Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SearchAssist.net [Closed]

Started by Denisejm , Dec 19 2014 03:29 PM

  • This topic is locked This topic is locked

#61
Dakeyras
Posted 12 January 2015 - 02:44 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

My apologies for the delay, I am not always available at the weekends.

I use Media Player Classic Home Cinema to play files. I would like to reinstall it. I thought it was safe, is it?

Aye it is safe but best to hold of with any major changes/installing software for the time being.

Re-scan with Farbar Recovery Scan Tool:
  • Double-click on FRST.exe to start FRST >> follow the prompt/click on Yes
  • After the tool has checked for any updates and The tool is ready to use is denoted:-
  • Under Optional Scan ensure both Drivers MD5 and Addition.txt are selected.
  • Now click on the Scan button/radio tab >> at the Scan completed prompt click on OK
  • At the next prompt denoting Addition.txt is saved in the same location FRST tool is run >> click on OK
  • There will now be two logs on your desktop, Addition.txt and FRST.txt. Post the contents of both in your next reply.

  • 0

Advertisements

#62
Denisejm
Posted 12 January 2015 - 07:44 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Administrator (administrator) on KINGKONG on 12-01-2015 08:35:10
Running from C:\Documents and Settings\Administrator\My Documents\Desktop
Loaded Profile: Administrator (Available profiles: Administrator)
Platform: Microsoft Windows XP Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)



==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\WINDOWS\SOUNDMAN.EXE [77824 2008-08-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18670592 2009-07-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [AlcWzrd] => C:\WINDOWS\ALCWZRD.EXE [2808832 2008-06-19] (RealTek Semicoductor Corp.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\WINDOWS\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [36X Raid Configurer] => C:\WINDOWS\SysWOW64\xRaidSetup.exe [1970176 2007-11-19] (JMicron Technology Corp.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1734144 2013-05-29] (AimerSoft)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-12-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\ScCertProp: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\crypt32chain-x32: C:\WINDOWS\SysWOW64\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet-x32: C:\WINDOWS\SysWOW64\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll-x32: C:\WINDOWS\SysWOW64\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy-x32: C:\WINDOWS\SysWOW64\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\EFS-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy-x32: C:\WINDOWS\SysWOW64\sclgntfy.dll (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => C:\Windows\system32\tscupgrd.exe [62464 2007-02-18] (Microsoft Corporation)
IFEO\Your Image File Name Here without a path: [Debugger] ntsd -d
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Documents and Settings\Administrator\My Documents\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> D:\- Webshots\Launcher.exe (Webshots.com)
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\Shell32.dll (Microsoft Corporation)
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\Shell32.dll (Microsoft Corporation)
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\syswow64\SHELL32.dll (Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SysWOW64\stobject.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1560305870-1003223559-3566357663-500 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {5727FF4C-EF4E-4d96-A96C-03AD91910448} http://www.srtest.co...sreqlab_ind.cab
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1321508482812
DPF: HKLM-x32 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1321508432468
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\SYSTEM\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\system32\mshtml.dll (Microsoft Corporation)
Handler-x32: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\Windows\SysWow64\mshtml.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter-x32: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
Filter-x32: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\system32\Shell32.dll (Microsoft Corporation)
Filter-x32: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\Windows\SysWow64\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [10508288 2009-02-10] (Microsoft Corporation)
ShellExecuteHooks-x32: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\SysWOW64\shell32.dll [8360960 2009-02-10] (Microsoft Corporation)
Winsock: Catalog5-x64 03 %SystemRoot%\system32\NLAapi.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1DDC0173-88C1-41DE-B25C-585A91DC2F21}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{24CB7CFF-5BDF-4D03-B675-2F9E29EE4A2A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2C3728E0-79F6-4148-A857-00965E95E10C}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{53EA468D-C928-4662-996B-38CD8D27EBD6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7EDEF09F-B6A1-4B5B-B62B-88BEB3A875C0}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{D73C8726-9B00-4935-A8E3-AF24B6444BC5}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rnxe1pti.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2:
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VLC Media Player 2.0.5\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\rnxe1pti.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-19]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-18] (SUPERAntiSpyware.com)
R2 AeLookupSvc; C:\Windows\SysWOW64\aelupsvc.dll [26624 2007-02-18] (Microsoft Corporation)
S3 ALG; C:\Windows\SysWOW64\alg.exe [45056 2007-02-18] (Microsoft Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [911360 2011-01-26] (ATI Technologies Inc.)
R2 AudioSrv; C:\Windows\SysWOW64\audiosrv.dll [41472 2007-02-18] (Microsoft Corporation)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-12-12] (Avira Operations GmbH & Co. KG)
S3 CiSvc; C:\Windows\SysWOW64\cisvc.exe [6656 2007-02-18] (Microsoft Corporation)
S4 ClipSrv; C:\Windows\system32\clipsrv.exe [49664 2007-02-18] (Microsoft Corporation)
S4 ClipSrv; C:\Windows\SysWOW64\clipsrv.exe [32256 2007-02-18] (Microsoft Corporation)
S3 Common Toolkit 2; C:\Program Files (x86)\Common Files\Common Toolkit Suite\Tools\x64\CommonToolkit2.exe [337920 2013-08-08] (SPAMfighter ApS) [File not signed]
R2 dmadmin; C:\Windows\System32\dmadmin.exe [399872 2007-02-18] (Microsoft Corporation)
R2 dmserver; C:\Windows\System32\dmserver.dll [37376 2007-02-18] (Microsoft Corporation)
R2 Dnscache; C:\Windows\SysWOW64\dnsrslvr.dll [45568 2007-02-18] (Microsoft Corporation)
S4 ERSvc; C:\Windows\System32\ersvc.dll [31744 2007-02-18] (Microsoft Corporation)
R2 helpsvc; C:\Windows\PCHealth\HelpCtr\Binaries\pchsvc.dll [77312 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\System32\w3ssl.dll [21504 2007-02-18] (Microsoft Corporation)
S3 HTTPFilter; C:\Windows\SysWOW64\w3ssl.dll [15360 2007-02-18] (Microsoft Corporation)
S3 IASJet; C:\Windows\SysWOW64\iasrecst.dll [162816 2007-02-18] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS\system32\imapi.exe [265728 2007-02-18] (Microsoft Corporation)
R2 LmHosts; C:\Windows\SysWOW64\lmhsvc.dll [19968 2007-02-18] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS\SysWOW64\mnmsrvc.exe [32768 2007-02-18] (Microsoft Corporation)
S4 NetDDE; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDE; C:\Windows\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\system32\netdde.exe [160768 2007-02-18] (Microsoft Corporation)
S4 NetDDEdsdm; C:\Windows\SysWOW64\netdde.exe [110080 2007-02-18] (Microsoft Corporation)
R3 Netman; C:\Windows\SysWOW64\netman.dll [263680 2007-02-18] (Microsoft Corporation)
S3 Nla; C:\Windows\System32\mswsock.dll [492032 2007-02-18] (Microsoft Corporation)
S3 Nla; C:\Windows\SysWOW64\mswsock.dll [233472 2007-02-18] (Microsoft Corporation)
R2 NtmsSvc; C:\Windows\system32\ntmssvc.dll [794112 2007-02-18] (Microsoft Corporation)
S2 nvsvc; C:\WINDOWS\system32\nvsvc64.exe [178688 2009-09-27] (NVIDIA Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\services.exe [224256 2007-02-18] (Microsoft Corporation)
R2 PolicyAgent; C:\Windows\system32\lsass.exe [14336 2007-02-18] (Microsoft Corporation)
S4 RasAuto; C:\Windows\SysWOW64\rasauto.dll [91648 2007-02-18] (Microsoft Corporation)
S4 RasMan; C:\Windows\SysWOW64\rasmans.dll [181760 2007-02-18] (Microsoft Corporation)
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [212480 2007-02-18] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\SysWOW64\regsvc.dll [69120 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\System32\SCardSvr.exe [166400 2007-02-18] (Microsoft Corporation)
S3 SCardSvr; C:\Windows\SysWOW64\SCardSvr.exe [90112 2007-02-18] (Microsoft Corporation)
R2 Schedule; C:\Windows\SysWOW64\schedsvc.dll [202240 2007-02-18] (Microsoft Corporation)
R2 seclogon; C:\Windows\SysWOW64\seclogon.dll [18432 2007-02-18] (Microsoft Corporation)
R2 srservice; C:\WINDOWS\system32\srsvc.dll [231424 2007-02-18] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\SysWOW64\ssdpsrv.dll [72192 2007-02-18] (Microsoft Corporation)
R2 stisvc; C:\Windows\SysWOW64\wiaservc.dll [348160 2007-02-18] (Microsoft Corporation)
S4 SysmonLog; C:\Windows\system32\smlogsvc.exe [133120 2007-02-18] (Microsoft Corporation)
S4 SysmonLog; C:\Windows\SysWOW64\smlogsvc.exe [96256 2007-02-18] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS\system32\tlntsvr.exe [113152 2007-02-18] (Microsoft Corporation)
R2 TrkWks; C:\Windows\SysWOW64\trkwks.dll [86528 2007-02-18] (Microsoft Corporation)
S4 UMWdf; C:\WINDOWS\system32\wdfmgr.exe [62976 2007-02-18] (Microsoft Corporation)
S4 UMWdf; C:\WINDOWS\SysWOW64\wdfmgr.exe [39424 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\Windows\System32\ups.exe [34816 2007-02-18] (Microsoft Corporation)
S3 UPS; C:\Windows\SysWOW64\ups.exe [16896 2007-02-18] (Microsoft Corporation)
R2 W32Time; C:\WINDOWS\SysWOW64\w32time.dll [227328 2007-02-18] (Microsoft Corporation)
S4 WmdmPmSN; C:\WINDOWS\system32\mspmsnsv.dll [36352 2007-02-18] (Microsoft Corporation)
S4 WmdmPmSN; C:\WINDOWS\SysWOW64\mspmsnsv.dll [25088 2007-02-18] (Microsoft Corporation)
S3 Wmi; C:\Windows\System32\advapi32.dll [1066496 2013-04-22] (Microsoft Corporation)
S3 Wmi; C:\Windows\SysWOW64\advapi32.dll [620032 2013-04-22] (Microsoft Corporation)
S4 wuauserv; C:\WINDOWS\system32\wuauserv.dll [12288 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\System32\wzcsvc.dll [659968 2007-02-18] (Microsoft Corporation)
R2 WZCSVC; C:\Windows\SysWOW64\wzcsvc.dll [489472 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\System32\xmlprov.dll [326144 2007-02-18] (Microsoft Corporation)
S3 xmlprov; C:\Windows\SysWOW64\xmlprov.dll [131584 2007-02-18] (Microsoft Corporation)
R2 Eventlog;  [X]
S3 WinHttpAutoProxySvc; winhttp.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Abiosdsk; No ImagePath
S4 ACPIEC; C:\Windows\System32\Drivers\ACPIEC.sys [18432 2007-02-18] (Microsoft Corporation)
S4 adpu160m; No ImagePath
S4 adpu320; No ImagePath
S3 aec; C:\Windows\System32\drivers\aec.sys [188928 2005-03-24] (Microsoft Corporation)
S4 aic78u2; No ImagePath
S4 aic78xx; No ImagePath
S4 AliIde; No ImagePath
S3 Ambfilt64; C:\Windows\System32\drivers\Ambft64.sys [1794560 2009-01-09] (Creative)
S4 AmdIde; No ImagePath
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
S4 arc; No ImagePath
S3 Arp1394; C:\Windows\System32\DRIVERS\arp1394.sys [111104 2007-02-16] (Microsoft Corporation)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2002-07-16] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-06] ()
S4 Atdisk; No ImagePath
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [7718912 2011-01-26] (ATI Technologies Inc.)
S3 Atmarpc; C:\Windows\System32\DRIVERS\atmarpc.sys [106496 2007-02-18] (Microsoft Corporation)
R3 audstub; C:\Windows\System32\DRIVERS\audstub.sys [5632 2005-03-24] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 CdaC15BA; C:\Windows\System32\DRIVERS\CdaC15BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
R2 CdaD10BA; C:\Windows\System32\DRIVERS\CdaD10BA.sys [13312 2007-02-18] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S1 Changer; No ImagePath
S4 CmdIde; No ImagePath
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S4 dmboot; C:\Windows\System32\drivers\dmboot.sys [415232 2007-02-18] (Microsoft Corporation)
R0 dmio; C:\Windows\System32\drivers\dmio.sys [244224 2007-02-18] (Microsoft Corporation)
R0 dmload; C:\Windows\System32\drivers\dmload.sys [9216 2007-02-18] (Microsoft Corporation)
S4 dpti2o; No ImagePath
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-12-31] ()
R1 Fips; C:\Windows\System32\Drivers\Fips.sys [50176 2007-02-18] (Microsoft Corporation)
R0 Ftdisk; C:\Windows\System32\DRIVERS\ftdisk.sys [240128 2007-02-18] (Microsoft Corporation)
R3 Gpc; C:\Windows\System32\DRIVERS\msgpc.sys [71168 2007-02-18] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [239616 2005-07-13] (Windows ® Server 2003 DDK provider)
S1 i2omgmt; No ImagePath
S4 iirsp; No ImagePath
S1 imapi; C:\Windows\System32\DRIVERS\imapi.sys [72704 2007-02-18] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKHDA64.SYS [5396992 2009-07-20] (Realtek Semiconductor Corp.)
S4 IntelIde; No ImagePath
S3 Ip6Fw; C:\Windows\System32\drivers\ip6fw.sys [57856 2007-02-18] (Microsoft Corporation)
R1 IPSec; C:\Windows\System32\DRIVERS\ipsec.sys [156672 2007-02-18] (Microsoft Corporation)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [105312 2009-06-25] (JMicron Technology Corp.) [File not signed]
S3 kmixer; C:\Windows\System32\drivers\kmixer.sys [204288 2005-03-24] (Microsoft Corporation)
R1 mnmdd; C:\Windows\System32\Drivers\mnmdd.sys [8192 2007-02-18] (Microsoft Corporation)
S3 Monfilt64; C:\Windows\System32\drivers\Monft64.sys [1854976 2009-01-09] (Creative Technology Ltd.)
S4 mraid35x; No ImagePath
S3 NIC1394; C:\Windows\System32\DRIVERS\nic1394.sys [92160 2005-03-24] (Microsoft Corporation)
S3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [9687424 2009-09-27] (NVIDIA Corporation)
S3 NVHDA; C:\Windows\System32\drivers\nvhda64.sys [72736 2009-08-21] (NVIDIA Corporation)
S3 PDCOMP; No ImagePath
S3 PDFRAME; No ImagePath
S3 PDRELI; No ImagePath
S3 PDRFRAME; No ImagePath
R3 PSched; C:\Windows\System32\DRIVERS\psched.sys [106496 2007-02-18] (Microsoft Corporation)
R3 Ptilink; C:\Windows\System32\DRIVERS\ptilink.sys [31232 2007-02-18] (Parallel Technologies, Inc.)
R0 PxHlpa64; C:\Windows\SysWOW64\Drivers\PxHlpa64.sys [26720 2004-09-23] (Sonic Solutions) [File not signed]
R3 Raspti; C:\Windows\System32\DRIVERS\raspti.sys [31232 2007-02-18] (Microsoft Corporation)
S1 redbook; C:\Windows\System32\DRIVERS\redbook.sys [64000 2005-03-24] (Microsoft Corporation)
R0 rr232x; C:\Windows\System32\drivers\rr232x.sys [144384 2007-10-26] (HighPoint Technologies, Inc.) [File not signed]
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtKHDMIX.sys [3023360 2009-05-20] (Realtek Semiconductor Corp.)
R3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [124928 2007-11-22] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [171008 2007-02-18] (Microsoft Corporation)
S4 Simbad; No ImagePath
S3 splitter; C:\Windows\System32\drivers\splitter.sys [10240 2007-02-16] (Microsoft Corporation)
R0 sr; C:\Windows\System32\DRIVERS\sr.sys [123904 2007-02-18] (Microsoft Corporation)
S3 swmidi; C:\Windows\System32\drivers\swmidi.sys [86528 2005-03-24] (Microsoft Corporation)
S4 symc8xx; No ImagePath
S4 symmpi; No ImagePath
S4 sym_hi; No ImagePath
S4 sym_u3; No ImagePath
R3 sysaudio; C:\Windows\System32\drivers\sysaudio.sys [147456 2007-02-16] (Microsoft Corporation)
S4 TosIde; No ImagePath
S4 ultra; No ImagePath
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2006-09-07] () [File not signed]
R3 Update; C:\Windows\System32\DRIVERS\update.sys [152576 2007-05-29] (Microsoft Corporation)
S4 ViaIde; No ImagePath
S3 WDICA; No ImagePath
R3 wdmaud; C:\Windows\System32\drivers\wdmaud.sys [187904 2007-02-17] (Microsoft Corporation)
S4 InCDFs; system32\drivers\InCDFs.sys [X]
S1 InCDPass; system32\drivers\InCDPass.sys [X]
S1 InCDRm; system32\drivers\InCDRm.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
R3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U1 WS2IFSL; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\ACPI.sys 0CC42D1FB637112DE6F6196DDAF83DEC
C:\Windows\System32\Drivers\ACPIEC.sys A4D4F508BC6613442B0C32CDE443E382
C:\Windows\System32\drivers\aec.sys 92500BC3A6E241BBC357F532DD500A75
C:\Windows\System32\drivers\afd.sys F0E008AC59FAA5ECD22C8891B3300378
C:\Windows\System32\drivers\Ambft64.sys AC75C8BDF6251E117FED0F8EC0E10D17
C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys 4542CC17440E85D2D2D73A7D40FAED0A
C:\Windows\System32\DRIVERS\arp1394.sys FDA73C1ECD1EC4F366FF0AB85ABF816D
C:\Windows\SysWOW64\drivers\aspi32.sys 54AB078660E536DA72B21A27F56B035B
C:\Windows\system32\drivers\aswHwid.sys 340B0467E98A8C92697D73034DB4BCB7
C:\Windows\System32\DRIVERS\asyncmac.sys 7380ACDD2D8E6621392E56D9A0467FE4
C:\Windows\System32\DRIVERS\atapi.sys 7A1814D0D112F50F828E25557A1ED29F
C:\Windows\System32\DRIVERS\ati2mtag.sys 7B5D98845ABC01B96579D8D712831A40
C:\Windows\System32\DRIVERS\atmarpc.sys 62D65FCE5695B53A2DDF92E83111EA06
C:\Windows\System32\DRIVERS\audstub.sys 1437089F59DBA75FEE4ED959077A938E
C:\Windows\System32\DRIVERS\avgntflt.sys 1B87A1F2FA5B91AC1A7D171B8D952441
C:\Windows\System32\DRIVERS\avipbb.sys AF61774060F277FE45CBD3A9A8E7D45A
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\Drivers\Beep.sys 8BA2E5CDFDE406DC4646AFB894804844
C:\Windows\System32\DRIVERS\CdaC15BA.sys 982563CF02CD6D4E5D8E0F4B5CBB9B6A
C:\Windows\System32\DRIVERS\CdaD10BA.sys 9067D96899D98CA4535A76E8C8B2E3A5
C:\Windows\System32\Drivers\Cdfs.sys 4D99E36322FB51A8D1B2B6D6B69D9889
C:\Windows\System32\DRIVERS\cdrom.sys 11663FE50E499FFEE77979542B285F38
C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys 3CA734CE373E5675FBC15CA2C45228E5
C:\Windows\System32\DRIVERS\crcdisk.sys 423F7A6E3AF4C2A73C8C8AD945F72CBA
C:\Windows\System32\DRIVERS\disk.sys 417D7B9C6F36685A417E54690F8BD7B2
C:\Windows\System32\drivers\dmboot.sys 19D704C92C2E2BD4DC99DB18A3523918
C:\Windows\System32\drivers\dmio.sys B293CE1C9243219F6B9E5DBCAA75B962
C:\Windows\System32\drivers\dmload.sys C294E31D6CB7407A43C96EC1FEC1F8A4
C:\Windows\System32\DRIVERS\EsgScanner.sys 3B32CAA07D672F8A2E0DF5CB3A873F45
C:\Windows\System32\Drivers\Fastfat.sys 7C713B9F6F968F135D3D819492882CDD
C:\Windows\System32\DRIVERS\fdc.sys 7E35D423FF10AB5B8AF1D3DE86236690
C:\Windows\System32\Drivers\Fips.sys 73EA9000F8FB2E060954EB7C3377A3C7
C:\Windows\System32\DRIVERS\flpydisk.sys 8AC77974378EAC3548330951A5DEEEBF
C:\Windows\System32\drivers\fltmgr.sys 087DB260F98056AC40261ACAE4240882
C:\Windows\System32\Drivers\Fs_Rec.sys 70DF80567A55A97894B4E8952EC5E7FC
C:\Windows\System32\DRIVERS\ftdisk.sys E90AA7C073519DD8571670818CB85CCB
C:\WINDOWS\gdrv.sys 46E2828BCA26B31FA5A1DD4D84DF633D
C:\Windows\System32\DRIVERS\msgpc.sys 865D4D0B4E3730EF8040000CFB846D9F
C:\Windows\System32\DRIVERS\HDAudBus.sys D36E47728CDBC8D17A77D36A6CBC29BB
C:\Windows\System32\DRIVERS\hidusb.sys F32BEC5614A61BBB2BEDE070D279F88B
C:\Windows\System32\Drivers\HTTP.sys 2138F3FD8F0658ADEF14C6E5870FE1E9
C:\Windows\System32\DRIVERS\i8042prt.sys 50FD608643D9B56C4C75C0784513F77E
C:\Windows\System32\DRIVERS\imapi.sys D2E541613B72FF9FCEDF37B166930706
C:\Windows\System32\drivers\RTKHDA64.SYS 26338A01DA139D4CA51E0FEC3B0A4342
C:\Windows\System32\DRIVERS\intelppm.sys F8DEF5F83DEF3D1EE89BC851BFB6A886
C:\Windows\System32\drivers\ip6fw.sys 6601A43EE389D0ADB11AAEDE9A98036B
C:\Windows\System32\DRIVERS\ipfltdrv.sys 1B1B4654A5492A42D2E1BF5B2B22D32B
C:\Windows\System32\DRIVERS\ipnat.sys 088ECB04137DF1F52EC10C29D57A8CCA
C:\Windows\System32\DRIVERS\ipsec.sys DB841EC6F027C780002EF47AABFDDF86
C:\Windows\System32\DRIVERS\irenum.sys 8B7015EA0171242CCA03C2FB48CCC771
C:\Windows\System32\DRIVERS\isapnp.sys D994162E4D8E931FC16A892A87852BBB
C:\Windows\System32\DRIVERS\jraid.sys C4A16606E637BAD563AEAAD7A8275657
C:\Windows\System32\DRIVERS\kbdclass.sys E85095372008A9194C7ED6206CB782DA
C:\Windows\System32\DRIVERS\kbdhid.sys F96D8CEC38EFD64AAF41976D214FC54E
C:\Windows\System32\drivers\kmixer.sys 1B280B3B4C10CC2E3EC3AEC17EB6B658
C:\Windows\System32\Drivers\KSecDD.sys E9BC44A069593B8BFCE33610A0196D6B
C:\Windows\System32\drivers\ksthunk.sys 5CB302B6CAACE41AF70C34B56EB3DB23
C:\Windows\System32\Drivers\mnmdd.sys AD6BC1EFA0C1B53409947F06DE87FC89
C:\Windows\System32\Drivers\Modem.sys 9A67A96A0CBC2BC658ABF8C9B5EE065A
C:\Windows\System32\drivers\Monft64.sys 48796EB50E697A39D19D865E5CBDDAE2
C:\Windows\System32\DRIVERS\mouclass.sys 12ACF32EDF03E46805347817ACB9F64C
C:\Windows\System32\DRIVERS\mouhid.sys A0C4E4A79C5D6F418315C33177F2B5BC
C:\Windows\System32\Drivers\MountMgr.sys 7E9CC7E4282A8E7A480560A6F817C177
C:\Windows\System32\DRIVERS\mrxdav.sys F588AB7DCFFEFB2891764CF380A80B63
C:\Windows\System32\Drivers\Msfs.sys 983F4AB7A50D56CD33E2061EE733BD55
C:\Windows\System32\drivers\MSKSSRV.sys 308EC6FBEF38871CB2C4CACE9C8F4808
C:\Windows\System32\drivers\MSPCLOCK.sys 8D3226738479719AAB3B6D2617D7A55C
C:\Windows\System32\drivers\MSPQM.sys 058D63E8D000AE678D4549BFA8EB0DEB
C:\Windows\System32\DRIVERS\mssmbios.sys 5992D1F9ED64017A76AFEE2B79F5CFB9
C:\Windows\System32\Drivers\Mup.sys 4E3A0746542AA482117293234BFDE2C9
C:\Windows\System32\Drivers\NDIS.sys 6FE83D05AEBEF7930D7CE91568DC99DF
C:\Windows\System32\DRIVERS\ndistapi.sys 74612C7B722DF0DBCC972F301BD1BF1E
C:\Windows\System32\DRIVERS\ndisuio.sys 49C1207C1AE8C6958F1C1747132814C2
C:\Windows\System32\DRIVERS\ndiswan.sys 6157A7AEAE6D2B948FF2E872FFAC765B
C:\Windows\System32\Drivers\NDProxy.sys 24EA58A8257C3A4557C589EE0D4AB19B
C:\Windows\System32\DRIVERS\netbt.sys FEDAAFB6CD700B9E0787C94D81C07DB5
C:\Windows\System32\DRIVERS\nic1394.sys DAFC30299E872CD7ED3795EA0FA08F67
C:\Windows\System32\Drivers\Npfs.sys 81819038621A2C524781EC503D400287
C:\Windows\System32\Drivers\Ntfs.sys C8904B5F90AB2236692E83D491C4D426
C:\Windows\System32\Drivers\Null.sys 501039187C444FA7AB9D97B6A6C667B3
C:\Windows\System32\DRIVERS\nv4_mini.sys E23C140648EF1777786BE93E85E163F2
C:\Windows\System32\drivers\nvhda64.sys B82381FAB4D2FBF3178752A26A4D8707
C:\Windows\System32\DRIVERS\ohci1394.sys F8160AC8AE516A33221427C2353A7D12
C:\Windows\System32\Drivers\Parport.sys 7DDAA09186DA9F1D304E819B5A6BBC5A
C:\Windows\System32\Drivers\PartMgr.sys 5F9A703240468A0C35A629D17FFCA847
C:\Windows\System32\DRIVERS\pci.sys 5B2C8D6971D8DF4937C2FA013CD4C00D
C:\Windows\System32\DRIVERS\pciide.sys F1978C7849A0047306DB3B8BB94F0764
C:\Windows\System32\Drivers\Pcmcia.sys 037F3A19F49A4C6A320C4154EBD6EE9D
C:\Windows\System32\Drivers\pcouffin.sys AF7CE12C4F3DC8CB2B07685C916BBCFE
C:\Windows\System32\DRIVERS\raspptp.sys E176F640EE6BF550F61FAA9CE9A683F4
C:\Windows\System32\DRIVERS\psched.sys 01AAE06E543C0956AC247546A8F2DAFE
C:\Windows\System32\DRIVERS\ptilink.sys 35E39A969D227C2A56C1DC98361D8E35
C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1
C:\Windows\SysWOW64\Drivers\PxHlpa64.sys 692B8090D255A48170836BEB598A7F85
C:\Windows\System32\DRIVERS\rasacd.sys D646A315E6386DAC1D96C8CE8A4BFEE7
C:\Windows\System32\DRIVERS\rasl2tp.sys D81FDC53EE9C0F68D709E504342D1D74
C:\Windows\System32\DRIVERS\raspppoe.sys 31FA5AB662C58CC5CF92396224F6B29A
C:\Windows\System32\DRIVERS\raspti.sys 701493F9A6EDE759AF8D3FA7C08BAB3B
C:\Windows\System32\DRIVERS\RDPCDD.sys C013379D04060318C3B2E4967D82739A
C:\Windows\System32\DRIVERS\rdpdr.sys 0482A9BE0BE2098A12A61464306BF24B
C:\Windows\System32\Drivers\RDPWD.sys E87DF32229D27AFBD9EA4EFC70BD0DAA
C:\Windows\System32\DRIVERS\redbook.sys 1D793394201000D2D56E848C18FE9A62
C:\Windows\System32\drivers\rr232x.sys 5DFF23F304B264D74427EB5DB871767D
C:\Windows\System32\drivers\RtKHDMIX.sys AD850A1113416A4B57D91218388F24D9
C:\Windows\System32\DRIVERS\Rtenic64.sys E1839D992CA6EB1B7735311B1D11F894
C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 3289766038DB2CB14D07DC84392138D5
C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 58A38E75F3316A83C23DF6173D41F2B5
C:\Windows\System32\DRIVERS\sbp2port.sys 1BCC22ED6AF5083B850A8FEE358AC09B
C:\Windows\System32\DRIVERS\secdrv.sys 6D4CCD356DA407194C2574A68D9C727A
C:\Windows\System32\DRIVERS\serenum.sys 111B29F3FCF9FB61C903A01E3706F7DC
C:\Windows\System32\DRIVERS\serial.sys C0DC97399576FCCFF5FE877EC2D8DACC
C:\Windows\System32\Drivers\Sfloppy.sys C6EACC8920A31B8D5842D1F7A28E2113
C:\Windows\System32\drivers\splitter.sys 17EC29105989101DB536C49E1279A0EB
C:\Windows\System32\DRIVERS\sr.sys DAE1D5553D42A06034001D6EF4F5CB36
C:\Windows\System32\DRIVERS\swenum.sys B6536185FEEB8F0C86AD3BF2FBAB4F2F
C:\Windows\System32\drivers\swmidi.sys 8E9E35B36A27AD154A5F92397CDE343C
C:\Windows\System32\drivers\sysaudio.sys 2E843F129DAF4C789DF7ACD40E26208F
C:\Windows\System32\DRIVERS\tcpip.sys C013E7F14FD378A16F5B7A4B5A7050E9
C:\Windows\System32\Drivers\TDPIPE.sys DA1E9CD22238FA4DB565EF41C7312E1B
C:\Windows\System32\Drivers\TDTCP.sys 47D24EBB1C442DCC18D89B8B89BAFB49
C:\Windows\System32\DRIVERS\termdd.sys 8AB9AD44907D4C57AD10E175C8720ECF
C:\Windows\System32\Drivers\Udfs.sys A6DD2DFCC44EC61D18AA645620CD8F63
C:\Windows\System32\DRIVERS\update.sys 1446762923434D2A9C315325CF4770C8
C:\Windows\System32\DRIVERS\usbccgp.sys 3421B0691A0E365A020836369A296F0C
C:\Windows\System32\DRIVERS\usbehci.sys AE6521A1C79FC955FF26BE9CA5521B51
C:\Windows\System32\DRIVERS\usbhub.sys D63CB1B59D54F9C2BB8A4107584A664F
C:\Windows\System32\DRIVERS\usbprint.sys 040F6F425A6CC4FB156470502CAFB31B
C:\Windows\System32\DRIVERS\usbscan.sys 280894F834F5B9910DADFF7568F37B31
C:\Windows\System32\DRIVERS\USBSTOR.SYS EDCE8A162E8023FD1751E08E23E41948
C:\Windows\System32\DRIVERS\usbuhci.sys 4B7B4A2CC997C482A0AA7CA663AF62A0
C:\Windows\System32\DRIVERS\vgapnp.sys B40CFD2FFDD838B0CE0C35EE449407BD
C:\Windows\System32\drivers\vga.sys 78EBFE6F11F10DB8237B910E9158CA91
C:\Windows\System32\DRIVERS\volsnap.sys 941D45C8A14B2B1E8A57D0EEF6A98AEB
C:\Windows\System32\DRIVERS\wanarp.sys D2A01D73FE4A455C1D741B48C56763B2
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\wdmaud.sys DAFF7E89C84079022B9606F83E1BD29A

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVCx32: Browser -> No ServiceDLL Path.
NETSVCx32: CryptSvc -> C:\Windows\SysWOW64\cryptsvc.dll (Microsoft Corporation)
NETSVCx32: EventSystem -> C:\WINDOWS\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: Iprip -> No ServiceDLL Path.
NETSVCx32: LanmanWorkstation -> No ServiceDLL Path.
NETSVCx32: Messenger -> No ServiceDLL Path.
NETSVCx32: Netman -> C:\Windows\SysWOW64\netman.dll (Microsoft Corporation)
NETSVCx32: Seclogon -> C:\Windows\SysWOW64\seclogon.dll (Microsoft Corporation)
NETSVCx32: TrkWks -> C:\Windows\SysWOW64\trkwks.dll (Microsoft Corporation)
NETSVCx32: WZCSVC -> C:\Windows\SysWOW64\wzcsvc.dll (Microsoft Corporation)
NETSVCx32: wscsvc -> No ServiceDLL Path.
NETSVCx32: xmlprov -> C:\Windows\SysWOW64\xmlprov.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-11 07:12 - 2015-01-11 07:12 - 00000000 ____D () C:\Program Files (x86)\Media Player Classic Home Cinema x86
2015-01-11 06:27 - 2015-01-12 08:30 - 00000000 _____ () C:\WINDOWS\0.log
2015-01-11 06:25 - 2015-01-11 06:25 - 00001284 _____ () C:\WINDOWS\PFRO.log
2015-01-10 20:19 - 2015-01-12 08:35 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-01-10 20:19 - 2015-01-10 20:19 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-01-10 20:19 - 2015-01-10 20:19 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2015-01-10 20:19 - 2015-01-10 20:19 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Temp
2015-01-10 20:19 - 2015-01-10 19:49 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-10 19:52 - 2015-01-10 20:22 - 00010306 _____ () C:\zoek-results.log
2015-01-10 19:49 - 2015-01-10 20:17 - 00000000 ____D () C:\zoek_backup
2015-01-08 20:59 - 2015-01-08 20:59 - 00000107 _____ () C:\WINDOWS\Tool - IfoEdit.INI
2015-01-03 10:57 - 2015-01-03 11:34 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO Internet Security.evt
2014-12-31 10:43 - 2014-12-31 10:44 - 00000000 ____D () C:\Program Files (x86)\MS Fix-It
2014-12-31 09:28 - 2014-12-31 09:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Fix-It
2014-12-31 01:15 - 2014-12-31 01:15 - 302627644 _____ () C:\Documents and Settings\Administrator\My Documents\RegBackup-10115.reg
2014-12-31 01:06 - 2014-12-31 01:07 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Firefox Bookmarks Backup 30Dec14
2014-12-31 00:01 - 2014-12-31 00:01 - 00000000 ____D () C:\sh4ldr
2014-12-31 00:00 - 2014-12-31 00:00 - 00022704 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
2014-12-29 08:58 - 2014-12-29 09:10 - 00000000 ____D () C:\MATS
2014-12-20 10:44 - 2014-12-20 10:44 - 00004536 _____ () C:\Documents and Settings\Administrator\Desktop\FightersLogs.zip
2014-12-20 01:27 - 2014-12-20 01:27 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-20 01:27 - 2014-12-20 01:27 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-20 01:04 - 2014-12-20 01:04 - 00000583 _____ () C:\WINDOWS\system32\MyDefrag.debuglog
2014-12-20 00:53 - 2014-12-20 00:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Common Toolkit Suite
2014-12-18 19:57 - 2005-03-24 17:35 - 00232448 ____C (Eicon Networks) C:\Windows\System32\dllcache\xlog.exe
2014-12-18 19:57 - 2005-03-24 17:35 - 00214272 ____C (Microsoft) C:\Windows\System32\dllcache\yk51x64.sys
2014-12-18 19:56 - 2007-02-17 01:05 - 00024192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wstcodec.sys
2014-12-18 19:56 - 2007-02-17 01:04 - 00532480 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpdr.dll
2014-12-18 19:56 - 2007-02-17 01:04 - 00202752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtp.dll
2014-12-18 19:56 - 2007-02-17 01:02 - 00119552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wceusbsh.sys
2014-12-18 19:56 - 2007-02-17 01:02 - 00080896 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiamsmud.dll
2014-12-18 19:56 - 2005-03-24 17:35 - 00097280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdmtpus.dll
2014-12-18 19:56 - 2005-03-24 17:35 - 00093696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdconns.dll
2014-12-18 19:56 - 2005-03-24 17:35 - 00055808 ____C (S2io Inc.) C:\Windows\System32\dllcache\xenamd64.sys
2014-12-18 19:56 - 2005-03-24 17:35 - 00029696 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdusb.sys
2014-12-18 19:56 - 2005-03-24 17:35 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wmiacpi.sys
2014-12-18 19:56 - 2005-03-24 17:35 - 00015360 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wpdtrace.dll
2014-12-18 19:56 - 2005-03-24 17:35 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wshirda.dll
2014-12-18 19:56 - 2005-03-24 17:34 - 00128000 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wiafbdrv.dll
2014-12-18 19:56 - 2005-03-24 17:34 - 00114816 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\wetn5b64.sys
2014-12-18 19:56 - 2005-03-24 17:34 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\wd.sys
2014-12-18 19:55 - 2007-02-17 01:01 - 00081920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vfwwdm32.dll
2014-12-18 19:55 - 2007-02-17 01:01 - 00044032 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\vidcap.ax
2014-12-18 19:55 - 2007-02-17 01:00 - 00216320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbvideo.sys
2014-12-18 19:55 - 2007-02-17 01:00 - 00102912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbaudio.sys
2014-12-18 19:55 - 2007-02-17 01:00 - 00061440 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uliagpkx.sys
2014-12-18 19:55 - 2007-02-17 01:00 - 00058880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\uagp35.sys
2014-12-18 19:55 - 2007-02-17 01:00 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbccid.sys
2014-12-18 19:55 - 2007-02-17 01:00 - 00026368 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbohci.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00042496 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\usbser.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00038912 ____C (Promise Technology, Inc.) C:\Windows\System32\dllcache\ultra.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00036608 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\viairda.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00034432 ____C (ULi Electronics Inc.) C:\Windows\System32\dllcache\uli5261.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\viaide.sys
2014-12-18 19:55 - 2005-03-24 17:34 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\toside.sys
2014-12-18 19:54 - 2007-02-17 00:55 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smb0w.dll
2014-12-18 19:54 - 2007-02-17 00:55 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonyait.sys
2014-12-18 19:54 - 2005-03-24 17:34 - 00084992 ____C (LSI Logic) C:\Windows\System32\dllcache\symmpi.sys
2014-12-18 19:54 - 2005-03-24 17:34 - 00041984 ____C (LSI Logic) C:\Windows\System32\dllcache\symc8xx.sys
2014-12-18 19:54 - 2005-03-24 17:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\tandqic.sys
2014-12-18 19:54 - 2005-03-24 17:25 - 00039936 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_u3.sys
2014-12-18 19:54 - 2005-03-24 17:25 - 00037376 ____C (LSI Logic) C:\Windows\System32\dllcache\sym_hi.sys
2014-12-18 19:54 - 2005-03-24 17:25 - 00028160 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\stcusb.sys
2014-12-18 19:54 - 2005-03-24 17:25 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\streamip.sys
2014-12-18 19:54 - 2005-03-24 17:24 - 00068608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\smb3w.dll
2014-12-18 19:54 - 2005-03-24 17:24 - 00046080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sm91w.dll
2014-12-18 19:54 - 2005-03-24 17:24 - 00043008 ____C (SiS Corporation) C:\Windows\System32\dllcache\sisnic.sys
2014-12-18 19:54 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\slip.sys
2014-12-18 19:54 - 2005-03-24 17:24 - 00017920 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sonymc.sys
2014-12-18 19:54 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\snyaitmc.sys
2014-12-18 19:53 - 2007-02-17 00:54 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiscan.sys
2014-12-18 19:53 - 2007-02-17 00:53 - 00040576 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmusbm.sys
2014-12-18 19:53 - 2007-02-17 00:51 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rndismpx.sys
2014-12-18 19:53 - 2007-02-17 00:51 - 00033792 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rasirda.sys
2014-12-18 19:53 - 2007-02-17 00:51 - 00032256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ramdisk.sys
2014-12-18 19:53 - 2007-02-17 00:50 - 00316928 ____C () C:\Windows\System32\dllcache\psisdecd.dll
2014-12-18 19:53 - 2007-02-17 00:50 - 00271872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ptpusd.dll
2014-12-18 19:53 - 2007-02-17 00:50 - 00025344 ____C (SCM Microsystems, Inc.) C:\Windows\System32\dllcache\pscr.sys
2014-12-18 19:53 - 2007-02-17 00:50 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\qic157.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00094208 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\rfcomm.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00059904 ____C (Realtek Semiconductor Corporation) C:\Windows\System32\dllcache\rtl39a64.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00044032 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\sccmn50m.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00037888 ____C (Realtek Semiconductor Corporation ) C:\Windows\System32\dllcache\rtl69a64.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00032256 ____C (SCM Microsystems) C:\Windows\System32\dllcache\scr111.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00031232 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scmstcs.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00030720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\sermouse.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00019968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\scsiprnt.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\seaddsmc.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\serscan.sys
2014-12-18 19:53 - 2005-03-24 17:24 - 00010240 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\rsmgrstr.dll
2014-12-18 19:53 - 2005-03-24 17:23 - 00057344 ____C () C:\Windows\System32\dllcache\psisrndr.ax
2014-12-18 19:52 - 2007-02-17 00:44 - 00944640 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2psvc.dll
2014-12-18 19:52 - 2007-02-17 00:44 - 00505856 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pgraph.dll
2014-12-18 19:52 - 2007-02-17 00:44 - 00161024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\phildec.sys
2014-12-18 19:52 - 2007-02-17 00:44 - 00015872 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\powerfil.sys
2014-12-18 19:52 - 2005-03-24 17:22 - 00135680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pnetsh.dll
2014-12-18 19:52 - 2005-03-24 17:22 - 00132608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2pgasvc.dll
2014-12-18 19:52 - 2005-03-24 17:22 - 00077824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrpnsp.dll
2014-12-18 19:52 - 2005-03-24 17:22 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\pnrmc.sys
2014-12-18 19:51 - 2007-02-17 00:41 - 00124416 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nv_agp.sys
2014-12-18 19:51 - 2007-02-17 00:39 - 00103680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nabtsfec.sys
2014-12-18 19:51 - 2007-02-17 00:39 - 00062976 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstape.sys
2014-12-18 19:51 - 2007-02-17 00:39 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msircomm.sys
2014-12-18 19:51 - 2007-02-17 00:39 - 00008064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mstee.sys
2014-12-18 19:51 - 2005-03-24 17:22 - 00186880 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\p2p.dll
2014-12-18 19:51 - 2005-03-24 17:21 - 00185344 ____C (NVIDIA Corporation) C:\Windows\System32\dllcache\nvenet.sys
2014-12-18 19:51 - 2005-03-24 17:21 - 00042240 ____C (National Semiconductor Corporation) C:\Windows\System32\dllcache\nscirda.sys
2014-12-18 19:51 - 2005-03-24 17:21 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ne2000.sys
2014-12-18 19:51 - 2005-03-24 17:21 - 00017408 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ndisip.sys
2014-12-18 19:51 - 2005-03-24 17:21 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\nsmmc.sys
2014-12-18 19:51 - 2005-03-24 17:21 - 00005120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msmpu401.sys
2014-12-18 19:25 - 2007-02-17 00:38 - 00094720 ____C () C:\Windows\System32\dllcache\msdvbnp.ax
2014-12-18 19:25 - 2007-02-17 00:38 - 00071680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\msdv.sys
2014-12-18 19:25 - 2007-02-17 00:36 - 00010752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ltotape.sys
2014-12-18 19:25 - 2007-02-17 00:35 - 00026112 ____C (Litronic Industries) C:\Windows\System32\dllcache\lit220p.sys
2014-12-18 19:25 - 2005-03-24 17:21 - 00036352 ____C (LSI Logic Corporation) C:\Windows\System32\dllcache\mraid35x.sys
2014-12-18 19:25 - 2005-03-24 17:21 - 00028672 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\modemcsa.sys
2014-12-18 19:25 - 2005-03-24 17:21 - 00023040 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mpe.sys
2014-12-18 19:25 - 2005-03-24 17:21 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\miniqic.sys
2014-12-18 19:25 - 2005-03-24 17:20 - 00569344 ____C (Agere Systems) C:\Windows\System32\dllcache\ltmdm64.sys
2014-12-18 19:25 - 2005-03-24 17:20 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\mammoth.sys
2014-12-18 19:25 - 2005-03-24 17:20 - 00008704 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\loop.sys
2014-12-18 19:24 - 2007-02-17 00:35 - 00138752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kswdmcap.ax
2014-12-18 19:24 - 2007-02-17 00:35 - 00088064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kstvtune.ax
2014-12-18 19:24 - 2005-03-24 17:20 - 00074752 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ksxbar.ax
2014-12-18 19:23 - 2007-02-17 00:34 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdjpn.dll
2014-12-18 19:23 - 2007-02-17 00:34 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbdkor.dll
2014-12-18 19:21 - 2007-02-17 00:31 - 00237056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irftp.exe
2014-12-18 19:21 - 2007-02-17 00:31 - 00152576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irda.sys
2014-12-18 19:21 - 2007-02-17 00:31 - 00043008 ____C (SigmaTel, Inc.) C:\Windows\System32\dllcache\irstusb.sys
2014-12-18 19:21 - 2007-02-17 00:31 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irsir.sys
2014-12-18 19:21 - 2005-03-24 17:20 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd106.dll
2014-12-18 19:21 - 2005-03-24 17:20 - 00007680 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101c.dll
2014-12-18 19:21 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd103.dll
2014-12-18 19:21 - 2005-03-24 17:20 - 00007168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\kbd101b.dll
2014-12-18 19:21 - 2005-03-24 17:19 - 00070784 ____C (Intel Corporation) C:\Windows\System32\dllcache\ixg5132e.sys
2014-12-18 19:21 - 2005-03-24 17:19 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ipsink.ax
2014-12-18 19:21 - 2005-03-24 17:19 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\irmon.dll
2014-12-18 19:21 - 2005-03-24 17:19 - 00009216 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\intelide.sys
2014-12-18 19:19 - 2005-03-24 17:19 - 00048128 ____C (Intel Corp./ICP vortex GmbH) C:\Windows\System32\dllcache\iirsp.sys
2014-12-18 19:19 - 2005-03-24 17:18 - 01038048 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmnt5.sys
2014-12-18 19:19 - 2005-03-24 17:18 - 00885760 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdd5.dll
2014-12-18 19:19 - 2005-03-24 17:18 - 00244992 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdev5.dll
2014-12-18 19:19 - 2005-03-24 17:18 - 00136704 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmdnt5.dll
2014-12-18 19:19 - 2005-03-24 17:18 - 00055296 ____C (Intel Corporation) C:\Windows\System32\dllcache\ialmrnt5.dll
2014-12-18 19:18 - 2007-02-17 00:28 - 00385024 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpojwia.dll
2014-12-18 19:18 - 2007-02-17 00:28 - 00035840 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidbatt.sys
2014-12-18 19:18 - 2007-02-17 00:22 - 00061952 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\gagp30kx.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 01080832 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsf_dp4.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00804352 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfcnxt4.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00241664 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudio.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00236032 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfbs4.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00080896 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdashcut.exe
2014-12-18 19:18 - 2005-03-24 17:18 - 00063872 ____C (VIA Networking Technologies, Inc. ) C:\Windows\System32\dllcache\get5a64.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00044544 ____C (Gemplus) C:\Windows\System32\dllcache\grserial.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00043008 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidbth.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00037402 ____C (Conexant Systems, Inc.) C:\Windows\System32\dllcache\hsfc4.dll
2014-12-18 19:18 - 2005-03-24 17:18 - 00033280 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpsjmcro.dll
2014-12-18 19:18 - 2005-03-24 17:18 - 00030720 ____C (Gemplus) C:\Windows\System32\dllcache\gpr400.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00028672 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaprop.dll
2014-12-18 19:18 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidir.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00012288 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hidgame.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00009728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\hpt4qic.sys
2014-12-18 19:18 - 2005-03-24 17:18 - 00006144 ____C (Windows ® Server 2003 DDK provider) C:\Windows\System32\dllcache\hdaudres.dll
2014-12-18 19:17 - 2007-02-17 00:17 - 00182784 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00652288 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcibase.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00643072 ____C (AVM Berlin) C:\Windows\System32\dllcache\fpcmbase.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00232960 ____C (Intel Corporation) C:\Windows\System32\dllcache\e1g5132e.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00191744 ____C (Intel Corporation) C:\Windows\System32\dllcache\efe5b32e.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00103936 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esucm.dll
2014-12-18 19:17 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esunib.dll
2014-12-18 19:17 - 2005-03-24 17:17 - 00081408 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuni.dll
2014-12-18 19:17 - 2005-03-24 17:17 - 00076800 ____C (SEIKO EPSON CORP.) C:\Windows\System32\dllcache\esuimg.dll
2014-12-18 19:17 - 2005-03-24 17:17 - 00062848 ____C (VIA Technologies, Inc. ) C:\Windows\System32\dllcache\fet5a64.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\elmsmc.sys
2014-12-18 19:17 - 2005-03-24 17:17 - 00011776 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\exabyte2.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00491520 ____C (Eicon Networks) C:\Windows\System32\dllcache\diwansrv.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00462336 ____C (Eicon Networks) C:\Windows\System32\dllcache\dimaint.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00404480 ____C (Eicon Networks) C:\Windows\System32\dllcache\ditrace.exe
2014-12-18 19:17 - 2005-03-24 17:16 - 00045056 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvsu.dll
2014-12-18 19:17 - 2005-03-24 17:16 - 00038400 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvpp.dll
2014-12-18 19:17 - 2005-03-24 17:16 - 00035328 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\dpti2o.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00032768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4usb.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00023552 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4prt.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00014848 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dot4scan.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00013824 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\dlttape.sys
2014-12-18 19:17 - 2005-03-24 17:16 - 00006144 ____C (Eicon Networks) C:\Windows\System32\dllcache\disrvci.dll
2014-12-18 19:16 - 2007-02-17 00:09 - 00260096 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\csamsp.dll
2014-12-18 19:16 - 2007-02-17 00:09 - 00031360 ____C (OMNIKEY AG) C:\Windows\System32\dllcache\cmbp0wdm.sys
2014-12-18 19:16 - 2007-02-17 00:09 - 00021120 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cmbatt.sys
2014-12-18 19:16 - 2007-02-17 00:09 - 00015488 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\compbatt.sys
2014-12-18 19:16 - 2005-03-24 17:16 - 00310784 ____C (Eicon Networks) C:\Windows\System32\dllcache\dicapi.sys
2014-12-18 19:16 - 2005-03-24 17:16 - 00013312 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ddsmc.sys
2014-12-18 19:16 - 2005-03-24 17:15 - 00096768 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzport.sys
2014-12-18 19:16 - 2005-03-24 17:15 - 00094720 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyport.sys
2014-12-18 19:16 - 2005-03-24 17:15 - 00039424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyycoins.dll
2014-12-18 19:16 - 2005-03-24 17:15 - 00036864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzcoins.dll
2014-12-18 19:16 - 2005-03-24 17:15 - 00035328 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyzports.dll
2014-12-18 19:16 - 2005-03-24 17:15 - 00034816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyyports.dll
2014-12-18 19:16 - 2005-03-24 17:15 - 00027136 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclad-z.sys
2014-12-18 19:16 - 2005-03-24 17:15 - 00024064 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\cyclom-y.sys
2014-12-18 19:16 - 2005-03-24 17:15 - 00013824 ____C (CMD Technology, Inc.) C:\Windows\System32\dllcache\cmdide.sys
2014-12-18 19:15 - 2007-02-17 00:05 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ccdecode.sys
2014-12-18 19:15 - 2005-03-24 17:14 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\changer.sys
2014-12-18 01:19 - 2005-03-24 17:16 - 00023552 ____C (Eicon Networks Corporation) C:\Windows\System32\dllcache\diapi264.dll
2014-12-18 01:19 - 2005-03-24 17:12 - 00018432 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmc2064.dll
2014-12-18 01:16 - 2007-02-17 00:05 - 00320512 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthport.sys
2014-12-18 01:16 - 2007-02-17 00:05 - 00196608 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthpan.sys
2014-12-18 01:16 - 2007-02-17 00:05 - 00065536 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthmodem.sys
2014-12-18 01:16 - 2007-02-17 00:05 - 00051200 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthprint.sys
2014-12-18 01:16 - 2007-02-17 00:05 - 00027648 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthenum.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00147456 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\brmfcwia.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00082944 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmflpt.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00068608 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfusb.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00063488 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfrsmg.exe
2014-12-18 01:16 - 2005-03-24 17:14 - 00059904 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brserwdm.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00041984 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparwdm.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00037376 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brevif.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00036352 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brmfbidi.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00035840 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brbidiif.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00024576 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bthusb.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00022528 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bulltlp3.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00022016 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltlo.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00019968 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbmdm.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brusbscn.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00019456 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brcoinst.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00015360 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brserif.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00008192 ____C (Brother Industries, Ltd.) C:\Windows\System32\dllcache\brfiltup.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries,Ltd.) C:\Windows\System32\dllcache\brscnrsm.dll
2014-12-18 01:16 - 2005-03-24 17:14 - 00007168 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brparimg.sys
2014-12-18 01:16 - 2005-03-24 17:14 - 00006656 ____C (Brother Industries Ltd.) C:\Windows\System32\dllcache\brfilt.sys
2014-12-18 01:15 - 2007-02-17 00:03 - 00026112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdaplgin.ax
2014-12-18 01:15 - 2007-02-17 00:03 - 00020864 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\bdasup.sys
2014-12-18 01:15 - 2007-02-17 00:03 - 00018816 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\battc.sys
2014-12-18 01:15 - 2005-03-24 17:14 - 00480256 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\bcmwl564.sys
2014-12-18 00:51 - 2014-12-18 00:51 - 00000000 ____D () C:\RegBackup
2014-12-18 00:50 - 2007-02-17 00:03 - 00067968 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avc.sys
2014-12-18 00:50 - 2007-02-17 00:03 - 00056320 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\agp440.sys
2014-12-18 00:50 - 2007-02-17 00:02 - 00078080 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\61883.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00264704 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinevxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00192768 ____C (AVM GmbH) C:\Windows\System32\dllcache\b1cbase.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00191488 ____C (Broadcom Corporation) C:\Windows\System32\dllcache\b57amd64.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00188416 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcoxp.dll
2014-12-18 00:50 - 2005-03-24 17:12 - 00168960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmenum.dll
2014-12-18 00:50 - 2005-03-24 17:12 - 00104960 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmcowan.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00101888 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinesxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00084992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinraxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00080896 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinbtxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00073728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atineuxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00040960 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinxbxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00036864 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinsnxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00036352 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmxx.dll
2014-12-18 00:50 - 2005-03-24 17:12 - 00033280 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativtmww.dll
2014-12-18 00:50 - 2005-03-24 17:12 - 00031744 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvxx.ax
2014-12-18 00:50 - 2005-03-24 17:12 - 00030720 ____C (AVM GmbH) C:\Windows\System32\dllcache\avmunet.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00023552 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativmvww.ax
2014-12-18 00:50 - 2005-03-24 17:12 - 00022144 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\avcstrm.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00020992 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinpdxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00020480 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinmdxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00018944 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\atinttxx.sys
2014-12-18 00:50 - 2005-03-24 17:12 - 00013824 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaxx.ax
2014-12-18 00:50 - 2005-03-24 17:12 - 00009728 ____C (ATI Technologies Inc.) C:\Windows\System32\dllcache\ativdaww.ax
2014-12-18 00:50 - 2005-03-24 17:11 - 01127424 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsm64.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00246784 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\adpu320.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00182272 ____C (Intel Corporation) C:\Windows\System32\dllcache\ac97intc.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00160256 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adpu160m.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00120832 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78xx.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00117248 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\aic78u2.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00108032 ____C (Color Flatbed Scanner) C:\Windows\System32\dllcache\acerscad.dll
2014-12-18 00:50 - 2005-03-24 17:11 - 00093696 ____C (VIA Technologies, Inc.) C:\Windows\System32\dllcache\ac97via.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00062464 ____C (Adaptec, Inc.) C:\Windows\System32\dllcache\arc.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00059392 ____C (Adaptec, Inc ) C:\Windows\System32\dllcache\adptsf50.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00053248 ____C (AMD) C:\Windows\System32\dllcache\amdac97.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00031744 ____C (Advanced Micro Devices (AMD), Inc.) C:\Windows\System32\dllcache\amd64n5.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00018432 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\4mmdat.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00014336 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\adicvls.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00009216 ____C (Acer Laboratories Inc.) C:\Windows\System32\dllcache\aliide.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00008192 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\amdide.sys
2014-12-18 00:50 - 2005-03-24 17:11 - 00004608 ____C (Agere Systems) C:\Windows\System32\dllcache\agrsco64.dll
2014-12-18 00:39 - 2015-01-10 19:47 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-12-18 00:39 - 2015-01-10 19:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2014-12-17 23:47 - 2014-12-17 23:48 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Firefox Bookmarks Backup 17Nov14
2014-12-16 20:02 - 2015-01-12 08:35 - 00000000 ____D () C:\FRST
2014-12-15 21:55 - 2014-12-15 21:55 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-12-15 21:55 - 2014-12-15 21:55 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\RogueKiller
2014-12-14 13:33 - 2014-12-14 13:33 - 00005100 _____ () C:\Documents and Settings\Administrator\Desktop\JRT.txt
2014-12-14 13:30 - 2014-12-14 13:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-13 21:26 - 2014-12-13 21:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB942288-v4$
2014-12-13 21:01 - 2014-12-14 14:25 - 00000390 __RSH () C:\Documents and Settings\Administrator\ntuser.pol
2014-12-13 21:01 - 2014-12-13 21:01 - 00000000 ____D () C:\Documents and Settings\Administrator\My Documents\Add-in Express

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 08:28 - 2009-05-29 06:01 - 00000159 _____ () C:\Documents and Settings\LocalService\wiadebug.log
2015-01-12 08:28 - 2009-05-29 06:01 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-12 08:28 - 2007-02-18 07:00 - 00013736 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-11 22:59 - 2014-07-08 00:44 - 00790621 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-11 22:59 - 2009-05-29 06:01 - 00032652 _____ () C:\WINDOWS\Tasks\SchedLgU.Txt
2015-01-11 22:59 - 2009-05-29 06:01 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-01-11 22:59 - 2009-05-29 06:01 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-11 11:29 - 2011-06-08 17:07 - 00000265 _____ () C:\Documents and Settings\Administrator\wiadebug.log
2015-01-11 07:12 - 2013-04-26 15:40 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Media Player Classic
2015-01-10 19:48 - 2009-05-29 01:35 - 00000000 ____D () C:\WINDOWS\repair
2015-01-10 10:14 - 2014-11-20 11:55 - 00003721 _____ () C:\- Drive Index 011015.txt
2015-01-09 13:59 - 2011-06-05 16:15 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\My Files
2015-01-08 20:04 - 2012-03-25 20:23 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-07 19:16 - 2011-06-05 16:17 - 00000000 ____D () C:\Icons
2015-01-07 12:44 - 2011-12-11 14:34 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Calenders 2011
2015-01-07 12:20 - 2014-12-09 23:09 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Calenders 2015
2014-12-31 10:47 - 2011-12-08 15:03 - 00262144 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2014-12-31 10:43 - 2009-05-29 06:05 - 00000000 ____D () C:\Intel
2014-12-28 15:32 - 2009-05-29 05:50 - 00000000 ____D () C:\Program Files (x86)\MSN
2014-12-26 13:22 - 2009-06-19 12:52 - 00000116 _____ () C:\WINDOWS\NeroDigital.ini
2014-12-23 22:03 - 2013-05-05 01:23 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\vlc
2014-12-20 10:25 - 2014-07-08 00:27 - 00000000 ___RD () C:\Documents and Settings\Administrator\My Documents\Calenders 2014
2014-12-20 00:48 - 2009-05-29 07:20 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2014-12-19 15:58 - 2014-06-19 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-19 15:56 - 2009-05-29 06:01 - 00000000 ___SD () C:\Documents and Settings\NetworkService
2014-12-19 15:56 - 2009-05-29 06:01 - 00000000 ___SD () C:\Documents and Settings\LocalService
2014-12-19 12:33 - 2014-05-27 19:42 - 00000788 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-19 12:33 - 2014-05-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-19 11:26 - 2011-01-08 13:16 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-12-15 08:47 - 2013-04-26 10:43 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Mozilla
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\system32\sapi.cpl.manifest
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\system32\nwc.cpl.manifest
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\system32\ncpa.cpl.manifest
2014-12-15 08:42 - 2009-05-29 05:54 - 00000749 ___RH () C:\WINDOWS\system32\cdplayer.exe.manifest
2014-12-13 21:26 - 2009-05-29 01:35 - 00000000 ____D () C:\WINDOWS\SysWOW64\mui
2014-12-13 21:26 - 2009-05-29 01:35 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-12-13 21:21 - 2009-05-29 01:42 - 00716606 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-13 21:12 - 2014-12-12 08:42 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO Internet Security Trace.evt
2014-12-13 21:12 - 2014-12-12 08:42 - 00065536 _____ () C:\WINDOWS\system32\config\COMODO Internet Security CEF.evt

Some content of TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.

==================== End Of Log ============================


  • 0

#63
Denisejm
Posted 12 January 2015 - 07:49 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Administrator at 2015-01-12 08:36:00
Running from C:\Documents and Settings\Administrator\My Documents\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Acrobat.com (HKLM-x32\...\{6D8D64BE-F500-55B6-705D-DFD08AFE0624}) (Version: 1.7.186 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5 - Adobe Systems, Inc.)
Advanced WindowsCare Personal (HKLM-x32\...\Advanced WindowsCare V2 Personal_is1) (Version: 2.8.1 - IObit)
AiO_Scan (x32 Version: 51.0.109.000 - Hewlett-Packard) Hidden
AM-DeadLink (HKLM-x32\...\AM-DeadLink) (Version:  - )
Apollo WMV/ASF/ASX to DVD Burner 3.2 (HKLM-x32\...\Apollo WMV/ASF/ASX to DVD Burner_is1) (Version:  - Apollo Mulitmedia)
Apple Application Support (HKLM-x32\...\{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}) (Version: 2.0.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.0.0 (HKLM-x32\...\Audacity_is1) (Version:  - )
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
CCScore (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
Corel WordPerfect Suite 8 (HKLM-x32\...\Corel WordPerfect Suite 8) (Version:  - )
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dziobas Rar Player 0.009.51 (HKLM-x32\...\Dziobas Rar Player_is1) (Version:  - Kamil Dzióbek)
ESSCDBK (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 5.02.0000.0103 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESShelp (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 5.02.0000.0004 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSSONIC (x32 Version: 5.00.0000.0002 - EASTMAN KODAK Company) Hidden
ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
ESSvpaht (x32 Version: 5.01.0000.0004 - EASTMAN KODAK Company) Hidden
ESSvpot (x32 Version: 5.01.0000.0001 - EASTMAN KODAK Company) Hidden
Falco Icon Studio 2.7 (HKLM-x32\...\Falco Icon Studio_is1) (Version:  - Falco, Inc.)
ffdshow x64 v1.1.3611 [2010-10-06] (HKLM\...\ffdshow64_is1) (Version: 1.1.3611.0 - )
Free YouTube Downloader 3.5.136 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
HD Tune 2.54 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HLPIndex (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
HLPRFO (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
HP Beta Printer Drivers for Windows XP x64 (5.64.0.17) (HKLM\...\{25E0F2BA-399C-4cf8-A654-53797016CB77}) (Version: 5.64.0.10 - HP)
HP Photosmart Essential (HKLM-x32\...\{6994491D-D491-48F1-AE1F-E179C1FFFC2F}) (Version: 1.9.1.3 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.2.0 - LIGHTNING UK!)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
KSU (x32 Version: 632.62.0003.0003 - EASTMAN KODAK Company) Hidden
Media Player Classic - Home Cinema v1.5.0.2827 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.0.2827 - MPC-HC Team)
MediaInfo 0.7.7.4 (HKLM-x32\...\MediaInfo) (Version: 0.7.7.4 - )
MGI PhotoSuite 4 (Remove Only) (HKLM-x32\...\MGI_PRISM_V4_0) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft

Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft

Corporation)
MKVtoolnix 2.2.0 (HKLM-x32\...\MKVtoolnix) (Version: 2.2.0 - Moritz Bunkus)
Mozilla Firefox 25.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0 (x86 en-US)) (Version: 25.0 - Mozilla)
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Firefox 27.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 en-US)) (Version: 27.0 - Mozilla)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Firefox 29.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 en-US)) (Version: 29.0 - Mozilla)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MP3 Bitrate Changer 1.1 (HKLM-x32\...\MP3 Bitrate Changer_is1) (Version:  - Pianosoft)
MSN (HKLM-x32\...\MSNINST) (Version:  - )
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB2758696) (HKLM\...\{E1B33EF1-258C-4EC0-A340-D031100FE50D}) (Version: 6.20.2016.0 - Microsoft Corporation)
Nero 7 Demo (HKLM-x32\...\{84B2CF01-194D-2284-B313-F2E0D78D1033}) (Version: 7.00.1461 - Nero AG)
Notifier (x32 Version: 5.01.0000.0001 - EASTMAN KODAK Company) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 125.24 - NVIDIA Corporation)
OTtBPSDK (x32 Version: 4.00.0000.0000 - EASTMAN KODAK Company) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pazera Free FLV to AVI Converter 1.5 (HKLM-x32\...\{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1) (Version: 1.5 - Jacek Pazera)
Pazera Free MP4 to AVI Converter 1.6 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.6 - Jacek Pazera)
PCDADDIN (x32 Version: 5.02.0000.0001 - Eastman Kodak Company) Hidden
PCDHELP (x32 Version: 5.02.0000.0001 - Eastman Kodak Company) Hidden
Realtek AC'97 Audio (HKLM-x32\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.36 - Realtek Semiconductor Corp.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM-x32\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.16.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5898 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.83 (HKLM-x32\...\Revo Uninstaller) (Version: 1.83 - VS Revo Group)
Scan (x32 Version: 6.0.0.0 - Hewlett-Packard) Hidden
SFR (x32 Version: 5.00.0000.0005 - Eastman Kodak Company) Hidden
SHASTA (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKIN0001 (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1146 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TransBar (HKLM-x32\...\TransBar) (Version:  - )
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Unlocker 1.8.5 (HKLM-x32\...\Unlocker) (Version: 1.8.5 - Cedrick Collomb)
Update for Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254) (HKLM\...\KB2661254) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2748349) (HKLM\...\KB2748349) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2836198) (HKLM\...\KB2836198) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2890882) (HKLM\...\KB2890882) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB927891) (HKLM\...\KB927891) (Version: 5 - Microsoft Corporation)
Update for Windows XP (KB932596) (HKLM\...\KB932596) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB936357) (HKLM\...\KB936357) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft

Corporation)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
VPRINTOL (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
Webshots Desktop (HKLM-x32\...\Webshots Desktop_is1) (Version:  - AGCM)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140744 - Microsoft Corporation)
Windows XP Service Pack 2 (HKLM\...\Windows x64 Service Pack) (Version:  - )
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )
WIRELESS (x32 Version: 5.02.0000.0001 - EASTMAN KODAK Company) Hidden
XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version:  - )
XviD v1.2.0 CVS (HKLM\...\XviD MPEG-4 Video Codec_is1) (Version:  - Celtic Druid)
XviD Video Codec 30082002-1 (Koepi's build with EPSZ ME) (HKLM-x32\...\XviD) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-01-2015 16:10:47 System Checkpoint
06-01-2015 16:22:47 System Checkpoint
07-01-2015 16:43:26 System Checkpoint
08-01-2015 16:46:22 System Checkpoint
08-01-2015 20:07:47 before adwcleaner, JRT
09-01-2015 21:38:46 System Checkpoint
10-01-2015 19:52:32 zoek.exe restore point
11-01-2015 21:45:31 System Checkpoint
12-01-2015 08:31:20 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.0.4.1028

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2007-02-18 07:00 - 2013-10-29 17:57 - 00000098 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


==================== Loaded Modules (whitelisted) =============

2014-01-10 00:26 - 2014-01-10 00:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-01-10 00:28 - 2014-01-10 00:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-27 19:42 - 2014-11-26 11:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR322 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\WINDOWS\pss\Start GeekBuddy.lnkCommon

Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => C:\Program Files (x86)\Common Files\Ahead\lib\NMBgMonitor.exe
MSCONFIG\startupreg: DivXMediaServer => "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GrooveMonitor =>
MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\SysWOW64\NeroCheck.exe
MSCONFIG\startupreg: SmartRAM => "C:\Program Files (x86)\WindowsCare v2.7\MemCleaner.exe" /m
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TransBar => C:\Program Files (x86)\TransparentBar\TransBar.exe /s
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1560305870-1003223559-3566357663-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1560305870-1003223559-3566357663-501 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1560305870-1003223559-3566357663-1001 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
Description: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC #2
Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC #3
Description: Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTLE8023x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1394 Net Adapter #2
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 07:11:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application falco icon studio.exe, version 1.0.0.1, faulting module falco icon studio.exe, version 1.0.0.1, fault address 0x000175cd.
Processing media-specific event for [falco icon studio.exe!ws!]

Error: (01/07/2015 07:10:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application falco icon studio.exe, version 1.0.0.1, faulting module falco icon studio.exe, version 1.0.0.1, fault address 0x000175cd.
Processing media-specific event for [falco icon studio.exe!ws!]

Error: (12/29/2014 09:03:50 AM) (Source: Microsoft Office 12) (EventID: 2001) (User: )
Description: Rejected Safe Mode action : Microsoft Office Outlook.

Error: (12/29/2014 09:03:39 AM) (Source: Microsoft Office 12) (EventID: 1000) (User: )
Description: Faulting application outlook.exe, version 12.0.6661.5003, stamp 4fa2a9e1, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0,

fault address 0x00000000.

Error: (12/20/2014 10:27:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application driverfighter.exe, version 1.1.31.0, faulting module driverfighter.exe, version 1.1.31.0, fault address 0x000045ee.
Processing media-specific event for [driverfighter.exe!ws!]

Error: (12/19/2014 03:58:43 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT AUTHORITY)
Description: The keyfile contains no valid license. The service will be stopped!

Error: (12/19/2014 00:38:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: KINGKONG)
Description: Product: WOT for Internet Explorer -- Error 1316. A network error occurred while attempting to read from the file: N:\- PROGRAMS\Downloaded

Programs\Security Programs\WOT x64 for Firefox\WOT-latest-en-x64.msi

Error: (12/19/2014 11:52:32 AM) (Source: MsiInstaller) (EventID: 11316) (User: KINGKONG)
Description: Product: WOT for Internet Explorer -- Error 1316. A network error occurred while attempting to read from the file: N:\- PROGRAMS\Downloaded

Programs\Security Programs\WOT x64 for Firefox\WOT-latest-en-x64.msi

Error: (12/15/2014 10:47:17 AM) (Source: MsiInstaller) (EventID: 11316) (User: KINGKONG)
Description: Product: WOT for Internet Explorer -- Error 1316. A network error occurred while attempting to read from the file: N:\- PROGRAMS\Downloaded

Programs\Security Programs\WOT x64 for Firefox\WOT-latest-en-x64.msi

Error: (12/13/2014 09:01:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 34.0.5.5443, faulting module mozalloc.dll, version 34.0.5.5443, fault address 0x00001425.
Processing media-specific event for [plugin-container.exe!ws!]


System errors:
=============
Error: (01/12/2015 08:30:18 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The Routing and Remote Access service depends on the NetBIOSGroup group and no member of this group started.

Error: (01/12/2015 08:30:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/12/2015 08:28:28 AM) (Source: 0) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys

Error: (01/11/2015 06:27:31 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The Routing and Remote Access service depends on the NetBIOSGroup group and no member of this group started.

Error: (01/11/2015 06:27:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/11/2015 06:25:49 AM) (Source: 0) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys

Error: (01/10/2015 08:23:30 PM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The Routing and Remote Access service depends on the NetBIOSGroup group and no member of this group started.

Error: (01/10/2015 08:23:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/10/2015 08:22:21 PM) (Source: 0) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys

Error: (01/10/2015 10:41:40 AM) (Source: Service Control Manager) (EventID: 7002) (User: )
Description: The Routing and Remote Access service depends on the NetBIOSGroup group and no member of this group started.


Microsoft Office Sessions:
=========================
Error: (12/29/2014 09:03:37 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6425.1000. This session

lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/17/2014 05:19:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6425.1000. This session

lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/05/2012 10:35:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 17 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2011 04:44:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2011 04:44:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2011 04:44:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 24 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2011 04:43:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 10 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/05/2010 07:46:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/05/2010 07:46:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (12/05/2010 07:46:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6425.1000. This session

lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 4094 MB
Available physical RAM: 2926.23 MB
Total Pagefile: 5892.95 MB
Available Pagefile: 4879.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Local Disk) (Fixed) (Total:34.18 GB) (Free:12.15 GB) NTFS
Drive d: (M 20-89, WS) (Fixed) (Total:897.33 GB) (Free:244.45 GB) NTFS
Drive e: (M 90-07, TOONS, ANIMS, COM) (Fixed) (Total:1863.01 GB) (Free:640.39 GB) NTFS
Drive f: (M 08-PR, MIX) (Fixed) (Total:1863.01 GB) (Free:1366 GB) NTFS
Drive g: (HD MOVIES, MINI-SERIES) (Fixed) (Total:1863.01 GB) (Free:352.82 GB) NTFS
Drive h: (DOCUMENTARIES) (Fixed) (Total:931.51 GB) (Free:49.12 GB) NTFS
Drive i: (BKS DOG HOL MU P&F SF&TE) (Fixed) (Total:931.51 GB) (Free:481.36 GB) NTFS
Drive j: (TV 1-D) (Fixed) (Total:931.51 GB) (Free:277.19 GB) NTFS
Drive k: (TV E-I, VIDEO CLIPS) (Fixed) (Total:1863.01 GB) (Free:1046.06 GB) NTFS
Drive l: (TV J-M, BIBLICAL) (Fixed) (Total:931.51 GB) (Free:397.75 GB) NTFS
Drive m: (TV N-SO) (Fixed) (Total:931.51 GB) (Free:453.65 GB) NTFS
Drive n: (TV ST-Z CL DR H&F MS PR RS) (Fixed) (Total:1863.01 GB) (Free:635.28 GB) NTFS
Drive z: (new tv episodes) (Fixed) (Total:931.51 GB) (Free:75.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 3C1E3C1E)
Partition 1: (Active) - (Size=34.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=897.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B1DE9374)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 20643CEF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B1DE9375)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 43F5C04D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B49DBCD4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: B6370A21)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C76BC76B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 3DC003A1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 9 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: A2FC6F33)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 10 (Size: 1863 GB) (Disk ID: BAB1BAB2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 11 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9FFEDC44)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#64
Dakeyras
Posted 12 January 2015 - 02:49 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

How's your computer performing now please ? Plus any particular reason you chose to uninstall Malwarebytes Anti-Malware recently ? Not a problem, more curious than anything.

Scan with aswMBR:

Please download aswMBR to your desktop.

Alternate downloads are here and here.
  • Double-click on aswMBR.exe to launch the application.
  • If a prompt stating: The computer supports "Virtualization Technology" appears >> select Yes
  • When prompted with: The application can use the Avast! Free Antivirus for scanning >> select Yes
  • The Avast! virus definitions database will automatically be downloaded. Be patient this make take some time depending on the speed of your Internet Connection.
  • Once it has downloaded >> ensure the option next to AV scan: >> QuickScan is selected only. It should be by default.
  • Now click on the Scan button to start the scan.
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
  • Click on Exit.
Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).
  • 0

#65
Denisejm
Posted 12 January 2015 - 03:32 PM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

I didn't notice SearchAssist.net when I wasn't on the internet.  I first noticed it when I WOT disappeared from Firefox and IE.   I also can't get into Internet Options.  I got back WOT for Firefox but I still can't get into Internet Options, neither from Tools or Control Panel.  I also can't open IE and I can't delete it from Program Files or reinstall it.  Everything else seem to be running ok.

 

I uninstalled MBAM because it kept giving me a message to upgrade to pro and the trial period was about to expire.  I reinstalled Media Player HC because I use it to watch videos.

 

I no longer use Avast because IE kept crashing with Avast's last update about a year or so ago.  I still have a lot of Avast files left over after uninstalling but I just left them there, hoping I could use it again with new updates but so far, it still causes IE to crash (or it did until I lost IE completely).


  • 0

#66
Denisejm
Posted 12 January 2015 - 03:39 PM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-01-12 16:32:49
-----------------------------
16:32:49.953    OS Version: Windows x64 5.2.3790 Service Pack 2
16:32:49.953    Number of processors: 4 586 0xF0B
16:32:49.953    ComputerName: KINGKONG  UserName:
16:32:50.515    Initialize success
16:32:50.671    VM: initialized successfully
16:32:50.687    VM: Intel CPU supported
16:32:54.234    VM: disk I/O atapi.sys
16:35:41.281    AVAST engine defs: 15011201
16:39:13.296    The log file has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\Desktop\aswMBR.txt"

 


  • 0

#67
Dakeyras
Posted 13 January 2015 - 04:10 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Thanks for the update etc...

Something is not quite right with the aswMBR output, so we will check that out as follows...

Download/run Rkill:

(If one fails to work delete it and download/try another):

One, Two,Three, Four or Five

Note: If your security software warns about Rkill, please ignore and allow the download to continue.
  • Double click on Rkill.
  • A command window will open then disappear upon completion, this is normal.
  • Post the log created, found on the desktop rkill.txt. in your next reply.
Re-scan with aswMBR:

Delete your current version of swMBR.exe then empty the Recycle Bin.

Then download a new copy of download aswMBR and save to your desktop.
  • Double-click on aswMBR.exe to launch the application.
  • If a prompt stating: The computer supports "Virtualization Technology" appears >> select Yes
  • When prompted with: The application can use the Avast! Free Antivirus for scanning >> select Yes
  • The Avast! virus definitions database will automatically be downloaded. Be patient this make take some time depending on the speed of your Internet Connection.
  • Once it has downloaded >> ensure the option next to AV scan: >> QuickScan is selected only. It should be by default.
  • Now click on the Scan button to start the scan.
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
  • Click on Exit.
Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).
  • 0

#68
Denisejm
Posted 13 January 2015 - 08:50 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingc...opic308364.html

Program started at: 01/13/2015 09:48:47 AM in x64 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingc.../hosts-permbat/

 * HOSTS file entries found:

  ÿþ1 2 7 . 0 . 0 . 1               l o c a l h o s t
 
   : : 1               l o c a l h o s t
 
   

Program finished at: 01/13/2015 09:49:14 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)
 


  • 0

#69
Denisejm
Posted 13 January 2015 - 09:07 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-01-13 09:52:52
-----------------------------
09:52:52.500    OS Version: Windows x64 5.2.3790 Service Pack 2
09:52:52.500    Number of processors: 4 586 0xF0B
09:52:52.500    ComputerName: KINGKONG  UserName:
09:52:52.781    Initialize success
09:52:52.796    VM: initialized successfully
09:52:52.796    VM: Intel CPU supported
09:52:55.218    VM: disk I/O atapi.sys
09:53:22.484    AVAST engine defs: 15011201
09:54:39.859    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-6
09:54:39.875    Disk 0 Vendor: WDC_WD1001FALS-00J7B0 05.00K05 Size: 953868MB BusType: 3
09:54:39.875    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-e
09:54:39.875    Disk 1 Vendor: WDC_WD20EURS-63S48Y0 51.0AB51 Size: 1907729MB BusType: 3
09:54:39.890    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T0L0-19
09:54:39.890    Disk 2 Vendor: WDC_WD20EURS-73TLHY0 80.00A80 Size: 1907729MB BusType: 3
09:54:39.890    Disk 3  \Device\Harddisk3\DR3 -> \Device\Ide\IdeDeviceP3T0L0-24
09:54:39.906    Disk 3 Vendor: WDC_WD20EURS-63S48Y0 51.0AB51 Size: 1907729MB BusType: 3
09:54:39.906    Disk 4  \Device\Harddisk4\DR4 -> \Device\Scsi\rr232x1Port4Path0Target0Lun0
09:54:39.921    Disk 4 Vendor: WDC_____ 05.0 Size: 953868MB BusType: 1
09:54:39.921    Disk 5  \Device\Harddisk5\DR5 -> \Device\Scsi\rr232x1Port4Path0Target1Lun0
09:54:39.937    Disk 5 Vendor: WDC_____ 80.0 Size: 1907729MB BusType: 1
09:54:39.937    Disk 6  \Device\Harddisk6\DR6 -> \Device\Scsi\rr232x1Port4Path0Target2Lun0
09:54:39.953    Disk 6 Vendor: WDC_____ 05.0 Size: 953868MB BusType: 1
09:54:39.968    Disk 7  \Device\Harddisk7\DR7 -> \Device\Scsi\rr232x1Port4Path0Target3Lun0
09:54:39.968    Disk 7 Vendor: WDC_____ 05.0 Size: 953868MB BusType: 1
09:54:39.984    Disk 8  \Device\Harddisk8\DR8 -> \Device\Scsi\rr232x1Port4Path0Target4Lun0
09:54:40.000    Disk 8 Vendor: WDC_____ 05.0 Size: 953869MB BusType: 1
09:54:40.015    Disk 9  \Device\Harddisk9\DR9 -> \Device\Scsi\rr232x1Port4Path0Target5Lun0
09:54:40.015    Disk 9 Vendor: WDC_____ 05.0 Size: 953869MB BusType: 1
09:54:40.031    Disk 10  \Device\Harddisk10\DR10 -> \Device\Scsi\rr232x1Port4Path0Target6Lun0
09:54:40.046    Disk 10 Vendor: WDC_____ 51.0 Size: 1907728MB BusType: 1
09:54:40.062    Disk 11  \Device\Harddisk11\DR11 -> \Device\Scsi\rr232x1Port4Path0Target7Lun0
09:54:40.078    Disk 11 Vendor: WDC_____ 05.0 Size: 953868MB BusType: 1
09:54:40.156    Disk 0 MBR read successfully
09:54:40.171    Disk 0 MBR scan
09:54:40.218    Disk 0 Windows XP default MBR code
09:54:40.234    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS        35000 MB offset 63
09:54:40.265    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       918866 MB offset 71682030
09:54:40.312    Disk 0 scanning C:\WINDOWS\system32\drivers
09:54:49.921    Service scanning
09:55:00.156    Modules scanning
09:55:00.156    Disk 0 trace - called modules:
09:55:00.156    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS hal.dll
09:55:00.156    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffadf9cb63060]
09:55:00.156    3 CLASSPNP.SYS[fffffadf907968c9] -> nt!IofCallDriver -> \Device\00000071[0xfffffadf9c8e2630]
09:55:00.156    5 ACPI.sys[fffffadf909a9e69] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-6[0xfffffadf9c8bdc30]
09:55:00.468    AVAST engine scan C:\WINDOWS
09:55:06.015    AVAST engine scan C:\WINDOWS\system32
09:57:24.421    AVAST engine scan C:\WINDOWS\system32\drivers
09:57:31.375    AVAST engine scan C:\Documents and Settings\Administrator
10:06:12.437    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\Desktop\MBR.dat"
10:06:12.453    The log file has been saved successfully to "C:\Documents and Settings\Administrator\My Documents\Desktop\aswMBR.txt"

 


  • 0

#70
Dakeyras
Posted 14 January 2015 - 05:01 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Lets address the IE related issues as follows...

Fix/repair Policies:

Please download FixPolicies zip file(see below) and save to your desktop.

  • Exrack the zip file you your desktop.
  • Double-click on FixPolicies to open the folder.
  • Then double-click on Fix_policies.cmd >> a command window will open and then close once processed.
Fix IE Utility:

Please download the Fix IE Utility then unzip the file to your desktop.
  • Close all open windows, especially Internet Explorer.
  • Right-click on Fix IE Utility.exe and select Run as Administrator to run the application.
  • Now click on the Run Utility button as shown in the image:-
fie1.gif
  • Wait until the following message appears:-
fie2.gif
  • Then click on OK.
Reset IE8:
  • Please download this Microsoft FixIt and save it to the desktop.
  • Double click on MicrosoftFixit50195.exe select I Agree and click on Next.
  • Follow the on-screen prompts.
  • You may delete MicrosoftFixit50195.exe when finished and or keep it if any problems in the future with IE8.
  • Next time IE8 is launched you will be prompted to reapply settings again, this is normal.
Note: Any add-ons will require to be reapplied after the above reset.

Next:

Let myself know when completed the above and the overall outcome etc. We will then go from there, thank you.
  • 0

Advertisements

#71
Denisejm
Posted 14 January 2015 - 08:13 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

I'm attaching a couple of screenshot of the results.  FixPolicies and Fix IE Utility proceeded with no problems.

 

MicrosoftFixIt failed.  It didn't give a reason.

 

I've also attached a screen shot of C:\Program Files (x86)\Internet Explorer.

 

 

 

 

Attached Thumbnails

  • MSFixItFailed.jpg
  • Program Files (x86)-Internet Explorer.jpg

  • 0

#72
Dakeyras
Posted 14 January 2015 - 12:04 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Carry out the below and try the Fixit again please...

Click on Start >> Run... and type cleanmgr in the box, then click on OK.
  • Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
  • You can choose to check other boxes if you wish but they are not required.
  • Click on OK then Yes.
  • Now Reboot(restart) your computer.

  • 0

#73
Denisejm
Posted 14 January 2015 - 08:22 PM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

ok, done.


  • 0

#74
Denisejm
Posted 15 January 2015 - 04:06 AM

Denisejm

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 782 posts

I've been looking around to see what solutions other people found for this problem. At http://cnedelcu.blog...lorer-wont.html , I found "Internet Explorer 7, 8 and 9 repair script 64-bit."

 

There were 3 solutions on this page.  The first one, "to reset Internet Explorer to its default settings."  I can't get into IE to do this, which is my whole problem.

 

The second solution was to "uninstall and reinstall Internet Explorer."  I tried this a number of times and it didn't work.

 

So I tried the third solution.  It didn't fix the problem but it installed a number of folders in Program Files > Internet Explorer.  Instead of explaining the results in words, which I'm not sure I'd be able to do :blink: because I wanted you to see the flow, I attached a screenshot.  I hope it's understandable.

 

Attached Thumbnails

  • Proceeded with ie8-rereg.64on64.JPG

  • 0

#75
Dakeyras
Posted 15 January 2015 - 04:43 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

I would prefer if you did not attempt self fixes as all this does is make it harder for myself to assist you.

OK lets see if we can uninstall IE8 via another methodology as follows as it appears to be irreparably damaged...

Rerun FixPolicies and then the Fix IE Utility as outlined prior(post #70).

Then click on Start >> Run..., then copy/paste the following command into the box then click on OK:
%windir%\ie8\spuninst\spuninst.exe
When the Windows Internet Explorer 8 Removal Wizard windows appears >> click on Next>

If prompted about programs installed after Internet Explorer 8 click on Yes >> once processed click on Finish.

Your machine should now automatically reboot.

Next:

In your next reply let myself know the outcome of the above and we will then go from there, thank you.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP