10/26 23:49:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\CyberLink
[2014/10/26 23:49:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\CyberLink
[2014/10/26 23:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2014/10/26 23:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\nLite
[2014/10/26 23:32:27 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2014/10/26 03:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
[2014/10/26 01:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\CrystalIdea Software
[2014/10/26 01:35:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2014/10/26 01:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\downloaded programs
[2014/10/26 00:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\program short cuts
[2014/10/26 00:31:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2014/10/26 00:31:12 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014/10/26 00:16:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
[2014/10/26 00:05:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/10/26 00:05:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avast
[2014/10/26 00:05:15 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/10/26 00:05:14 | 000,777,488 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/10/26 00:05:14 | 000,776,976 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys.1414299930453
[2014/10/26 00:05:14 | 000,411,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/10/26 00:05:14 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/10/26 00:05:14 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys.1414299930453
[2014/10/26 00:05:14 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/10/26 00:05:13 | 000,271,264 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/10/26 00:05:11 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/10/26 00:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/10/26 00:03:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/10/25 23:55:15 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2014/10/25 23:55:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Revo Uninstaller
[2014/10/25 23:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Downloads
[2014/10/25 23:53:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Videos
[2014/10/25 23:53:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
[2014/10/25 23:52:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2014/10/25 23:52:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2014/10/25 23:52:17 | 000,000,000 | ---D | C] -- C:\Program Files\Ruiware
[2014/10/25 23:52:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2014/10/25 23:48:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2014/10/25 23:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2014/10/25 22:59:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Adobe
[2014/10/25 22:44:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IECompatCache
[2014/10/25 20:46:15 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2014/10/25 20:11:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2014/10/25 20:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/10/25 20:11:21 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/10/25 20:10:58 | 000,000,000 | ---D | C] -- C:\bd242b0b1f20b7edc2c65c544e03
[2014/10/25 20:03:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\IETldCache
[2014/10/25 19:48:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2014/10/25 19:48:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2014/10/25 19:48:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2014/10/25 19:19:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2014/10/25 18:24:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2014/10/25 17:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2014/10/25 17:40:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2014/10/25 17:38:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/10/25 17:22:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-us
[2014/10/25 17:22:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2014/10/25 17:22:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2014/10/25 17:22:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2014/10/25 17:22:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2014/10/25 17:20:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2014/10/25 17:19:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2014/10/25 17:17:26 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2014/10/25 13:27:21 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\UserData
[2014/10/25 12:13:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2014/10/25 11:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities
[2014/10/24 00:31:59 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014/10/24 00:31:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
[2014/10/24 00:28:42 | 000,020,480 | ---- | C] (Gateway) -- C:\WINDOWS\System32\Marker32.exe
[2014/10/24 00:28:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPhlash
[2014/10/24 00:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\Phoenix Technologies Ltd
[2014/10/24 00:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
[2014/10/24 00:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2014/10/24 00:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2014/10/24 00:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Intel
[2014/10/24 00:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intel
[2014/10/24 00:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2014/10/24 00:26:02 | 000,743,936 | ---- | C] (Leader Technologies) -- C:\WINDOWS\System32\GTW1.exe
[2014/10/24 00:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Bluetooth Software
[2014/10/24 00:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\Bluetooth Exchange Folder
[2014/10/24 00:21:20 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2014/10/24 00:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2014/10/24 00:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\SigmaTel
[2014/10/24 00:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
[2014/10/24 00:18:53 | 000,102,400 | ---- | C] (4Developers LLC) -- C:\WINDOWS\System32\SimpleRegistry.dll
[2014/10/24 00:18:53 | 000,010,752 | ---- | C] (Almeida & Andrade Ltda) -- C:\WINDOWS\System32\aamd532.dll
[2014/10/24 00:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
[2014/10/24 00:18:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2014/10/24 00:18:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\occache
[2014/10/24 00:18:50 | 000,000,000 | ---D | C] -- C:\Program Files\Learn2.com
[2014/10/24 00:18:49 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint
[2014/10/24 00:18:47 | 000,086,016 | ---- | C] (MindVision) -- C:\WINDOWS\unvise32qt.exe
[2014/10/24 00:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\QuickTime
[2014/10/24 00:18:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\QuickTime
[2014/10/24 00:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nullsoft
[2014/10/24 00:18:37 | 000,000,000 | ---D | C] -- C:\My Music
[2014/10/24 00:18:35 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2014/10/24 00:18:35 | 000,000,000 | ---D | C] -- C:\Program Files\Real
[2014/10/24 00:18:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Real
[2014/10/24 00:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Real
[2014/10/24 00:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\AOL Downloads
[2014/10/24 00:18:24 | 001,044,480 | ---- | C] (eHelp Corporation.) -- C:\WINDOWS\System32\roboex32.dll
[2014/10/24 00:18:24 | 000,054,784 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\Inetwh32.dll
[2014/10/24 00:18:24 | 000,029,184 | ---- | C] (Blue Sky Software) -- C:\WINDOWS\System32\popup.ocx
[2014/10/24 00:17:54 | 000,168,448 | ---- | C] (Texas Instruments) -- C:\WINDOWS\System32\drivers\tifm21.sys
[2014/10/24 00:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\Texas Instruments Inc
[2014/10/24 00:17:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2014/10/24 00:17:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2014/10/24 00:17:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2014/10/24 00:17:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Gateway Documentation
[2014/10/24 00:17:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\System Recovery
[2014/10/24 00:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/10/24 00:16:14 | 000,351,526 | ---- | C] (Wilson WindowWare, Inc.) -- C:\WINDOWS\WBDDA34I.DLL
[2014/10/24 00:16:14 | 000,046,433 | ---- | C] (Wilson WindowWare, Inc.) -- C:\WINDOWS\WBODA34I.DLL
[2014/10/24 00:16:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2014/10/24 00:16:09 | 000,081,920 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPCo2.dll
[2014/10/24 00:16:09 | 000,069,722 | ---- | C] (Synaptics, Inc.) -- C:\WINDOWS\System32\SynTPFcs.dll
[2014/10/24 00:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/10/24 00:16:07 | 000,094,208 | ---- | C] (Gateway Inc.) -- C:\WINDOWS\System32\BAE.dll
[2014/10/24 00:15:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink DVD Solution
[2014/10/24 00:15:37 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/10/24 00:15:37 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2014/10/24 00:15:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2014/10/24 00:10:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2014/10/24 00:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/10/24 00:01:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/10/24 00:00:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\creator
[2014/10/24 00:00:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\SMINST
[2014/10/24 00:00:26 | 000,000,000 | R--D | C] -- C:\Program Files
[2014/10/24 00:00:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2014/10/24 00:00:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2014/10/24 00:00:18 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2014/10/24 00:00:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\SendTo
[2014/10/24 00:00:17 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Videos
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Pictures
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\My Music
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2014/10/24 00:00:17 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
[2014/10/24 00:00:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Application Data
[2014/10/24 00:00:16 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Favorites
[2014/10/23 23:59:13 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2014/10/23 23:59:05 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2014/10/23 23:56:56 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/20 03:29:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2014/11/20 02:48:36 | 000,000,378 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/11/20 02:48:30 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2014/11/20 02:48:29 | 000,000,434 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014/11/20 02:48:26 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/11/20 02:48:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/11/20 02:48:16 | 2145,505,280 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/19 19:07:02 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\Nero Info.job
[2014/11/18 00:11:45 | 000,000,757 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\KeyFinder.lnk
[2014/11/17 14:48:55 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/11/17 05:53:08 | 001,166,232 | ---- | M] (Magical Jelly Bean                                          ) -- C:\Documents and Settings\Administrator\Desktop\KeyFinderInstaller.exe
[2014/11/17 05:26:39 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/11/17 05:26:39 | 000,001,908 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/11/17 03:33:06 | 2564,784,128 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\win7_32bit.iso
[2014/11/17 01:20:06 | 000,045,208 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\driverview.zip
[2014/11/17 00:43:17 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/11/11 22:28:16 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/11/11 22:28:12 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/11/09 18:13:44 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/11/07 19:06:21 | 000,001,912 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero MediaHome.lnk
[2014/11/06 17:43:21 | 000,483,126 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014/11/06 17:43:21 | 000,080,676 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014/11/06 17:35:31 | 000,001,979 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/11/04 10:25:28 | 000,001,621 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014/11/04 00:28:37 | 000,000,024 | ---- | M] () -- C:\Documents and Settings\Administrator\random.dat
[2014/11/03 22:46:52 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
[2014/11/01 03:15:26 | 000,000,070 | ---- | M] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE1.dat
[2014/10/31 02:42:09 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/30 05:44:06 | 000,152,952 | ---- | M] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\System32\drivers\psmounterex.sys
[2014/10/28 17:50:26 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Play Euchre.lnk
[2014/10/27 01:30:51 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/10/26 01:10:01 | 000,000,002 | ---- | M] () -- C:\WINDOWS\msoffice.ini
[2014/10/26 00:05:30 | 000,777,488 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2014/10/26 00:05:30 | 000,411,680 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2014/10/26 00:05:30 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys
[2014/10/26 00:05:11 | 000,776,976 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys.1414299930453
[2014/10/26 00:05:11 | 000,271,264 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2014/10/26 00:05:11 | 000,180,632 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/10/26 00:05:11 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014/10/26 00:05:11 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014/10/26 00:05:11 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswrdr.sys.1414299930453
[2014/10/26 00:05:11 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/10/26 00:05:11 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014/10/26 00:05:11 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/10/25 20:20:31 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/10/25 18:26:17 | 000,000,209 | RHS- | M] () -- C:\boot.ini
[2014/10/25 17:40:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2014/10/25 17:19:04 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2014/10/24 00:35:48 | 000,000,097 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2014/10/24 00:32:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Gateway_NX860XL_Rev.1_0039087414.MRK
[2014/10/24 00:31:47 | 000,000,333 | ---- | M] () -- C:\WINDOWS\System32\$ncsp$.inf
[2014/10/24 00:31:07 | 000,000,000 | ---- | M] () -- C:\REQUEST_OEMRESET_ENDUSER
[2014/10/24 00:28:26 | 000,000,498 | ---- | M] () -- C:\WINDOWS\System32\emver.ini
[2014/10/24 00:21:24 | 000,000,637 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/10/24 00:19:00 | 000,000,894 | -H-- | M] () -- C:\IPH.PH
[2014/10/24 00:18:35 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2014/10/24 00:18:00 | 000,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2014/10/24 00:15:24 | 000,000,002 | ---- | M] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2014/10/24 00:03:43 | 000,000,002 | RHS- | M] () -- C:\USER
[2014/10/24 00:00:54 | 000,000,060 | ---- | M] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/18 00:11:45 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\KeyFinder.lnk
[2014/11/17 03:03:50 | 2564,784,128 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\win7_32bit.iso
[2014/11/17 02:54:08 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/11/17 02:54:08 | 000,001,908 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/11/17 01:20:06 | 000,045,208 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\driverview.zip
[2014/11/11 22:28:12 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2014/11/11 22:28:12 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2014/11/07 19:07:27 | 000,000,288 | ---- | C] () -- C:\WINDOWS\tasks\Nero Info.job
[2014/11/07 19:06:21 | 000,001,912 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero MediaHome.lnk
[2014/11/06 17:35:31 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/11/04 10:25:29 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2014/11/04 10:25:29 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2014/11/04 10:25:29 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2014/11/04 10:25:29 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2014/11/04 10:25:28 | 000,001,621 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
[2014/11/04 10:24:51 | 000,014,119 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2014/11/01 03:15:26 | 000,000,070 | ---- | C] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE1.dat
[2014/11/01 01:00:33 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
[2014/11/01 01:00:33 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Administrator\random.dat
[2014/10/31 22:50:57 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2014/10/28 17:50:26 | 000,000,743 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Play Euchre.lnk
[2014/10/27 03:20:03 | 000,093,854 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2535354235-3254226930-1038610633-500-0.dat
[2014/10/27 03:20:02 | 000,093,854 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2014/10/27 01:30:51 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/10/26 03:41:29 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/10/26 01:10:01 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2014/10/26 00:05:23 | 000,000,378 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014/10/26 00:05:15 | 000,180,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014/10/26 00:05:14 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014/10/26 00:05:14 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2014/10/25 20:04:12 | 000,000,238 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
[2014/10/25 20:04:12 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
[2014/10/25 17:50:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014/10/25 17:50:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2014/10/25 17:19:17 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2014/10/25 17:19:16 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2014/10/25 17:19:15 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2014/10/24 00:32:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Gateway_NX860XL_Rev.1_0039087414.MRK
[2014/10/24 00:31:47 | 000,000,333 | ---- | C] () -- C:\WINDOWS\System32\$ncsp$.inf
[2014/10/24 00:26:01 | 2145,505,280 | -HS- | C] () -- C:\hiberfil.sys
[2014/10/24 00:24:57 | 000,051,656 | ---- | C] () -- C:\WINDOWS\System32\OEMLOGO.bmp
[2014/10/24 00:24:57 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2014/10/24 00:21:45 | 000,000,901 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\My Bluetooth Places.lnk
[2014/10/24 00:21:24 | 000,000,637 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
[2014/10/24 00:18:01 | 000,000,894 | -H-- | C] () -- C:\IPH.PH
[2014/10/24 00:18:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2014/10/24 00:17:41 | 000,051,048 | ---- | C] () -- C:\WINDOWS\System32\nvapps.xml
[2014/10/24 00:17:38 | 000,016,960 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2014/10/24 00:15:24 | 000,000,002 | ---- | C] () -- C:\AUDIT_INSTALL_IN_PROGRESS
[2014/10/24 00:14:32 | 000,518,520 | ---- | C] () -- C:\WINDOWS\vidres.exe
[2014/10/24 00:03:43 | 000,000,002 | RHS- | C] () -- C:\USER
[2014/10/24 00:03:43 | 000,000,000 | ---- | C] () -- C:\REQUEST_OEMRESET_ENDUSER
[2014/10/24 00:00:54 | 000,000,060 | ---- | C] () -- C:\WINDOWS\System32\SYSDRV.DAT
[2014/10/24 00:00:50 | 000,002,790 | ---- | C] () -- C:\WINDOWS\System32\e1e5132.din
[2014/10/12 17:35:28 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2014/10/12 17:35:26 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2014/10/12 17:35:25 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2014/10/12 17:35:24 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2014/10/12 17:35:21 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2014/10/12 17:35:21 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2014/10/12 17:35:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2014/10/12 17:35:21 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2014/10/12 17:35:17 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2014/07/21 11:50:16 | 000,013,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\pssnap.sys
 
========== ZeroAccess Check ==========
 
[2006/06/17 04:37:41 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2014/02/24 22:30:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/10/26 00:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVAST Software
[2014/10/26 01:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\CrystalIdea Software
[2014/11/17 02:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gBurner
[2014/10/24 00:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Leadertech
[2014/10/26 03:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
[2014/11/11 17:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Oracle
[2014/10/24 00:17:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SampleView
[2014/10/25 23:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\WinPatrol
[2014/10/26 00:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2014/10/25 23:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2014/10/31 01:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Macrium
[2014/11/07 19:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2014/11/04 10:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ralink Driver
[2014/10/24 00:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
 
========== Purity Check ==========
 
 

< End of report >

 

OTL Extras logfile created on: 11/20/2014 3:30:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.00 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 73.22% Memory free
3.84 Gb Paging File | 3.45 Gb Available in Paging File | 89.72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.35 Gb Total Space | 47.92 Gb Free Space | 68.12% Space Free | Partition Type: NTFS
Drive D: | 4.17 Gb Total Space | 1.49 Gb Free Space | 35.74% Space Free | Partition Type: FAT32
 
Computer Name: GATEWAY | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Ralink\Common\RaMediaServer.exe" = C:\Program Files\Ralink\Common\RaMediaServer.exe:*:Enabled:Ralink UPnP Media Server -- (Ralink)
"C:\Program Files\Ralink\Common\RaUI.exe" = C:\Program Files\Ralink\Common\RaUI.exe:*:Enabled:Ralink Utility -- (Ralink Technology, Corp.)
"C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe" = C:\Program Files\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe:*:Enabled:Nero Blu-ray Player -- (Nero AG)
"C:\Program Files\Nero\KM\NMDllHost.exe" = C:\Program Files\Nero\KM\NMDllHost.exe:*:Enabled:NMDllHost -- (Nero AG)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0215ACE5-DEC8-4486-A3EA-B8B08A6CF5FD}" = Nero MediaHome
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{150D88F1-40AF-4678-A39D-BCE2332F34E5}" = Nero Abstract Themes
"{15377C3E-9655-400F-B441-E69F0A6BEAFE}" = Recovery Software Suite Gateway
"{18C0CD5B-571B-4D46-A71E-CD90CA4E75FA}" = Macrium Reflect Standard Edition
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Solution
"{22124B84-93B2-4603-B212-146665E4B6B1}" = Nero Blu-ray Player
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 4.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{57AB77BC-E70C-454B-BD0C-E543A7961912}" = nero12kwikburnexpressess
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}" = WinPatrol
"{799AFA36-4EA5-4323-8689-74C06645A26B}" = Prerequisite installer
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{96F31DB7-9239-4FBE-B75E-056AEAB192D9}" = Nero MediaHome Free
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = TIPCI
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"gBurner" = gBurner
"Hardwood Euchre" = Hardwood Euchre
"ie8" = Windows Internet Explorer 8
"InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"MacriumReflect" = Macrium Reflect Standard Edition
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 33.1 (x86 en-US)" = Mozilla Firefox 33.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"nLite_is1" = nLite 1.4.9.1
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer Basic
"Revo Uninstaller" = Revo Uninstaller 1.95
"SMSERIAL" = Motorola SM56 Data Fax Modem
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WGA" = Windows Genuine Advantage Validation Tool
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPhlash" = WinPhlash
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/6/2014 7:57:36 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
 module shell32.dll, version 6.0.2900.6242, fault address 0x00076f0b.
 
Error - 11/6/2014 7:57:44 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
 dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
 
Error - 11/13/2014 12:29:22 AM | Computer Name = GATEWAY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/13/2014 12:29:22 AM | Computer Name = GATEWAY | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/14/2014 11:32:39 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
 module flash32_15_0_0_189.ocx, version 15.0.0.189, fault address 0x000f550b.
 
Error - 11/14/2014 11:34:44 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
 module flash32_15_0_0_189.ocx, version 15.0.0.189, fault address 0x000f550b.
 
Error - 11/14/2014 11:34:54 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1001
Description = Fault bucket 578590292.
 
Error - 11/17/2014 5:40:09 AM | Computer Name = GATEWAY | Source = Application Hang | ID = 1002
Description = Hanging application explorer.exe, version 6.0.2900.5512, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/19/2014 7:34:38 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
 module kernel32.dll, version 5.1.2600.6532, fault address 0x00012fd3.
 
Error - 11/19/2014 7:34:51 PM | Computer Name = GATEWAY | Source = Application Error | ID = 1001
Description = Fault bucket 177523516.
 
[ System Events ]
Error - 11/7/2014 8:56:11 PM | Computer Name = GATEWAY | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the NVSvc service.
 
Error - 11/9/2014 7:11:39 PM | Computer Name = GATEWAY | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the NVSvc service.
 
Error - 11/11/2014 6:22:20 PM | Computer Name = GATEWAY | Source = ipnathlp | ID = 31008
Description = The DNS proxy agent was unable to read the local list of name-resolution
servers
 from the registry.  The data is the error code.
 
Error - 11/11/2014 6:23:14 PM | Computer Name = GATEWAY | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
 with DCOM within the required timeout.
 
Error - 11/11/2014 6:44:21 PM | Computer Name = GATEWAY | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 11/12/2014 7:58:19 PM | Computer Name = GATEWAY | Source = ipnathlp | ID = 30005
Description = The DHCP allocator has detected a DHCP server with IP address 192.168.1.254
on
 the same network as the interface with IP address 192.168.0.1.  The allocator has
 disabled itself on the interface in order to avoid  confusing DHCP clients.
 
Error - 11/12/2014 8:17:27 PM | Computer Name = GATEWAY | Source = ipnathlp | ID = 30005
Description = The DHCP allocator has detected a DHCP server with IP address 192.168.137.1
on
 the same network as the interface with IP address 192.168.0.1.  The allocator has
 disabled itself on the interface in order to avoid  confusing DHCP clients.
 
Error - 11/12/2014 8:30:22 PM | Computer Name = GATEWAY | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.69,
since
 the IP address is outside the 192.168.0.0/255.255.255.0 scope  from which addresses
 are being allocated to DHCP clients.  To enable the DHCP allocator on this IP address,
please
 change the scope to include the IP address,  or change the IP address to fall within
 the scope.
 
Error - 11/13/2014 8:09:03 PM | Computer Name = GATEWAY | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 11/13/2014 8:10:05 PM | Computer Name = GATEWAY | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.69,
since
 the IP address is outside the 192.168.0.0/255.255.255.0 scope  from which addresses
 are being allocated to DHCP clients.  To enable the DHCP allocator on this IP address,
please
 change the scope to include the IP address,  or change the IP address to fall within
 the scope.
 
 
< End of report >
 


Edited by Pat_54, 23 November 2014 - 03:19 AM.

  • 0

Advertisements

#2
Essexboy
Posted 23 November 2014 - 05:08 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay, could you update me on your current problem please

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#3
Pat_54
Posted 23 November 2014 - 02:01 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Thank you Essexboy, so glad to hear from you. I know your quite busy but I really didn't know what else to do with this computer. I'll try to explain much more about whats wrong with this laptop. I put updates in my post where what was happening while I waited for a response from someone on geekstogo team. Several things had happened with this laptop. First I want to explain that I was going to install wins 7 only because of microsoft no longer having any further updates for wins xp and for security reasons. When I finally decided to do this its like things really started going wrong. A while back I ordered a wins 7 home edition but procrastinated because I really liked wins xp and then never seemed to find the time to do an install and really don't like change but knew in time I would have to make the upgrade. When I had the time and finally decided this is it, it's now or never. My dvd/cd drive went in my laptop so I had to order a new one and then install it. I went online to microsoft to make sure I had what was needed to make the change over. I downloaded a program there called wins 7 upgrade to make sure what would be compatible on this computer and instructions on how to install. Really trying to make a long story short here, sorry. It said, you need to copy all files then reinstall once wins 7 up and running. So I used their program and copied all of my files from laptop to a usb flash drive. This is where a big part of my trouble began. The program they recommended copied all my files to what is called a mig file, all of which was greek to me. Now I had all my files from laptop to usb drive and had no idea how to read them or get them back or what was even a mig file, so I went on a search to find how to retrieve them. I downloaded program after program going to site after site trying everything but nothing worked and of course along the way the laptop really got junked up. It started giving me fits I have no doubts a must have downloaded a virus, malware, spyware or several, who knows. The computer started shutting down on its own, it was taking forever to boot, I got blue screen, and several error messages. You name it, it did it. So I figured this thing was really messed and my best and only option was to try a clean install of windows xp and hopefully I could somehow figure out how to get my files from usb installed back to computer and get computer back to a good running state. I got out recovery disks and did a clean install. My problem here was the recovery discs was for xp media center so I got my wins xp pro disc and tried installing it but everytime it would load and I tried entering key code it would say invalid key. I know it was not I tried several things but nothing worked. Then I read online where microsoft does this so you can't pirate the cd and can only use the disc once. What a shame. Anyhow I gave up on that and just decided to work on getting computer working good in xp media center. What a job but finally manage to get it working this far. I'm really tired what a job this has been and microsoft again made it harder because of no more updates for wins xp. This again made me have to go online to download things needed to get this computer in working order again. Along the way I feel though I have picked up something terrible. This is where I believe I really could use your help. I don't want to have to go all through this again.This is whats happening now. When I go to websites, the computer just stops responding. I can't do nothing but just power button to turn off then back on. It takes forever to load desktop, sometimes it freezes on desktop and have to shutdown with power button. I also, big mistake, downloaded spybot search and destroy cause I thought it might help find the problem being that my avast, super antispyware and malwarebytes were not detecting anything. Upon installing spybot, my avast went nuts went straight to boot bode saying spybot was infected with win32 pup-gen, win32 solimba-s pup and an couple others, so I'm not sure if I did something wrong but I had when avast asked, deleted all. I also, noticed to when visiting a website now, I can hear through my volume sound, that my mouse sounds like its double clicking. I know I'm not clicking on the mouse twice but I hear like a click click sound. This is where I'm at now to this point. I now this has been lengthy but I wanted to explain how I got here. Please help me clean this thing up if you possibly can. Thanks again Pat. Here is the log you requested from fabar.





Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by Administrator (administrator) on GATEWAY on 23-11-2014 12:20:55
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profile: Administrator (Available profiles: Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(New Boundary Technologies, Inc.) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPLpr] => C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [98394 2004-11-05] (Synaptics, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [688218 2004-11-05] (Synaptics, Inc.)
HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [212992 2002-09-14] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /installquiet /nodetect
HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [282624 2006-02-13] (SigmaTel, Inc.)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [577536 2006-09-14] (Motorola Inc.)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-10-26] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\...\Run: [Power2GoExpress] => NA
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6692632 2014-10-26] (SUPERAntiSpyware)
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-20] (Ruiware LLC)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...s=PTB&M=NX860XL
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...s=PTB&M=NX860XL
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.safesear....q={searchTerms}
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.safesear....q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.safesear....q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesear....q={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.safesear....q={searchTerms}
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo...&p={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate...b?1414261654420
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0065-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tqxbj8ku.default
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=55&CUI=&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2&SSPV=
FF SelectedSearchEngine: Trovi search
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tqxbj8ku.default\searchplugins\trovi-search.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-10-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-26]
FF Extension: No Name - [email protected] [Not Found]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-26] (AVAST Software)
R2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295 2006-03-14] (Broadcom Corporation.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-11-11] (Oracle Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [196608 2014-10-24] (New Boundary Technologies, Inc.) [File not signed]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [2462160 2014-07-21] (Paramount Software UK Ltd)
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2014-10-24] (Meetinghouse Data Communications) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2014-10-24] (Windows ® 2000 DDK provider) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-10-26] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-10-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-10-26] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-10-26] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [777488 2014-10-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411680 2014-10-26] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-10-26] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-10-26] ()
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [328237 2006-03-14] (Broadcom Corporation.) [File not signed]
R3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30427 2006-03-14] (Broadcom Corporation.) [File not signed]
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [851402 2006-03-14] (Broadcom Corporation.) [File not signed]
R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [23271 2006-03-14] (Broadcom Corporation.) [File not signed]
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148900 2006-03-14] (Broadcom Corporation.) [File not signed]
S3 btwhid; C:\WINDOWS\System32\DRIVERS\btwhid.sys [45683 2006-03-14] (Broadcom Corporation.) [File not signed]
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [65784 2006-03-14] (Broadcom Corporation.) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R1 netfilter; C:\WINDOWS\System32\drivers\netfilter.sys [47488 2014-10-06] (NetFilterSDK.com) [File not signed]
R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
S3 PSMounterEx; C:\WINDOWS\system32\drivers\psmounterex.sys [152952 2014-10-30] (Windows ® Win 7 DDK provider)
R0 pssnap; C:\WINDOWS\System32\DRIVERS\pssnap.sys [13528 2014-07-21] ()
S3 PSVolAcc; C:\WINDOWS\system32\Drivers\PSVolAcc.sys [12248 2014-07-21] (Paramount Software UK Ltd)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1249888 2012-08-20] (Ralink Technology, Corp.)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [File not signed]
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [26336 2012-10-25] (Printing Communications Assoc., Inc. (PCAUSA))
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1106888 2006-02-13] (SigmaTel, Inc.)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-23 12:20 - 2014-11-23 12:21 - 00018298 _____ () C:\Documents and Settings\Administrator\Desktop\FRST.txt
2014-11-23 12:20 - 2014-11-23 12:20 - 00000000 ____D () C:\FRST
2014-11-23 12:18 - 2014-11-23 12:19 - 01110016 _____ (Farbar) C:\Documents and Settings\Administrator\Desktop\FRST.exe
2014-11-21 15:27 - 2014-11-22 03:53 - 00011684 _____ () C:\WINDOWS\setupapi.log
2014-11-21 15:27 - 2014-11-21 15:27 - 00000000 ____D () C:\WINDOWS\Performance
2014-11-21 15:27 - 2014-11-21 15:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Corporation
2014-11-21 15:27 - 2014-11-21 15:27 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-11-21 15:27 - 2014-11-21 15:27 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-11-21 15:26 - 2014-11-21 15:26 - 00001868 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-11-21 15:26 - 2014-11-21 15:26 - 00001862 _____ () C:\Documents and Settings\All Users\Desktop\Windows 7 Upgrade Advisor.lnk
2014-11-21 15:26 - 2014-11-21 15:26 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-11-20 19:41 - 2014-11-20 19:43 - 00000005 _____ () C:\end
2014-11-20 18:21 - 2014-11-20 19:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-11-20 03:36 - 2014-11-20 03:36 - 00120090 _____ () C:\Documents and Settings\Administrator\Desktop\OTL.Txt
2014-11-20 03:36 - 2014-11-20 03:36 - 00036356 _____ () C:\Documents and Settings\Administrator\Desktop\Extras.Txt
2014-11-20 03:29 - 2014-11-20 03:29 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Administrator\Desktop\OTL.exe
2014-11-18 00:16 - 2014-11-18 00:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\driverview
2014-11-18 00:11 - 2014-11-18 00:11 - 00000757 _____ () C:\Documents and Settings\All Users\Desktop\KeyFinder.lnk
2014-11-18 00:11 - 2014-11-18 00:11 - 00000000 ____D () C:\Program Files\Magical Jelly Bean
2014-11-18 00:11 - 2014-11-18 00:11 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\KeyFinder
2014-11-17 06:06 - 2014-11-17 06:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-17 03:03 - 2014-11-17 03:33 - 2564784128 _____ () C:\Documents and Settings\Administrator\Desktop\win7_32bit.iso
2014-11-17 02:54 - 2014-11-17 05:26 - 00001908 _____ () C:\WINDOWS\diagwrn.xml
2014-11-17 02:54 - 2014-11-17 05:26 - 00001908 _____ () C:\WINDOWS\diagerr.xml
2014-11-17 02:51 - 2014-11-17 02:51 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\gBurner
2014-11-17 02:50 - 2014-11-17 02:50 - 00000000 ____D () C:\Program Files\gBurner
2014-11-17 02:50 - 2014-11-17 02:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\gBurner
2014-11-11 22:28 - 2014-11-11 22:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla
2014-11-11 22:28 - 2014-11-11 22:28 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-11 22:28 - 2014-11-11 22:28 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2014-11-11 22:28 - 2014-11-11 22:28 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-11 22:28 - 2014-11-11 22:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-11 22:28 - 2014-11-11 22:28 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2014-11-11 22:28 - 2014-11-11 22:28 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2014-11-11 18:44 - 2014-11-11 18:44 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
2014-11-11 17:46 - 2014-11-11 17:46 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Oracle
2014-11-11 17:45 - 2014-11-11 17:45 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-11-11 17:45 - 2014-11-11 17:45 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-11-11 17:45 - 2014-11-11 17:45 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-11-11 17:45 - 2014-11-11 17:45 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-11-11 17:45 - 2014-11-11 17:45 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-11-11 17:45 - 2014-11-11 17:45 - 00000000 ____D () C:\Program Files\Java
2014-11-11 17:45 - 2014-11-11 17:45 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-11-11 17:45 - 2014-11-11 17:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-11-07 19:07 - 2014-11-22 19:07 - 00000288 _____ () C:\WINDOWS\Tasks\Nero Info.job
2014-11-07 19:06 - 2014-11-07 19:06 - 00001912 _____ () C:\Documents and Settings\All Users\Desktop\Nero MediaHome.lnk
2014-11-07 18:59 - 2014-11-22 17:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2014-11-06 17:40 - 2014-11-06 17:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Downloaded Installations
2014-11-06 17:36 - 2014-11-06 17:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Component
2014-11-06 17:35 - 2014-11-06 17:56 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Fast Browser
2014-11-05 03:15 - 2014-11-23 12:10 - 00000435 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-11-04 17:54 - 2014-11-04 23:30 - 00004052 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-11-04 10:25 - 2014-11-04 10:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Ralink Wireless
2014-11-04 10:25 - 2012-10-25 09:43 - 00026336 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\WINDOWS\system32\Drivers\Scutum50.sys
2014-11-04 10:25 - 2012-01-30 17:23 - 00151552 _____ (Ralink Tech) C:\WINDOWS\system32\RalinkGina.dll
2014-11-04 10:25 - 2011-05-04 13:56 - 01608768 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\RaCertMgr.dll
2014-11-04 10:25 - 2011-05-04 13:47 - 02178112 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\Scutum.dll
2014-11-04 10:25 - 2010-07-01 17:09 - 00185696 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\WINDOWS\system32\W32N55.dll
2014-11-04 10:25 - 2010-06-29 10:34 - 00480608 _____ () C:\WINDOWS\system32\DiagFunc.dll
2014-11-04 10:25 - 2010-01-27 11:53 - 00000449 _____ () C:\WINDOWS\system32\DiagFunc.ini
2014-11-04 10:25 - 2009-11-13 13:42 - 00034080 _____ () C:\WINDOWS\system32\CTAAEI.dll
2014-11-04 10:25 - 2009-04-23 09:51 - 00001191 _____ () C:\WINDOWS\system32\W32N55.INI
2014-11-04 10:24 - 2014-11-04 10:24 - 00000000 ____D () C:\Program Files\Ralink
2014-11-04 10:24 - 2014-11-04 10:24 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Ralink Driver
2014-11-04 10:24 - 2014-11-04 10:24 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\InstallShield
2014-11-04 10:24 - 2012-08-20 10:16 - 01249888 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\Drivers\rt2870.sys
2014-11-04 10:24 - 2011-12-26 11:02 - 00238944 _____ (Ralink Technology, Inc.) C:\WINDOWS\system32\RaCoInst.dll
2014-11-04 10:24 - 2011-12-26 11:02 - 00014119 _____ () C:\WINDOWS\system32\RaCoInst.dat
2014-11-01 17:29 - 2014-11-20 17:03 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-01 17:29 - 2014-11-01 17:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-01 17:29 - 2014-11-01 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-01 17:29 - 2014-11-01 17:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-11-01 17:29 - 2014-10-01 10:11 - 00054360 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-01 17:29 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-01 03:15 - 2014-11-01 03:15 - 00000070 _____ () C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE1.dat
2014-11-01 03:15 - 2014-11-01 03:15 - 00000000 ____D () C:\Documents and Settings\Administrator\jagexcache1
2014-11-01 01:00 - 2014-11-04 00:28 - 00000024 _____ () C:\Documents and Settings\Administrator\random.dat
2014-11-01 01:00 - 2014-11-03 22:46 - 00000069 _____ () C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
2014-11-01 01:00 - 2014-11-01 01:00 - 00000000 ____D () C:\Documents and Settings\Administrator\jagexcache
2014-11-01 00:57 - 2014-11-01 00:57 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun
2014-11-01 00:27 - 2014-11-01 00:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Sun
2014-10-31 22:50 - 2014-10-31 22:50 - 00001804 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-31 22:50 - 2014-10-31 22:50 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-31 22:50 - 2014-10-31 22:50 - 00000000 ____D () C:\Program Files\Adobe
2014-10-31 22:49 - 2014-10-31 22:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-10-31 22:47 - 2014-11-11 22:58 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2014-10-31 22:36 - 2014-10-31 22:36 - 00000000 ____D () C:\WINDOWS\Sun
2014-10-31 22:36 - 2014-10-31 22:36 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Sun
2014-10-30 06:18 - 2014-10-30 05:44 - 00152952 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\psmounterex.sys
2014-10-28 23:01 - 2014-10-28 23:01 - 00000000 ____D () C:\Program Files\Macrium
2014-10-28 23:01 - 2014-10-28 23:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Macrium
2014-10-28 23:00 - 2014-10-28 23:01 - 00618118 _____ () C:\Reflect_Install.log
2014-10-28 22:54 - 2014-10-28 22:54 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
2014-10-28 22:53 - 2014-10-28 22:59 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Macrium
2014-10-28 22:52 - 2014-10-31 01:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Macrium
2014-10-28 17:50 - 2014-10-28 17:50 - 00000743 _____ () C:\Documents and Settings\Administrator\Desktop\Play Euchre.lnk
2014-10-28 17:50 - 2014-10-28 17:50 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Hardwood Euchre
2014-10-28 17:48 - 2014-11-18 21:03 - 00000000 ____D () C:\Program Files\Hardwood Euchre
2014-10-28 17:48 - 2014-10-28 17:48 - 00000000 ____D () C:\Program Files\SilverCreekCommonFiles
2014-10-27 03:20 - 2014-11-07 19:54 - 00093854 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-10-27 03:20 - 2014-11-07 19:54 - 00093854 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2535354235-3254226930-1038610633-500-0.dat
2014-10-27 00:45 - 2014-10-27 00:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Nero_AG
2014-10-27 00:44 - 2014-10-27 00:47 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Nero
2014-10-27 00:42 - 2014-10-27 00:42 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Nero
2014-10-27 00:34 - 2014-11-07 19:07 - 00000000 ____D () C:\Program Files\Common Files\Nero
2014-10-27 00:34 - 2014-11-07 19:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Nero
2014-10-27 00:34 - 2014-11-07 19:05 - 00000000 ____D () C:\Program Files\Nero
2014-10-27 00:34 - 2014-10-27 00:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nero
2014-10-27 00:25 - 2014-10-27 00:25 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-27 00:24 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-10-27 00:24 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-10-27 00:24 - 2010-05-26 10:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-10-27 00:24 - 2010-05-26 10:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-10-27 00:24 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-10-27 00:23 - 2014-10-27 00:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v3$
2014-10-26 23:49 - 2014-10-26 23:49 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\CyberLink
2014-10-26 23:49 - 2014-10-26 23:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\CyberLink
2014-10-26 23:48 - 2014-10-26 23:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\CyberLink
2014-10-26 23:32 - 2014-10-26 23:32 - 00000000 ____D () C:\Program Files\nLite
2014-10-26 23:32 - 2014-10-26 23:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\nLite
2014-10-26 03:41 - 2014-10-31 02:42 - 00005120 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-26 02:26 - 2014-10-26 02:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-10-26 02:26 - 2014-10-26 02:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-10-26 02:20 - 2014-10-26 02:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-10-26 01:56 - 2014-10-26 01:56 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\CrystalIdea Software
2014-10-26 01:41 - 2009-01-09 14:19 - 01089593 ____C () C:\WINDOWS\system32\dllcache\ntprint.cat
2014-10-26 01:35 - 2014-10-26 01:35 - 00000000 ___HD () C:\WINDOWS\PIF
2014-10-26 01:10 - 2014-10-26 01:10 - 00000002 _____ () C:\WINDOWS\msoffice.ini
2014-10-26 00:56 - 2014-11-17 06:11 - 00000000 ____D () C:\Documents and Settings\Administrator\Desktop\program short cuts
2014-10-26 00:31 - 2014-11-23 12:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-10-26 00:31 - 2014-10-26 00:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
2014-10-26 00:16 - 2014-10-26 00:16 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Temp
2014-10-26 00:05 - 2014-11-23 12:15 - 00000378 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-10-26 00:05 - 2014-10-26 00:05 - 00777488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1414299930453
2014-10-26 00:05 - 2014-10-26 00:05 - 00411680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-26 00:05 - 2014-10-26 00:05 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1414299930453
2014-10-26 00:05 - 2014-10-26 00:05 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-26 00:05 - 2014-10-26 00:05 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-26 00:05 - 2014-10-26 00:05 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-10-26 00:05 - 2014-10-26 00:05 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\AVAST Software
2014-10-26 00:04 - 2014-10-26 00:04 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-26 00:03 - 2014-10-26 00:03 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-25 23:55 - 2014-10-25 23:55 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-10-25 23:52 - 2014-10-25 23:52 - 00000000 ____D () C:\Program Files\Ruiware
2014-10-25 23:52 - 2014-10-25 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
2014-10-25 23:52 - 2014-10-25 23:52 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\InstallMate
2014-10-25 23:52 - 2014-10-25 23:52 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\WinPatrol
2014-10-25 23:48 - 2014-10-25 23:48 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2014-10-25 23:47 - 2014-10-25 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2014-10-25 22:59 - 2014-10-31 22:54 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Adobe
2014-10-25 22:58 - 2014-11-11 22:58 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-10-25 22:58 - 2014-11-11 22:58 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-10-25 22:44 - 2014-10-25 22:44 - 00000000 __SHD () C:\Documents and Settings\Administrator\IECompatCache
2014-10-25 20:46 - 2014-10-25 20:46 - 00000000 __SHD () C:\Documents and Settings\Administrator\PrivacIE
2014-10-25 20:11 - 2014-10-26 02:08 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-10-25 20:11 - 2014-10-25 20:11 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-25 20:11 - 2014-10-25 20:11 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-25 20:10 - 2014-10-25 20:11 - 00000000 ____D () C:\bd242b0b1f20b7edc2c65c544e03
2014-10-25 20:10 - 2008-07-06 07:06 - 01676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2014-10-25 20:10 - 2008-07-06 07:06 - 01676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
2014-10-25 20:10 - 2008-07-06 07:06 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
2014-10-25 20:10 - 2008-07-06 07:06 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2014-10-25 20:10 - 2008-07-06 07:06 - 00117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2014-10-25 20:10 - 2008-07-06 07:06 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2014-10-25 20:10 - 2008-07-06 05:50 - 00597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2014-10-25 20:04 - 2014-11-23 12:10 - 00000238 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-10-25 20:04 - 2014-11-09 18:13 - 00000232 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-10-25 20:03 - 2014-10-25 20:03 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2014-10-25 19:50 - 2014-10-25 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-10-25 19:50 - 2014-10-25 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-10-25 19:50 - 2014-10-25 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-10-25 19:50 - 2014-10-25 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-10-25 19:50 - 2014-10-25 19:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-10-25 19:49 - 2014-10-25 19:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2467659$
2014-10-25 19:49 - 2014-03-06 12:59 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-10-25 19:49 - 2011-08-16 05:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-10-25 19:48 - 2014-10-26 02:26 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-10-25 19:48 - 2014-10-25 20:02 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2014-10-25 19:48 - 2014-10-25 19:48 - 00000000 __HDC () C:\WINDOWS\ie8
2014-10-25 19:48 - 2014-03-06 12:59 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-10-25 19:48 - 2014-03-06 12:59 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-10-25 19:42 - 2014-11-01 17:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619340$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-10-25 19:42 - 2014-10-25 19:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-10-25 19:41 - 2014-10-25 19:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-10-25 19:40 - 2014-11-17 06:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-10-25 19:40 - 2014-10-25 19:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979904$
2014-10-25 19:40 - 2014-10-25 19:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-10-25 19:40 - 2014-10-25 19:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-10-25 19:40 - 2014-10-25 19:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-10-25 19:40 - 2014-10-25 19:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-10-25 19:39 - 2014-10-25 19:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-10-25 19:38 - 2014-10-25 19:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-10-25 19:37 - 2014-10-25 19:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-10-25 19:36 - 2014-10-25 19:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-10-25 19:35 - 2014-10-25 19:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-10-25 19:34 - 2014-10-25 19:34 - 00006628 _____ () C:\WINDOWS\system32\TZLog.log
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-10-25 19:34 - 2014-10-25 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-10-25 19:33 - 2014-10-25 19:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-10-25 19:32 - 2014-10-25 19:32 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-10-25 19:30 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834905-v2_MCEUR2$
2014-10-25 19:29 - 2014-10-25 19:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-10-25 19:29 - 2014-10-25 19:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-10-25 19:19 - 2014-11-11 17:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-25 19:19 - 2014-11-11 17:48 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-10-25 19:18 - 2014-10-25 19:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-10-25 19:17 - 2014-10-25 19:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-10-25 19:16 - 2014-10-25 19:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-10-25 19:15 - 2014-10-25 19:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-10-25 19:14 - 2014-10-25 19:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-10-25 18:57 - 2008-06-13 06:05 - 00272128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2014-10-25 18:55 - 2010-09-18 01:53 - 00954368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40.dll
2014-10-25 18:55 - 2010-09-18 01:53 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-10-25 18:53 - 2014-02-25 20:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-10-25 18:53 - 2014-02-25 20:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-10-25 18:52 - 2011-07-15 08:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2014-10-25 18:52 - 2010-08-23 11:12 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-10-25 18:52 - 2009-11-21 10:51 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2014-10-25 18:50 - 2013-07-02 21:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-10-25 18:50 - 2013-07-02 20:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-10-25 18:50 - 2010-06-14 09:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-10-25 18:50 - 2009-03-06 09:22 - 00284160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2014-10-25 18:50 - 2009-02-09 07:10 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2014-10-25 18:50 - 2009-02-09 07:10 - 00473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2014-10-25 18:50 - 2009-02-09 07:10 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2014-10-25 18:50 - 2009-02-09 07:10 - 00401408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2014-10-25 18:50 - 2009-02-06 06:11 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2014-10-25 18:50 - 2009-02-06 05:39 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sc.exe
2014-10-25 18:50 - 2009-02-06 05:10 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2014-10-25 18:49 - 2010-08-27 03:02 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2014-10-25 18:49 - 2009-10-15 11:28 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2014-10-25 18:37 - 2014-10-25 18:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-10-25 18:37 - 2014-10-25 18:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-10-25 18:37 - 2014-10-25 18:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-10-25 18:37 - 2014-10-25 18:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2502898$
2014-10-25 18:37 - 2009-06-21 16:44 - 00153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2014-10-25 18:36 - 2014-10-25 18:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2742607$
2014-10-25 18:36 - 2009-07-27 17:27 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2014-10-25 18:35 - 2014-10-25 18:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-10-25 18:35 - 2014-10-25 18:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-10-25 18:35 - 2014-10-25 18:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-10-25 18:35 - 2014-10-25 18:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-10-25 18:35 - 2014-10-25 18:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-10-25 18:35 - 2014-04-30 03:13 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-10-25 18:35 - 2013-02-11 19:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-10-25 18:35 - 2013-02-11 19:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-10-25 18:35 - 2011-04-21 08:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-10-25 18:35 - 2008-05-08 09:02 - 00203136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
2014-10-25 18:34 - 2014-10-25 18:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-10-25 18:34 - 2014-10-25 18:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973768$
2014-10-25 18:34 - 2014-10-25 18:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904878$
2014-10-25 18:34 - 2014-10-25 18:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-10-25 18:33 - 2014-10-25 18:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-10-25 18:33 - 2008-05-01 09:33 - 00331776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2014-10-25 18:32 - 2013-07-16 19:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-10-25 18:32 - 2013-07-16 19:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-10-25 18:32 - 2013-07-16 19:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-10-25 18:28 - 2012-05-28 13:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-10-25 18:27 - 2012-07-04 09:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-10-25 18:27 - 2010-06-18 08:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-10-25 18:24 - 2014-10-25 18:26 - 00000000 ____D () C:\WINDOWS\pss
2014-10-25 17:53 - 2014-10-25 17:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-10-25 17:53 - 2014-10-25 17:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-10-25 17:53 - 2014-10-25 17:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-10-25 17:53 - 2013-08-08 19:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-10-25 17:53 - 2013-08-08 19:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-10-25 17:53 - 2013-08-08 19:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-10-25 17:53 - 2009-03-18 06:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-10-25 17:52 - 2014-10-25 17:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-10-25 17:52 - 2014-10-25 17:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-10-25 17:52 - 2014-10-25 17:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2628259$
2014-10-25 17:52 - 2014-10-25 17:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-10-25 17:52 - 2014-10-25 17:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-10-25 17:51 - 2013-07-03 22:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-10-25 17:51 - 2013-07-03 21:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-10-25 17:51 - 2013-07-03 21:08 - 02070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2014-10-25 17:51 - 2013-07-03 21:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-10-25 17:51 - 2010-12-09 10:15 - 00718336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2014-10-25 17:50 - 2013-11-27 15:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-10-25 17:50 - 2013-11-05 20:03 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2014-10-25 17:50 - 2012-01-11 14:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-10-25 17:50 - 2012-01-11 14:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-10-25 17:50 - 2011-07-08 09:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-10-25 17:50 - 2010-07-12 07:55 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2014-10-25 17:50 - 2009-11-21 10:51 - 01206508 ____C () C:\WINDOWS\system32\dllcache\sysmain.sdb
2014-10-25 17:48 - 2010-10-11 09:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-10-25 17:47 - 2014-10-25 17:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB898461$
2014-10-25 17:47 - 2014-10-25 17:47 - 00000000 ____D () C:\WINDOWS\system32\PreInstall
2014-10-25 17:40 - 2014-10-25 17:40 - 00000090 _____ () C:\WINDOWS\system32\spupdwxp.log
2014-10-25 17:22 - 2014-10-25 17:22 - 00000000 ____D () C:\WINDOWS\system32\scripting
2014-10-25 17:22 - 2014-10-25 17:22 - 00000000 ____D () C:\WINDOWS\system32\bits
2014-10-25 17:22 - 2014-10-25 17:22 - 00000000 ____D () C:\WINDOWS\l2schemas
2014-10-25 17:22 - 2013-11-12 20:13 - 00046080 ____N (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe
2014-10-25 17:22 - 2012-11-05 21:01 - 01371648 ____N (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-10-25 17:22 - 2012-11-05 21:01 - 01371648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6.dll
2014-10-25 17:22 - 2009-01-07 17:21 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 01737856 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\mtxparhd.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00712704 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecs.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00412160 ____N (Microsoft Corporation) C:\WINDOWS\system32\photometadatahandler.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00397056 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\s3gnb.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00346112 ____N (Microsoft Corporation) C:\WINDOWS\system32\windowscodecsext.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00291328 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagentrt.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00290304 ____N (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00286792 ____N (Smart Link) C:\WINDOWS\system32\slextspk.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00276992 ____N (Microsoft Corporation) C:\WINDOWS\system32\wmphoto.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00193024 ____N (Microsoft Corporation) C:\WINDOWS\system32\napmontr.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00188508 ____N (Smart Link) C:\WINDOWS\system32\slgen.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00176640 ____N (Microsoft Corporation) C:\WINDOWS\system32\napstat.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00155136 ____N (Microsoft Corporation) C:\WINDOWS\system32\mssha.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00150528 ____N (Microsoft Corporation) C:\WINDOWS\system32\qagent.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00144384 ____N (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\qutil.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00073832 ____N (Smart Link) C:\WINDOWS\system32\slcoinst.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00073796 ____N (Smart Link) C:\WINDOWS\system32\slserv.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00069120 ____N (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00062464 ____N (Microsoft Corporation) C:\WINDOWS\system32\qcliprov.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00061952 ____N (Microsoft Corporation) C:\WINDOWS\system32\rasqec.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00053248 ____N (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00050688 ____N (Microsoft Corporation) C:\WINDOWS\system32\tspkg.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcperf.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00032866 ____N (Smart Link) C:\WINDOWS\system32\slrundll.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00032866 ____N (Smart Link) C:\WINDOWS\slrundll.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00032768 ____N (Microsoft Corporation) C:\WINDOWS\system32\setupn.exe
2014-10-25 17:22 - 2008-04-14 04:42 - 00030208 ____N (Microsoft Corporation) C:\WINDOWS\system32\napipsec.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00028672 ____N (Microsoft Corporation) C:\WINDOWS\system32\vidcap.ax
2014-10-25 17:22 - 2008-04-14 04:42 - 00023040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativmvxx.ax
2014-10-25 17:22 - 2008-04-14 04:42 - 00010752 ____N (Microsoft Corporation) C:\WINDOWS\system32\smtpapi.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\rwnh.dll
2014-10-25 17:22 - 2008-04-14 04:42 - 00009728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativdaxx.ax
2014-10-25 17:22 - 2008-04-14 04:41 - 01888992 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3duag.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00870784 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ati3d1ag.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00650752 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00516768 ____N (ATI Technologies Inc. ) C:\WINDOWS\system32\ativvaxx.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00397312 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcex.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00377984 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvaa.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00233472 ____N (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00229376 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2cqag.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00201728 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ati2dvag.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00184832 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00184320 ____N (Microsoft Corporation) C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00180224 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00136192 ____N (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00132096 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00126976 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00106496 ____N (Microsoft Corporation) C:\WINDOWS\system32\mmcfxcommon.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00094208 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00086016 ____N (Conexant) C:\WINDOWS\system32\mdmxsdk.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00061440 ____N (Microsoft Corporation) C:\WINDOWS\system32\kmsvc.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapqec.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00057856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3cfg.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00056320 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00048640 ____N (Microsoft Corporation) C:\WINDOWS\system32\dhcpqec.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3gpclnt.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00039936 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00037376 ____N (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00033792 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00032768 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\ativtmxx.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00032285 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\hsfcisp2.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00030720 ____N (Microsoft Corporation) C:\WINDOWS\system32\eapolqec.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00026112 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00019456 ____N (Microsoft Corporation) C:\WINDOWS\system32\dimsntfy.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00012800 ____N (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00009216 ____N (Microsoft Corporation) C:\WINDOWS\system32\dot3dlg.dll
2014-10-25 17:22 - 2008-04-14 04:41 - 00007168 ____N (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2014-10-25 17:22 - 2008-04-14 04:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdpash.dll
2014-10-25 17:22 - 2008-04-14 04:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdnepr.dll
2014-10-25 17:22 - 2008-04-14 04:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdiultn.dll
2014-10-25 17:22 - 2008-04-14 04:39 - 00006144 ____N (Microsoft Corporation) C:\WINDOWS\system32\kbdbhc.dll
2014-10-25 17:22 - 2008-04-13 23:13 - 00009728 ____N (Microsoft Corporation) C:\WINDOWS\system32\comsdupd.exe
2014-10-25 17:22 - 2008-04-13 22:45 - 00076800 ____N (Microsoft Corporation) C:\WINDOWS\system32\msshavmsg.dll
2014-10-25 17:22 - 2008-04-13 21:57 - 00079872 ____N (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2014-10-25 17:22 - 2008-04-13 21:57 - 00079872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msxml6r.dll
2014-10-25 17:20 - 2014-10-25 17:20 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2014-10-25 17:19 - 2013-07-16 19:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-10-25 17:19 - 2013-02-11 19:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys
2014-10-25 17:19 - 2008-06-13 06:05 - 00272128 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-10-25 17:19 - 2008-04-14 04:42 - 00011325 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\vchnt5.dll
2014-10-25 17:19 - 2008-04-14 04:42 - 00003901 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\siint5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv04nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00021183 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv01nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00017279 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv10nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00015423 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\ch7xxnt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00014143 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv06nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00011359 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\atv02nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00004255 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv01nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003967 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv02nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003775 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv11nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003711 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv09nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003647 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv07nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003615 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv05nt5.dll
2014-10-25 17:19 - 2008-04-14 04:41 - 00003135 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\adv08nt5.dll
2014-10-25 17:19 - 2008-04-13 23:26 - 00030592 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys
2014-10-25 17:19 - 2008-04-13 23:21 - 00101120 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00059136 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00037888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00036480 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthprint.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00025600 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00018944 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthusb.sys
2014-10-25 17:19 - 2008-04-13 23:16 - 00017024 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2014-10-25 17:19 - 2008-04-13 23:13 - 00014208 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wacompen.sys
2014-10-25 17:19 - 2008-04-13 23:13 - 00012672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mutohpen.sys
2014-10-25 17:19 - 2008-04-13 23:10 - 00010240 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sffp_mmc.sys
2014-10-25 17:19 - 2008-04-13 23:06 - 00046464 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gagp30kx.sys
2014-10-25 17:19 - 2008-04-13 23:06 - 00044672 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uagp35.sys
2014-10-25 17:19 - 2008-04-13 23:06 - 00005888 ____N (Microsoft Corporation) C:\WINDOWS\system32\Drivers\smbali.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 01309184 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlstrm.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 01041536 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfdpsp2.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00685056 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfcxts2.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00404990 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slntamr.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00220032 ____N (Conexant Systems, Inc.) C:\WINDOWS\system32\Drivers\hsfbs2s2.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00180360 ____N (Smart Link) C:\WINDOWS\system32\Drivers\ntmtlfax.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00129535 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnt7554.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00126686 ____N (Smart Link) C:\WINDOWS\system32\Drivers\mtlmnt5.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00095424 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slnthal.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00013776 ____N (Smart Link) C:\WINDOWS\system32\Drivers\recagent.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00013240 ____N (Smart Link) C:\WINDOWS\system32\Drivers\slwdmsup.sys
2014-10-25 17:19 - 2008-04-13 22:53 - 00011868 ____N (Conexant) C:\WINDOWS\system32\Drivers\mdmxsdk.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00701440 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtag.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00452736 ____N (Matrox Graphics Inc.) C:\WINDOWS\system32\Drivers\mtxparhm.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00327040 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati2mtaa.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00166912 ____N (S3 Graphics, Inc.) C:\WINDOWS\system32\Drivers\s3gnbm.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00104960 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinrvxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00073216 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atintuxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00063663 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1rvxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00063488 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxsxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00057856 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinbtxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00056623 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1btxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00052224 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinraxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00036463 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1tuxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00034735 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xsxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00031744 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinxbxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00030671 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1raxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00029455 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1xbxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00028672 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinsnxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00026367 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1snxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00025471 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv10nt.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00022271 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\watv06nt.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00021343 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1ttxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00014336 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinpdxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinttxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00013824 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\atinmdxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00012047 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1pdxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00011935 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv11nt.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00011871 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv09nt.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00011807 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv07nt.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00011615 ____N (ATI Technologies Inc.) C:\WINDOWS\system32\Drivers\ati1mdxx.sys
2014-10-25 17:19 - 2008-04-13 21:04 - 00011295 ____N (Intel® Corporation) C:\WINDOWS\system32\Drivers\wadv08nt.sys
2014-10-25 17:19 - 2007-04-02 20:36 - 00129045 ____N () C:\WINDOWS\system32\Drivers\cxthsfs2.cty
2014-10-25 17:19 - 2006-12-29 19:21 - 00064352 ____N () C:\WINDOWS\system32\Drivers\ativmc20.cod
2014-10-25 17:19 - 2006-12-29 19:02 - 00067866 ____N () C:\WINDOWS\system32\Drivers\netwlan5.img
2014-10-25 17:17 - 2014-10-25 17:18 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2014-10-25 13:27 - 2014-10-25 13:27 - 00000000 __SHD () C:\Documents and Settings\Administrator\UserData
2014-10-25 12:13 - 2014-10-25 12:13 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia
2014-10-24 00:35 - 2014-10-24 00:31 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Google
2014-10-24 00:35 - 2014-10-24 00:26 - 00000000 ____D () C:\Documents and Settings\Default User\Start Menu\Programs\System Recovery
2014-10-24 00:35 - 2014-10-24 00:26 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Leadertech
2014-10-24 00:35 - 2014-10-24 00:23 - 00000000 ____D () C:\Documents and Settings\Default User\My Documents\Bluetooth Exchange Folder
2014-10-24 00:35 - 2014-10-24 00:23 - 00000000 ____D () C:\Documents and Settings\Default User\Bluetooth Software
2014-10-24 00:35 - 2014-10-24 00:18 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\You've Got Pictures Screensaver
2014-10-24 00:35 - 2014-10-24 00:17 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\SampleView
2014-10-24 00:32 - 2014-10-24 00:32 - 00000000 _____ () C:\WINDOWS\system32\Gateway_NX860XL_Rev.1_0039087414.MRK
2014-10-24 00:31 - 2014-10-24 00:31 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2014-10-24 00:29 - 2014-10-24 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB917537$
2014-10-24 00:29 - 2014-10-24 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB917159$
2014-10-24 00:29 - 2014-10-24 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB916595$
2014-10-24 00:29 - 2014-10-24 00:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB914388$
2014-10-24 00:29 - 2009-01-07 17:20 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2014-10-24 00:28 - 2014-10-24 00:28 - 00000000 ____D () C:\Program Files\Phoenix Technologies Ltd
2014-10-24 00:28 - 2014-10-24 00:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinPhlash
2014-10-24 00:28 - 2004-09-03 18:07 - 00020480 _____ (Gateway) C:\WINDOWS\system32\Marker32.exe
2014-10-24 00:27 - 2014-10-24 00:27 - 00021419 _____ (Meetinghouse Data Communications) C:\WINDOWS\system32\Drivers\AegisP.sys
2014-10-24 00:27 - 2014-10-24 00:27 - 00000308 _____ () C:\WINDOWS\system32\results.txt
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\Owner\Application Data\Intel
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\NetworkService\Application Data\Intel
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Intel
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\Intel
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Intel PROSet Wireless
2014-10-24 00:27 - 2014-10-24 00:27 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Intel
2014-10-24 00:26 - 2014-10-24 00:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Intel
2014-10-24 00:26 - 2014-10-24 00:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Leadertech
2014-10-24 00:26 - 2006-09-27 04:36 - 01709696 _____ (Intel® Corporation) C:\WINDOWS\system32\Drivers\NETw3x32.sys
2014-10-24 00:26 - 2006-07-28 04:46 - 02732032 _____ (Intel Corporation) C:\WINDOWS\system32\NETw3r32.dll
2014-10-24 00:26 - 2006-07-28 04:45 - 00561152 _____ (Intel Corporation) C:\WINDOWS\system32\NETw3c32.dll
2014-10-24 00:26 - 2006-04-04 15:38 - 00743936 _____ (Leader Technologies) C:\WINDOWS\system32\GTW1.exe
2014-10-24 00:24 - 2014-10-24 00:35 - 00000000 ____D () C:\Documents and Settings\Owner
2014-10-24 00:24 - 2005-10-18 23:27 - 00003487 _____ () C:\WINDOWS\system32\gtw_logo.log
2014-10-24 00:24 - 2005-01-11 08:09 - 00051656 _____ () C:\WINDOWS\system32\OEMLOGO.bmp
2014-10-24 00:24 - 2003-07-03 17:48 - 00023552 _____ () C:\WINDOWS\system32\jesterss.dll
2014-10-24 00:24 - 2003-03-25 07:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\POWERCFG.EXE
2014-10-24 00:23 - 2014-10-24 00:23 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Bluetooth Exchange Folder
2014-10-24 00:23 - 2014-10-24 00:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Bluetooth Software
2014-10-24 00:21 - 2014-10-24 00:21 - 00000901 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\My Bluetooth Places.lnk
2014-10-24 00:21 - 2014-10-24 00:21 - 00000901 _____ () C:\Documents and Settings\All Users\Start Menu\My Bluetooth Places.lnk
2014-10-24 00:21 - 2014-10-24 00:21 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-10-24 00:19 - 2014-10-24 00:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2014-10-24 00:19 - 2014-10-24 00:19 - 00000000 ____D () C:\Program Files\SigmaTel
2014-10-24 00:19 - 2014-10-24 00:19 - 00000000 ____D () C:\Program Files\Motorola
2014-10-24 00:19 - 2008-04-14 04:42 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2014-10-24 00:19 - 2008-04-14 04:41 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksuser.dll
2014-10-24 00:19 - 2008-04-13 23:47 - 00083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wdmaud.sys
2014-10-24 00:19 - 2008-04-13 23:45 - 00060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sysaudio.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kmixer.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00060160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\swmidi.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00052864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmusic.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00006272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\splitter.sys
2014-10-24 00:19 - 2008-04-13 23:15 - 00002944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2014-10-24 00:19 - 2008-04-13 23:09 - 00007552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2014-10-24 00:19 - 2008-04-13 23:09 - 00005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspclock.sys
2014-10-24 00:19 - 2008-04-13 23:09 - 00004992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mspqm.sys
2014-10-24 00:19 - 2006-02-21 06:35 - 01003520 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\stlang.dll
2014-10-24 00:19 - 2006-02-13 11:26 - 01106888 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\Drivers\sthda.sys
2014-10-24 00:19 - 2006-02-13 11:25 - 00112128 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\staco.dll
2014-10-24 00:19 - 2006-02-13 11:24 - 00200704 _____ (SigmaTel, Inc.) C:\WINDOWS\system32\stacapi.dll
2014-10-24 00:19 - 2006-02-13 11:23 - 00282624 _____ (SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
2014-10-24 00:18 - 2014-10-26 03:04 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\QuickTime
2014-10-24 00:18 - 2014-10-26 03:03 - 00000000 ____D () C:\WINDOWS\system32\QuickTime
2014-10-24 00:18 - 2014-10-24 00:19 - 00000894 ____H () C:\IPH.PH
2014-10-24 00:18 - 2014-10-24 00:18 - 00278528 _____ (Real Networks, Inc) C:\WINDOWS\system32\pncrt.dll
2014-10-24 00:18 - 2014-10-24 00:18 - 00157696 _____ (RealNetworks) C:\WINDOWS\system32\rmoc3260.dll
2014-10-24 00:18 - 2014-10-24 00:18 - 00024576 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\prefscpl.cpl
2014-10-24 00:18 - 2014-10-24 00:18 - 00008552 _____ (Windows ® 2000 DDK provider) C:\WINDOWS\system32\Drivers\asctrm.sys
2014-10-24 00:18 - 2014-10-24 00:18 - 00006656 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5016.dll
2014-10-24 00:18 - 2014-10-24 00:18 - 00005632 _____ (RealNetworks, Inc.) C:\WINDOWS\system32\pndx5032.dll
2014-10-24 00:18 - 2014-10-24 00:18 - 00002905 _____ () C:\WINDOWS\system32\qtplugin.log
2014-10-24 00:18 - 2014-10-24 00:18 - 00000335 _____ () C:\WINDOWS\nsreg.dat
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\WINDOWS\occache
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Program Files\Viewpoint
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Program Files\Real
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Program Files\Learn2.com
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Program Files\Common Files\Real
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Program Files\Common Files\Nullsoft
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Real
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Viewpoint
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Pure Networks
2014-10-24 00:18 - 2014-10-24 00:18 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2014-10-24 00:18 - 2006-05-29 17:32 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.bak
2014-10-24 00:18 - 2004-06-30 11:49 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc71.dll
2014-10-24 00:18 - 2004-06-30 11:49 - 01044480 _____ (eHelp Corporation.) C:\WINDOWS\system32\roboex32.dll
2014-10-24 00:18 - 2004-06-30 11:49 - 00054784 _____ (Blue Sky Software Corporation.) C:\WINDOWS\system32\Inetwh32.dll
2014-10-24 00:18 - 2004-06-30 11:49 - 00029184 _____ (Blue Sky Software) C:\WINDOWS\system32\popup.ocx
2014-10-24 00:18 - 2003-09-16 12:07 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp71.dll
2014-10-24 00:18 - 2003-09-09 16:06 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr71.dll
2014-10-24 00:18 - 2001-11-21 12:15 - 00102400 _____ (4Developers LLC) C:\WINDOWS\system32\SimpleRegistry.dll
2014-10-24 00:18 - 2001-03-13 16:51 - 01066176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCOMCTL.OCX
2014-10-24 00:18 - 2001-03-13 16:49 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\COMDLG32.OCX
2014-10-24 00:18 - 2000-05-22 02:00 - 00203976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RichTx32.ocx
2014-10-24 00:18 - 2000-03-14 02:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Msstdfmt.dll
2014-10-24 00:18 - 1999-11-10 13:05 - 00086016 _____ (MindVision) C:\WINDOWS\unvise32qt.exe
2014-10-24 00:18 - 1999-04-17 03:06 - 00010752 _____ (Almeida & Andrade Ltda) C:\WINDOWS\system32\aamd532.dll
2014-10-24 00:18 - 1998-06-26 02:00 - 00644400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSComCt2.ocx
2014-10-24 00:18 - 1998-06-24 02:00 - 00115016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSInet.ocx
2014-10-24 00:18 - 1998-04-24 02:00 - 00368912 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbar332.dll
2014-10-24 00:17 - 2014-11-23 12:10 - 00051048 _____ () C:\WINDOWS\system32\nvapps.xml
2014-10-24 00:17 - 2014-10-24 00:28 - 00000000 ___SD () C:\Documents and Settings\All Users\Start Menu\Programs\Gateway Documentation
2014-10-24 00:17 - 2014-10-24 00:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\System Recovery
2014-10-24 00:17 - 2014-10-24 00:24 - 00000000 ____D () C:\WINDOWS\nview
2014-10-24 00:17 - 2014-10-24 00:17 - 00000000 ____D () C:\Program Files\Texas Instruments Inc
2014-10-24 00:17 - 2014-10-24 00:17 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\SampleView
2014-10-24 00:17 - 2006-07-21 01:21 - 00208896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NVUNINST.EXE
2014-10-24 00:17 - 2006-07-20 15:58 - 00208896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvudisp.exe
2014-10-24 00:17 - 2006-07-20 15:58 - 00016960 _____ () C:\WINDOWS\system32\nvdisp.nvu
2014-10-24 00:17 - 2006-07-06 21:44 - 00168448 _____ (Texas Instruments) C:\WINDOWS\system32\Drivers\tifm21.sys
2014-10-24 00:16 - 2014-10-24 00:26 - 00000000 ____D () C:\Program Files\Intel
2014-10-24 00:16 - 2014-10-24 00:16 - 00000191 _____ () C:\touchpad.log
2014-10-24 00:16 - 2014-10-24 00:16 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-10-24 00:16 - 2014-10-24 00:16 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-24 00:16 - 2006-01-31 22:54 - 00094208 _____ (Gateway Inc.) C:\WINDOWS\system32\BAE.dll
2014-10-24 00:16 - 2004-11-05 04:47 - 00185824 _____ (Synaptics, Inc.) C:\WINDOWS\system32\Drivers\SynTP.sys
2014-10-24 00:16 - 2004-11-05 04:47 - 00114688 _____ (Synaptics, Inc.) C:\WINDOWS\system32\SynCtrl.dll
2014-10-24 00:16 - 2004-11-05 04:47 - 00090202 _____ (Synaptics, Inc.) C:\WINDOWS\system32\SynTPAPI.dll
2014-10-24 00:16 - 2004-11-05 04:47 - 00081920 _____ (Synaptics, Inc.) C:\WINDOWS\system32\SynTPCo2.dll
2014-10-24 00:16 - 2004-11-05 04:47 - 00077917 _____ (Synaptics, Inc.) C:\WINDOWS\system32\SynCOM.dll
2014-10-24 00:16 - 2004-11-05 04:47 - 00069722 _____ (Synaptics, Inc.) C:\WINDOWS\system32\SynTPFcs.dll
2014-10-24 00:16 - 2003-01-10 15:58 - 00351526 _____ (Wilson WindowWare, Inc.) C:\WINDOWS\WBDDA34I.DLL
2014-10-24 00:16 - 2003-01-10 15:58 - 00046433 _____ (Wilson WindowWare, Inc.) C:\WINDOWS\WBODA34I.DLL
2014-10-24 00:15 - 2014-11-04 10:24 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-24 00:15 - 2014-10-24 00:17 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-10-24 00:15 - 2014-10-24 00:16 - 00000090 _____ () C:\powerdvd.log
2014-10-24 00:15 - 2014-10-24 00:16 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink DVD Solution
2014-10-24 00:15 - 2014-10-24 00:15 - 00000002 _____ () C:\AUDIT_INSTALL_IN_PROGRESS
2014-10-24 00:15 - 2014-10-24 00:15 - 00000000 ____D () C:\Program Files\CyberLink
2014-10-24 00:14 - 2014-10-24 00:29 - 00000178 ___SH () C:\Documents and Settings\Default User\ntuser.ini
2014-10-24 00:14 - 2006-06-21 04:12 - 00000000 ____D () C:\Documents and Settings\Default User\WINDOWS
2014-10-24 00:14 - 2006-06-18 23:25 - 00013104 _____ () C:\Documents and Settings\Default User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-24 00:14 - 2006-06-17 04:46 - 00000767 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Internet Explorer.lnk
2014-10-24 00:14 - 2006-06-17 04:46 - 00000738 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Outlook Express.lnk
2014-10-24 00:14 - 2004-07-15 16:03 - 00518520 _____ () C:\WINDOWS\vidres.exe
2014-10-24 00:10 - 2014-10-24 00:10 - 00000000 ____D () C:\WINDOWS\Downloaded Installations
2014-10-24 00:06 - 2014-10-28 23:24 - 00000000 ____D () C:\Program Files\Google
2014-10-24 00:00 - 2014-10-25 20:04 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2014-10-24 00:00 - 2014-10-25 17:22 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2014-10-24 00:00 - 2014-10-24 00:17 - 00000000 ____D () C:\WINDOWS\SMINST
2014-10-24 00:00 - 2014-10-24 00:17 - 00000000 ____D () C:\WINDOWS\creator
2014-10-24 00:00 - 2014-10-24 00:00 - 00000060 _____ () C:\WINDOWS\system32\SYSDRV.DAT
2014-10-24 00:00 - 2014-10-24 00:00 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-10-24 00:00 - 2014-10-24 00:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Games
2014-10-24 00:00 - 2005-10-12 08:07 - 00874240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStor.sys
2014-10-24 00:00 - 2005-09-14 14:24 - 00179200 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1e5132.sys
2014-10-24 00:00 - 2005-07-13 13:06 - 00002790 _____ () C:\WINDOWS\system32\e1e5132.din
2014-10-24 00:00 - 2005-07-06 13:12 - 00163840 _____ (Intel Corporation) C:\WINDOWS\system32\e1000msg.dll
2014-10-24 00:00 - 2005-06-23 07:59 - 00017408 _____ (Intel Corporation) C:\WINDOWS\system32\EtCo32.dll
2014-10-24 00:00 - 2005-06-15 10:27 - 00126976 _____ (Intel Corporation) C:\WINDOWS\system32\Prounstl.exe
2014-10-24 00:00 - 2005-06-14 19:08 - 00020480 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo32.dll
2014-10-24 00:00 - 2005-05-19 04:28 - 00021504 _____ (Intel Corporation) C:\WINDOWS\system32\NicIn32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-23 12:21 - 2006-06-17 04:45 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2014-11-23 12:11 - 2006-06-17 04:39 - 01979483 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-23 12:10 - 2006-06-17 04:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-23 12:10 - 2006-06-17 04:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-23 04:30 - 2006-06-17 04:45 - 00032616 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-23 04:30 - 2006-06-17 04:45 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2014-11-22 04:02 - 2006-06-17 04:45 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-11-17 00:43 - 2006-06-17 04:23 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-07 00:00 - 2006-06-17 04:45 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-11-06 23:32 - 2006-06-17 04:36 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-11-06 17:43 - 2006-06-16 21:31 - 00572722 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-06 17:25 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\security
2014-10-27 01:30 - 2006-06-17 04:45 - 00000792 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2014-10-27 00:36 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\Cursors
2014-10-27 00:24 - 2006-06-17 04:38 - 00000000 ____D () C:\WINDOWS\system32\DirectX
2014-10-27 00:24 - 2006-06-16 21:31 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-27 00:23 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-10-26 03:15 - 2006-06-17 04:35 - 00000000 ____D () C:\Program Files\MSN
2014-10-26 02:07 - 2006-06-18 23:37 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-10-26 01:10 - 2006-06-17 04:23 - 00000477 _____ () C:\WINDOWS\win.ini
2014-10-26 00:03 - 2006-06-18 23:25 - 00014664 _____ () C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-10-25 23:53 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\Resources
2014-10-25 20:20 - 2006-06-16 21:30 - 00098256 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-25 20:11 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-25 20:04 - 2006-06-17 04:46 - 00000803 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2014-10-25 20:03 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\Help
2014-10-25 19:48 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\Media
2014-10-25 19:43 - 2006-06-17 04:35 - 00000000 ____D () C:\Program Files\Messenger
2014-10-25 19:17 - 2006-06-17 04:38 - 00000000 ____D () C:\Program Files\Outlook Express
2014-10-25 18:34 - 2006-06-17 04:36 - 00000000 ____D () C:\Program Files\Movie Maker
2014-10-25 18:26 - 2006-06-17 04:25 - 00000209 __RSH () C:\boot.ini
2014-10-25 18:26 - 2006-06-17 04:23 - 00000282 _____ () C:\WINDOWS\system.ini
2014-10-25 17:40 - 2006-06-17 04:41 - 00316640 _____ () C:\WINDOWS\WMSysPr9.prx
2014-10-25 17:39 - 2006-06-17 04:46 - 00000738 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Outlook Express.lnk
2014-10-25 17:38 - 2006-06-17 04:38 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-25 17:23 - 2006-06-17 04:41 - 00001563 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2014-10-25 17:22 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system32\usmt
2014-10-25 17:22 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-25 17:22 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\PeerNet
2014-10-25 17:22 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\ime
2014-10-25 17:20 - 2006-06-17 04:38 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-10-25 17:20 - 2006-06-17 04:38 - 00000000 ____D () C:\WINDOWS\srchasst
2014-10-25 17:20 - 2006-06-17 04:38 - 00000000 ____D () C:\Program Files\NetMeeting
2014-10-25 17:20 - 2006-06-17 04:35 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-10-25 17:20 - 2006-06-17 04:35 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-25 17:20 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system32\npp
2014-10-25 17:20 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\system
2014-10-25 17:20 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\mui
2014-10-25 17:20 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\msagent
2014-10-25 17:19 - 2006-06-17 04:24 - 00250048 __RSH () C:\ntldr
2014-10-25 13:31 - 2006-06-17 04:41 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2014-10-24 00:32 - 2006-06-21 04:12 - 00000000 ____D () C:\WINDOWS\OPTIONS
2014-10-24 00:32 - 2006-06-16 21:31 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Temp
2014-10-24 00:31 - 2006-06-17 04:17 - 00000000 ____D () C:\WINDOWS\I386
2014-10-24 00:28 - 2006-06-17 04:24 - 00000498 _____ () C:\WINDOWS\system32\emver.ini
2014-10-24 00:15 - 2006-06-17 04:45 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-10-24 00:01 - 2006-06-16 21:26 - 00000000 ____D () C:\WINDOWS\repair

Files to move or delete:
====================
C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE.dat
C:\Documents and Settings\Administrator\jagex_cl_runescape_LIVE1.dat
C:\Documents and Settings\Administrator\random.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================





Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
Ran by Administrator at 2014-11-23 12:21:50
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
DVD Solution (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: - )
gBurner (HKLM\...\gBurner) (Version: 3.7 - Power Software Ltd)
Hardwood Euchre (HKLM\...\Hardwood Euchre) (Version: - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.50.0000 - Intel Corporation)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version: - )
Macrium Reflect Standard Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Standard Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
mCore (Version: 7.10.0000 - Intel Corporation) Hidden
mDriver (Version: 7.10.0000 - Intel) Hidden
mDrWiFi (Version: 7.10.0000 - Intel Corporation) Hidden
mHelp (Version: 7.10.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
mIWA (Version: 7.10.0000 - Intel Corporation) Hidden
mLogView (Version: 7.10.0000 - Intel Corporation) Hidden
mMHouse (Version: 7.10.0000 - Intel Corporation) Hidden
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version: - )
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
mPfMgr (Version: 7.10.0000 - Intel Corporation) Hidden
mPfWiz (Version: 7.10.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mWlsSafe (Version: 7.10.0000 - Intel) Hidden
mXML (Version: 7.10.0000 - Intel Corporation) Hidden
mZConfig (Version: 7.10.0000 - Intel Corporation) Hidden
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero MediaHome Free (HKLM\...\{96F31DB7-9239-4FBE-B75E-056AEAB192D9}) (Version: 16.0.00700 - Nero AG)
nero12kwikburnexpressess (HKLM\...\{57AB77BC-E70C-454B-BD0C-E543A7961912}) (Version: 12.0.00300 - Nero AG)
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Power2Go 4.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - CyberLink Corporation)
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
Prerequisite installer (Version: 16.0.0000 - Nero AG) Hidden
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.24.0 - Ralink)
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version: - )
Recovery Software Suite Gateway (HKLM\...\{15377C3E-9655-400F-B441-E69F0A6BEAFE}) (Version: 1.00.0000 - Gateway)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4700.0 - SigmaTel)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1128 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 7.12.3.0 - )
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}) (Version: 1.20.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.20.0000 - Texas Instruments Inc.) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{3F4EC965-28EF-45C3-B063-04B25D4E9679}) (Version: 5.0.1.2200 - )
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (HKLM\...\WGA) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB914548 (HKLM\...\KB914548) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinPhlash (HKLM\...\WinPhlash) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

24-10-2014 05:35:51 System Checkpoint
25-10-2014 19:14:41 System Checkpoint
25-10-2014 22:18:39 Installed Windows XP Service Pack 3.
25-10-2014 22:47:16 Software Distribution Service 3.0
25-10-2014 22:52:06 Software Distribution Service 3.0
25-10-2014 23:33:15 Software Distribution Service 3.0
26-10-2014 00:14:55 Software Distribution Service 3.0
26-10-2014 01:08:22 Software Distribution Service 3.0
26-10-2014 04:59:08 Revo Uninstaller's restore point - McAfee Uninstall Wizard
26-10-2014 05:04:41 avast! antivirus system restore point
26-10-2014 06:02:45 Revo Uninstaller's restore point - gtw_logo
26-10-2014 06:09:06 Revo Uninstaller's restore point - America Online (Choose which version to remove)
26-10-2014 06:58:54 Revo Uninstaller's restore point - Uninstall Tool
26-10-2014 07:00:15 Software Distribution Service 3.0
26-10-2014 08:02:59 Revo Uninstaller's restore point - QuickTime
26-10-2014 08:08:08 Revo Uninstaller's restore point - MSN
26-10-2014 08:10:04 Revo Uninstaller's restore point - Netscape Internet Service
26-10-2014 08:15:06 Revo Uninstaller's restore point - AOL You've Got Pictures Screensaver
27-10-2014 05:23:46 Installed Windows XP KB942288-v3.
27-10-2014 05:24:17 Installed DirectX
27-10-2014 05:24:25 Installed DirectX
27-10-2014 05:24:32 Installed DirectX
27-10-2014 05:24:39 Installed DirectX
27-10-2014 05:24:44 Installed DirectX
27-10-2014 05:34:17 Installed nero12kwikburnexpressess.
28-10-2014 21:18:46 Software Distribution Service 3.0
29-10-2014 04:01:24 Installed Macrium Reflect Standard Edition
29-10-2014 04:07:59 Revo Uninstaller's restore point - GWCares
29-10-2014 04:09:47 Revo Uninstaller's restore point - GWCares
29-10-2014 04:21:36 Revo Uninstaller's restore point - Google Desktop
31-10-2014 21:48:25 System Checkpoint
01-11-2014 05:30:01 Revo Uninstaller's restore point - ContentExplorer
01-11-2014 05:31:30 Revo Uninstaller's restore point - FinanceAlert
01-11-2014 05:33:25 Revo Uninstaller's restore point - Norton Security Scan
01-11-2014 05:50:43 Revo Uninstaller's restore point - Java 2 Runtime Environment, SE v1.4.2
04-11-2014 15:24:49 Installed Ralink Wireless LAN
06-11-2014 01:35:08 System Checkpoint
06-11-2014 22:55:56 Revo Uninstaller's restore point - Fast Browser
06-11-2014 22:57:08 Revo Uninstaller's restore point - Fast Browser
06-11-2014 22:58:15 Revo Uninstaller's restore point - Fast Browser
07-11-2014 23:59:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
10-11-2014 22:57:08 System Checkpoint
11-11-2014 22:44:37 Removed Java 7 Update 67
11-11-2014 22:48:40 Software Distribution Service 3.0
13-11-2014 05:32:49 System Checkpoint
17-11-2014 19:10:39 System Checkpoint
19-11-2014 04:17:49 System Checkpoint
20-11-2014 05:35:53 System Checkpoint
21-11-2014 00:43:38 Revo Uninstaller's restore point - CouponARific
21-11-2014 00:48:37 Revo Uninstaller's restore point - Search Protect
21-11-2014 00:50:35 Revo Uninstaller's restore point - Search Protect
21-11-2014 00:52:23 Revo Uninstaller's restore point - Spybot - Search & Destroy
21-11-2014 00:53:52 Revo Uninstaller's restore point - Spybot - Search & Destroy
21-11-2014 20:26:52 Installed Windows 7 Upgrade Advisor
21-11-2014 22:05:41 Intel® Driver Update Utility
23-11-2014 00:17:15 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-06-17 04:23 - 2004-08-10 14:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Nero Info.job => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe

==================== Loaded Modules (whitelisted) =============

2006-08-02 02:24 - 2006-08-02 02:24 - 00348160 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2006-08-02 02:26 - 2006-08-02 02:26 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2014-11-22 21:23 - 2014-11-22 21:23 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112201\algo.dll
2006-06-17 04:23 - 2011-02-04 16:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2006-06-17 04:23 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2006-06-17 04:23 - 2008-04-14 04:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-06-17 04:23 - 2008-04-14 04:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-08-02 02:24 - 2006-08-02 02:24 - 00348160 _____ () C:\Program Files\Intel\Wireless\bin\IntStngs.dll
2014-10-26 00:05 - 2014-10-26 00:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2006-03-14 15:43 - 2006-03-14 15:43 - 00053248 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2014-11-04 10:25 - 2012-11-27 11:12 - 01210256 _____ () C:\Program Files\Ralink\Common\RaWLAPI.dll
2014-11-04 10:25 - 2010-06-29 10:34 - 00480608 _____ () C:\WINDOWS\system32\DiagFunc.dll
2006-06-23 15:07 - 2006-06-23 15:07 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AOL Spyware Protection => "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
MSCONFIG\startupreg: Gateway Extended Warranty => "C:\Program Files\Gateway\GWCares\GWCares.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background

========================= Accounts: ==========================

Administrator (S-1-5-21-2535354235-3254226930-1038610633-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-2535354235-3254226930-1038610633-1003 - Limited - Enabled)
Guest (S-1-5-21-2535354235-3254226930-1038610633-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-2535354235-3254226930-1038610633-1005 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-2535354235-3254226930-1038610633-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/19/2014 06:34:51 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 177523516.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/19/2014 06:34:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x00012fd3.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/17/2014 04:40:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/14/2014 10:34:54 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: Fault bucket 578590292.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/14/2014 10:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash32_15_0_0_189.ocx, version 15.0.0.189, fault address 0x000f550b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/14/2014 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash32_15_0_0_189.ocx, version 15.0.0.189, fault address 0x000f550b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/12/2014 11:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/12/2014 11:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/06/2014 06:57:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (11/06/2014 06:57:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module shell32.dll, version 6.0.2900.6242, fault address 0x00076f0b.
Processing media-specific event for [explorer.exe!ws!]

System errors:
=============
Error: (11/23/2014 00:10:29 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/23/2014 00:10:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/22/2014 05:20:04 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/22/2014 05:19:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/21/2014 11:14:51 AM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/20/2014 07:57:36 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/20/2014 07:33:03 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/20/2014 04:38:29 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/20/2014 04:34:29 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/20/2014 04:29:56 PM) (Source: DCOM) (EventID: 10010) (User: GATEWAY)
Description: The server {49BD2028-1523-11D1-AD79-00C04FD8FDFF} did not register with DCOM within the required timeout.

Microsoft Office Sessions:
=========================
Error: (11/19/2014 06:34:51 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: 177523516

Error: (11/19/2014 06:34:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702kernel32.dll5.1.2600.653200012fd3

Error: (11/17/2014 04:40:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (11/14/2014 10:34:54 PM) (Source: Application Error) (EventID: 1001) (User: )
Description: 578590292

Error: (11/14/2014 10:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702flash32_15_0_0_189.ocx15.0.0.189000f550b

Error: (11/14/2014 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe8.0.6001.18702flash32_15_0_0_189.ocx15.0.0.189000f550b

Error: (11/12/2014 11:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/12/2014 11:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/06/2014 06:57:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (11/06/2014 06:57:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.2900.5512shell32.dll6.0.2900.624200076f0b

==================== Memory info ===========================

Processor: Intel® Core™2 CPU T7200 @ 2.00GHz
Percentage of memory in use: 30%
Total physical RAM: 2046.04 MB
Available physical RAM: 1418.79 MB
Total Pagefile: 3936.48 MB
Available Pagefile: 3440.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:70.35 GB) (Free:47.29 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (RECOVERY) (Fixed) (Total:4.17 GB) (Free:1.49 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: EDAAEDAA)
Partition 1: (Active) - (Size=70.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=4.2 GB) - (Type=0B)

==================== End Of Log ============================
  • 0

#4
Essexboy
Posted 23 November 2014 - 02:18 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I think I know where you are at :) The mig file is a Microsoft one that will expand all your saved files into windows 7. I will try and find a guide on that (save me writing one :) ) Found one http://www.howtogeek...nd-a-usb-drive/

OK lets now tidy this up

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
BHO: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=55&CUI=&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2&SSPV=
FF SelectedSearchEngine: Trovi search
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

  • 0

#5
Pat_54
Posted 23 November 2014 - 02:57 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Hi Essexboy. Thank you so much for the help. After running the adw on auto restart the desktop froze I had to shutdown using power button but second restart was okay. Here are those logs.



# AdwCleaner v4.101 - Report created 23/11/2014 at 15:38:41
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - GATEWAY
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : netfilter

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Viewpoint
File Deleted : C:\END
File Deleted : C:\WINDOWS\system32\drivers\netfilter.sys
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tqxbj8ku.default\searchplugins\trovi-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v33.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [2134 octets] - [23/11/2014 15:35:15]
AdwCleaner[S0].txt - [2097 octets] - [23/11/2014 15:38:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2157 octets] ##########

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014
Ran by Administrator at 2014-11-23 15:25:06 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Loaded Profile: Administrator (Available profiles: Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
SearchScopes: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...archTerms}=
BHO: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2535354235-3254226930-1038610633-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=55&CUI=&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2&SSPV=
FF SelectedSearchEngine: Trovi search
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3324775&octid=EB_ORIGINAL_CTID&ISID=ME2B5550E-7502-4DEC-A312-9D825EFDF893&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP1B94AA10-15A0-47EE-B53C-B974606197E2
EmptyTemp:
CMD: bitsadmin /reset /allusers


*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2535354235-3254226930-1038610633-500\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key deleted successfully.
"HKCR\CLSID\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}" => Key deleted successfully.
"HKCR\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}" => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
HKU\S-1-5-21-2535354235-3254226930-1038610633-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
Firefox homepage deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox newtab deleted successfully.

========= bitsadmin /reset /allusers =========

'bitsadmin' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

EmptyTemp: => Removed 178.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
  • 0

#6
Essexboy
Posted 23 November 2014 - 03:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now, what problems are outstanding ?
  • 0

#7
Pat_54
Posted 23 November 2014 - 03:57 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

After posting the logs I got error message. internet explorer has encountered a problem and needs to close. we are sorry for the inconvience. send error or don't send. error signature app name:ieplore.exe mod ver:5.1.2600.6532 app ver:8.0.6001.18702 offset 00012fd3 mod name:kernel32.dll

 

After closing and reopening I got malware or virus need help topic I made.. message says end program. this program is not responding. end now or cancel.


Edited by Pat_54, 23 November 2014 - 04:06 PM.

  • 0

#8
Essexboy
Posted 23 November 2014 - 04:03 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Was that a one off or is it regular ?
Is the computer now starting normally or are you still getting the stalling problem ?

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop ( it will be randomly named )

First we will run a virus scan
Select the cog to access scan areas
Kas%20front.JPG

On the first tab select all elements down to OS C and then select start scan
https://dl.dropboxus...s Scan area.JPG

Once it has finished select reports and post the detected threats
.

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button

kas%20manual.JPG

Once it has completed then click Step 2 Report sending
avp%20report.JPG

Click avptool.sysinfo.zip
And you will be taken to the zip file that needs to be attached
  • 0

#9
Pat_54
Posted 23 November 2014 - 06:37 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Ok did first part of kaspersky. This took some time to run. When running program it asked me what I wanted to do about the item mentioned here below, I just pressed skip. I opened reports but was not sure what to do here. I see it only detected this one.

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\tqxbj8ku.default\searchplugins\trovi-search.xml.vir

 

Right after running the scan and was trying to decide how to get the report after clicking on the note icon, my desktop froze again. Nothing was responding. I had to restart the computer with the power button. On powering back up it started loading desktop and only partial loaded, then just stopped. Had to power back off again. Next time powered up and then it loaded fine. Tried opening kaspersky to reran scan and it was weird only showed a part of /or a portion of kaspersky, then nothing again, so tried closing kaspersky but message said end program not responding but did nothing. Had to restart computer again this time everything went good, opened kaspersky and had to rerun scan and did 2nd part of scan. Here is that file.

 

second part of kaspersky report

Attached File  avptool_sysinfo.zip   18.75KB   165 downloads


Edited by Pat_54, 23 November 2014 - 11:53 PM.

  • 0

#10
Pat_54
Posted 23 November 2014 - 11:22 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Sorry this took me a while to do. I hope I did it right. When the computer freezes or don't respond and I have to shutdown with the power button, I lose everything I was doing. I don't understand why it does this. It never did this before. This thing has me so upset if I had the money I would have stopped along time ago and went and bought another. At the time when I bought this one I paid a high price for it but it was at the top of the line with all the bells and whistles. It still is a nice computer when its running good. I think if I can just get it working properly, I'll be able to install wins7 and all will be fine. Besides the new laptops I've looked at that have all the features I really like, run well into the 700 to 900 hundred dollar range and this is just not a option for me. Thanks for all your help you have been so kind to help me to try and fix his problem.  

Attached Files


Edited by Pat_54, 24 November 2014 - 12:03 AM.

  • 0

Advertisements

#11
Essexboy
Posted 24 November 2014 - 09:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK well I do not believe we are looking at a malware problem anymore

The quickest option would be to install Windows 7 as a clean install and then migrate the old files onto it

Please download MiniToolBox, save it to your desktop and run it.
https://dl.dropbox.c...minitoolbox.JPG
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • 0

#12
Pat_54
Posted 24 November 2014 - 11:20 AM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

Hi Essexboy

I have failed to mention that it doesn't do these things all the time its just sporadic. Now today upon turning computer on everything ran really good. Here is the results from mini toolbox

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Administrator (administrator) on 24-11-2014 at 12:10:42
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/1000 PL Network Connection = Local Area Connection (Media disconnected)
Bluetooth LAN Access Server Driver = Local Area Connection 2 (Media disconnected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : GATEWAY

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : Yes

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : Home

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . : Home

        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

        Physical Address. . . . . . . . . : 00-19-D2-B1-B3-CF

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.69

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.254

        DHCP Server . . . . . . . . . . . : 192.168.1.254

        DNS Servers . . . . . . . . . . . : 192.168.1.254

        Lease Obtained. . . . . . . . . . : Monday, November 24, 2014 11:58:41 AM

        Lease Expires . . . . . . . . . . : Tuesday, November 25, 2014 11:58:41 AM

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel® PRO/1000 PL Network Connection

        Physical Address. . . . . . . . . : 00-E0-B8-9C-F3-E1

 

Ethernet adapter Local Area Connection 2:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Bluetooth LAN Access Server Driver

        Physical Address. . . . . . . . . : 00-19-7D-E6-20-A0

Server:  ControlPanel.Home
Address:  192.168.1.254

Name:    google.com
Addresses:  74.125.228.100, 74.125.228.101, 74.125.228.102, 74.125.228.103
   74.125.228.104, 74.125.228.105, 74.125.228.110, 74.125.228.96, 74.125.228.97
   74.125.228.98, 74.125.228.99

 

Pinging google.com [74.125.228.100] with 32 bytes of data:

 

Reply from 74.125.228.100: bytes=32 time=61ms TTL=55

Reply from 74.125.228.100: bytes=32 time=16ms TTL=55

 

Ping statistics for 74.125.228.100:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 16ms, Maximum = 61ms, Average = 38ms

Server:  ControlPanel.Home
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=31ms TTL=52

Reply from 98.139.183.24: bytes=32 time=51ms TTL=52

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 31ms, Maximum = 51ms, Average = 41ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 d2 b1 b3 cf ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x3 ...00 e0 b8 9c f3 e1 ...... Intel® PRO/1000 PL Network Connection - Packet Scheduler Miniport
0x10005 ...00 19 7d e6 20 a0 ...... Bluetooth LAN Access Server Driver - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.69   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0     192.168.1.69    192.168.1.69   25
     192.168.1.69  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255     192.168.1.69    192.168.1.69   25
        224.0.0.0        240.0.0.0     192.168.1.69    192.168.1.69   25
  255.255.255.255  255.255.255.255     192.168.1.69               3   1
  255.255.255.255  255.255.255.255     192.168.1.69           10005   1
  255.255.255.255  255.255.255.255     192.168.1.69    192.168.1.69   1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/24/2014 00:07:43 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/24/2014 00:03:45 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/23/2014 08:33:48 PM) (Source: Application Hang) (User: )
Description: Hanging application 3725506.exe, version 11.0.0.1245, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/23/2014 04:51:46 PM) (Source: Application Error) (User: )
Description: Fault bucket 177523516.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/23/2014 04:43:22 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x00012fd3.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/19/2014 06:34:51 PM) (Source: Application Error) (User: )
Description: Fault bucket 177523516.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/19/2014 06:34:38 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.6532, fault address 0x00012fd3.
Processing media-specific event for [iexplore.exe!ws!]

Error: (11/17/2014 04:40:09 AM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (11/14/2014 10:34:54 PM) (Source: Application Error) (User: )
Description: Fault bucket 578590292.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.

Error: (11/14/2014 10:34:44 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module flash32_15_0_0_189.ocx, version 15.0.0.189, fault address 0x000f550b.
Processing media-specific event for [iexplore.exe!ws!]

System errors:
=============
Error: (11/24/2014 11:58:45 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/24/2014 11:53:54 AM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/24/2014 11:53:51 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/23/2014 11:51:18 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/23/2014 11:45:38 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/23/2014 08:49:12 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/23/2014 08:41:44 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Error: (11/23/2014 08:41:40 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/23/2014 08:40:46 PM) (Source: DCOM) (User: GATEWAY)
Description: The server {51FA2736-5DEE-11D4-98E8-006008BF430C} did not register with DCOM within the required timeout.

Error: (11/23/2014 08:38:44 PM) (Source: ipnathlp) (User: )
Description: The DHCP allocator has disabled itself on IP address 192.168.1.69,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope
from which addresses are being allocated to DHCP clients.
To enable the DHCP allocator on this IP address,
please change the scope to include the IP address,
or change the IP address to fall within the scope.

Microsoft Office Sessions:
=========================
Error: (11/24/2014 00:07:43 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/24/2014 00:03:45 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (11/23/2014 08:33:48 PM) (Source: Application Hang)(User: )
Description: 3725506.exe11.0.0.1245hungapp0.0.0.000000000

Error: (11/23/2014 04:51:46 PM) (Source: Application Error)(User: )
Description: 177523516

Error: (11/23/2014 04:43:22 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702kernel32.dll5.1.2600.653200012fd3

Error: (11/19/2014 06:34:51 PM) (Source: Application Error)(User: )
Description: 177523516

Error: (11/19/2014 06:34:38 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702kernel32.dll5.1.2600.653200012fd3

Error: (11/17/2014 04:40:09 AM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (11/14/2014 10:34:54 PM) (Source: Application Error)(User: )
Description: 578590292

Error: (11/14/2014 10:34:44 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702flash32_15_0_0_189.ocx15.0.0.189000f550b

 

=========================== Installed Programs ============================
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
DVD Solution (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version:  - )
gBurner (HKLM\...\gBurner) (Version: 3.7 - Power Software Ltd)
Hardwood Euchre (HKLM\...\Hardwood Euchre) (Version:  - )
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.50.0000 - Intel Corporation)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (Version: 2.1.71.14 - Oracle, Inc.) Hidden
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
Macrium Reflect Standard Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Standard Edition (Version: 5.3.7170 - Paramount Software (UK) Ltd.) Hidden
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
mCore (Version: 7.10.0000 - Intel Corporation) Hidden
mDriver (Version: 7.10.0000 - Intel) Hidden
mDrWiFi (Version: 7.10.0000 - Intel Corporation) Hidden
mHelp (Version: 7.10.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
mIWA (Version: 7.10.0000 - Intel Corporation) Hidden
mLogView (Version: 7.10.0000 - Intel Corporation) Hidden
mMHouse (Version: 7.10.0000 - Intel Corporation) Hidden
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
mPfMgr (Version: 7.10.0000 - Intel Corporation) Hidden
mPfWiz (Version: 7.10.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mWlsSafe (Version: 7.10.0000 - Intel) Hidden
mXML (Version: 7.10.0000 - Intel Corporation) Hidden
mZConfig (Version: 7.10.0000 - Intel Corporation) Hidden
Nero Abstract Themes (Version: 16.0.10002 - Nero AG) Hidden
Nero Audio Pack 1 (Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (Version: 12.1.20081 - Nero AG) Hidden
Nero ControlCenter (Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Core Components (Version: 11.4.0012 - Nero AG) Hidden
Nero Express (Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (Version: 12.0.3000 - Nero AG) Hidden
Nero Info (HKLM\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Kwik Media Help (CHM) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (Version: 16.0.10002 - Nero AG) Hidden
Nero MediaHome (Version: 1.26.5300 - Nero AG) Hidden
Nero MediaHome Free (HKLM\...\{96F31DB7-9239-4FBE-B75E-056AEAB192D9}) (Version: 16.0.00700 - Nero AG)
Nero SharedVideoCodecs (Version: 1.0.16006 - Nero AG) Hidden
Nero Update (Version: 11.0.13600.45.0 - Nero AG) Hidden
nero12kwikburnexpressess (HKLM\...\{57AB77BC-E70C-454B-BD0C-E543A7961912}) (Version: 12.0.00300 - Nero AG)
nLite 1.4.9.1 (HKLM\...\nLite_is1) (Version: 1.4.9.1 - Dino Nuhagic (nuhi))
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Power2Go 4.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - CyberLink Corporation)
Prerequisite installer (Version: 12.0.0002 - Nero AG) Hidden
Prerequisite installer (Version: 16.0.0000 - Nero AG) Hidden
Ralink RT2870 Wireless LAN Card (HKLM\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.24.0 - Ralink)
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
Recovery Software Suite Gateway (HKLM\...\{15377C3E-9655-400F-B441-E69F0A6BEAFE}) (Version: 1.00.0000 - Gateway)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4700.0 - SigmaTel)
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1128 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 7.12.3.0 - )
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{AD7914E1-6453-4440-AEC7-02C72AD6FE5F}) (Version: 1.20.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.20.0000 - Texas Instruments Inc.) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Media Player 10 (KB910393) (HKLM\...\KB910393) (Version:  - Microsoft Corporation)
Update for Windows Media Player 10 (KB913800) (HKLM\...\KB913800) (Version:  - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{3F4EC965-28EF-45C3-B063-04B25D4E9679}) (Version: 5.0.1.2200 -  )
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (HKLM\...\WGA) (Version:  - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB914548 (HKLM\...\KB914548) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinPhlash (HKLM\...\WinPhlash) (Version:  - )

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 27%
Total physical RAM: 2046.04 MB
Available physical RAM: 1484.76 MB
Total Pagefile: 3936.46 MB
Available Pagefile: 3510.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:70.35 GB) (Free:46.8 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:4.17 GB) (Free:1.49 GB) FAT32

========================= Users: ========================================

User accounts for \\GATEWAY

Administrator            ASPNET                   Guest                   
HelpAssistant            SUPPORT_388945a0        

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Edited by Pat_54, 24 November 2014 - 11:23 AM.

  • 0

#13
Essexboy
Posted 24 November 2014 - 11:58 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
IExplore is hanging a bit, lets run a disc check

Could you follow the steps here to run a disc check, then let me know if that makes a difference

http://forums.whatth...howtopic=102348
  • 0

#14
Pat_54
Posted 24 November 2014 - 01:41 PM

Pat_54

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts
Hi Essexboy
I ran the chkdisk. Everything seemed to go okay. Didn't notice anything unusual. Computer is working pretty good right at this moment. Like I said the freezing only seemed to be sporadic didn't occur everytime and on starting up the computer usually starts up fine. It was pretty slow before we started but seems to be better now. I'm wondering if the freezing is happening cause was trying to do to many things at one time. I know my memory is fairly new and is at its max so can't install anymore. Don't know but would think it should be sufficient enough to do all that I do.

Edited by Pat_54, 24 November 2014 - 01:42 PM.

  • 0

#15
Essexboy
Posted 24 November 2014 - 01:46 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
You appear to have a reasonable amount of memory although as programmes update they tend to use more resources and XP does not manage resources very well

Take the computer for a test drive now, run your normal programmes do some browsing and then let me know of any problems that occur
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP