Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Is Java still a security risk?


  • Please log in to reply

#151
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

If you can find some copper wire that you could wrap around a cold water faucet that would reach to where you are working that would work.  Doesn't have to be very big wire.


  • 1

Advertisements


#152
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

Ok, thank you, good idea!

 

Was about to show you this, what do you think please?

 

"This compact wrist strap eliminates static without the need for a pesky grounding cord."

 

http://www.ebay.co.u...mMakeTrack=true


  • 0

#153
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Don't see how it could possibly work.  I'd stay away from it.


  • 1

#154
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

I'll stay away from it....

 

RKinner (would rather use your first name and address you properly but don't know it)....

 

I have been worried about carrying out the repair installation and memory upgrade for a long time.

 

So glad you have been around to guide and see me through it.

 

You are a very kind man and you have the patience of a Saint.

 

(In this case meaning someone who is extremely patient with others)

 

May be awhile before I report back to you, I hope you can keep this topic open.


  • 0

#155
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

The r stands for Ron.

 

I never close posts so the topic should stay open.


  • 0

#156
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

Pleased to hear that...

 

Well I won't be forgetting your name......Ron is my father's name (Ronald Andrew).

 

Just a thought, I hope MemTest still deals with RDRAM / Rambus.

 

I also saw this - would like your opinion on it:

 

http://www.ebay.co.u...=STRK:MEBIDX:IT


  • 0

#157
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I don't think memtest cares what kind of RAM you have.

 

The ebay link would work but it seems rather expensive.  You can get a roll of copper wire a lot cheaper.


  • 1

#158
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

Ok...

 

Thanks for looking. :)


  • 0

#159
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

Regarding MemTest....

 

I've created a bootable USB Flash drive.

I just tried to change the boot sequence through the BIOS.

USB drive isn't there, only CD-ROM, Diskette or Hard drive?

Please advise.

Regarding the Avast antivirus program that I wasn't able to uninstall or update....

I submitted a Support Ticket to the Avast Team, as you know.

They recommended that I remove it with AvastClear (Unintallation Utility).

I carried out the operation in Safe Mode, it was "successful"....

BUT Windows Security Center and Speccy scan shows it as still being installed / active.

Please see attachments.

 

It's not listed in Add / Remove Programs or under Computer Management > Services, I can't see a Program file for it.
 
I cannot try to install the latest version of Avast antivirus until I am advised on what to do regarding this.

They haven't got back to me yet.

I am having to use my computer without an antivirus installed!

 

 


Edited by scarlet.rose, 10 September 2016 - 07:16 AM.

  • 0

#160
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

USB boot is relatively new.  Not all computers can do it.  You may have to use a CD.

 

We used to see problems where an old anti-virus was still detected.  Usually this is because stuff is left in the wmi database.  

 

If you can run a FRST scan with addition.txt checked and post both logs I can fix it.  

http://www.bleepingc...very-scan-tool/

If you no longer have it.


  • 0

Advertisements


#161
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

After creating the bootable USB Flash drive I feared that I might have to use a CD (would need to buy some) after looking at the BIOS boot sequence.....

 

Subsequently saw this about my computer:

 

"The 8100 model has one active USB port during boot up that can be used when updating the BIOS.  That port is on the rear of the system and would be the one on the upper right."

http://en.community....3514/t/18098152

 

?

 

Here are my logs:

 

I don't have Chrome installed anymore, not sure why it's showing under browsers.

 

I removed User Profile Hive Cleanup Service to see how the computer performs now without it since the repair installation.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by dell owner (administrator) on OWNER-25721C41B (10-09-2016 15:19:37)
Running from C:\Documents and Settings\dell owner\My Documents\Downloads
Loaded Profiles: dell owner (Available Profiles: dell owner & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lexmark International, Inc.) C:\WINDOWS\system32\LexBceS.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\Lexpps.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PrinTray] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe [36864 2000-08-10] (Lexmark)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [7700480 2006-10-22] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [86016 2006-10-22] (NVIDIA Corporation)
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKU\S-1-5-21-725345543-839522115-1202660629-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation)
HKU\S-1-5-21-725345543-839522115-1202660629-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssflwbox.scr [393216 2008-08-21] (Microsoft Corporation)
Lsa: [Notification Packages] : scecli
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{3B02402A-9823-4F7C-89F0-0636DD23A4E3}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {05FE8838-C2ED-4AC2-92F4-CBB8E10C8F4F} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {5CAA078D-D123-40A8-90E7-4874CDC9FB6A} URL = hxxp://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {CD10120B-C165-4f8d-8C74-639629E238FF} URL =
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> No Name - {3E1201F4-1707-409F-BB45-A5F192381DA0} -  No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1469090094013
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} hxxp://register.btinternet.com/templates/btwebcontrol023.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5520/mcfscan.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282
FF DefaultSearchUrl: hxxps://uk.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: about:home
FF Keyword.URL: hxxps://uk.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-20] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\searchplugins\yahoo-answers.xml [2010-02-27]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\19j68g5s.3\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\py5hhbjm.TEST\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-09-26]
FF Extension: (YesScript) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\[email protected] [2015-05-29]
FF Extension: (selectivecookiedelete) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\[email protected] [2015-05-29]
FF Extension: (QuickJS) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi [2015-05-29]
FF Extension: (WOT) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-08-30]
FF Extension: (Photobucket Uploader) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\[email protected] [2011-10-16] [not signed]
FF Extension: (YesScript) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\[email protected] [2011-11-29] [not signed]
FF Extension: (Yahoo! Toolbar) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-03-25] [not signed]
FF Extension: (WOT) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2) [2011-11-27] [not signed]
FF Extension: (Adblock Plus) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-25] [not signed]
FF Extension: (Adobe DLM (powered by getPlus®)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2009-09-10] [not signed]
FF Extension: (Ad blocker) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C} [2011-03-25] [not signed]
FF Extension: (Troubleshooter) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\Extensions\[email protected] [2013-08-07] [not signed]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-07-15] [not signed]
FF Extension: (British English Dictionary (Updated)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\[email protected] [2014-04-04] [not signed]
FF Extension: (selectivecookiedelete) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\[email protected] [2014-04-06] [not signed]
FF Extension: (X-notifier) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-03-24] [not signed]
FF Extension: (Bluhell Firewall) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-03-25] [not signed]
FF Extension: (Amazon Price Tracker - Keepa.com) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-06-02]
FF Extension: (Webmail Ad Blocker) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-02-23]
FF Extension: (British English Dictionary (Forked by Marco Pinto)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-02-23]
FF Extension: (Yahoo Mail Hide Ad Panel) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2016-02-23]
FF Extension: (Adblock Plus) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome:
=======
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\dell owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 6 U33) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\WINDOWS\system32\npdeployJava1.dll => No File
CHR Profile: C:\Documents and Settings\dell owner\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [278016 2000-08-10] (Lexmark International, Inc.) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation) [File not signed]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 es1371; C:\WINDOWS\System32\drivers\es1371mp.sys [40832 2002-06-03] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-08-21] (Microsoft Corporation)
S3 GetSusp; C:\WINDOWS\GetSusp.sys [15144 2014-12-06] (McAfee, Inc.)
R3 HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [907456 2001-08-17] (Conexant)
R0 idebd; C:\WINDOWS\System32\DRIVERS\idebd.sys [3737 2000-05-30] (Intel Corporation)
R0 IntelATA; C:\WINDOWS\System32\DRIVERS\intelata.sys [118480 2000-05-30] (Intel Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-08-21] (Microsoft Corporation) [File not signed]
U0 aswVmm; no ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-08-21] (Microsoft Corporation)
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 12:59 - 2016-09-10 13:07 - 00005655 _____ C:\Documents and Settings\dell owner\My Documents\Using MemTest.txt
2016-09-10 12:16 - 2016-09-10 12:38 - 00003748 _____ C:\Documents and Settings\dell owner\My Documents\Boot sequence instructions.txt
2016-09-08 18:14 - 2016-09-09 10:29 - 00036685 _____ C:\Documents and Settings\dell owner\My Documents\Speccy post Avast uninstall 8 9 2016.txt
2016-09-08 12:48 - 2016-09-08 13:29 - 00001595 _____ C:\Documents and Settings\dell owner\My Documents\Cardiology notes.txt
2016-09-08 12:09 - 2016-09-08 12:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2016-09-08 12:08 - 2016-09-08 12:08 - 00001053 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to avast_free_antivirus_setup(3).lnk
2016-09-08 10:53 - 2016-09-08 10:53 - 00000973 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to avastclear(4).lnk
2016-09-07 20:54 - 2016-09-08 12:47 - 00017121 _____ C:\Documents and Settings\dell owner\My Documents\Cardiology Dept notes.odt
2016-09-04 21:14 - 2016-09-04 21:15 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2016-09-03 19:57 - 2016-09-03 19:57 - 00036737 _____ C:\Documents and Settings\dell owner\My Documents\Speccy scan results 3 9 2016 post XP SP3 repair installation 2.txt
2016-09-03 13:29 - 2016-09-03 13:29 - 00057080 _____ C:\Documents and Settings\dell owner\My Documents\OWNER-25721C41B Speccy scan result 3 9 2016 post XP SP3 repair installation.xml
2016-09-03 13:25 - 2016-09-03 13:25 - 00036781 _____ C:\Documents and Settings\dell owner\My Documents\Speccy scan results 3 9 2016 post XP SP3 repair installation.txt
2016-09-02 10:16 - 2016-09-02 10:17 - 00000490 _____ C:\TDSSKiller.3.1.0.9_02.09.2016_10.16.14_log.txt
2016-08-30 00:26 - 2016-08-30 00:26 - 00034571 _____ C:\Documents and Settings\dell owner\My Documents\Speccy post 2nd repair installation.txt
2016-08-29 19:08 - 2016-08-29 19:08 - 00005176 _____ C:\WINDOWS\system32\wpa.bak
2016-08-29 17:54 - 2016-08-29 17:54 - 00000803 _____ C:\Documents and Settings\dell owner\Start Menu\Programs\Internet Explorer.lnk
2016-08-29 17:45 - 2016-08-29 17:49 - 00000000 __HDC C:\WINDOWS\ie8
2016-08-29 16:49 - 2008-08-21 13:00 - 00426041 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicepad.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winzm.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsp.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winpy.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00086073 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicesub.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winar30.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniime.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00072704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wingb.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winime.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unicdime.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
2016-08-29 16:49 - 2008-08-21 13:00 - 00028288 ____C C:\WINDOWS\system32\dllcache\xjis.nls
2016-08-29 16:49 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00571392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlgnt.ime
2016-08-29 16:48 - 2008-08-21 13:00 - 00456192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsvc.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintsetp.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00358400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpincl.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00259072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpcl.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smi2smir.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00188416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpsmir.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00143422 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\softkey.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlphr.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpthrd.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmp.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00029184 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw330ext.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rw001ext.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\romanime.ime
2016-08-29 16:48 - 2008-08-21 13:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmigrate.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmptrap.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpmib.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00482304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlgnt.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00229439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\multibox.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00175104 ____C C:\WINDOWS\system32\dllcache\pintlcsa.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtstocom.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prcp.nls
2016-08-29 16:47 - 2008-08-21 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prc.nls
2016-08-29 16:47 - 2008-08-21 13:00 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phon.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quick.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlphr.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmigrate.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlcsd.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00036927 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs411.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00020736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ramdisk.sys
2016-08-29 16:47 - 2008-08-21 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs404.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs804.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs412.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
2016-08-29 16:47 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2016-08-29 16:47 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2016-08-29 16:46 - 2008-08-21 13:00 - 01875968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.lex
2016-08-29 16:46 - 2008-08-21 13:00 - 01158818 ____C C:\WINDOWS\system32\dllcache\korwbrkr.lex
2016-08-29 16:46 - 2008-08-21 13:00 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
2016-08-29 16:46 - 2008-08-21 13:00 - 00092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\korwbrkr.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00047066 ____C C:\WINDOWS\system32\dllcache\ksc.nls
2016-08-29 16:46 - 2008-08-21 13:00 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lmmib2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lpdsvc.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lprmon.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecat.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migregdb.exe
2016-08-29 16:46 - 2008-08-21 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecnt.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnec95.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41a.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41j.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
2016-08-29 16:46 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 13463552 ____C C:\WINDOWS\system32\dllcache\hwxjpn.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 10129408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxkor.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 10096640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxcht.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00811064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81k.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00716856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcus.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00471102 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskdic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00368696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00340023 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81.ime
2016-08-29 16:45 - 2008-08-21 13:00 - 00315455 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskf.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00311359 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsv.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00307257 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00274489 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputyc.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00262200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputy.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00233527 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjprw.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00208952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpmig.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00196665 ____C C:\WINDOWS\system32\dllcache\imjpinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00155705 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdsvr.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00134339 ____C C:\WINDOWS\system32\dllcache\imekr.lex
2016-08-29 16:45 - 2008-08-21 13:00 - 00108827 ____C C:\WINDOWS\system32\dllcache\hanja.lex
2016-08-29 16:45 - 2008-08-21 13:00 - 00106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrcic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00102463 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsm.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00102456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imlang.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekr61.ime
2016-08-29 16:45 - 2008-08-21 13:00 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmbx.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00081976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imkrinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00059392 ____C C:\WINDOWS\system32\dllcache\imscinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00057398 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdadm.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00045109 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpuex.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmig.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hanjadic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iprip.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdibm02.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdax2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd106n.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101a.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00562176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00451584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00400384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00285184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00267776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00229376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscover.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00192512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00142848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00132608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dayi.ime
2016-08-29 16:44 - 2008-08-21 13:00 - 00072192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00057399 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cplexe.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2016-08-29 16:44 - 2008-08-21 13:00 - 00024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2016-08-29 16:44 - 2003-03-24 16:52 - 00094208 ____C C:\WINDOWS\system32\dllcache\fpencode.dll
2016-08-29 16:44 - 2003-03-24 16:52 - 00024632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2016-08-29 16:44 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
2016-08-29 16:44 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 01677824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chsbrkr.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtbrkr.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintsetp.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00331264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintime.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173568 ____C C:\WINDOWS\system32\dllcache\chtskf.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00162850 ____C C:\WINDOWS\system32\dllcache\c_10001.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtmbx.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00082172 ____C C:\WINDOWS\system32\dllcache\bopomofo.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chajei.ime
2016-08-29 16:43 - 2008-08-21 13:00 - 00066728 ____C C:\WINDOWS\system32\dllcache\big5.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtskdic.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2016-08-29 16:43 - 2008-08-21 13:00 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintlgnt.ime
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2016-08-29 16:43 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2016-08-29 16:43 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00876653 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00598071 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00184435 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00188494 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00188480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00147513 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00109328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00102509 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00082035 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00049212 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00049210 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00041020 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00032827 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00032826 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020538 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00020536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016437 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00014608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\WindowsShell.Manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\wuaucpl.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\sapi.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\ncpa.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000488 ___RH C:\WINDOWS\system32\logonui.exe.manifest
2016-08-29 16:22 - 2008-08-21 13:00 - 02144487 ____C C:\WINDOWS\system32\dllcache\NT5.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 01296595 ____C C:\WINDOWS\system32\dllcache\SP3.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 01088840 ____C C:\WINDOWS\system32\dllcache\NTPRINT.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00797189 ____C C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00402264 ____C C:\WINDOWS\system32\dllcache\NT5INF.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00399645 ____C C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00171588 ____C C:\WINDOWS\system32\dllcache\startoc.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00037484 ____C C:\WINDOWS\system32\dllcache\MW770.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00034063 ____C C:\WINDOWS\system32\dllcache\FP4.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00026991 ____C C:\WINDOWS\system32\dllcache\msn7.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00024661 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxcoins.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS\system32\spxcoins.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00016535 ____R C:\WINDOWS\SET6F.tmp
2016-08-29 16:22 - 2008-08-21 13:00 - 00016535 ____C C:\WINDOWS\system32\dllcache\IMS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00014433 ____C C:\WINDOWS\system32\dllcache\msn9.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00013472 ____C C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irclass.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\irclass.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00012363 ____C C:\WINDOWS\system32\dllcache\MSMSGS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00010027 ____C C:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00008574 ____C C:\WINDOWS\system32\dllcache\IASNT4.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00007382 ____C C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2016-08-29 16:21 - 2008-08-21 13:00 - 01296595 ____R C:\WINDOWS\SET60.tmp
2016-08-29 16:21 - 2008-08-21 13:00 - 01088840 ____R C:\WINDOWS\SET63.tmp
2016-08-29 12:12 - 2016-08-29 12:12 - 00010991 _____ C:\Documents and Settings\dell owner\My Documents\Avast error.CLP
2016-08-29 12:05 - 2016-08-29 12:05 - 00000631 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to clipbrd.lnk
2016-08-28 21:54 - 2016-08-28 21:54 - 00000083 _____ C:\Documents and Settings\dell owner\My Documents\Win_Product_KEY.txt
2016-08-27 20:39 - 2016-08-27 20:39 - 00006214 _____ C:\Documents and Settings\dell owner\My Documents\MTB 27 8 2016.txt
2016-08-27 15:36 - 2016-08-27 19:38 - 00001408 _____ C:\Documents and Settings\dell owner\My Documents\Computer keys 2.txt
2016-08-27 12:00 - 2016-08-27 12:00 - 00000000 ____D C:\LXKZ52
2016-08-27 10:56 - 2016-08-27 10:56 - 00000624 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to Computer Product Keys.lnk
2016-08-27 09:46 - 2016-08-29 11:39 - 00001411 _____ C:\Documents and Settings\dell owner\My Documents\Computer Product Keys.txt
2016-08-26 17:13 - 2016-08-26 17:13 - 00000000 ____D C:\Program Files\Core Services
2016-08-25 12:52 - 2016-08-25 12:52 - 00000000 ____H C:\Documents and Settings\dell owner\My Documents\Default.rdp
2016-08-22 20:09 - 2016-08-22 20:09 - 00000000 ___RD C:\Documents and Settings\Administrator\My Documents\My Music
2016-08-22 18:49 - 2016-08-22 18:49 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2016-08-21 10:10 - 2016-08-21 10:10 - 00027271 _____ C:\Documents and Settings\dell owner\My Documents\Speccy New Product Key.txt
2016-08-20 23:55 - 2016-08-20 23:55 - 00026728 _____ C:\Documents and Settings\Administrator\My Documents\OWNER-25721C41B.txt
2016-08-20 19:48 - 2016-08-20 19:49 - 00000000 ____D C:\5c57299dc3a6d0699963507c35
2016-08-20 18:58 - 2016-08-29 16:42 - 00262144 _____ C:\WINDOWS\system32\config\userdifr
2016-08-20 18:57 - 2016-08-29 16:41 - 00001607 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2016-08-20 18:56 - 2016-08-29 16:41 - 00001165 _____ C:\WINDOWS\OEWABLog.txt
2016-08-20 18:52 - 2008-08-21 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isignup.exe
2016-08-20 18:52 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bitsprx4.dll
2016-08-20 18:52 - 2008-08-21 13:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00290304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rhttpaa.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00136192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aaclient.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsgqec.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2016-08-20 18:22 - 2016-08-20 18:22 - 00005880 _____ C:\WINDOWS\system32\pid.PNF
2016-08-20 18:11 - 2008-08-21 13:00 - 01296595 ____R C:\WINDOWS\SET88.tmp
2016-08-20 18:11 - 2008-08-21 13:00 - 01088840 ____R C:\WINDOWS\SET89.tmp
2016-08-20 18:11 - 2008-08-21 13:00 - 00016535 ____R C:\WINDOWS\SET95.tmp
2016-08-20 18:06 - 2016-08-29 19:24 - 00626291 _____ C:\WINDOWS\setuplog.txt
2016-08-19 19:28 - 2016-08-19 19:28 - 00001100 _____ C:\Malwarebytes Scan Result.txt 19 8 2016.txt
2016-08-13 14:17 - 2016-08-18 10:29 - 00001130 _____ C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.html

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 15:20 - 2008-09-19 14:29 - 00000000 ____D C:\Documents and Settings\dell owner\Local Settings\Temp
2016-09-10 15:19 - 2016-07-15 22:22 - 00000000 ____D C:\FRST
2016-09-10 13:11 - 2015-05-16 13:52 - 00000286 _____ C:\WINDOWS\Tasks\NUAutoUpdate.job
2016-09-10 13:11 - 2008-09-19 14:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-10 13:11 - 2005-04-12 14:21 - 00087959 _____ C:\WINDOWS\system32\nvapps.xml
2016-09-10 13:11 - 2004-08-04 11:00 - 00005176 _____ C:\WINDOWS\system32\wpa.dbl
2016-09-10 13:08 - 2008-09-19 14:27 - 00032506 _____ C:\WINDOWS\SchedLgU.Txt
2016-09-10 13:07 - 2008-09-19 14:29 - 00000178 ___SH C:\Documents and Settings\dell owner\ntuser.ini
2016-09-10 13:00 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents
2016-09-09 19:00 - 2015-05-16 13:52 - 00000278 _____ C:\WINDOWS\Tasks\NUSchedule.job
2016-09-09 02:44 - 2008-09-19 14:16 - 00000000 ____D C:\WINDOWS\Registration
2016-09-08 11:52 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents\My Pictures
2016-09-08 11:21 - 2008-09-19 14:56 - 00000211 ___SH C:\boot.ini
2016-09-08 11:20 - 2016-07-14 12:30 - 01941792 _____ C:\WINDOWS\ntbtlog.txt
2016-09-08 00:27 - 2008-09-19 14:29 - 00000000 ____D C:\Documents and Settings\dell owner
2016-09-07 20:37 - 2014-05-14 11:23 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-09-05 19:12 - 2012-07-19 11:43 - 00000000 ____D C:\Documents and Settings\dell owner\Local Settings\Application Data\Deployment
2016-09-01 21:35 - 2008-09-19 14:48 - 00000000 ___HD C:\WINDOWS\inf
2016-08-29 18:03 - 2008-09-19 19:19 - 00000000 ____D C:\WINDOWS\network diagnostic
2016-08-29 17:53 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents\My Music
2016-08-29 17:52 - 2008-09-19 14:48 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-08-29 17:52 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Help
2016-08-29 17:48 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Media
2016-08-29 17:17 - 2008-09-19 14:55 - 17825792 _____ C:\WINDOWS\system32\config\software.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 05767168 _____ C:\WINDOWS\system32\config\system.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 00524288 _____ C:\WINDOWS\system32\config\default.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2016-08-29 17:16 - 2011-11-19 19:57 - 00000000 ____D C:\WINDOWS\l2schemas
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\usmt
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\Setup
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\ime
2016-08-29 17:15 - 2011-11-19 19:57 - 00000000 ____D C:\WINDOWS\system32\scripting
2016-08-29 17:15 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\npp
2016-08-29 17:15 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\PeerNet
2016-08-29 17:14 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\msagent
2016-08-29 17:07 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-08-29 17:07 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\1033
2016-08-29 17:05 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-08-29 17:02 - 2008-09-19 14:58 - 00458340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-29 16:51 - 2015-07-16 19:25 - 00004382 _____ C:\WINDOWS\imsins.BAK
2016-08-29 16:41 - 2008-09-19 14:56 - 00000000 ___HD C:\Documents and Settings\Default User
2016-08-29 16:41 - 2008-09-19 14:21 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2016-08-29 16:41 - 2008-09-19 14:21 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-08-29 16:41 - 2008-09-19 14:21 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-08-29 16:41 - 2008-09-19 14:21 - 00001599 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00000792 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00000398 _____ C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2016-08-29 16:40 - 2008-09-19 14:58 - 00004161 _____ C:\WINDOWS\ODBCINST.INI
2016-08-29 16:39 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\ias
2016-08-29 16:38 - 2008-09-19 14:48 - 00000000 ___RD C:\WINDOWS\Web
2016-08-29 16:38 - 2008-09-19 14:18 - 00000749 ___RH C:\WINDOWS\system32\nwc.cpl.manifest
2016-08-29 16:38 - 2008-09-19 14:18 - 00000749 ___RH C:\WINDOWS\system32\cdplayer.exe.manifest
2016-08-29 16:38 - 2008-09-19 14:18 - 00000488 ___RH C:\WINDOWS\system32\WindowsLogon.manifest
2016-08-29 16:37 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-29 16:37 - 2008-09-19 14:18 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2016-08-29 16:37 - 2004-08-04 11:00 - 00000507 _____ C:\WINDOWS\win.ini
2016-08-29 16:36 - 2008-09-19 14:16 - 00022748 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-29 16:36 - 2008-09-19 14:14 - 00000000 ____D C:\WINDOWS\system32\Com
2016-08-29 16:34 - 2008-09-19 14:15 - 00000609 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2016-08-29 16:34 - 2008-09-19 14:15 - 00000000 ____D C:\Program Files\Messenger
2016-08-29 16:33 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\security
2016-08-29 16:22 - 2004-08-04 11:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-08-29 15:56 - 2008-09-19 14:56 - 00262144 _____ C:\WINDOWS\system32\config\security.sav
2016-08-29 15:29 - 2015-07-05 21:37 - 00244911 _____ C:\WINDOWS\setupapi.old
2016-08-27 22:52 - 2008-09-19 14:56 - 00000000 ____D C:\Documents and Settings
2016-08-25 02:15 - 2009-07-12 11:49 - 00000000 __SHD C:\Documents and Settings\dell owner\IETldCache
2016-08-24 19:48 - 2008-09-19 14:29 - 00000792 _____ C:\Documents and Settings\dell owner\Start Menu\Programs\Windows Media Player.lnk
2016-08-24 19:06 - 2012-07-24 12:37 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-08-24 18:45 - 2012-07-24 12:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-08-23 10:35 - 2016-08-07 11:03 - 00017204 _____ C:\Documents and Settings\dell owner\My Documents\Addresses + Telephone Numbers.odt
2016-08-22 20:09 - 2012-07-24 12:37 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents
2016-08-22 20:06 - 2012-07-24 12:37 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2016-08-21 09:58 - 2016-08-10 09:52 - 00001475 _____ C:\Documents and Settings\dell owner\Desktop\Windows Explorer.lnk
2016-08-20 20:39 - 2008-09-19 17:36 - 00019856 _____ C:\Documents and Settings\dell owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-08-20 19:08 - 2008-09-19 14:56 - 00122136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-20 18:54 - 2008-09-19 21:11 - 00000000 ____D C:\Documents and Settings\Default User\My Documents\My Pictures
2016-08-20 18:54 - 2008-09-19 14:18 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-19 17:39 - 2014-06-30 00:31 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2016-08-13 14:26 - 2016-03-07 20:02 - 00019144 _____ C:\Documents and Settings\dell owner\My Documents\DWP Form Sent 7th March 2016.odt

==================== Files in the root of some directories =======

2016-06-25 11:31 - 2016-06-25 11:43 - 6871040 _____ () C:\Program Files\GUT9.tmp
2016-06-25 11:43 - 2016-06-25 11:43 - 6871040 _____ () C:\Program Files\GUTB.tmp
2016-06-25 11:43 - 2016-06-25 11:58 - 6871040 _____ () C:\Program Files\GUTD.tmp
2012-07-12 12:10 - 2012-07-12 12:10 - 0033758 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\dt.dat
2016-08-13 14:17 - 2016-08-18 10:29 - 0001130 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.html
2016-08-18 09:07 - 2016-08-18 09:09 - 0053871 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.log
2014-04-16 15:00 - 2014-04-16 15:00 - 0044991 _____ () C:\Documents and Settings\All Users\Application Data\1397656736.bdinstall.bin
2012-07-18 20:18 - 2012-07-18 20:18 - 0000694 _____ () C:\Documents and Settings\All Users\Application Data\SMRResults300.dat

Some files in TEMP:
====================
C:\Documents and Settings\dell owner\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\dell owner\Local Settings\Temp\sfextra.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by dell owner (10-09-2016 15:21:47)
Running from C:\Documents and Settings\dell owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2016-08-29 15:50:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-725345543-839522115-1202660629-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
dell owner (S-1-5-21-725345543-839522115-1202660629-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\dell owner
Guest (S-1-5-21-725345543-839522115-1202660629-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-725345543-839522115-1202660629-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-725345543-839522115-1202660629-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
CryptoPrevent v5.2.2 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
Intel Ultra ATA Storage Driver (HKLM\...\{9984DF60-1C5B-11D3-ACA1-908A4FC10801}) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.9 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 24.8.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 24.8.1 (x86 en-GB)) (Version: 24.8.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.2.0.5996 - Mozilla)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OpenOffice 4.1.0 (HKLM\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Process Hacker 2.36 (r6153) (HKLM\...\Process_Hacker2_is1) (Version: 2.36.0.6153 - wj32)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2008-08-21 13:00 - 2008-08-21 13:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2006-10-22 12:22 - 2006-10-22 12:22 - 00212992 _____ () C:\WINDOWS\system32\nvapi.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\wpa.bak:SummaryInformation [43]
AlternateDataStreams: C:\WINDOWS\system32\wpa.bak:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\WINDOWS\system32\wpa.dbl:SummaryInformation [43]
AlternateDataStreams: C:\WINDOWS\system32\wpa.dbl:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:792D4CF1 [129]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_15f32646-822a-4d46-a6e1-97b2fbea73e8 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 11:00 - 2016-05-25 18:32 - 00000019 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-725345543-839522115-1202660629-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1 - 0.0.0.0
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^dell owner^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\WINDOWS\pss\OpenOffice.org 3.0.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^dell owner^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\WINDOWS\network diagnostic\xpnetdiag.exe] => Enabled:Network Diagnostic for Windows XP
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Files and Settings Transfer Wizard
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management Console

==================== Restore Points =========================

29-08-2016 16:59:49 System Checkpoint
29-08-2016 17:47:51 Installed Windows Internet Explorer 8.
31-08-2016 10:32:53 System Checkpoint
02-09-2016 16:25:16 System Checkpoint
04-09-2016 18:58:53 System Checkpoint
07-09-2016 20:03:29 Removed User Profile Hive Cleanup Service

==================== Faulty Device Manager Devices =============

Name: Unsupported Device
Description: Unsupported Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: Unknown
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/06/2016 09:32:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/29/2016 12:09:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/29/2016 12:09:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/27/2016 12:58:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 12:58:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:17:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:11:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:11:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/26/2016 09:59:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (09/10/2016 01:11:29 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/10/2016 01:11:29 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/10/2016 10:04:40 AM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/10/2016 10:04:40 AM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 09:03:30 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 09:03:30 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 04:47:25 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 04:47:25 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 09:50:05 AM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 09:50:05 AM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 1400MHz
Percentage of memory in use: 48%
Total physical RAM: 255.07 MB
Available physical RAM: 131.24 MB
Total Virtual: 1001.79 MB
Available Virtual: 848.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.26 GB) (Free:25.99 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: EA1AA9C7)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#162
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   3.77KB   24 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

  • 1

#163
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

YOU FIXED IT!

 

Security Center reacted immediately with a red warning:

 

"Your computer might be at risk

 

Virus protection - Not found"

 

Now I can try to install the latest Avast antivirus.

 

Thank you very much for helping.

 

Can we get rid of these please - I don't use Norton anymore and any unneeded Chrome browser entries, as I've uninstalled it? >>

 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe
 

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by dell owner (10-09-2016 17:22:32) Run:2
Running from C:\Documents and Settings\dell owner\My Documents\Downloads
Loaded Profiles: dell owner (Available Profiles: dell owner & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {5CAA078D-D123-40A8-90E7-4874CDC9FB6A} URL = hxxp://uk.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {CD10120B-C165-4f8d-8C74-639629E238FF} URL =
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> No Name - {3E1201F4-1707-409F-BB45-A5F192381DA0} -  No File
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\19j68g5s.3\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\py5hhbjm.TEST\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\searchplugins\yahoo-avast.xml [2014-06-16]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-09-26]
FF Extension: (Adobe DLM (powered by getPlus®)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2009-09-10] [not signed]
FF Extension: (Ad blocker) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C} [2011-03-25] [not signed]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [X]
S3 GetSusp; C:\WINDOWS\GetSusp.sys [15144 2014-12-06] (McAfee, Inc.)
U0 aswVmm; no ImagePath
U0 Partizan; system32\drivers\Partizan.sys [X]
U1 WS2IFSL; no ImagePath
2016-09-08 12:09 - 2016-09-08 12:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe







*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => key removed successfully.
HKCR\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} => key not found.
HKU\S-1-5-21-725345543-839522115-1202660629-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-725345543-839522115-1202660629-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5CAA078D-D123-40A8-90E7-4874CDC9FB6A}" => key removed successfully.
HKCR\CLSID\{5CAA078D-D123-40A8-90E7-4874CDC9FB6A} => key not found.
"HKU\S-1-5-21-725345543-839522115-1202660629-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => key removed successfully.
HKCR\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} => key not found.
"HKU\S-1-5-21-725345543-839522115-1202660629-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CD10120B-C165-4f8d-8C74-639629E238FF}" => key removed successfully.
HKCR\CLSID\{CD10120B-C165-4f8d-8C74-639629E238FF} => key not found.
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value removed successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => key removed successfully.
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3E1201F4-1707-409F-BB45-A5F192381DA0} => value removed successfully.
HKCR\CLSID\{3E1201F4-1707-409F-BB45-A5F192381DA0} => key not found.
Firefox SearchEngineOrder.1 removed successfully.
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\19j68g5s.3\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\py5hhbjm.TEST\searchplugins\yahoo-avast.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\searchplugins\yahoo-avast.xml => moved successfully
C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} => moved successfully
C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\rztndne2.Default User 2\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3612C} => moved successfully
getPlusHelper => service removed successfully.
GetSusp => service removed successfully.
aswVmm => service removed successfully.
Partizan => service removed successfully.
WS2IFSL => service removed successfully.
C:\Documents and Settings\All Users\Application Data\AVAST Software => moved successfully
AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D} => removed successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => moved successfully

==== End of Fixlog 17:22:34 ====

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by dell owner (administrator) on OWNER-25721C41B (10-09-2016 17:25:40)
Running from C:\Documents and Settings\dell owner\My Documents\Downloads
Loaded Profiles: dell owner (Available Profiles: dell owner & Administrator)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lexmark International, Inc.) C:\WINDOWS\system32\LexBceS.exe
(Lexmark International, Inc.) C:\WINDOWS\system32\Lexpps.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PrinTray] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe [36864 2000-08-10] (Lexmark)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [7700480 2006-10-22] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMcTray.dll [86016 2006-10-22] (NVIDIA Corporation)
HKLM Group Policy restriction on software: C:\Documents and Settings\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <====== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\Microsoft\Windows\IEUpdate\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *:\RECYCLER <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Local Settings\Application Data\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*\*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Local Settings\Application Data\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Start Menu\Programs\Startup\*.bat <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\gotoassistdownloadhelper.exe <====== ATTENTION
HKU\S-1-5-21-725345543-839522115-1202660629-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1667584 2004-08-04] (Microsoft Corporation)
HKU\S-1-5-21-725345543-839522115-1202660629-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [746376 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssflwbox.scr [393216 2008-08-21] (Microsoft Corporation)
Lsa: [Notification Packages] : scecli

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{3B02402A-9823-4F7C-89F0-0636DD23A4E3}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-725345543-839522115-1202660629-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {05FE8838-C2ED-4AC2-92F4-CBB8E10C8F4F} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll [2014-09-18] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-725345543-839522115-1202660629-1004 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1469090094013
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} hxxp://register.btinternet.com/templates/btwebcontrol023.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5520/mcfscan.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()

FireFox:
========
FF ProfilePath: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282
FF DefaultSearchUrl: hxxps://uk.search.yahoo.com/yhs/search
FF Homepage: about:home
FF Keyword.URL: hxxps://uk.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-20] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\searchplugins\yahoo-answers.xml [2010-02-27]
FF Extension: (YesScript) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\[email protected] [2015-05-29]
FF Extension: (selectivecookiedelete) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\[email protected] [2015-05-29]
FF Extension: (QuickJS) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\{bb65e674-b194-4b6e-8033-5fa0afe3a198}.xpi [2015-05-29]
FF Extension: (WOT) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-08-30]
FF Extension: (Photobucket Uploader) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\[email protected] [2011-10-16] [not signed]
FF Extension: (YesScript) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\[email protected] [2011-11-29] [not signed]
FF Extension: (Yahoo! Toolbar) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-03-25] [not signed]
FF Extension: (WOT) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2) [2011-11-27] [not signed]
FF Extension: (Adblock Plus) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\q0me9ao2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-03-25] [not signed]
FF Extension: (Troubleshooter) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\Extensions\[email protected] [2013-08-07] [not signed]
FF Extension: (Updated Ad Blocker for Firefox 11+) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\9hueenik.default-1373479810009\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-07-15] [not signed]
FF Extension: (British English Dictionary (Updated)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\[email protected] [2014-04-04] [not signed]
FF Extension: (selectivecookiedelete) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\[email protected] [2014-04-06] [not signed]
FF Extension: (X-notifier) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-03-24] [not signed]
FF Extension: (Bluhell Firewall) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\trkikdsf.default-1395699729962\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-03-25] [not signed]
FF Extension: (Amazon Price Tracker - Keepa.com) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-06-02]
FF Extension: (Webmail Ad Blocker) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-02-23]
FF Extension: (British English Dictionary (Forked by Marco Pinto)) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\[email protected] [2016-02-23]
FF Extension: (Yahoo Mail Hide Ad Panel) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2016-02-23]
FF Extension: (Adblock Plus) - C:\Documents and Settings\dell owner\Application Data\Mozilla\Firefox\Profiles\b7n86jf2.default-1402665467282\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome:
=======
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Update) - C:\Documents and Settings\dell owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Java™ Platform SE 6 U33) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\WINDOWS\system32\npdeployJava1.dll => No File
CHR Profile: C:\Documents and Settings\dell owner\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 LexBceS; C:\WINDOWS\system32\LEXBCES.EXE [278016 2000-08-10] (Lexmark International, Inc.) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2009-01-30] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 es1371; C:\WINDOWS\System32\drivers\es1371mp.sys [40832 2002-06-03] (Creative Technology Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-08-21] (Microsoft Corporation)
R3 HCF_MSFT; C:\WINDOWS\System32\DRIVERS\HCF_MSFT.sys [907456 2001-08-17] (Conexant)
R0 idebd; C:\WINDOWS\System32\DRIVERS\idebd.sys [3737 2000-05-30] (Intel Corporation)
R0 IntelATA; C:\WINDOWS\System32\DRIVERS\intelata.sys [118480 2000-05-30] (Intel Corporation)
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361344 2008-08-21] (Microsoft Corporation) [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-08-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 12:59 - 2016-09-10 13:07 - 00005655 _____ C:\Documents and Settings\dell owner\My Documents\Using MemTest.txt
2016-09-10 12:16 - 2016-09-10 12:38 - 00003748 _____ C:\Documents and Settings\dell owner\My Documents\Boot sequence instructions.txt
2016-09-08 18:14 - 2016-09-09 10:29 - 00036685 _____ C:\Documents and Settings\dell owner\My Documents\Speccy post Avast uninstall 8 9 2016.txt
2016-09-08 12:48 - 2016-09-08 13:29 - 00001595 _____ C:\Documents and Settings\dell owner\My Documents\Cardiology notes.txt
2016-09-08 12:08 - 2016-09-08 12:08 - 00001053 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to avast_free_antivirus_setup(3).lnk
2016-09-08 12:07 - 2016-09-08 12:07 - 06334848 _____ (AVAST Software) C:\Documents and Settings\All Users\Desktop\avast_free_antivirus_setup(3).exe
2016-09-08 10:53 - 2016-09-08 10:53 - 00000973 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to avastclear(4).lnk
2016-09-07 20:54 - 2016-09-08 12:47 - 00017121 _____ C:\Documents and Settings\dell owner\My Documents\Cardiology Dept notes.odt
2016-09-04 21:14 - 2016-09-04 21:15 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo
2016-09-03 19:57 - 2016-09-03 19:57 - 00036737 _____ C:\Documents and Settings\dell owner\My Documents\Speccy scan results 3 9 2016 post XP SP3 repair installation 2.txt
2016-09-03 13:29 - 2016-09-03 13:29 - 00057080 _____ C:\Documents and Settings\dell owner\My Documents\OWNER-25721C41B Speccy scan result 3 9 2016 post XP SP3 repair installation.xml
2016-09-03 13:25 - 2016-09-03 13:25 - 00036781 _____ C:\Documents and Settings\dell owner\My Documents\Speccy scan results 3 9 2016 post XP SP3 repair installation.txt
2016-09-02 10:16 - 2016-09-02 10:17 - 00000490 _____ C:\TDSSKiller.3.1.0.9_02.09.2016_10.16.14_log.txt
2016-08-30 00:26 - 2016-08-30 00:26 - 00034571 _____ C:\Documents and Settings\dell owner\My Documents\Speccy post 2nd repair installation.txt
2016-08-29 19:08 - 2016-08-29 19:08 - 00005176 _____ C:\WINDOWS\system32\wpa.bak
2016-08-29 17:54 - 2016-08-29 17:54 - 00000803 _____ C:\Documents and Settings\dell owner\Start Menu\Programs\Internet Explorer.lnk
2016-08-29 17:45 - 2016-08-29 17:49 - 00000000 __HDC C:\WINDOWS\ie8
2016-08-29 16:49 - 2008-08-21 13:00 - 00426041 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicepad.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winzm.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winsp.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winpy.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00086073 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\voicesub.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winar30.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00076288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\uniime.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00072704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wingb.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\winime.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\unicdime.ime
2016-08-29 16:49 - 2008-08-21 13:00 - 00048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
2016-08-29 16:49 - 2008-08-21 13:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
2016-08-29 16:49 - 2008-08-21 13:00 - 00028288 ____C C:\WINDOWS\system32\dllcache\xjis.nls
2016-08-29 16:49 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00571392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlgnt.ime
2016-08-29 16:48 - 2008-08-21 13:00 - 00456192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smtpsvc.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintsetp.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00358400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpincl.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00259072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpcl.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smi2smir.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00188416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpsmir.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\thawbrkr.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00143422 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\softkey.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tintlphr.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpthrd.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmp.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00029184 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw330ext.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rw001ext.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\romanime.ime
2016-08-29 16:48 - 2008-08-21 13:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
2016-08-29 16:48 - 2008-08-21 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tmigrate.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmptrap.exe
2016-08-29 16:48 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpmib.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2016-08-29 16:48 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2016-08-29 16:48 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00482304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlgnt.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00229439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\multibox.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00175104 ____C C:\WINDOWS\system32\dllcache\pintlcsa.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mtstocom.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prcp.nls
2016-08-29 16:47 - 2008-08-21 13:00 - 00083748 ____C C:\WINDOWS\system32\dllcache\prc.nls
2016-08-29 16:47 - 2008-08-21 13:00 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phon.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00077824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quick.ime
2016-08-29 16:47 - 2008-08-21 13:00 - 00070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlphr.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmigrate.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pintlcsd.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00036927 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs411.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00020736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ramdisk.sys
2016-08-29 16:47 - 2008-08-21 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs404.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00015360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs804.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\padrs412.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
2016-08-29 16:47 - 2008-08-21 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
2016-08-29 16:47 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
2016-08-29 16:47 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2016-08-29 16:47 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2016-08-29 16:46 - 2008-08-21 13:00 - 01875968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.lex
2016-08-29 16:46 - 2008-08-21 13:00 - 01158818 ____C C:\WINDOWS\system32\dllcache\korwbrkr.lex
2016-08-29 16:46 - 2008-08-21 13:00 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msir3jp.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
2016-08-29 16:46 - 2008-08-21 13:00 - 00092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00070656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\korwbrkr.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00047066 ____C C:\WINDOWS\system32\dllcache\ksc.nls
2016-08-29 16:46 - 2008-08-21 13:00 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lmmib2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00022528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lpdsvc.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\lprmon.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00009216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecat.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migregdb.exe
2016-08-29 16:46 - 2008-08-21 13:00 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnecnt.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdnec95.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41a.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth3.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdlk41j.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinpun.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdvntc.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdusa.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdurdu.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth1.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdth0.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr2.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdsyr1.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintel.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdintam.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinmar.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinkan.dll
2016-08-29 16:46 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinhin.dll
2016-08-29 16:46 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 13463552 ____C C:\WINDOWS\system32\dllcache\hwxjpn.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 10129408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxkor.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 10096640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hwxcht.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00811064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81k.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00716856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcus.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00471102 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskdic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00368696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpcic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00340023 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjp81.ime
2016-08-29 16:45 - 2008-08-21 13:00 - 00315455 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imskf.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00311359 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsv.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00307257 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00274489 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputyc.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00262200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjputy.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00233527 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjprw.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00208952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpmig.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00196665 ____C C:\WINDOWS\system32\dllcache\imjpinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00155705 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdsvr.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00134339 ____C C:\WINDOWS\system32\dllcache\imekr.lex
2016-08-29 16:45 - 2008-08-21 13:00 - 00108827 ____C C:\WINDOWS\system32\dllcache\hanja.lex
2016-08-29 16:45 - 2008-08-21 13:00 - 00106496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrcic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00102463 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imepadsm.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00102456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imlang.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekr61.ime
2016-08-29 16:45 - 2008-08-21 13:00 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmbx.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00081976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdct.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00059904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imkrinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00059392 ____C C:\WINDOWS\system32\dllcache\imscinst.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00057398 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpdadm.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00045109 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imjpuex.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\imekrmig.exe
2016-08-29 16:45 - 2008-08-21 13:00 - 00039936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hostmib.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00036864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hanjadic.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iprip.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdibm02.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdax2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd106n.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101a.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbd101.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdinguj.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdindev.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdheb.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdfa.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbddiv1.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda3.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda2.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbda1.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdgeo.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarmw.dll
2016-08-29 16:45 - 2008-08-21 13:00 - 00005120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdarme.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00562176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsst.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00451584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsapi.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00400384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsxp32.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00397312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxstiff.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00285184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscomex.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00267776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssvc.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00246272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxst30.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00229376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscover.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00192512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxswzrd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00154112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsui.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00142848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclnt.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00132608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntagnt.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntwin.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dayi.ime
2016-08-29 16:44 - 2008-08-21 13:00 - 00072192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscom.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00057399 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cplexe.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsevent.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsdrv.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2016-08-29 16:44 - 2008-08-21 13:00 - 00024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\evntcmd.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsmon.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsext32.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2016-08-29 16:44 - 2008-08-21 13:00 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsperf.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\f3ahvoas.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsres.dll
2016-08-29 16:44 - 2008-08-21 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ftlx041e.dll
2016-08-29 16:44 - 2003-03-24 16:52 - 00094208 ____C C:\WINDOWS\system32\dllcache\fpencode.dll
2016-08-29 16:44 - 2003-03-24 16:52 - 00024632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmcgi.exe
2016-08-29 16:44 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpadmdll.dll
2016-08-29 16:44 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 01677824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chsbrkr.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtbrkr.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00480256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintsetp.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00331264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aqueue.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_g18030.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintime.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00195618 ____C C:\WINDOWS\system32\dllcache\c_10002.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00189986 ____C C:\WINDOWS\system32\dllcache\c_1361.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180770 ____C C:\WINDOWS\system32\dllcache\c_20932.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20000.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_20949.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00177698 ____C C:\WINDOWS\system32\dllcache\c_10003.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20936.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_10008.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00173568 ____C C:\WINDOWS\system32\dllcache\chtskf.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00162850 ____C C:\WINDOWS\system32\dllcache\c_10001.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtmbx.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00082172 ____C C:\WINDOWS\system32\dllcache\bopomofo.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chajei.ime
2016-08-29 16:43 - 2008-08-21 13:00 - 00066728 ____C C:\WINDOWS\system32\dllcache\big5.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_864.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_862.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_720.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_708.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_28596.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21027.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20290.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10021.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10005.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_10004.nls
2016-08-29 16:43 - 2008-08-21 13:00 - 00056320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chtskdic.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2016-08-29 16:43 - 2008-08-21 13:00 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cintlgnt.ime
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0804.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0412.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0411.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt040d.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0404.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agt0401.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00010752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_iscii.dll
2016-08-29 16:43 - 2008-08-21 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2016-08-29 16:43 - 2008-08-21 13:00 - 00006656 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\c_is2022.dll
2016-08-29 16:43 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2016-08-29 16:43 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00876653 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awel.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00598071 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmc.dll
2016-08-29 16:42 - 2004-05-13 00:39 - 00184435 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4amsft.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00188494 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpcount.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00188480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cfgwiz.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00147513 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4apws.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00109328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98swin.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00102509 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4atxt.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00082035 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4anscp.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00049212 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4awebs.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00049210 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4areg.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00041020 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avnb.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00032827 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptest.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00032826 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp4avss.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020541 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpexedll.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020540 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00020538 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fpremadm.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00020536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\author.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016439 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\admin.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016437 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\shtml.exe
2016-08-29 16:42 - 2003-03-24 16:52 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tcptsat.dll
2016-08-29 16:42 - 2003-03-24 16:52 - 00014608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fp98sadm.exe
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\WindowsShell.Manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\wuaucpl.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\sapi.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000749 ___RH C:\WINDOWS\system32\ncpa.cpl.manifest
2016-08-29 16:38 - 2016-08-29 16:38 - 00000488 ___RH C:\WINDOWS\system32\logonui.exe.manifest
2016-08-29 16:22 - 2008-08-21 13:00 - 02144487 ____C C:\WINDOWS\system32\dllcache\NT5.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 01296595 ____C C:\WINDOWS\system32\dllcache\SP3.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 01088840 ____C C:\WINDOWS\system32\dllcache\NTPRINT.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00797189 ____C C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00402264 ____C C:\WINDOWS\system32\dllcache\NT5INF.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00399645 ____C C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00171588 ____C C:\WINDOWS\system32\dllcache\startoc.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00037484 ____C C:\WINDOWS\system32\dllcache\MW770.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00034063 ____C C:\WINDOWS\system32\dllcache\FP4.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00026991 ____C C:\WINDOWS\system32\dllcache\msn7.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00024661 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxcoins.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS\system32\spxcoins.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00016535 ____R C:\WINDOWS\SET6F.tmp
2016-08-29 16:22 - 2008-08-21 13:00 - 00016535 ____C C:\WINDOWS\system32\dllcache\IMS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00014433 ____C C:\WINDOWS\system32\dllcache\msn9.cat
2016-08-29 16:22 - 2008-08-21 13:00 - 00013472 ____C C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irclass.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\irclass.dll
2016-08-29 16:22 - 2008-08-21 13:00 - 00012363 ____C C:\WINDOWS\system32\dllcache\MSMSGS.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00010027 ____C C:\WINDOWS\system32\dllcache\MSTSWEB.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00008574 ____C C:\WINDOWS\system32\dllcache\IASNT4.CAT
2016-08-29 16:22 - 2008-08-21 13:00 - 00007382 ____C C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2016-08-29 16:21 - 2008-08-21 13:00 - 01296595 ____R C:\WINDOWS\SET60.tmp
2016-08-29 16:21 - 2008-08-21 13:00 - 01088840 ____R C:\WINDOWS\SET63.tmp
2016-08-29 12:12 - 2016-08-29 12:12 - 00010991 _____ C:\Documents and Settings\dell owner\My Documents\Avast error.CLP
2016-08-29 12:05 - 2016-08-29 12:05 - 00000631 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to clipbrd.lnk
2016-08-28 21:54 - 2016-08-28 21:54 - 00000083 _____ C:\Documents and Settings\dell owner\My Documents\Win_Product_KEY.txt
2016-08-27 20:39 - 2016-08-27 20:39 - 00006214 _____ C:\Documents and Settings\dell owner\My Documents\MTB 27 8 2016.txt
2016-08-27 15:36 - 2016-08-27 19:38 - 00001408 _____ C:\Documents and Settings\dell owner\My Documents\Computer keys 2.txt
2016-08-27 12:00 - 2016-08-27 12:00 - 00000000 ____D C:\LXKZ52
2016-08-27 10:56 - 2016-08-27 10:56 - 00000624 _____ C:\Documents and Settings\dell owner\Desktop\Shortcut to Computer Product Keys.lnk
2016-08-27 09:46 - 2016-08-29 11:39 - 00001411 _____ C:\Documents and Settings\dell owner\My Documents\Computer Product Keys.txt
2016-08-26 17:13 - 2016-08-26 17:13 - 00000000 ____D C:\Program Files\Core Services
2016-08-25 12:52 - 2016-08-25 12:52 - 00000000 ____H C:\Documents and Settings\dell owner\My Documents\Default.rdp
2016-08-22 20:09 - 2016-08-22 20:09 - 00000000 ___RD C:\Documents and Settings\Administrator\My Documents\My Music
2016-08-22 18:49 - 2016-08-22 18:49 - 00000552 _____ C:\WINDOWS\system32\d3d8caps.dat
2016-08-21 10:10 - 2016-08-21 10:10 - 00027271 _____ C:\Documents and Settings\dell owner\My Documents\Speccy New Product Key.txt
2016-08-20 23:55 - 2016-08-20 23:55 - 00026728 _____ C:\Documents and Settings\Administrator\My Documents\OWNER-25721C41B.txt
2016-08-20 19:48 - 2016-08-20 19:49 - 00000000 ____D C:\5c57299dc3a6d0699963507c35
2016-08-20 18:58 - 2016-08-29 16:42 - 00262144 _____ C:\WINDOWS\system32\config\userdifr
2016-08-20 18:57 - 2016-08-29 16:41 - 00001607 _____ C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2016-08-20 18:56 - 2016-08-29 16:41 - 00001165 _____ C:\WINDOWS\OEWABLog.txt
2016-08-20 18:52 - 2008-08-21 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\isignup.exe
2016-08-20 18:52 - 2008-08-21 13:00 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bitsprx4.dll
2016-08-20 18:52 - 2008-08-21 13:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bitsprx4.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00290304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rhttpaa.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\rhttpaa.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00136192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aaclient.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsgqec.dll
2016-08-20 18:49 - 2008-08-21 13:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2016-08-20 18:22 - 2016-08-20 18:22 - 00005880 _____ C:\WINDOWS\system32\pid.PNF
2016-08-20 18:11 - 2008-08-21 13:00 - 01296595 ____R C:\WINDOWS\SET88.tmp
2016-08-20 18:11 - 2008-08-21 13:00 - 01088840 ____R C:\WINDOWS\SET89.tmp
2016-08-20 18:11 - 2008-08-21 13:00 - 00016535 ____R C:\WINDOWS\SET95.tmp
2016-08-20 18:06 - 2016-08-29 19:24 - 00626291 _____ C:\WINDOWS\setuplog.txt
2016-08-19 19:28 - 2016-08-19 19:28 - 00001100 _____ C:\Malwarebytes Scan Result.txt 19 8 2016.txt
2016-08-13 14:17 - 2016-08-18 10:29 - 00001130 _____ C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.html

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 17:26 - 2008-09-19 14:29 - 00000000 ____D C:\Documents and Settings\dell owner\Local Settings\Temp
2016-09-10 17:25 - 2016-07-15 22:22 - 00000000 ____D C:\FRST
2016-09-10 17:10 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents
2016-09-10 13:11 - 2015-05-16 13:52 - 00000286 _____ C:\WINDOWS\Tasks\NUAutoUpdate.job
2016-09-10 13:11 - 2008-09-19 14:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-10 13:11 - 2005-04-12 14:21 - 00087959 _____ C:\WINDOWS\system32\nvapps.xml
2016-09-10 13:11 - 2004-08-04 11:00 - 00005176 _____ C:\WINDOWS\system32\wpa.dbl
2016-09-10 13:08 - 2008-09-19 14:27 - 00032506 _____ C:\WINDOWS\SchedLgU.Txt
2016-09-10 13:07 - 2008-09-19 14:29 - 00000178 ___SH C:\Documents and Settings\dell owner\ntuser.ini
2016-09-09 19:00 - 2015-05-16 13:52 - 00000278 _____ C:\WINDOWS\Tasks\NUSchedule.job
2016-09-09 02:44 - 2008-09-19 14:16 - 00000000 ____D C:\WINDOWS\Registration
2016-09-08 11:52 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents\My Pictures
2016-09-08 11:21 - 2008-09-19 14:56 - 00000211 ___SH C:\boot.ini
2016-09-08 11:20 - 2016-07-14 12:30 - 01941792 _____ C:\WINDOWS\ntbtlog.txt
2016-09-08 00:27 - 2008-09-19 14:29 - 00000000 ____D C:\Documents and Settings\dell owner
2016-09-07 20:37 - 2014-05-14 11:23 - 00002315 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2016-09-05 19:12 - 2012-07-19 11:43 - 00000000 ____D C:\Documents and Settings\dell owner\Local Settings\Application Data\Deployment
2016-09-01 21:35 - 2008-09-19 14:48 - 00000000 ___HD C:\WINDOWS\inf
2016-08-29 18:03 - 2008-09-19 19:19 - 00000000 ____D C:\WINDOWS\network diagnostic
2016-08-29 17:53 - 2008-09-19 14:29 - 00000000 ___RD C:\Documents and Settings\dell owner\My Documents\My Music
2016-08-29 17:52 - 2008-09-19 14:48 - 00000000 RSHDC C:\WINDOWS\system32\dllcache
2016-08-29 17:52 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Help
2016-08-29 17:48 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Media
2016-08-29 17:17 - 2008-09-19 14:55 - 17825792 _____ C:\WINDOWS\system32\config\software.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 05767168 _____ C:\WINDOWS\system32\config\system.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 00524288 _____ C:\WINDOWS\system32\config\default.sav
2016-08-29 17:17 - 2008-09-19 14:55 - 00262144 _____ C:\WINDOWS\system32\config\userdiff
2016-08-29 17:16 - 2011-11-19 19:57 - 00000000 ____D C:\WINDOWS\l2schemas
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\usmt
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\Setup
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system
2016-08-29 17:16 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\ime
2016-08-29 17:15 - 2011-11-19 19:57 - 00000000 ____D C:\WINDOWS\system32\scripting
2016-08-29 17:15 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\npp
2016-08-29 17:15 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\PeerNet
2016-08-29 17:14 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\msagent
2016-08-29 17:07 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-08-29 17:07 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\1033
2016-08-29 17:05 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\Driver Cache
2016-08-29 17:02 - 2008-09-19 14:58 - 00458340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-29 16:51 - 2015-07-16 19:25 - 00004382 _____ C:\WINDOWS\imsins.BAK
2016-08-29 16:41 - 2008-09-19 14:56 - 00000000 ___HD C:\Documents and Settings\Default User
2016-08-29 16:41 - 2008-09-19 14:21 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2016-08-29 16:41 - 2008-09-19 14:21 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2016-08-29 16:41 - 2008-09-19 14:21 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2016-08-29 16:41 - 2008-09-19 14:21 - 00001599 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00000792 _____ C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2016-08-29 16:41 - 2008-09-19 14:21 - 00000398 _____ C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
2016-08-29 16:40 - 2008-09-19 14:58 - 00004161 _____ C:\WINDOWS\ODBCINST.INI
2016-08-29 16:39 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\ias
2016-08-29 16:38 - 2008-09-19 14:48 - 00000000 ___RD C:\WINDOWS\Web
2016-08-29 16:38 - 2008-09-19 14:18 - 00000749 ___RH C:\WINDOWS\system32\nwc.cpl.manifest
2016-08-29 16:38 - 2008-09-19 14:18 - 00000749 ___RH C:\WINDOWS\system32\cdplayer.exe.manifest
2016-08-29 16:38 - 2008-09-19 14:18 - 00000488 ___RH C:\WINDOWS\system32\WindowsLogon.manifest
2016-08-29 16:37 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-29 16:37 - 2008-09-19 14:18 - 00000786 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
2016-08-29 16:37 - 2004-08-04 11:00 - 00000507 _____ C:\WINDOWS\win.ini
2016-08-29 16:36 - 2008-09-19 14:16 - 00022748 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-29 16:36 - 2008-09-19 14:14 - 00000000 ____D C:\WINDOWS\system32\Com
2016-08-29 16:34 - 2008-09-19 14:15 - 00000609 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
2016-08-29 16:34 - 2008-09-19 14:15 - 00000000 ____D C:\Program Files\Messenger
2016-08-29 16:33 - 2008-09-19 14:48 - 00000000 ____D C:\WINDOWS\security
2016-08-29 16:22 - 2004-08-04 11:00 - 00000227 _____ C:\WINDOWS\system.ini
2016-08-29 15:56 - 2008-09-19 14:56 - 00262144 _____ C:\WINDOWS\system32\config\security.sav
2016-08-29 15:29 - 2015-07-05 21:37 - 00244911 _____ C:\WINDOWS\setupapi.old
2016-08-27 22:52 - 2008-09-19 14:56 - 00000000 ____D C:\Documents and Settings
2016-08-25 02:15 - 2009-07-12 11:49 - 00000000 __SHD C:\Documents and Settings\dell owner\IETldCache
2016-08-24 19:48 - 2008-09-19 14:29 - 00000792 _____ C:\Documents and Settings\dell owner\Start Menu\Programs\Windows Media Player.lnk
2016-08-24 19:06 - 2012-07-24 12:37 - 00000178 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2016-08-24 18:45 - 2012-07-24 12:37 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Temp
2016-08-23 10:35 - 2016-08-07 11:03 - 00017204 _____ C:\Documents and Settings\dell owner\My Documents\Addresses + Telephone Numbers.odt
2016-08-22 20:09 - 2012-07-24 12:37 - 00000000 ____D C:\Documents and Settings\Administrator\My Documents
2016-08-22 20:06 - 2012-07-24 12:37 - 00000792 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Windows Media Player.lnk
2016-08-21 09:58 - 2016-08-10 09:52 - 00001475 _____ C:\Documents and Settings\dell owner\Desktop\Windows Explorer.lnk
2016-08-20 20:39 - 2008-09-19 17:36 - 00019856 _____ C:\Documents and Settings\dell owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2016-08-20 19:08 - 2008-09-19 14:56 - 00122136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-20 18:54 - 2008-09-19 21:11 - 00000000 ____D C:\Documents and Settings\Default User\My Documents\My Pictures
2016-08-20 18:54 - 2008-09-19 14:18 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-19 17:39 - 2014-06-30 00:31 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2016-08-13 14:26 - 2016-03-07 20:02 - 00019144 _____ C:\Documents and Settings\dell owner\My Documents\DWP Form Sent 7th March 2016.odt

==================== Files in the root of some directories =======

2016-06-25 11:31 - 2016-06-25 11:43 - 6871040 _____ () C:\Program Files\GUT9.tmp
2016-06-25 11:43 - 2016-06-25 11:43 - 6871040 _____ () C:\Program Files\GUTB.tmp
2016-06-25 11:43 - 2016-06-25 11:58 - 6871040 _____ () C:\Program Files\GUTD.tmp
2012-07-12 12:10 - 2012-07-12 12:10 - 0033758 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\dt.dat
2016-08-13 14:17 - 2016-08-18 10:29 - 0001130 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.html
2016-08-18 09:07 - 2016-08-18 09:09 - 0053871 _____ () C:\Documents and Settings\dell owner\Local Settings\Application Data\FASTWiz.log
2014-04-16 15:00 - 2014-04-16 15:00 - 0044991 _____ () C:\Documents and Settings\All Users\Application Data\1397656736.bdinstall.bin
2012-07-18 20:18 - 2012-07-18 20:18 - 0000694 _____ () C:\Documents and Settings\All Users\Application Data\SMRResults300.dat

Some files in TEMP:
====================
C:\Documents and Settings\dell owner\Local Settings\Temp\sfamcc00001.dll
C:\Documents and Settings\dell owner\Local Settings\Temp\sfextra.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by dell owner (10-09-2016 17:28:04)
Running from C:\Documents and Settings\dell owner\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) (2016-08-29 15:50:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-725345543-839522115-1202660629-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
dell owner (S-1-5-21-725345543-839522115-1202660629-1004 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\dell owner
Guest (S-1-5-21-725345543-839522115-1202660629-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-725345543-839522115-1202660629-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-725345543-839522115-1202660629-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
CryptoPrevent v5.2.2 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
Intel Ultra ATA Storage Driver (HKLM\...\{9984DF60-1C5B-11D3-ACA1-908A4FC10801}) (Version:  - )
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
K-Meleon 75.0 (x86 en-US) (HKLM\...\K-Meleon 75.0 (x86 en-US)) (Version: 75.0 - kmeleonbrowser.org)
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.10.9 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 24.8.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 24.8.1 (x86 en-GB)) (Version: 24.8.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.2.0.5996 - Mozilla)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OpenOffice 4.1.0 (HKLM\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Process Hacker 2.36 (r6153) (HKLM\...\Process_Hacker2_is1) (Version: 2.36.0.6153 - wj32)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
VS10RuntimeWin32 (Version: 1.0.0 - immunet) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\NUSchedule.job => C:\Program Files\Symantec\Norton Utilities 16\nu.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2006-10-22 12:22 - 2006-10-22 12:22 - 00212992 _____ () C:\WINDOWS\system32\nvapi.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\wpa.bak:SummaryInformation [43]
AlternateDataStreams: C:\WINDOWS\system32\wpa.bak:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\WINDOWS\system32\wpa.dbl:SummaryInformation [43]
AlternateDataStreams: C:\WINDOWS\system32\wpa.dbl:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:792D4CF1 [129]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_15f32646-822a-4d46-a6e1-97b2fbea73e8 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 11:00 - 2016-05-25 18:32 - 00000019 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-725345543-839522115-1202660629-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1 - 0.0.0.0
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^dell owner^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\WINDOWS\pss\OpenOffice.org 3.0.lnkStartup
MSCONFIG\startupfolder: C:^Documents and Settings^dell owner^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\WINDOWS\pss\OpenOffice.org 3.3.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\WINDOWS\network diagnostic\xpnetdiag.exe] => Enabled:Network Diagnostic for Windows XP
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\usmt\migwiz.exe] => Enabled:Files and Settings Transfer Wizard
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\mmc.exe] => Disabled:Microsoft Management Console

==================== Restore Points =========================

29-08-2016 16:59:49 System Checkpoint
29-08-2016 17:47:51 Installed Windows Internet Explorer 8.
31-08-2016 10:32:53 System Checkpoint
02-09-2016 16:25:16 System Checkpoint
04-09-2016 18:58:53 System Checkpoint
07-09-2016 20:03:29 Removed User Profile Hive Cleanup Service
10-09-2016 17:20:28 FRST fix

==================== Faulty Device Manager Devices =============

Name: Unsupported Device
Description: Unsupported Device
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer: Unknown
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/06/2016 09:32:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/29/2016 12:09:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/29/2016 12:09:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/27/2016 12:58:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 12:58:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:17:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:17:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:11:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/27/2016 03:11:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ieframe.dll, version 8.0.6001.18702, fault address 0x0009656c.
Processing media-specific event for [iexplore.exe!ws!]

Error: (08/26/2016 09:59:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application taskmgr.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (09/10/2016 01:11:29 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/10/2016 01:11:29 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/10/2016 10:04:40 AM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/10/2016 10:04:40 AM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 09:03:30 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 09:03:30 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 04:47:25 PM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 04:47:25 PM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/09/2016 09:50:05 AM) (Source: 0) (EventID: 4) (User: )
Description: Event-ID 4

Error: (09/09/2016 09:50:05 AM) (Source: 0) (EventID: 5) (User: )
Description: Event-ID 5


==================== Memory info ===========================

Processor:  Intel® Pentium® 4 CPU 1400MHz
Percentage of memory in use: 66%
Total physical RAM: 255.07 MB
Available physical RAM: 85.64 MB
Total Virtual: 1001.79 MB
Available Virtual: 829.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.26 GB) (Free:25.97 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37.3 GB) (Disk ID: EA1AA9C7)
Partition 1: (Active) - (Size=37.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 


Edited by scarlet.rose, 10 September 2016 - 11:19 AM.

  • 0

#164
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Attached File  fixlist.txt   2.35KB   24 downloads

 

Above should take care of the norton stuff and some of the Chrome.  Seems like FRST always finds some Chrome stuff.

 

 


  • 1

#165
scarlet.rose

scarlet.rose

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 270 posts

"Seems like FRST always finds some Chrome stuff."

 

Does it....it's an impressive tool......when in the hands of an expert.

 

Norton and McAfee remnants gone. Haven't got round to checking Chrome ones.

 

New Avast antivirus successfully installed, this version was only recently released (19/8/2016), Avast Team told me it works flawlessly with XP SP3.

 

Really appreciate you sorting that for me, was obviously concerned about having no antivirus installed.

 

Regarding "The 8100 model has one active USB port during boot up that can be used when updating the BIOS.  That port is on the rear of the system and would be the one on the upper right."

http://en.community....3514/t/18098152

Don't understand......does that mean I might be able to use a bootable USB Flash drive despite it not being listed in the boot sequence? Should I try or just buy a CD?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP