Logfile of HijackThis v1.99.1
Scan saved at 12:31:15 PM, on 8/22/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.18702)
Running processes:
C:\WINDOWS.2\System32\smss.exe
C:\WINDOWS.2\system32\winlogon.exe
C:\WINDOWS.2\system32\services.exe
C:\WINDOWS.2\system32\lsass.exe
C:\WINDOWS.2\system32\svchost.exe
C:\WINDOWS.2\system32\svchost.exe
C:\WINDOWS.2\system32\svchost.exe
C:\WINDOWS.2\Explorer.EXE
C:\WINDOWS.2\system32\WgaTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchamo...t=webs&bar=true
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - J:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Advanced SystemCare 7] "J:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS.2\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS.2\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS.2\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DVDUpgrade] DVDUpgrd.exe /async
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS.2\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Gary\Application Data\uTorrent\uTorrent.exe" /MINIMIZED
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International
O11 - Options group: [TABS] Tabbed Browsing
O15 - Trusted Zone: *.dell.com
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.updat...b?1357766330484
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1345050966000
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1354223487671
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: AutorunsDisabled - C:\WINDOWS.2\
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS.2\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.2\system32\WPDShServiceObj.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS.2\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - J:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.2\system32\Ati2evxx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: GSService - Unknown owner - C:\WINDOWS.2\system32\GSService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: KMService - Unknown owner - C:\WINDOWS.2\system32\srvany.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
O23 - Service: Kodak AiO Status Monitor Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - J:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - J:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS.2\system32\NLSSRV32.EXE
O23 - Service: NMSAccess - Unknown owner - J:\Program Files\Blaze Media Pro\NMSAccess32.exe" (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SMServer - SMServer - C:\WINDOWS.2\system32\snmvtsvc.exe
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Slowed to a Stand-still [Solved]
-
This topic is locked
#1
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 22 August 2014 - 02:30 PM
Register to Remove
#2
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 22 August 2014 - 03:49 PM
Lets go over a few things, this is just for your information. I guess you know by now that windows xp has been retired so to speak, Microsoft dropped all support for XP, it has gone the way of Windows 95/98. What this means is that your computer will still work, but you no longer get windows updates that patch serious security holes in your system to keep the bad guys from infecting you. A lot of the other malware removal forums have dropped helping people with XP, the reason being is that with an unpatched system once your cleaned up its just a matter or time before you get reinfected. The second reason as that as Operating Systems advance, so do the tools we use to remove malware and right now some tools we used to use have not been updated for XP. This forum still helps with XP but with one condition, if we clean you up and you come back in the future infected again no help will be offered. This sounds harsh and I dont mean it to be, just looking out for you, with XP , even when your clean I would not go online and do any online banking or purchases from sites using a credit card.
Hijackthis is not used much anymore, its real outdated and does not tell us to much
I see on your log your using the torrents, using a file sharing program on an unpatched system is a recipe for disaster.
If we proceed with the cleaning, you will have to remove uTorrent
Also Advanced SystemCare 7, Iobit
Please download aswMBR to your desktop.- Double click the aswMBR icon to run it.
- Click the Scan button to start scan.
- If you are asked to update the Avast Virus database please allow it to do so.
- When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Please make sure All Users is checked
- Do not check
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please copy and paste log back here.
- The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#3
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 25 August 2014 - 06:19 AM
Still with me ? Are you having problems running the scans ?
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#4
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 25 August 2014 - 12:22 PM
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-25 06:31:48
-----------------------------
06:31:48.062 OS Version: Windows 5.1.2600 Service Pack 3
06:31:48.062 Number of processors: 1 586 0x207
06:31:48.062 ComputerName: BEDROOM UserName: Gary
06:31:53.890 Initialize success
06:31:54.078 VM: driver load error: 2
06:38:11.218 AVAST engine defs: 14082500
06:38:41.703 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
06:38:41.765 Disk 0 Vendor: ST3500830A 3.AAE Size: 476940MB BusType: 3
06:38:41.796 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
06:38:41.828 Disk 1 Vendor: ST3500630A 3.AAF Size: 476940MB BusType: 3
06:38:41.859 Disk 2 \Device\Harddisk2\DR2 -> \Device\Scsi\viamraid1Port2Path0Target0Lun0
06:38:41.906 Disk 2 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
06:38:41.937 Disk 3 \Device\Harddisk3\DR3 -> \Device\Scsi\viamraid1Port2Path0Target2Lun0
06:38:41.984 Disk 3 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
06:38:42.312 Disk 0 MBR read successfully
06:38:42.359 Disk 0 MBR scan
06:38:42.593 Disk 0 Windows XP default MBR code
06:38:42.656 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 190732 MB offset 63
06:38:42.828 Disk 0 default boot code
06:38:42.968 Disk 0 Partition - 00 0F Extended LBA 286204 MB offset 390620475
06:38:43.109 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 48634 MB offset 390620538
06:38:43.234 Disk 0 Partition - 00 05 Extended 237562 MB offset 490223475
06:38:43.375 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 237562 MB offset 490223538
06:38:43.546 Disk 0 scanning sectors +976768065
06:38:43.906 Disk 0 scanning C:\WINDOWS.2\system32\drivers
06:39:29.921 Service scanning
06:41:09.218 Modules scanning
06:41:31.921 Disk 0 trace - called modules:
06:41:32.062 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll
06:41:32.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f7ca98]
06:41:32.312 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x85b5db00]
06:41:37.640 AVAST engine scan C:\WINDOWS.2
06:41:51.062 AVAST engine scan C:\WINDOWS.2\system32
07:00:16.656 AVAST engine scan C:\WINDOWS.2\system32\drivers
07:01:18.562 AVAST engine scan C:\Documents and Settings\Gary
08:49:34.125 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS.2
10:31:32.531 Scan finished successfully
10:31:56.343 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gary\Desktop\MBR.dat"
10:31:56.390 The log file has been saved successfully to "C:\Documents and Settings\Gary\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03
Ran by Gary (administrator) on BEDROOM on 25-08-2014 10:36:27
Running from C:\Documents and Settings\Gary\Desktop
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS.2\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\services.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\lsass.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\WgaTray.exe
(Microsoft Corporation) C:\WINDOWS.2\explorer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Advanced SystemCare 7] => "J:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2510848 2011-06-16] (Eastman Kodak Company)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS.2\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS.2\ime\imkr6_1\IMEKRMIG.EXE [44032 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS.2\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [BCMSMMSG] => C:\WINDOWS.2\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [DVDUpgrade] => DVDUpgrd.exe /async
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM\...\Run: [PowerDVD10.exe] => J:\Program Files\PowerDVD10\PowerDVD10.exe [4009592 2013-02-22] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] => J:\Program Files\PowerDirector10\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [IsoViewer.exe] => J:\Program Files\Power2Go\IsoViewer.exe [1815512 2013-03-27] (CyberLink Corp.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS.2\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] logonui.exe [x ] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS.2\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS.2\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS.2\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS.2\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS.2\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS.2\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS.2\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\WgaLogon: C:\WINDOWS.2\system32\WgaLogon.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\WINDOWS.2\system32\tscupgrd.exe [44544 2006-02-28] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
SearchScopes: HKLM - {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL =
SearchScopes: HKCU - DefaultScope {C060ED26-FF9B-4A56-8CC4-1C298C1D29DB} URL = http://search.condui...0431446912&UM=2
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {52E2D971-34A9-49E7-88F6-078B653A9C12} URL = http://search.yahoo....rtPage?}&fr=ie8
SearchScopes: HKCU - {C060ED26-FF9B-4A56-8CC4-1C298C1D29DB} URL = http://search.condui...0431446912&UM=2
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> J:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> J:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS.2\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - J:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1357766330484
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS.2\system32\mshtml.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS.2\system32\wiascr.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS.2\system32\shell32.dll [8463872 2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984
FF SelectedSearchEngine: Google
FF Homepage: https://mail.google....mail/u/0/#inbox
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS.2\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> J:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\user.js
FF user.js: detected! => C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npitunes.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\searchplugins\duckduckgo.xml
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\extensions [2012-06-06]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\foxmarks@kei.com [2012-11-02]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\searchplugins [2013-10-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012-10-07]
FF Extension: CleanPrint - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\cleanprint@formatdynamics.com.xpi [2012-11-13]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\ascsurfingprotection@iobit.com [2014-05-22]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\foxmarks@kei.com [2011-07-16]
FF Extension: AD Block - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\searchads@instair.net [2014-03-01]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\staged [2012-06-06]
FF Extension: LastPass - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\support@lastpass.com [2011-08-16]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-05-21]
FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-08-09]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-07-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-07]
Chrome:
=======
CHR RestoreOnStartup: "https://search.yahoo...=spigot-yhp-ch"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\10.0.648.133\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gears.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npitunes.dll ()
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Documents and Settings\Gary\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-22]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-26]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-03-12]
CHR Extension: (Web Enhancements) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhhjhpmajehomfpogoncjnhlannmkcgb [2011-03-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-12-23]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 123MediaStreamer; J:\Program Files\123CopyDVDPlatinum 2012\MediaStreamerService.exe [47616 2013-04-17] (Microsoft) [File not signed]
S2 6to4; C:\WINDOWS.2\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS.2\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-07-09] (Adobe Systems Incorporated)
S4 Alerter; C:\WINDOWS.2\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
S3 ALG; C:\WINDOWS.2\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINDOWS.2\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
S2 Ati HotKey Poller; C:\WINDOWS.2\system32\Ati2evxx.exe [602112 2013-10-24] (ATI Technologies Inc.) [File not signed]
S2 AudioSrv; C:\WINDOWS.2\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
S2 BITS; C:\WINDOWS.2\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS.2\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S4 CiSvc; C:\WINDOWS.2\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS.2\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S2 CLKMSVC10_447BEDDB; J:\Program Files\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-03-08] (CyberLink)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS.2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS.2\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS.2\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS.2\System32\dhcpcsvc.dll [126976 2008-06-03] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS.2\System32\dmadmin.exe [224768 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS.2\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS.2\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS.2\System32\dot3svc.dll [132096 2009-01-20] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS.2\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 ERSvc; C:\WINDOWS.2\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S3 EventSystem; C:\WINDOWS.2\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
S3 FastUserSwitchingCompatibility; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S2 Fax; C:\WINDOWS.2\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [443224 2014-05-15] (Garmin Ltd or its subsidiaries)
S3 GSService; C:\WINDOWS.2\system32\GSService.exe [380928 2010-11-18] () [File not signed]
S3 helpsvc; C:\WINDOWS.2\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S2 HidServ; C:\WINDOWS.2\System32\hidserv.dll [21504 2014-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS.2\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS.2\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S2 IISADMIN; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS.2\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
S2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
S2 KMService; C:\WINDOWS.2\system32\srvany.exe [8192 2013-09-14] () [File not signed]
S2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
S2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
R2 LanmanServer; C:\WINDOWS.2\System32\srvsvc.dll [99840 2010-08-26] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS.2\System32\wkssvc.dll [134144 2009-06-09] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LmHosts; C:\WINDOWS.2\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 LPDSVC; C:\WINDOWS.2\system32\tcpsvcs.exe [19456 2008-04-14] (Microsoft Corporation)
S2 MBAMScheduler; J:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; J:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS.2\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS.2\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS.2\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS.2\System32\msiexec.exe [95744 2008-05-18] (Microsoft Corporation)
S3 napagent; C:\WINDOWS.2\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 Netlogon; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS.2\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
S3 NitroDriverReadSpool2; C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [184840 2012-07-25] (Nitro PDF Software)
S3 Nla; C:\WINDOWS.2\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 nlsX86cc; C:\WINDOWS.2\system32\NLSSRV32.EXE [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
S3 NMSAccess; J:\Program Files\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S3 NtLmSsp; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 NtmsSvc; C:\WINDOWS.2\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S2 PolicyAgent; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 ProtectedStorage; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS.2\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
S3 RasMan; C:\WINDOWS.2\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S4 RDSessMgr; C:\WINDOWS.2\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [5857128 2014-07-28] (Reimage®)
S4 RemoteAccess; C:\WINDOWS.2\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS.2\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254512 2013-05-08] ()
S3 RpcLocator; C:\WINDOWS.2\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS.2\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S4 RSVP; C:\WINDOWS.2\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
S2 SamSs; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS.2\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
S2 Schedule; C:\WINDOWS.2\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
S2 seclogon; C:\WINDOWS.2\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
S2 SENS; C:\WINDOWS.2\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS.2\System32\ipnathlp.dll [330752 2013-09-25] (Microsoft Corporation)
S2 ShellHWDetection; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 SMServer; C:\WINDOWS.2\system32\snmvtsvc.exe [245760 2010-11-18] (SMServer) [File not signed]
S2 SMTPSVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 SNMP; C:\WINDOWS.2\System32\snmp.exe [33280 2008-04-14] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS.2\System32\snmptrap.exe [8704 2008-04-14] (Microsoft Corporation)
S2 Spooler; C:\WINDOWS.2\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS.2\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
S3 SSDPSRV; C:\WINDOWS.2\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S2 stisvc; C:\WINDOWS.2\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS.2\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS.2\System32\tapisrv.dll [249856 2008-08-06] (Microsoft Corporation)
R2 TermService; C:\WINDOWS.2\System32\termsrv.dll [296960 2009-05-18] (Microsoft Corporation)
S2 Themes; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS.2\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation)
S3 TrkWks; C:\WINDOWS.2\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS.2\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS.2\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS.2\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
S2 W32Time; C:\WINDOWS.2\system32\w32time.dll [175616 2008-07-04] (Microsoft Corporation)
S2 W3SVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S4 WebClient; C:\WINDOWS.2\System32\webclnt.dll [68096 2010-11-18] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS.2\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS.2\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS.2\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS.2\System32\advapi32.dll [618496 2013-04-22] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS.2\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
S2 wscsvc; C:\WINDOWS.2\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
S2 WSearch; C:\WINDOWS.2\system32\SearchIndexer.exe [439808 2008-05-26] (Microsoft Corporation)
S2 wuauserv; C:\WINDOWS.2\system32\wuauserv.dll [23064 2012-06-02] (Microsoft Corporation)
R2 WudfSvc; C:\WINDOWS.2\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS.2\System32\wzcsvc.dll [483328 2014-07-13] (Microsoft Corporation)
S4 xmlprov; C:\WINDOWS.2\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\WINDOWS.2\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R0 ACPI; C:\WINDOWS.2\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS.2\system32\Drivers\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation)
S3 aeaudio; C:\WINDOWS.2\System32\drivers\aeaudio.sys [4816 2002-04-01] (Andrea Electronics Corporation)
S3 aec; C:\WINDOWS.2\System32\drivers\aec.sys [142592 2014-07-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS.2\System32\drivers\afd.sys [138496 2014-05-28] (Microsoft Corporation)
R0 agp440; C:\WINDOWS.2\System32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation)
S3 anvsnddrv; C:\WINDOWS.2\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
S3 Apowersoft_AudioDevice; C:\WINDOWS.2\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare) [File not signed]
S3 AsyncMac; C:\WINDOWS.2\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS.2\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 ati2mtag; C:\WINDOWS.2\System32\DRIVERS\ati2mtag.sys [3565056 2013-10-24] (ATI Technologies Inc.) [File not signed]
S3 Atmarpc; C:\WINDOWS.2\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
S3 audstub; C:\WINDOWS.2\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
S3 BCMModem; C:\WINDOWS.2\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R1 Beep; C:\WINDOWS.2\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
S3 BVRPMPR5; C:\WINDOWS.2\system32\drivers\BVRPMPR5.SYS [49904 2009-08-19] (Avanquest Software) [File not signed]
S4 cbidf2k; C:\WINDOWS.2\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS.2\system32\Drivers\Cdaudio.sys [18688 2014-07-13] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS.2\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS.2\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation)
R1 CLBStor; C:\WINDOWS.2\system32\Drivers\CLBStor.sys [15784 2009-10-07] (Cyberlink Co.,Ltd.)
S2 CLBUDF; C:\WINDOWS.2\system32\Drivers\CLBUDF.sys [163368 2009-10-07] (CyberLink Corporation.)
S3 DbusAudio; C:\WINDOWS.2\System32\drivers\DbusAudio.sys [23608 2010-11-18] (Windows ® Codename Longhorn DDK provider) [File not signed]
R3 dc3d; C:\WINDOWS.2\System32\DRIVERS\dc3d.sys [45288 2011-08-10] (Microsoft Corporation)
R0 Disk; C:\WINDOWS.2\System32\DRIVERS\disk.sys [36352 2008-05-07] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS.2\System32\drivers\dmboot.sys [799744 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS.2\System32\DRIVERS\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINDOWS.2\system32\Drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 dmodusb; C:\WINDOWS.2\System32\DRIVERS\dmodusb.sys [26240 2009-05-11] (Windows ® Codename Longhorn DDK provider)
S3 DMusic; C:\WINDOWS.2\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS.2\System32\drivers\drmkaud.sys [2944 2014-07-13] (Microsoft Corporation)
R3 E100B; C:\WINDOWS.2\System32\DRIVERS\e100b325.sys [165496 2007-11-16] (Intel Corporation)
S4 exFat; C:\WINDOWS.2\system32\Drivers\exFat.sys [133632 2008-09-29] (Microsoft Corporation)
S4 Fastfat; C:\WINDOWS.2\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
R3 Fdc; C:\WINDOWS.2\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [247968 2013-03-23] (IObit)
S1 Fips; C:\WINDOWS.2\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S3 Flpydisk; C:\WINDOWS.2\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS.2\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS.2\system32\Drivers\Fs_Rec.sys [9216 2008-09-29] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS.2\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS.2\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
S3 hcdriver; C:\WINDOWS.2\System32\DRIVERS\hcdriver.sys [50688 2012-01-27] (Intel Corporation) [File not signed]
R3 HidUsb; C:\WINDOWS.2\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
S3 hitmanpro36; C:\WINDOWS.2\system32\drivers\hitmanpro36.sys [27424 2013-01-08] ()
S3 HTTP; C:\WINDOWS.2\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
S1 i8042prt; C:\WINDOWS.2\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation)
R0 IdeBusDr; C:\WINDOWS.2\System32\DRIVERS\IdeBusDr.sys [13891 2002-10-15] (Intel Corporation)
R0 IdeChnDr; C:\WINDOWS.2\System32\DRIVERS\IdeChnDr.sys [101431 2002-10-15] (Intel Corporation)
R1 Imapi; C:\WINDOWS.2\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S0 IntelIde; C:\WINDOWS.2\system32\Drivers\IntelIde.sys [5504 2008-04-14] (Microsoft Corporation)
S1 intelppm; C:\WINDOWS.2\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation)
R3 Ip6Fw; C:\WINDOWS.2\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS.2\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS.2\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS.2\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS.2\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS.2\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS.2\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS.2\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS.2\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINDOWS.2\System32\drivers\kmixer.sys [172416 2014-07-13] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS.2\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
S3 LHidFilt; C:\WINDOWS.2\System32\DRIVERS\LHidFilt.Sys [35344 2008-02-29] (Logitech, Inc.)
S3 LMouFilt; C:\WINDOWS.2\System32\DRIVERS\LMouFilt.Sys [36880 2008-02-29] (Logitech, Inc.)
S0 LPCFilter; C:\WINDOWS.2\System32\DRIVERS\LPCFilter.sys [28464 2011-12-29] (COMPAL ELECTRONIC INC.)
R0 mbamchameleon; C:\WINDOWS.2\System32\drivers\mbamchameleon.sys [53208 2014-05-12] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS.2\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\WINDOWS.2\system32\1C.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]
S1 mnmdd; C:\WINDOWS.2\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS.2\system32\Drivers\Modem.sys [30080 2014-07-13] (Microsoft Corporation)
S3 MODEMCSA; C:\WINDOWS.2\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation)
R1 Mouclass; C:\WINDOWS.2\System32\DRIVERS\mouclass.sys [23040 2014-07-13] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS.2\System32\DRIVERS\mouhid.sys [12160 2014-07-13] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS.2\system32\Drivers\MountMgr.sys [42752 2009-05-18] (Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS.2\System32\DRIVERS\mrxdav.sys [180096 2010-06-30] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS.2\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS.2\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS.2\System32\drivers\MSKSSRV.sys [7552 2014-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS.2\System32\drivers\MSPCLOCK.sys [5376 2014-07-13] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS.2\System32\drivers\MSPQM.sys [4992 2014-07-13] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS.2\System32\DRIVERS\mssmbios.sys [15488 2014-07-13] (Microsoft Corporation)
R0 Mup; C:\WINDOWS.2\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS.2\system32\Drivers\mv61xxmm.sys [14184 2014-07-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS.2\system32\Drivers\mv64xxmm.sys [5632 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS.2\system32\Drivers\mvxxmm.sys [6656 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
S0 MxEFUF; C:\WINDOWS.2\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
R0 NDIS; C:\WINDOWS.2\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS.2\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS.2\System32\DRIVERS\ndisuio.sys [14592 2014-07-13] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS.2\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS.2\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS.2\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS.2\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
S2 NPF; C:\WINDOWS.2\system32\drivers\npf.sys [35088 2012-12-15] (CACE Technologies, Inc.)
R1 Npfs; C:\WINDOWS.2\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS.2\system32\Drivers\Ntfs.sys [576384 2008-11-18] (Microsoft Corporation)
R1 Null; C:\WINDOWS.2\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS.2\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS.2\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R1 omci; C:\WINDOWS.2\System32\DRIVERS\omci.sys [17153 2002-10-15] (Dell Computer Corporation) [File not signed]
S3 Parport; C:\WINDOWS.2\System32\DRIVERS\parport.sys [80128 2014-07-13] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS.2\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS.2\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINDOWS.2\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS.2\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
S3 pcouffin; C:\WINDOWS.2\System32\Drivers\pcouffin.sys [47360 2014-03-15] (VSO Software) [File not signed]
S2 PfFilter; J:\Program Files\IObit\Protected Folder\pffilter.sys [141016 2012-11-23] (IObit Information Technology)
R3 Point32; C:\WINDOWS.2\System32\DRIVERS\point32.sys [40936 2011-08-01] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS.2\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS.2\System32\DRIVERS\psched.sys [70272 2009-07-18] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS.2\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS.2\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS.2\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS.2\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS.2\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS.2\System32\DRIVERS\rdbss.sys [174848 2008-07-18] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS.2\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
R3 rdpdr; C:\WINDOWS.2\System32\DRIVERS\rdpdr.sys [195712 2009-09-04] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS.2\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS.2\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys [31776 2013-11-19] (IObit.com)
R1 SBRE; C:\WINDOWS.2\system32\drivers\SBREdrv.sys [101112 2012-01-12] (GFI Software)
S1 SCDEmu; C:\WINDOWS.2\system32\Drivers\SCDEmu.sys [56572 2008-11-02] (PowerISO Computing, Inc.) [File not signed]
S3 Secdrv; C:\WINDOWS.2\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 serenum; C:\WINDOWS.2\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
S1 Serial; C:\WINDOWS.2\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS.2\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS.2\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit)
R3 smbusp; C:\WINDOWS.2\System32\DRIVERS\intelsmb.sys [22528 2010-06-10] (Intel Corporation)
S3 smwdm; C:\WINDOWS.2\System32\drivers\smwdm.sys [539008 2002-12-19] (Analog Devices, Inc.)
S3 SONYPVU1; C:\WINDOWS.2\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 splitter; C:\WINDOWS.2\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 Sr; C:\WINDOWS.2\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINDOWS.2\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
S3 STAC97; C:\WINDOWS.2\System32\drivers\STAC97.sys [273296 2005-04-14] (SigmaTel, Inc.) [File not signed]
R3 swenum; C:\WINDOWS.2\System32\DRIVERS\swenum.sys [4352 2014-07-13] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS.2\System32\drivers\swmidi.sys [56576 2014-07-13] (Microsoft Corporation)
S3 sysaudio; C:\WINDOWS.2\System32\drivers\sysaudio.sys [60800 2014-07-13] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS.2\System32\DRIVERS\tcpip.sys [361600 2014-07-13] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS.2\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS.2\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS.2\system32\Drivers\TDTCP.sys [22024 2009-03-02] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS.2\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
R3 tunmp; C:\WINDOWS.2\System32\DRIVERS\tunmp.sys [12288 2014-07-13] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS.2\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
S3 udsstub; C:\WINDOWS.2\System32\DRIVERS\udsstub.sys [16000 2012-06-18] (SysNucleus) [File not signed]
R3 Update; C:\WINDOWS.2\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys [17360 2013-11-19] (IObit.com)
S3 usbaudio; C:\WINDOWS.2\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS.2\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS.2\System32\DRIVERS\usbehci.sys [30464 2013-03-06] (Microsoft Corporation)
R3 usbhub; C:\WINDOWS.2\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINDOWS.2\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation)
S3 usbscan; C:\WINDOWS.2\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation)
R3 usbstor; C:\WINDOWS.2\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINDOWS.2\System32\DRIVERS\usbuhci.sys [20736 2013-03-06] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS.2\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 viamraid; C:\WINDOWS.2\System32\DRIVERS\viamraid.sys [116608 2013-10-24] (VIA Technologies inc,.ltd)
S3 VIAudio; C:\WINDOWS.2\System32\drivers\vinyl97.sys [207488 2014-04-25] (VIA Technologies, Inc.)
R0 VolSnap; C:\WINDOWS.2\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
S3 Wanarp; C:\WINDOWS.2\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS.2\System32\DRIVERS\Wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
S3 wdmaud; C:\WINDOWS.2\System32\drivers\wdmaud.sys [83072 2014-07-13] (Microsoft Corporation)
S3 WinDriver6; C:\WINDOWS.2\System32\drivers\windrvr6.sys [195968 2011-06-20] (Jungo) [File not signed]
S3 WpdUsb; C:\WINDOWS.2\System32\DRIVERS\wpdusb.sys [38528 2009-01-30] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS.2\System32\drivers\ws2ifsl.sys [12032 2008-04-14] (Microsoft Corporation)
S3 WsAudio_DeviceS(1); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(1).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(2); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(2).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(3); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(3).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(4); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(4).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(5); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(5).sys [25704 2009-12-04] (Wondershare)
R0 WudfPf; C:\WINDOWS.2\System32\DRIVERS\WudfPf.sys [91904 2009-07-13] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS.2\System32\DRIVERS\wudfrd.sys [132224 2009-07-13] (Microsoft Corporation)
S2 XilinxPC4Driver; C:\WINDOWS.2\System32\drivers\xpc4drvr.sys [16000 2005-11-16] (Xilinx, Inc.) [File not signed]
S3 ZD1211BU(ZyDAS); C:\WINDOWS.2\System32\DRIVERS\zd1211Bu.sys [477696 2006-08-24] (ZyDAS Technology Corporation)
S4 Aspi32; System32\drivers\aspi32.sys [X]
S4 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S4 DbusVideo; system32\DRIVERS\DbusVideo.sys [X]
S4 eqjjgu; System32\drivers\lmwtiq.sys [X]
S4 L8042Kbd; system32\DRIVERS\L8042Kbd.sys [X]
S4 L8042mou; system32\DRIVERS\L8042mou.Sys [X]
S4 LMouKE; system32\DRIVERS\LMouKE.Sys [X]
S4 MCSTRM; No ImagePath
S4 MFE_RR; No ImagePath
S4 qyknl; System32\drivers\qwsvmq.sys [X]
S4 rckxrvet; System32\drivers\khbmtx.sys [X]
U5 ScsiPort; C:\WINDOWS.2\system32\drivers\scsiport.sys [96384 2011-01-27] (Microsoft Corporation)
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
U2 WinDefend; No ImagePath
U3 aswMBR; \??\C:\DOCUME~1\Gary\LOCALS~1\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\DOCUME~1\Gary\LOCALS~1\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 10:36 - 2014-08-25 10:44 - 00054600 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00002778 _____ () C:\Documents and Settings\Gary\Desktop\aswMBR.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00000512 _____ () C:\Documents and Settings\Gary\Desktop\MBR.dat
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:25 - 2014-08-25 06:26 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-24 11:38 - 2014-08-24 14:12 - 00000648 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-23 09:50 - 2014-08-25 10:36 - 00000000 ____D () C:\FRST
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1C.tmp
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1B.tmp
2014-08-22 12:10 - 2014-08-22 12:39 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 12:04 - 2014-08-22 12:04 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Tuneup Pro
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\4.tmp
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\3.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\2.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1.tmp
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-21 23:42 - 2014-08-24 15:41 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-21 23:42 - 2014-08-24 15:41 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:38 - 2014-08-24 20:03 - 00300053 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:10 - 2010-06-02 01:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_5.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_4.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_7.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_5.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\Xactengine3_5.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dcsx_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx11_42.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00069448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_3.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_6.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_41.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_2.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_5.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_40.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_40.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_2.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_1.dll
2014-08-21 19:10 - 2008-07-31 07:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_2.dll
2014-08-21 19:10 - 2008-07-10 08:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_39.dll
2014-08-21 19:10 - 2006-11-29 10:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10.dll
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:02 - 2014-05-30 15:09 - 06024704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\mshtml.dll
2014-08-21 19:02 - 2014-05-30 15:09 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetcpl.cpl
2014-08-21 19:02 - 2014-05-30 15:09 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\occache.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\webcheck.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\msrating.dll
2014-08-21 19:02 - 2009-03-07 13:32 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inseng.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\pngfilt.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\imgutil.dll
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:57 - 2008-04-14 05:00 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\adsiis.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iisext.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismap.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\convlog.exe
2014-08-21 18:57 - 2008-04-14 05:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admwprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00038576 _____ () C:\WINDOWS.2\system32\w3ctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetsloc.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\exstrace.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00011435 _____ () C:\WINDOWS.2\system32\infoctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\smtpapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\aspperf.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010225 _____ () C:\WINDOWS.2\system32\axperf.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\rwnh.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\infoctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\staxmem.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\wamregps.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admxprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3svapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005379 _____ () C:\WINDOWS.2\system32\w3ctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3ctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismui.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003276 _____ () C:\WINDOWS.2\system32\infoctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00002024 _____ () C:\WINDOWS.2\system32\axctrnm.h
2014-08-21 18:15 - 2008-04-14 05:00 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\TINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\PINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\CINTLGNT.IME
2014-08-21 18:14 - 2008-04-14 05:00 - 00016254 _____ () C:\WINDOWS.2\system32\PINTLPAE.HLP
2014-08-21 18:14 - 2008-04-14 05:00 - 00014821 _____ () C:\WINDOWS.2\system32\PINTLPAD.HLP
2014-08-21 18:13 - 2008-04-14 05:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS.2\system32\spxcoins.dll
2014-08-21 18:13 - 2008-04-14 05:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\irclass.dll
2014-08-21 18:11 - 2014-07-13 14:24 - 00000630 _____ () C:\DPsFnshr.ini
2014-08-21 18:11 - 2011-09-12 00:07 - 00322985 _____ () C:\DPsFnshr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00279585 _____ () C:\DSPdsblr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00269955 _____ () C:\pmtimer.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00137728 _____ () C:\mute.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00055808 _____ (Microsoft Corporation) C:\devcon.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00020992 _____ () C:\makePNF.exe
2014-08-21 18:10 - 2014-07-11 08:17 - 00046192 _____ () C:\DriverPack_WLAN_wnt5_x86-32.ini
2014-08-21 18:10 - 2014-05-17 08:39 - 00169702 _____ () C:\DriverPack_MassStorage_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-06-04 07:48 - 00004173 _____ () C:\DriverPack_LAN_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-04-01 05:15 - 00000000 ____D () C:\D
2014-08-21 18:09 - 2010-05-29 04:57 - 00000458 _____ () C:\DriverPack_CPU_wnt5_x86-32.ini
2014-08-21 13:19 - 2014-08-21 13:23 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 10:38 - 2014-08-21 19:48 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-20 17:26 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-19 20:52 - 2014-08-23 17:58 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-19 07:49 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-19 06:47 - 2014-08-22 01:09 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-18 21:13 - 2014-08-23 18:00 - 00000446 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Registration3.job
2014-08-18 20:29 - 2014-08-18 20:29 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Application Data\ParetoLogic
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-24 14:16 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-18 20:20 - 2014-08-22 08:17 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000416 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\Gary\Start Menu\Programs\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 18:29 - 2008-04-14 06:42 - 01033728 _____ (Microsoft Corporation) C:\WINDOWS.2\gzeranski.exe
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:14 - 2014-08-24 15:41 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-17 07:09 - 2014-08-21 19:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-17 07:09 - 2014-08-21 19:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-21 21:37 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:20 - 2001-08-17 14:11 - 00035328 _____ (AMD Inc.) C:\WINDOWS.2\system32\Drivers\pcntpci5.sys
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 20:31 - 2014-08-17 14:41 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-16 20:03 - 2014-08-24 15:03 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2013-05-08 15:05 - 00118784 _____ () C:\WINDOWS.2\system32\DriverCoInstaller.dll
2014-08-05 09:45 - 2014-08-05 09:46 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-08-02 07:20 - 2014-08-24 14:17 - 00000272 _____ () C:\WINDOWS.2\Tasks\Driver Booster Scan.job
2014-07-31 12:41 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-07-30 11:36 - 2014-07-30 11:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 10:44 - 2014-08-25 10:36 - 00054600 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-25 10:44 - 2012-08-05 10:42 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Temp
2014-08-25 10:36 - 2014-08-23 09:50 - 00000000 ____D () C:\FRST
2014-08-25 10:31 - 2014-08-25 10:31 - 00002778 _____ () C:\Documents and Settings\Gary\Desktop\aswMBR.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00000512 _____ () C:\Documents and Settings\Gary\Desktop\MBR.dat
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:26 - 2014-08-25 06:25 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-25 06:15 - 2013-01-09 13:05 - 00013646 _____ () C:\WINDOWS.2\system32\wpa.dbl
2014-08-24 20:03 - 2014-08-21 23:38 - 00300053 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-24 20:03 - 2009-12-04 18:57 - 00000178 ___SH () C:\Documents and Settings\Gary\ntuser.ini
2014-08-24 15:41 - 2014-08-21 23:42 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-24 15:41 - 2014-08-21 23:42 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-24 15:41 - 2014-08-18 04:14 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-24 15:41 - 2009-12-04 18:56 - 00000006 ____H () C:\WINDOWS.2\Tasks\SA.DAT
2014-08-24 15:41 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\inetsrv
2014-08-24 15:40 - 2014-05-13 08:24 - 00000278 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Startup.job
2014-08-24 15:22 - 2014-07-16 14:17 - 00000974 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003UA.job
2014-08-24 15:15 - 2014-07-09 06:45 - 00000830 _____ () C:\WINDOWS.2\Tasks\Adobe Flash Player Updater.job
2014-08-24 15:03 - 2014-08-16 20:03 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-24 15:03 - 2012-06-05 11:27 - 00000508 _____ () C:\WINDOWS.2\Tasks\PrintProjects Communicator.job
2014-08-24 14:28 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Temp
2014-08-24 14:25 - 2014-04-03 11:33 - 00000398 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{9CF66ED3-999B-440B-ABD0-2BDFD528737D}.job
2014-08-24 14:25 - 2010-01-23 15:12 - 00000424 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{6A02D280-3935-45F3-8EC6-584928C95165}.job
2014-08-24 14:24 - 2014-07-16 14:17 - 00000922 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003Core.job
2014-08-24 14:22 - 2014-04-16 03:20 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS.2\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 14:20 - 2009-12-04 10:40 - 00434200 _____ () C:\WINDOWS.2\system32\PerfStringBackup.INI
2014-08-24 14:17 - 2014-08-02 07:20 - 00000272 _____ () C:\WINDOWS.2\Tasks\Driver Booster Scan.job
2014-08-24 14:16 - 2014-08-18 20:20 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-24 14:16 - 2014-05-10 17:22 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Update.job
2014-08-24 14:16 - 2014-04-03 11:46 - 00000224 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-24 14:16 - 2014-02-07 16:32 - 00000444 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc Update3.job
2014-08-24 14:16 - 2013-10-24 07:16 - 00000274 _____ () C:\WINDOWS.2\Tasks\Driver Booster Update.job
2014-08-24 14:16 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-24 14:16 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-24 14:12 - 2014-08-24 11:38 - 00000648 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 14:12 - 2014-04-16 03:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 14:12 - 2014-04-16 03:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 14:12 - 2012-08-03 07:44 - 00000000 ___RD () C:\Documents and Settings\Gary\Desktop\Tools
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-23 18:22 - 2013-10-26 23:52 - 00002684 _____ () C:\WINDOWS.2\system32\ScanResults.xml
2014-08-23 18:00 - 2014-08-18 21:13 - 00000446 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Registration3.job
2014-08-23 18:00 - 2014-02-07 16:33 - 00000442 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc Registration3.job
2014-08-23 17:59 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-23 17:59 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-23 17:58 - 2014-08-19 20:52 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-23 11:28 - 2012-05-24 09:04 - 00001324 _____ () C:\WINDOWS.2\system32\d3d9caps.dat
2014-08-23 11:25 - 2011-11-10 14:39 - 00000618 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\calibre - E-book management.lnk
2014-08-22 16:55 - 2009-12-12 05:02 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\uTorrent
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 15:24 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2
2014-08-22 15:18 - 2011-04-03 09:31 - 00196608 _____ () C:\WINDOWS.2\system32\config\OAlerts.evt
2014-08-22 15:14 - 2011-04-03 10:25 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Outlook Files
2014-08-22 14:55 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-22 14:55 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-22 14:54 - 2011-12-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-22 12:39 - 2014-08-22 12:10 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 12:04 - 2014-08-22 12:04 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Tuneup Pro
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2006-03-11 18:16 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:20 - 2011-11-23 09:10 - 00000000 __SHD () C:\Documents and Settings\LocalService.NT AUTHORITY
2014-08-22 08:20 - 2009-12-04 18:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService.NT AUTHORITY.004
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-22 08:19 - 2009-12-04 18:57 - 00000000 ____D () C:\Documents and Settings\Gary
2014-08-22 08:17 - 2014-08-18 20:20 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-22 03:19 - 2014-08-20 17:26 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-22 03:19 - 2014-08-19 07:49 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-22 03:19 - 2014-07-31 12:41 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 06:55 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_30B6103C-DF5D-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 01:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_37B5F906-DF30-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-04-07 01:32 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_349FCC78-BE2F-11E3-8BAF-0007E9E3652D.job
2014-08-22 03:19 - 2014-02-24 02:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_B5A223C6-9D36-11E3-8B9B-0007E9E3652D.job
2014-08-22 01:09 - 2014-08-19 06:47 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-22 00:59 - 2013-07-25 10:54 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iobit
2014-08-22 00:59 - 2013-07-25 10:54 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 59805696 _____ () C:\WINDOWS.2\system32\config\software.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iobit
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:42 - 2009-12-05 18:15 - 00000000 ____D () C:\WINDOWS.2\system32\NtmsData
2014-08-21 23:17 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\MsDtc
2014-08-21 21:37 - 2014-08-16 21:23 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 21:37 - 2009-12-17 17:57 - 00001512 _____ () C:\Documents and Settings\Gary\Desktop\Calculator.lnk
2014-08-21 21:37 - 2009-11-25 16:59 - 00001529 _____ () C:\Documents and Settings\Gary\Desktop\Notepad.lnk
2014-08-21 21:24 - 2014-04-03 09:32 - 00000000 ____D () C:\rei
2014-08-21 21:24 - 2013-10-23 23:31 - 00000180 _____ () C:\WINDOWS.2\Reimage.ini
2014-08-21 20:46 - 2010-03-21 15:16 - 00000000 __SHD () C:\WINDOWS.2\CSC
2014-08-21 19:48 - 2014-08-21 10:38 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-21 19:47 - 2013-01-08 17:31 - 00000178 ___SH () C:\Documents and Settings\Administrator.BEDROOM\ntuser.ini
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:25 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\system32\Restore
2014-08-21 19:24 - 2013-01-05 20:41 - 00000813 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Help
2014-08-21 19:21 - 2009-12-04 10:39 - 00392776 _____ () C:\WINDOWS.2\system32\FNTCACHE.DAT
2014-08-21 19:17 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\security
2014-08-21 19:15 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\repair
2014-08-21 19:11 - 2013-01-08 13:30 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdifr
2014-08-21 19:11 - 2013-01-08 12:57 - 00000000 ___HD () C:\Documents and Settings\Default User.WINDOWS.2
2014-08-21 19:09 - 2014-08-17 07:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-21 19:09 - 2014-08-17 07:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-21 19:09 - 2013-01-08 13:30 - 00001621 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 19:09 - 2013-01-08 13:26 - 00000802 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:08 - 2009-12-04 10:40 - 00004249 _____ () C:\WINDOWS.2\ODBCINST.INI
2014-08-21 19:07 - 2009-12-04 18:47 - 00000000 ____D () C:\WINDOWS.2\Registration
2014-08-21 19:06 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\ias
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:04 - 2013-01-08 13:29 - 00000000 ___RD () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:04 - 2009-12-04 18:49 - 00000749 ___RH () C:\WINDOWS.2\system32\cdplayer.exe.manifest
2014-08-21 19:04 - 2009-12-04 18:49 - 00000488 ___RH () C:\WINDOWS.2\system32\WindowsLogon.manifest
2014-08-21 19:04 - 2009-12-04 10:35 - 00000000 ___RD () C:\WINDOWS.2\Web
2014-08-21 19:03 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\srchasst
2014-08-21 19:03 - 2009-12-04 10:35 - 00000000 ___SD () C:\WINDOWS.2\Offline Web Pages
2014-08-21 19:03 - 2006-03-11 20:55 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:59 - 2013-01-06 12:43 - 00000000 ____D () C:\Inetpub
2014-08-21 18:59 - 2009-12-04 18:47 - 00025456 _____ () C:\WINDOWS.2\system32\emptyregdb.dat
2014-08-21 18:59 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\Com
2014-08-21 18:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Cursors
2014-08-21 18:58 - 2006-03-04 14:17 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-21 18:57 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\addins
2014-08-21 18:53 - 2007-09-11 13:48 - 00000286 ___SH () C:\boot.ini
2014-08-21 18:43 - 2009-12-05 00:11 - 00000000 ____D () C:\WINDOWS.2\system32\ReinstallBackups
2014-08-21 18:15 - 2009-12-04 10:40 - 00004452 _____ () C:\WINDOWS.2\system32\pid.PNF
2014-08-21 18:15 - 2001-08-23 04:00 - 00000231 _____ () C:\WINDOWS.2\system.ini
2014-08-21 18:13 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system
2014-08-21 17:57 - 2009-12-04 10:39 - 00262144 _____ () C:\WINDOWS.2\system32\config\security.sav
2014-08-21 17:52 - 2010-03-17 18:30 - 00001129 _____ () C:\WINDOWS.2\UPGRADE.TXT
2014-08-21 13:23 - 2014-08-21 13:19 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 11:08 - 2009-12-04 10:38 - 62128128 _____ () C:\WINDOWS.2\system32\config\software.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 14680064 _____ () C:\WINDOWS.2\system32\config\system.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 06029312 _____ () C:\WINDOWS.2\system32\config\default.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdiff
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\usmt
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\scripting
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Media
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\L2Schemas
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\npp
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\PeerNet
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\mui
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\msagent
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\ime
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\twain_32
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\icsxml
2014-08-21 10:59 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\1033
2014-08-21 10:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Driver Cache
2014-08-20 21:42 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM
2014-08-18 22:00 - 2013-08-11 06:53 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag_Schedule.job
2014-08-18 21:13 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Local Settings\Temp
2014-08-18 20:29 - 2014-08-18 20:29 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Application Data\ParetoLogic
2014-08-18 20:26 - 2009-12-04 18:57 - 00120192 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000416 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\Gary\Start Menu\Programs\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 16:06 - 2014-03-10 16:02 - 00000366 _____ () C:\WINDOWS.2\Tasks\APSnotifierCA.job
2014-08-18 15:32 - 2012-08-04 11:09 - 00000221 _____ () C:\WINDOWS.2\system32\lsprst7.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000207 _____ () C:\WINDOWS.2\system32\lsprst7.dll
2014-08-18 15:32 - 2012-08-04 11:09 - 00000089 _____ () C:\WINDOWS.2\system32\ssprs.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000075 _____ () C:\WINDOWS.2\system32\ssprs.dll
2014-08-18 09:25 - 2013-01-10 22:59 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\vlc
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:31 - 2014-02-07 16:32 - 00000374 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc.job
2014-08-18 04:24 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\pchealth
2014-08-17 16:42 - 2014-06-24 03:18 - 00120192 _____ () C:\WINDOWS.2\system32\GDIPFONTCACHEV1.DAT
2014-08-17 16:23 - 2014-04-03 11:40 - 00000000 _____ () C:\WINDOWS.2\system32\reimage.rep
2014-08-17 15:27 - 2006-03-04 14:20 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-17 15:26 - 2006-03-04 14:21 - 00001627 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-08-17 15:26 - 2006-03-04 14:21 - 00000808 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2014-08-17 14:41 - 2014-08-16 20:31 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-17 14:41 - 2014-04-03 10:38 - 00000000 ____D () C:\ReimageUndo
2014-08-17 07:10 - 2009-12-04 18:51 - 00316640 _____ () C:\WINDOWS.2\WMSysPr9.prx
2014-08-17 01:32 - 2009-11-29 19:36 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Vso
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2013-07-01 12:25 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2013-01-08 17:31 - 00000000 ___RD () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2006-03-04 14:24 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-08-16 21:23 - 2006-03-04 14:18 - 00000000 ____D () C:\Program Files\Online Services
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\mui
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:19 - 2012-06-17 15:59 - 00000000 __HDC () C:\WINDOWS.2\ie8
2014-08-16 21:18 - 2009-12-05 00:10 - 00000000 ____D () C:\WINDOWS.2\ie8updates
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:03 - 2014-04-03 09:32 - 00000000 ____D () C:\Program Files\Reimage
2014-08-16 18:48 - 2009-11-29 20:36 - 00001191 _____ () C:\Documents and Settings\Gary\Application Data\vso_ts_preview.xml
2014-08-15 08:47 - 2010-01-24 10:03 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\dvdcss
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-11 05:57 - 2014-06-25 05:38 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Schedule.job
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-09 12:27 - 2006-03-11 20:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-09 12:25 - 2009-12-04 18:49 - 00000000 ____D () C:\WINDOWS.2\system32\DirectX
2014-08-09 06:42 - 2013-01-06 23:24 - 00000000 ____D () C:\Program Files\Red Sky
2014-08-08 15:00 - 2014-04-03 11:46 - 00000218 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-05 09:46 - 2014-08-05 09:45 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-08-05 09:46 - 2010-10-10 06:34 - 00051729 _____ () C:\WINDOWS.2\Aware40.mch
2014-08-05 09:45 - 2010-10-10 06:34 - 00000035 _____ () C:\WINDOWS.2\A4W.INI
2014-08-04 13:07 - 2013-09-18 10:49 - 00000000 ____D () C:\Documents and Settings\Gary\Desktop\Health
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-07-31 17:42 - 2009-12-05 07:15 - 00038912 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-31 05:54 - 2012-05-12 17:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 11:37 - 2014-07-30 11:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS.2\explorer.exe => File is digitally signed
C:\WINDOWS.2\system32\winlogon.exe => File is digitally signed
C:\WINDOWS.2\system32\svchost.exe => File is digitally signed
C:\WINDOWS.2\system32\services.exe => File is digitally signed
C:\WINDOWS.2\system32\User32.dll => File is digitally signed
C:\WINDOWS.2\system32\userinit.exe => File is digitally signed
C:\WINDOWS.2\system32\rpcss.dll => File is digitally signed
C:\WINDOWS.2\system32\Drivers\volsnap.sys => File is digitally signed
Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2014 03
Ran by Gary at 2014-08-25 10:46:46
Running from C:\Documents and Settings\Gary\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
#1 DVD Ripper 8.1.1 (HKLM\...\#1 DVD Ripper) (Version: 8.1.1 - Apollo Multimedia Inc.)
123 Downloader (HKLM\...\123 Downloader) (Version: 1.0 - Bling Software Ltd.)
123CopyDVDPlatinum (HKLM\...\123CopyDVDPlatinum 2012) (Version: 2012 - Bling Software Ltd.)
123CopyDVDPlatinum (HKLM\...\123CopyDVDPlatinum 2013) (Version: 2013 - Bling Software Ltd.)
1Click DVD Copy 4.1 (HKLM\...\1Click DVD Copy 4.1) (Version: - )
2WIRE Wireless LAN - USB Driver (HKLM\...\{581CE7EA-A30D-0000-1211-088635773309}) (Version: - )
4Media Video Converter Ultimate (HKLM\...\4Media Video Converter Ultimate) (Version: 5.1.26.0731 - 4Media)
abgx360 v1.0.6 (HKLM\...\abgx360) (Version: - )
Access Password Recovery 3.0.1.0 (HKLM\...\{ADFCF1E3-8057-4359-B884-5EAA62B06ETK}_is1) (Version: - Anypasskey Studio)
Active-HDL 6.3 (HKLM\...\Active-HDL 6.3) (Version: - )
Active-HDL 7.2 (HKLM\...\Active-HDL 7.2) (Version: - )
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
aiofw (Version: 4.2.6.0 - Eastman Kodak Company) Hidden
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 6.2.3.10 - Your Company Name) Hidden
aioscnnr (Version: 7.6.13.10 - Your Company Name) Hidden
ALLConverter PRO 1.3 (HKLM\...\{9370105C-71BB-4FF9-A85B-36D79B95457A}_is1) (Version: - ALLCinema, Inc.)
Android SDK Tools (HKLM\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Aneesoft Video Converter Pro (HKLM\...\{B6E62DFF-2488-4452-BA75-D2B8442AA97C}}_is1) (Version: - Aneesoft Corporation)
Angel's Vox 1.5 (HKLM\...\Angel's Vox) (Version: 1.5 - SuperUtils.com Software)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any DVD Converter Professional 4.1.8 (HKLM\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com)
Any Video Converter 3.3.0 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter Ultimate 4.5.9 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
A-PDF Image to PDF 4.1 (HKLM\...\A-PDF Image to PDF_is1) (Version: - A-PDF Solution)
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.2 (HKLM\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 9.21 (HKLM\...\Ashampoo Burning Studio 9_is1) (Version: 9.2.1 - ashampoo GmbH & Co. KG)
Ashampoo MyAutoplay Menu 1.0.3 (HKLM\...\Ashampoo MyAutoplay Menu_is1) (Version: 1.0.3 - ashampoo GmbH & Co. KG)
Aspell English Dictionary-0.50-2 (HKLM\...\Aspell English Dictionary_is1) (Version: - GNU)
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - )
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.1.540 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.1.4.150 (HKLM\...\AVS Video ReMaker_is1) (Version: 4.1.4.150 - Online Media Technologies Ltd.)
BadCopy Pro (HKLM\...\BadCopy Pro) (Version: - )
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
BIAS SoundSoap SE 2.2 (HKLM\...\{01287DE9-6EEB-488D-99C7-FE3C707A87AC}) (Version: 2.2 - BIAS Inc)
Bigasoft Total Video Converter 1.7.7.3628 (HKLM\...\{a72ce741-1f32-4d79-bffb-a714375c678d}_is1) (Version: - Bigasoft Corporation)
Blu-ray to DVD 1.4.0.8 (HKLM\...\Blu-ray to DVD_is1) (Version: 1.4.0.8 - VSO-Software SARL)
Bolt PDF Printer (HKLM\...\BoltPDF) (Version: 1.18 - NCH Software)
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.63.1071 - AB Team, d.o.o.)
BurnAware Professional 7.2 (HKLM\...\BurnAware Professional_is1) (Version: - Burnaware)
BurnOn CD&DVD, Version 3.1.3 ( Build 2009-2-22, Win32, ) (HKLM\...\BurnWorld.Com BurnOn CD&DVD_is1) (Version: - BurnWorld.Com)
BusinessCards MX (HKLM\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 4.2 - MOJOSOFT)
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
calibre (HKLM\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
center (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Cheetah DVD Burner (HKLM\...\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}) (Version: - )
CloneDVD 7 Ultimate 7.0.0.9 (HKLM\...\CloneDVD 7 Ultimate_is1) (Version: - Copyright © 2003-2013 CloneDVD Studio.)
Codec Checker (HKLM\...\{4855A5DA-B1AB-457F-0001-8901CB48A459}) (Version: 1.08 - SuperEasy Software)
ConvertXtoDVD 2.1.12.214 (HKLM\...\{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1) (Version: 2.1.12.214 - VSO-Software SARL)
ConvertXtoDVD 4.1.19.365 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CyberLink InstantBurn (HKLM\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.5509a - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go (Version: 7.0.0.3328b - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Daniusoft Media Converter Ultimate(Build 2.5.2.0) (HKLM\...\Daniusoft Media Converter Ultimate_is1) (Version: - Daniusoft Software)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E581F27C-B798-42D8-9BD1-0A469A2C97AE}) (Version: - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.3.1.5 - Dell)
Digilent Software (HKLM\...\Digilent Software) (Version: 1.0.198 - Digilent, Inc.)
DjVuLibre+DjView (HKLM\...\DjVuLibre+DjView) (Version: 3.5.25.3+4.9 - DjVuZone)
Doxillion Document Converter (HKLM\...\Doxillion) (Version: - NCH Software)
Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.4 - IObit)
DRMBuster 4.1.2 (HKLM\...\DRMBuster_is1) (Version: - )
DVD Data Rescue 2.1 (HKLM\...\DVD Data Rescue_is1) (Version: 2.1 - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD-Cloner V10.50 Build 1209 (HKLM\...\DVD-Cloner 2013_is1) (Version: 10.50.0.1209 - OpenCloner Inc.)
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.2.3.2 (HKLM\...\DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1) (Version: - Fengtao Software Inc.)
DVDFab 6.0.4.2 (05/08/2009) (HKLM\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 7.0.7.9 Beta (05/07/2010) (HKLM\...\DVDFab 7_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.0.2.2 (01/10/2010) (HKLM\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.1.6.8 (17/03/2012) Qt (HKLM\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.1.2.2 (08/01/2014) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
DVDneXtCOPY 2 Standard (HKLM\...\DVDneXtCOPY 2 Standard) (Version: - )
DVDneXtCOPYneXtTech (HKLM\...\DVDneXtCOPYneXtTech) (Version: - )
DVD-Ranger (HKLM\...\DVD-Ranger) (Version: - )
Ease Audio Converter 5.01 (HKLM\...\Ease Audio Converter_is1) (Version: - )
EaseUS Data Recovery Wizard 7.0 (HKLM\...\EaseUS Data Recovery Wizard 7.0_is1) (Version: - EaseUS)
Easy CD-DA Extractor 2010 (HKLM\...\Easy CD-DA Extractor 2010) (Version: 2010.4 - Poikosoft)
Easy DVD Creator 2.5.7 (HKLM\...\Easy DVD Creator_is1) (Version: - Ether Software)
Easy Ovi Maps Downloader 5.55 (HKLM\...\Easy Ovi Maps Downloader_is1) (Version: - getallmaps.com)
eBook Converter (HKLM\...\eBookConverter) (Version: 1.2.1 - eBook Converter)
Elevated Installer (Version: 3.2.4.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (Version: 1.12.0117 - Logitech, Inc.) Hidden
essentials (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Express Burn Disc Burning Software (HKLM\...\ExpressBurn) (Version: - NCH Software)
FantasyDVD Player 9 Platinum (HKLM\...\FantasyDVD Platinum_is1) (Version: - Fantasy Software Studios)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
Flame Skin (HKLM\...\Flame Skin) (Version: - )
Free File Viewer 2011 (HKLM\...\FreeFileViewer_is1) (Version: - Bitberry Software) <==== ATTENTION
Free FLV Converter V 7.5.0 (HKLM\...\Free FLV Converter_is1) (Version: 7.5.0.0 - Koyote Soft)
FYZip 1.00 (HKLM\...\FYZip) (Version: 1.00 - TightRope Interactive)
GameCopyPro273_1 (HKLM\...\{30368B72-4D78-498E-8AE1-7389C51BD57B}) (Version: 2.73 - Game Copy Pro)
Garmin Communicator Plugin (HKLM\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{95fb9355-9884-416e-b377-5339fc7ef31a}) (Version: 3.2.4.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.2.4.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.2.4.0 - Garmin Ltd or its subsidiaries) Hidden
GNU Aspell 0.50-3 (HKLM\...\GNU Aspell_is1) (Version: - GNU)
Google Talk Plugin (HKLM\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (Version: 1.3.21.115 - Google Inc.) Hidden
GoToMeeting 5.1.0.880 (HKCU\...\GoToMeeting) (Version: 5.1.0.880 - CitrixOnline)
High-Definition Video Playback 10 (Version: 7.0.11400.29.0 - Nero AG) Hidden
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
ImTOO Blu Ray Ripper (HKLM\...\ImTOO Blu Ray Ripper) (Version: 5.2.10.1102 - ImTOO)
ImTOO DVD Copy Express (HKLM\...\ImTOO DVD Copy Express) (Version: 1.1.25.0102 - ImTOO)
InstaCodecs (HKLM\...\InstaCodecs_is1) (Version: 1.0 - )
Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 (Version: 5.2.0.2 - Intel Corporation) Hidden
IntelliCAD 2001 (HKLM\...\{67A87D78-70B5-4999-85CA-DE4C26100C7A}) (Version: - )
IObit Malware Fighter (HKLM\...\IObit Malware Fighter_is1) (Version: 2.1 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.2.10.2466 - IObit)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 11 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170110}) (Version: 1.7.0.110 - Oracle)
Java™ 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.370 - Oracle)
Karen's WhoIs (HKLM\...\Karen's WhoIs) (Version: 2.6.0.6 - Karen Kenworthy)
KhalInstallWrapper (Version: 4.60.122 - Logitech) Hidden
Kindle DRM Removal (HKLM\...\KindleDRMRemoval) (Version: 1.4.1 - eBook Converter)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
ksDIP (Version: 3.20.0000.0001 - Eastman Kodak Company) Hidden
LG Tool Kit (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightZone 3.7 (HKLM\...\LightZone 3.7) (Version: - Light Crafts, Inc.)
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.60 - Logitech)
Machinist 2 (HKLM\...\Machinist 2) (Version: - )
MakeMKV v1.8.10 (HKLM\...\MakeMKV) (Version: v1.8.10 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McFunSoft Video Capture Convert Burn Solution 8.2.8.1088 (HKLM\...\McFunSoft Video Capture Convert Burn Solution_is1) (Version: - )
Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: - ) <==== ATTENTION
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{C3013E88-B772-4446-A0AE-A7F37180B9F1}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Easy Assist v2 (HKLM\...\{326957C7-83FD-4550-A59A-849B7B4297DE}) (Version: 8.1.6416.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Reader (HKLM\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version: - )
Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
MKVtoolnix 3.3.0 (HKLM\...\MKVtoolnix) (Version: 3.3.0 - Moritz Bunkus)
Movie Collector (HKLM\...\{8EC6EBB4-D899-4C6B-BA17-C21B78988F23}_is1) (Version: - Collectorz.com)
Mozilla Firefox 13.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 13.0.1 (x86 en-US)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11800.21.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero Core Components 10 (Version: 2.0.13700.0.1 - Nero AG) Hidden
Nero CoverDesigner 10 (HKLM\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero CoverDesigner 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero Dolby Files 10 (Version: 2.0.11000.0.10 - Nero AG) Hidden
Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Express 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero Multimedia Suite 10 (HKLM\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero Recode 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero RescueAgent 10 (HKLM\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero SoundTrax 10 (HKLM\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (Version: 1.0.10700 - Nero AG) Hidden
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero Vision 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
Nero WaveEditor 10 (HKLM\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (Version: 1.0.10600 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
Nitro Pro 7 (HKLM\...\{C3860DD6-64DD-412B-B5F9-10E1D4249767}) (Version: 7.5.0.22 - Nitro PDF Software)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Odin Blu-ray to HD Converter 7.6.3 (HKLM\...\Odin Blu-ray to HD Converter_is1) (Version: - Odin Share Company)
OneTouchUpgrade 1.8.1.9 (HKLM\...\OTU_is1) (Version: - )
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Password Recovery 5.0 (HKLM\...\Password Recovery 5.0) (Version: - )
Patin-Couffin 36 (HKLM\...\Patin-Couffin Drivers_is1) (Version: - VSO-software)
PDF ePub DRM Removal (HKLM\...\PDFePubRMRemoval) (Version: 1.4.1 - eBook Converter)
PDFlite 0.7 (HKLM\...\PDFlite) (Version: 0.7 - Amnis Technology Ltd)
PFConfig 1.0.296 (HKLM\...\PFConfig) (Version: 1.0.296 - Portforward.com)
PhotoPad Image Editor (HKLM\...\PhotoPad) (Version: - NCH Software)
Pixillion Image Converter (HKLM\...\Pixillion) (Version: - NCH Software)
PlexUTILITIES 1.3.1.0 (HKLM\...\PlexUtil) (Version: 1.3.1.0 - Plextor)
Portforward Static IP Address 1.0.47 (HKLM\...\Portforward Static IP Address) (Version: 1.0.47 - Portforward.com)
PowerISO (HKLM\...\PowerISO) (Version: - )
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.10712 - RocketLife Inc.)
Prism Video File Converter (HKLM\...\Prism) (Version: 2.10 - NCH Software)
Product Key Explorer 3.2.7 (HKLM\...\Product Key Explorer_is1) (Version: - Nsasoft, LLC.)
Protected Folder (HKLM\...\Protected Folder_is1) (Version: - IObit)
Quamm Search Engine (remove only) (HKLM\...\Quamm Search Engine) (Version: - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTime Alternative 1.47 (HKLM\...\QuicktimeAlt_is1) (Version: 1.47 - )
RAR Password Recovery 1.7 (HKLM\...\RAR Password Recovery_is1) (Version: - Top Password Software, Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
RegCure Pro (HKLM\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.1.2.0 - ParetoLogic, Inc.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.6.6 - Reimage)
Release OrCAD 10.0 (HKLM\...\{F6A3CF9D-A775-41F6-AA22-68EF52893339}) (Version: - )
Rosetta Stone Version 3 (HKLM\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
SopCast 3.2.9 (HKLM\...\SopCast) (Version: 3.2.9 - www.sopcast.com)
Sophos Anti-Rootkit 1.5.20 (HKLM\...\Sophos-AntiRootkit) (Version: 1.5.20 - Sophos Plc)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.2 - Sophos Limited)
SpeedMaxPc (HKLM\...\{EF4F8650-7710-4CA0-831D-4AA9C1CF6D87}) (Version: 3.2.8.0 - SpeedMaxPc)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SpyHunter (HKLM\...\{CC1F6DA0-21D2-425A-B1B6-5B164A598450}) (Version: 4.9.12.4023 - Enigma Software Group USA, LLC)
Streaming Video Recorder V2.4.1 (HKLM\...\{2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1) (Version: 2.4.1 - Apowersoft)
Super Internet TV v8.0 (Premium Edition) (HKLM\...\Super Internet TV (Premium Edition)_is1) (Version: - Ahusoft)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Complete National Geographic (HKLM\...\com.nationalgeographic.products.cng120.68B1CC4249876152EBE333BD4B7514ADB4D94062.1) (Version: 1.14 build 835 - National Geographic Society)
The Complete National Geographic (HKLM\...\The Complete National Geographic 1.14) (Version: 1.14 - National Geographic)
The Complete National Geographic (Version: 1.14.835 - National Geographic Society) Hidden
TomTom HOME (HKLM\...\{26CE484D-2E8E-40D5-B251-158133114C69}) (Version: 2.9.0 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Ultra Video Converter 5.2.0408 (HKLM\...\Ultra Video Converter_is1) (Version: - Aone Software)
UltraISO Premium V9.33 (HKLM\...\UltraISO_is1) (Version: - )
UnLock Root 3.1 (HKLM\...\UnLock Root) (Version: 3.1 - Unlcokroot)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Zip Opener (HKCU\...\DSite) (Version: - ) <==== ATTENTION
Video Converter (HKLM\...\{6DA3E438-338A-4568-0001-2F9BDBB695C5}) (Version: 1.045 - SuperEasy Software)
VideoPerformer (HKLM\...\VideoPerformer) (Version: - PerformerSoft LLC) <==== ATTENTION
VIO Player version 1.2 (HKLM\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.12 - VSO Software)
VSO CopyToDVD 4 (HKLM\...\{870F1750-BA89-11DA-A94D-0800200C9A66}_is1) (Version: 4.3.1.12 - VSO Software)
VSO Inspector 2.1.0.6 (HKLM\...\VSO Inspector_is1) (Version: 2.1.0.6 - VSO-Software)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
WebEx Support Manager for Internet Explorer (HKLM\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Who Is On My Wifi version 2.2.0 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.2.0 - IO3O LLC)
WinAVI FLV Converter (HKLM\...\WinAVI FLV Converter 1.0_is1) (Version: - ZJ Computing,Inc.)
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
Windows PowerShell™ 1.0 (HKLM\...\PowerShell) (Version: 1 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Support Tools (HKLM\...\{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}) (Version: 5.1.2600.2180 - Microsoft Corporation)
WinISO 5.3 (HKLM\...\WinISO_is1) (Version: - WinISO Computing Inc.)
WinPcap 4.1.1 (HKLM\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinX DVD Ripper Platinum 5.22.0 (HKLM\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
WinZip 11.2 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}) (Version: 11.2.8094 - WinZip Computing, S.L. )
Wondershare DVD Converter(Build 4.5.1.1) (HKLM\...\Wondershare DVD Converter_is1) (Version: - Wondershare Software)
WordPerfect Office 11 (HKLM\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0 - Corel Corporation)
Xbox Commander version 4.1 (HKLM\...\{7D92D3FC-F62A-430D-A0B4-2AF50CFB4F58}) (Version: 4.1.0 - Heitmeijer)
Xilinx ISE 10.1 (HKLM\...\Xilinx ISE 10.1) (Version: - )
Xilisoft Video Converter Ultimate (HKCU\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130217 - Xilisoft)
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version: - )
YTD Video Downloader 4.8.3 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.3 - GreenTree Applications SRL)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\880\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-484763869-2111687655-1606980848-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2001-08-23 04:00 - 2008-04-14 14:00 - 00000734 ___RA C:\WINDOWS.2\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS.2\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS.2\Tasks\APSnotifierCA.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS.2\Tasks\DoxillionDowngrade.job => C:\Program Files\NCH Software\Doxillion\doxillion.exe
Task: C:\WINDOWS.2\Tasks\DoxillionReminder.job => C:\Program Files\NCH Software\Doxillion\doxillion.exe
Task: C:\WINDOWS.2\Tasks\Driver Booster Scan.job => C:\Program Files\IObit\Driver Booster\Scheduler.exe
Task: C:\WINDOWS.2\Tasks\Driver Booster Update.job => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
Task: C:\WINDOWS.2\Tasks\expressburnShakeIcon.job => C:\Program Files\NCH Swift Sound\ExpressBurn\expressburn.exe
Task: C:\WINDOWS.2\Tasks\Gary Local Autobackup 5 4.job => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBCore.exe
Task: C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003Core.job => C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003UA.job => C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS.2\system32\xp_eos.exe
Task: C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS.2\system32\xp_eos.exe
Task: C:\WINDOWS.2\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS.2\Tasks\Microsoft_Hardware_Launch_IType_exe.job => C:\Program Files\Microsoft IntelliType Pro\itype.exe
Task: C:\WINDOWS.2\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS.2\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\WINDOWS.2\Tasks\photopadShakeIcon.job => C:\Program Files\NCH Software\PhotoPad\photopad.exe
Task: C:\WINDOWS.2\Tasks\pixillionDowngrade.job => C:\Program Files\NCH Software\Pixillion\pixillion.exe
Task: C:\WINDOWS.2\Tasks\pixillionShakeIcon.job => C:\Program Files\NCH Software\Pixillion\pixillion.exe
Task: C:\WINDOWS.2\Tasks\PrintProjects Communicator.job => C:\Documents and Settings\All Users.WINDOWS.2\Application Data\PrintProjects\Communicator.exe
Task: C:\WINDOWS.2\Tasks\RegCure Pro.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\WINDOWS.2\Tasks\ReimageUpdater.job => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: C:\WINDOWS.2\Tasks\SmartDefrag3_Schedule.job => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
Task: C:\WINDOWS.2\Tasks\SmartDefrag3_Startup.job => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
Task: C:\WINDOWS.2\Tasks\SmartDefrag3_Update.job => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe
Task: C:\WINDOWS.2\Tasks\SmartDefrag_Schedule.job => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc Registration3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc Update3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc.job => J:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_30B6103C-DF5D-11E3-A6D9-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_349FCC78-BE2F-11E3-8BAF-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_37B5F906-DF30-11E3-A6D9-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_B5A223C6-9D36-11E3-8B9B-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{6A02D280-3935-45F3-8EC6-584928C95165}.job => C:\WINDOWS.2\system32\msfeedssync.exe
Task: C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{9CF66ED3-999B-440B-ABD0-2BDFD528737D}.job => C:\WINDOWS.2\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2008-04-14 05:00 - 2008-04-14 05:00 - 00015360 _____ () C:\WINDOWS.2\system32\tsd32.dll
2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2006-03-04 23:01 - 2006-12-03 15:53 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll
2012-03-11 09:07 - 2012-03-11 09:07 - 00159744 _____ () C:\Program Files\Mega Codec Pack\Filters\Haali\mmfinfo.dll
2012-03-11 09:07 - 2012-03-11 09:07 - 00023552 _____ () C:\Program Files\Mega Codec Pack\Filters\Haali\mkunicode.dll
2012-07-25 21:19 - 2012-07-25 21:19 - 00094728 _____ () C:\Program Files\Nitro PDF\Professional 7\NPShellExtension.dll
2014-07-30 11:37 - 2014-07-30 11:37 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-01-01 23:48 - 2013-01-01 23:48 - 01292288 _____ () C:\WINDOWS.2\system32\quartz.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS.2:nlsPreferences
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:BF3D62E7
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:DE406C3E
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:FB1B13D8
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:BF3D62E7
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:DE406C3E
AlternateDataStreams: C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Temp:FB1B13D8
AlternateDataStreams: C:\Documents and Settings\Gary\Local Settings\Application Data\desktop.ini:722b2b1c349a06abf0e866180e5a7e63
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\Software\Classes\exefile: <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Activate.exe =>
MSCONFIG\startupreg: Adobe ARM => c:\program files\common files\adobe\arm\1.0\adobearm.exe
MSCONFIG\startupreg: BCSSync => "c:\program files\microsoft office\office14\bcssync.exe" /delayservices
MSCONFIG\startupreg: BDRegion => c:\program files\cyberlink\shared files\brs.exe
MSCONFIG\startupreg: Conime =>
MSCONFIG\startupreg: CTFMON.EXE =>
MSCONFIG\startupreg: EKIJ5000StatusMonitor => c:\windows.2\system32\spool\drivers\w32x86\3\ekij5000mui.exe
MSCONFIG\startupreg: GarminExpressTrayApp => c:\program files\garmin\express tray\expresstray.exe
MSCONFIG\startupreg: IntelliPoint =>
MSCONFIG\startupreg: LGODDFU =>
MSCONFIG\startupreg: PDR10.exe =>
MSCONFIG\startupreg: PDVDLaunchPolicy.exe =>
MSCONFIG\startupreg: PhotoDirector4.exe =>
MSCONFIG\startupreg: Power2Go.exe =>
MSCONFIG\startupreg: Power2GoExpress =>
MSCONFIG\startupreg: QuickTime Task => "c:\program files\quicktime\qttask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 =>
MSCONFIG\startupreg: SimpleFiles Installer Starter =>
MSCONFIG\startupreg: SunJavaUpdateSched =>
MSCONFIG\startupreg: UACAgent.exe =>
MSCONFIG\startupreg: UserFaultCheck =>
MSCONFIG\startupreg: uTorrent => "c:\documents and settings\gary\application data\utorrent\utorrent.exe" /minimized
==================== Faulty Device Manager Devices =============
#5
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 25 August 2014 - 12:46 PM
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#6
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 25 August 2014 - 08:25 PM
Ken545:
This is zrski1.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03
Ran by Gary (administrator) on BEDROOM on 25-08-2014 13:59:54
Running from C:\Documents and Settings\Gary\Desktop
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS.2\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\services.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\lsass.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\WgaTray.exe
(Microsoft Corporation) C:\WINDOWS.2\explorer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\ctfmon.exe
(Malwarebytes Corporation) J:\Program Files\Malwarebytes Anti-Malware\mbam.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Advanced SystemCare 7] => "J:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2510848 2011-06-16] (Eastman Kodak Company)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS.2\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS.2\ime\imkr6_1\IMEKRMIG.EXE [44032 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS.2\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [BCMSMMSG] => C:\WINDOWS.2\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [DVDUpgrade] => DVDUpgrd.exe /async
HKLM\...\Run: [PowerDVD10.exe] => J:\Program Files\PowerDVD10\PowerDVD10.exe [4009592 2013-02-22] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] => J:\Program Files\PowerDirector10\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [IsoViewer.exe] => J:\Program Files\Power2Go\IsoViewer.exe [1815512 2013-03-27] (CyberLink Corp.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS.2\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] logonui.exe [x ] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS.2\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS.2\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS.2\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS.2\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS.2\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS.2\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS.2\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\WgaLogon: C:\WINDOWS.2\system32\WgaLogon.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\WINDOWS.2\system32\tscupgrd.exe [44544 2006-02-28] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-484763869-2111687655-1606980848-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKU\S-1-5-21-484763869-2111687655-1606980848-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [tscuninstall] => C:\WINDOWS.2\system32\tscupgrd.exe [44544 2006-02-28] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
SearchScopes: HKLM - {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL =
SearchScopes: HKCU - DefaultScope {C060ED26-FF9B-4A56-8CC4-1C298C1D29DB} URL = http://search.condui...0431446912&UM=2
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {52E2D971-34A9-49E7-88F6-078B653A9C12} URL = http://search.yahoo....rtPage?}&fr=ie8
SearchScopes: HKCU - {C060ED26-FF9B-4A56-8CC4-1C298C1D29DB} URL = http://search.condui...0431446912&UM=2
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> J:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS.2\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1357766330484
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS.2\system32\mshtml.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS.2\system32\wiascr.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS.2\system32\shell32.dll [8463872 2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984
FF SelectedSearchEngine: Google
FF Homepage: https://mail.google....mail/u/0/#inbox
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS.2\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> J:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\user.js
FF user.js: detected! => C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npitunes.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\searchplugins\duckduckgo.xml
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\extensions [2012-06-06]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\foxmarks@kei.com [2012-11-02]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\searchplugins [2013-10-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012-10-07]
FF Extension: CleanPrint - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\cleanprint@formatdynamics.com.xpi [2012-11-13]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\ascsurfingprotection@iobit.com [2014-05-22]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\foxmarks@kei.com [2011-07-16]
FF Extension: AD Block - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\searchads@instair.net [2014-03-01]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\staged [2012-06-06]
FF Extension: LastPass - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\support@lastpass.com [2011-08-16]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012-05-21]
FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-08-09]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-07-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-07]
Chrome:
=======
CHR RestoreOnStartup: "https://search.yahoo...=spigot-yhp-ch"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\10.0.648.133\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gears.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npitunes.dll ()
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Documents and Settings\Gary\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-22]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-26]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-03-12]
CHR Extension: (Web Enhancements) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhhjhpmajehomfpogoncjnhlannmkcgb [2011-03-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-12-23]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 123MediaStreamer; J:\Program Files\123CopyDVDPlatinum 2012\MediaStreamerService.exe [47616 2013-04-17] (Microsoft) [File not signed]
S2 6to4; C:\WINDOWS.2\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS.2\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-07-09] (Adobe Systems Incorporated)
S4 Alerter; C:\WINDOWS.2\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
S3 ALG; C:\WINDOWS.2\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINDOWS.2\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
S2 Ati HotKey Poller; C:\WINDOWS.2\system32\Ati2evxx.exe [602112 2013-10-24] (ATI Technologies Inc.) [File not signed]
S2 AudioSrv; C:\WINDOWS.2\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
S2 BITS; C:\WINDOWS.2\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS.2\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S4 CiSvc; C:\WINDOWS.2\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS.2\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S2 CLKMSVC10_447BEDDB; J:\Program Files\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-03-08] (CyberLink)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS.2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS.2\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS.2\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS.2\System32\dhcpcsvc.dll [126976 2008-06-03] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS.2\System32\dmadmin.exe [224768 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS.2\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS.2\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS.2\System32\dot3svc.dll [132096 2009-01-20] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS.2\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 ERSvc; C:\WINDOWS.2\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S3 EventSystem; C:\WINDOWS.2\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
S3 FastUserSwitchingCompatibility; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S2 Fax; C:\WINDOWS.2\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [443224 2014-05-15] (Garmin Ltd or its subsidiaries)
S3 GSService; C:\WINDOWS.2\system32\GSService.exe [380928 2010-11-18] () [File not signed]
S3 helpsvc; C:\WINDOWS.2\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S2 HidServ; C:\WINDOWS.2\System32\hidserv.dll [21504 2014-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS.2\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS.2\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S2 IISADMIN; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS.2\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
S2 KMService; C:\WINDOWS.2\system32\srvany.exe [8192 2013-09-14] () [File not signed]
S2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
S2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
R2 LanmanServer; C:\WINDOWS.2\System32\srvsvc.dll [99840 2010-08-26] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS.2\System32\wkssvc.dll [134144 2009-06-09] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LmHosts; C:\WINDOWS.2\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 LPDSVC; C:\WINDOWS.2\system32\tcpsvcs.exe [19456 2008-04-14] (Microsoft Corporation)
S2 MBAMScheduler; J:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; J:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 Messenger; C:\WINDOWS.2\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS.2\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS.2\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS.2\System32\msiexec.exe [95744 2008-05-18] (Microsoft Corporation)
S3 napagent; C:\WINDOWS.2\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 Netlogon; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS.2\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
S3 NitroDriverReadSpool2; C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [184840 2012-07-25] (Nitro PDF Software)
S3 Nla; C:\WINDOWS.2\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 nlsX86cc; C:\WINDOWS.2\system32\NLSSRV32.EXE [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
S3 NMSAccess; J:\Program Files\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S3 NtLmSsp; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 NtmsSvc; C:\WINDOWS.2\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S2 PolicyAgent; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 ProtectedStorage; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS.2\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
S3 RasMan; C:\WINDOWS.2\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S4 RDSessMgr; C:\WINDOWS.2\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [5857128 2014-07-28] (Reimage®)
S4 RemoteAccess; C:\WINDOWS.2\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS.2\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254512 2013-05-08] ()
S3 RpcLocator; C:\WINDOWS.2\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS.2\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S4 RSVP; C:\WINDOWS.2\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
S2 SamSs; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS.2\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
S2 Schedule; C:\WINDOWS.2\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
S2 seclogon; C:\WINDOWS.2\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
S2 SENS; C:\WINDOWS.2\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS.2\System32\ipnathlp.dll [330752 2013-09-25] (Microsoft Corporation)
S2 ShellHWDetection; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 SMServer; C:\WINDOWS.2\system32\snmvtsvc.exe [245760 2010-11-18] (SMServer) [File not signed]
S2 SMTPSVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 SNMP; C:\WINDOWS.2\System32\snmp.exe [33280 2008-04-14] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS.2\System32\snmptrap.exe [8704 2008-04-14] (Microsoft Corporation)
S2 Spooler; C:\WINDOWS.2\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS.2\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
S3 SSDPSRV; C:\WINDOWS.2\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S2 stisvc; C:\WINDOWS.2\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS.2\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS.2\System32\tapisrv.dll [249856 2008-08-06] (Microsoft Corporation)
R2 TermService; C:\WINDOWS.2\System32\termsrv.dll [296960 2009-05-18] (Microsoft Corporation)
S2 Themes; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS.2\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation)
S3 TrkWks; C:\WINDOWS.2\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS.2\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS.2\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS.2\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
S2 W32Time; C:\WINDOWS.2\system32\w32time.dll [175616 2008-07-04] (Microsoft Corporation)
S2 W3SVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S4 WebClient; C:\WINDOWS.2\System32\webclnt.dll [68096 2010-11-18] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS.2\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS.2\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS.2\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS.2\System32\advapi32.dll [618496 2013-04-22] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS.2\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
S2 wscsvc; C:\WINDOWS.2\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
S2 WSearch; C:\WINDOWS.2\system32\SearchIndexer.exe [439808 2008-05-26] (Microsoft Corporation)
S2 wuauserv; C:\WINDOWS.2\system32\wuauserv.dll [23064 2012-06-02] (Microsoft Corporation)
R2 WudfSvc; C:\WINDOWS.2\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS.2\System32\wzcsvc.dll [483328 2014-07-13] (Microsoft Corporation)
S4 xmlprov; C:\WINDOWS.2\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\WINDOWS.2\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R0 ACPI; C:\WINDOWS.2\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS.2\system32\Drivers\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation)
S3 aeaudio; C:\WINDOWS.2\System32\drivers\aeaudio.sys [4816 2002-04-01] (Andrea Electronics Corporation)
S3 aec; C:\WINDOWS.2\System32\drivers\aec.sys [142592 2014-07-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS.2\System32\drivers\afd.sys [138496 2014-05-28] (Microsoft Corporation)
R0 agp440; C:\WINDOWS.2\System32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation)
S3 anvsnddrv; C:\WINDOWS.2\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
S3 Apowersoft_AudioDevice; C:\WINDOWS.2\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare) [File not signed]
S3 AsyncMac; C:\WINDOWS.2\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS.2\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 ati2mtag; C:\WINDOWS.2\System32\DRIVERS\ati2mtag.sys [3565056 2013-10-24] (ATI Technologies Inc.) [File not signed]
S3 Atmarpc; C:\WINDOWS.2\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
S3 audstub; C:\WINDOWS.2\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
S3 BCMModem; C:\WINDOWS.2\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R1 Beep; C:\WINDOWS.2\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
S3 BVRPMPR5; C:\WINDOWS.2\system32\drivers\BVRPMPR5.SYS [49904 2009-08-19] (Avanquest Software) [File not signed]
S4 cbidf2k; C:\WINDOWS.2\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS.2\system32\Drivers\Cdaudio.sys [18688 2014-07-13] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS.2\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS.2\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation)
R1 CLBStor; C:\WINDOWS.2\system32\Drivers\CLBStor.sys [15784 2009-10-07] (Cyberlink Co.,Ltd.)
S2 CLBUDF; C:\WINDOWS.2\system32\Drivers\CLBUDF.sys [163368 2009-10-07] (CyberLink Corporation.)
S3 DbusAudio; C:\WINDOWS.2\System32\drivers\DbusAudio.sys [23608 2010-11-18] (Windows ® Codename Longhorn DDK provider) [File not signed]
R3 dc3d; C:\WINDOWS.2\System32\DRIVERS\dc3d.sys [45288 2011-08-10] (Microsoft Corporation)
R0 Disk; C:\WINDOWS.2\System32\DRIVERS\disk.sys [36352 2008-05-07] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS.2\System32\drivers\dmboot.sys [799744 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS.2\System32\DRIVERS\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINDOWS.2\system32\Drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 dmodusb; C:\WINDOWS.2\System32\DRIVERS\dmodusb.sys [26240 2009-05-11] (Windows ® Codename Longhorn DDK provider)
S3 DMusic; C:\WINDOWS.2\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS.2\System32\drivers\drmkaud.sys [2944 2014-07-13] (Microsoft Corporation)
R3 E100B; C:\WINDOWS.2\System32\DRIVERS\e100b325.sys [165496 2007-11-16] (Intel Corporation)
S4 exFat; C:\WINDOWS.2\system32\Drivers\exFat.sys [133632 2008-09-29] (Microsoft Corporation)
S4 Fastfat; C:\WINDOWS.2\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
R3 Fdc; C:\WINDOWS.2\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
S1 Fips; C:\WINDOWS.2\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S3 Flpydisk; C:\WINDOWS.2\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS.2\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS.2\system32\Drivers\Fs_Rec.sys [9216 2008-09-29] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS.2\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS.2\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
S3 hcdriver; C:\WINDOWS.2\System32\DRIVERS\hcdriver.sys [50688 2012-01-27] (Intel Corporation) [File not signed]
R3 HidUsb; C:\WINDOWS.2\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
S3 hitmanpro36; C:\WINDOWS.2\system32\drivers\hitmanpro36.sys [27424 2013-01-08] ()
S3 HTTP; C:\WINDOWS.2\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
S1 i8042prt; C:\WINDOWS.2\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation)
R0 IdeBusDr; C:\WINDOWS.2\System32\DRIVERS\IdeBusDr.sys [13891 2002-10-15] (Intel Corporation)
R0 IdeChnDr; C:\WINDOWS.2\System32\DRIVERS\IdeChnDr.sys [101431 2002-10-15] (Intel Corporation)
R1 Imapi; C:\WINDOWS.2\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
S0 IntelIde; C:\WINDOWS.2\system32\Drivers\IntelIde.sys [5504 2008-04-14] (Microsoft Corporation)
S1 intelppm; C:\WINDOWS.2\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation)
R3 Ip6Fw; C:\WINDOWS.2\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS.2\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS.2\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS.2\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS.2\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS.2\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS.2\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS.2\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS.2\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINDOWS.2\System32\drivers\kmixer.sys [172416 2014-07-13] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS.2\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
S3 LHidFilt; C:\WINDOWS.2\System32\DRIVERS\LHidFilt.Sys [35344 2008-02-29] (Logitech, Inc.)
S3 LMouFilt; C:\WINDOWS.2\System32\DRIVERS\LMouFilt.Sys [36880 2008-02-29] (Logitech, Inc.)
S0 LPCFilter; C:\WINDOWS.2\System32\DRIVERS\LPCFilter.sys [28464 2011-12-29] (COMPAL ELECTRONIC INC.)
R0 mbamchameleon; C:\WINDOWS.2\System32\drivers\mbamchameleon.sys [53208 2014-05-12] (Malwarebytes Corporation)
S3 MBAMProtector; C:\WINDOWS.2\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS.2\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-25] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\WINDOWS.2\system32\1C.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]
S1 mnmdd; C:\WINDOWS.2\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS.2\system32\Drivers\Modem.sys [30080 2014-07-13] (Microsoft Corporation)
S3 MODEMCSA; C:\WINDOWS.2\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation)
R1 Mouclass; C:\WINDOWS.2\System32\DRIVERS\mouclass.sys [23040 2014-07-13] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS.2\System32\DRIVERS\mouhid.sys [12160 2014-07-13] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS.2\system32\Drivers\MountMgr.sys [42752 2009-05-18] (Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS.2\System32\DRIVERS\mrxdav.sys [180096 2010-06-30] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS.2\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS.2\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS.2\System32\drivers\MSKSSRV.sys [7552 2014-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS.2\System32\drivers\MSPCLOCK.sys [5376 2014-07-13] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS.2\System32\drivers\MSPQM.sys [4992 2014-07-13] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS.2\System32\DRIVERS\mssmbios.sys [15488 2014-07-13] (Microsoft Corporation)
R0 Mup; C:\WINDOWS.2\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS.2\system32\Drivers\mv61xxmm.sys [14184 2014-07-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS.2\system32\Drivers\mv64xxmm.sys [5632 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS.2\system32\Drivers\mvxxmm.sys [6656 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
S0 MxEFUF; C:\WINDOWS.2\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
R0 NDIS; C:\WINDOWS.2\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS.2\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS.2\System32\DRIVERS\ndisuio.sys [14592 2014-07-13] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS.2\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS.2\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS.2\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS.2\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
S2 NPF; C:\WINDOWS.2\system32\drivers\npf.sys [35088 2012-12-15] (CACE Technologies, Inc.)
R1 Npfs; C:\WINDOWS.2\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS.2\system32\Drivers\Ntfs.sys [576384 2008-11-18] (Microsoft Corporation)
R1 Null; C:\WINDOWS.2\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS.2\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS.2\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R1 omci; C:\WINDOWS.2\System32\DRIVERS\omci.sys [17153 2002-10-15] (Dell Computer Corporation) [File not signed]
S3 Parport; C:\WINDOWS.2\System32\DRIVERS\parport.sys [80128 2014-07-13] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS.2\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS.2\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINDOWS.2\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS.2\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
S3 pcouffin; C:\WINDOWS.2\System32\Drivers\pcouffin.sys [47360 2014-03-15] (VSO Software) [File not signed]
S2 PfFilter; J:\Program Files\IObit\Protected Folder\pffilter.sys [141016 2012-11-23] (IObit Information Technology)
R3 Point32; C:\WINDOWS.2\System32\DRIVERS\point32.sys [40936 2011-08-01] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS.2\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS.2\System32\DRIVERS\psched.sys [70272 2009-07-18] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS.2\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS.2\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS.2\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS.2\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS.2\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS.2\System32\DRIVERS\rdbss.sys [174848 2008-07-18] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS.2\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
R3 rdpdr; C:\WINDOWS.2\System32\DRIVERS\rdpdr.sys [195712 2009-09-04] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS.2\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS.2\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
R1 SBRE; C:\WINDOWS.2\system32\drivers\SBREdrv.sys [101112 2012-01-12] (GFI Software)
S1 SCDEmu; C:\WINDOWS.2\system32\Drivers\SCDEmu.sys [56572 2008-11-02] (PowerISO Computing, Inc.) [File not signed]
S3 Secdrv; C:\WINDOWS.2\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 serenum; C:\WINDOWS.2\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
S1 Serial; C:\WINDOWS.2\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS.2\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS.2\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit)
R3 smbusp; C:\WINDOWS.2\System32\DRIVERS\intelsmb.sys [22528 2010-06-10] (Intel Corporation)
S3 smwdm; C:\WINDOWS.2\System32\drivers\smwdm.sys [539008 2002-12-19] (Analog Devices, Inc.)
S3 SONYPVU1; C:\WINDOWS.2\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 splitter; C:\WINDOWS.2\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 Sr; C:\WINDOWS.2\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINDOWS.2\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
S3 STAC97; C:\WINDOWS.2\System32\drivers\STAC97.sys [273296 2005-04-14] (SigmaTel, Inc.) [File not signed]
R3 swenum; C:\WINDOWS.2\System32\DRIVERS\swenum.sys [4352 2014-07-13] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS.2\System32\drivers\swmidi.sys [56576 2014-07-13] (Microsoft Corporation)
S3 sysaudio; C:\WINDOWS.2\System32\drivers\sysaudio.sys [60800 2014-07-13] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS.2\System32\DRIVERS\tcpip.sys [361600 2014-07-13] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS.2\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS.2\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS.2\system32\Drivers\TDTCP.sys [22024 2009-03-02] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS.2\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
R3 tunmp; C:\WINDOWS.2\System32\DRIVERS\tunmp.sys [12288 2014-07-13] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS.2\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
S3 udsstub; C:\WINDOWS.2\System32\DRIVERS\udsstub.sys [16000 2012-06-18] (SysNucleus) [File not signed]
R3 Update; C:\WINDOWS.2\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 usbaudio; C:\WINDOWS.2\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS.2\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS.2\System32\DRIVERS\usbehci.sys [30464 2013-03-06] (Microsoft Corporation)
R3 usbhub; C:\WINDOWS.2\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINDOWS.2\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation)
S3 usbscan; C:\WINDOWS.2\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation)
R3 usbstor; C:\WINDOWS.2\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINDOWS.2\System32\DRIVERS\usbuhci.sys [20736 2013-03-06] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS.2\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 viamraid; C:\WINDOWS.2\System32\DRIVERS\viamraid.sys [116608 2013-10-24] (VIA Technologies inc,.ltd)
S3 VIAudio; C:\WINDOWS.2\System32\drivers\vinyl97.sys [207488 2014-04-25] (VIA Technologies, Inc.)
R0 VolSnap; C:\WINDOWS.2\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
S3 Wanarp; C:\WINDOWS.2\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS.2\System32\DRIVERS\Wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
S3 wdmaud; C:\WINDOWS.2\System32\drivers\wdmaud.sys [83072 2014-07-13] (Microsoft Corporation)
S3 WinDriver6; C:\WINDOWS.2\System32\drivers\windrvr6.sys [195968 2011-06-20] (Jungo) [File not signed]
S3 WpdUsb; C:\WINDOWS.2\System32\DRIVERS\wpdusb.sys [38528 2009-01-30] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS.2\System32\drivers\ws2ifsl.sys [12032 2008-04-14] (Microsoft Corporation)
S3 WsAudio_DeviceS(1); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(1).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(2); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(2).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(3); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(3).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(4); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(4).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(5); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(5).sys [25704 2009-12-04] (Wondershare)
R0 WudfPf; C:\WINDOWS.2\System32\DRIVERS\WudfPf.sys [91904 2009-07-13] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS.2\System32\DRIVERS\wudfrd.sys [132224 2009-07-13] (Microsoft Corporation)
S2 XilinxPC4Driver; C:\WINDOWS.2\System32\drivers\xpc4drvr.sys [16000 2005-11-16] (Xilinx, Inc.) [File not signed]
S3 ZD1211BU(ZyDAS); C:\WINDOWS.2\System32\DRIVERS\zd1211Bu.sys [477696 2006-08-24] (ZyDAS Technology Corporation)
S4 Aspi32; System32\drivers\aspi32.sys [X]
S4 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S4 DbusVideo; system32\DRIVERS\DbusVideo.sys [X]
S4 eqjjgu; System32\drivers\lmwtiq.sys [X]
S4 L8042Kbd; system32\DRIVERS\L8042Kbd.sys [X]
S4 L8042mou; system32\DRIVERS\L8042mou.Sys [X]
S4 LMouKE; system32\DRIVERS\LMouKE.Sys [X]
S4 MCSTRM; No ImagePath
S4 MFE_RR; No ImagePath
S4 qyknl; System32\drivers\qwsvmq.sys [X]
S4 rckxrvet; System32\drivers\khbmtx.sys [X]
U5 ScsiPort; C:\WINDOWS.2\system32\drivers\scsiport.sys [96384 2011-01-27] (Microsoft Corporation)
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
U2 WinDefend; No ImagePath
U3 aswMBR; \??\C:\DOCUME~1\Gary\LOCALS~1\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\DOCUME~1\Gary\LOCALS~1\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 10:46 - 2014-08-25 10:57 - 00047999 _____ () C:\Documents and Settings\Gary\Desktop\Addition.txt
2014-08-25 10:36 - 2014-08-25 14:09 - 00055088 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00002778 _____ () C:\Documents and Settings\Gary\Desktop\aswMBR.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00000512 _____ () C:\Documents and Settings\Gary\Desktop\MBR.dat
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:25 - 2014-08-25 06:26 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-24 11:38 - 2014-08-24 14:12 - 00000648 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-23 09:50 - 2014-08-25 14:00 - 00000000 ____D () C:\FRST
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1C.tmp
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1B.tmp
2014-08-22 12:10 - 2014-08-22 12:39 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 12:04 - 2014-08-22 12:04 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Tuneup Pro
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\4.tmp
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\3.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\2.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1.tmp
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-21 23:42 - 2014-08-24 15:41 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-21 23:42 - 2014-08-24 15:41 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:38 - 2014-08-25 12:34 - 00301343 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:10 - 2010-06-02 01:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_5.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_4.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_7.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_5.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\Xactengine3_5.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dcsx_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx11_42.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00069448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_3.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_6.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_41.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_2.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_5.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_40.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_40.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_2.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_1.dll
2014-08-21 19:10 - 2008-07-31 07:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_2.dll
2014-08-21 19:10 - 2008-07-10 08:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_39.dll
2014-08-21 19:10 - 2006-11-29 10:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10.dll
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:02 - 2014-05-30 15:09 - 06024704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\mshtml.dll
2014-08-21 19:02 - 2014-05-30 15:09 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetcpl.cpl
2014-08-21 19:02 - 2014-05-30 15:09 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\occache.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\webcheck.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\msrating.dll
2014-08-21 19:02 - 2009-03-07 13:32 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inseng.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\pngfilt.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\imgutil.dll
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:57 - 2008-04-14 05:00 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\adsiis.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iisext.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismap.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\convlog.exe
2014-08-21 18:57 - 2008-04-14 05:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admwprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00038576 _____ () C:\WINDOWS.2\system32\w3ctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetsloc.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\exstrace.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00011435 _____ () C:\WINDOWS.2\system32\infoctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\smtpapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\aspperf.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010225 _____ () C:\WINDOWS.2\system32\axperf.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\rwnh.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\infoctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\staxmem.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\wamregps.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admxprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3svapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005379 _____ () C:\WINDOWS.2\system32\w3ctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3ctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismui.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003276 _____ () C:\WINDOWS.2\system32\infoctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00002024 _____ () C:\WINDOWS.2\system32\axctrnm.h
2014-08-21 18:15 - 2008-04-14 05:00 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\TINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\PINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\CINTLGNT.IME
2014-08-21 18:14 - 2008-04-14 05:00 - 00016254 _____ () C:\WINDOWS.2\system32\PINTLPAE.HLP
2014-08-21 18:14 - 2008-04-14 05:00 - 00014821 _____ () C:\WINDOWS.2\system32\PINTLPAD.HLP
2014-08-21 18:13 - 2008-04-14 05:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS.2\system32\spxcoins.dll
2014-08-21 18:13 - 2008-04-14 05:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\irclass.dll
2014-08-21 18:11 - 2014-07-13 14:24 - 00000630 _____ () C:\DPsFnshr.ini
2014-08-21 18:11 - 2011-09-12 00:07 - 00322985 _____ () C:\DPsFnshr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00279585 _____ () C:\DSPdsblr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00269955 _____ () C:\pmtimer.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00137728 _____ () C:\mute.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00055808 _____ (Microsoft Corporation) C:\devcon.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00020992 _____ () C:\makePNF.exe
2014-08-21 18:10 - 2014-07-11 08:17 - 00046192 _____ () C:\DriverPack_WLAN_wnt5_x86-32.ini
2014-08-21 18:10 - 2014-05-17 08:39 - 00169702 _____ () C:\DriverPack_MassStorage_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-06-04 07:48 - 00004173 _____ () C:\DriverPack_LAN_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-04-01 05:15 - 00000000 ____D () C:\D
2014-08-21 18:09 - 2010-05-29 04:57 - 00000458 _____ () C:\DriverPack_CPU_wnt5_x86-32.ini
2014-08-21 13:19 - 2014-08-21 13:23 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 10:38 - 2014-08-21 19:48 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-20 17:26 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-19 20:52 - 2014-08-23 17:58 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-19 07:49 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-19 06:47 - 2014-08-22 01:09 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-18 21:13 - 2014-08-23 18:00 - 00000446 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Registration3.job
2014-08-18 20:29 - 2014-08-18 20:29 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Application Data\ParetoLogic
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-24 14:16 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-18 20:20 - 2014-08-22 08:17 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000416 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\Gary\Start Menu\Programs\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 18:29 - 2008-04-14 06:42 - 01033728 _____ (Microsoft Corporation) C:\WINDOWS.2\gzeranski.exe
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:14 - 2014-08-24 15:41 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-17 07:09 - 2014-08-21 19:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-17 07:09 - 2014-08-21 19:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-21 21:37 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:20 - 2001-08-17 14:11 - 00035328 _____ (AMD Inc.) C:\WINDOWS.2\system32\Drivers\pcntpci5.sys
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 20:31 - 2014-08-17 14:41 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-16 20:03 - 2014-08-24 15:03 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2013-05-08 15:05 - 00118784 _____ () C:\WINDOWS.2\system32\DriverCoInstaller.dll
2014-08-05 09:45 - 2014-08-05 09:46 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-08-02 07:20 - 2014-08-24 14:17 - 00000272 _____ () C:\WINDOWS.2\Tasks\Driver Booster Scan.job
2014-07-31 12:41 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-07-30 11:36 - 2014-07-30 11:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-25 14:09 - 2014-08-25 10:36 - 00055088 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-25 14:09 - 2012-08-05 10:42 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Temp
2014-08-25 14:00 - 2014-08-23 09:50 - 00000000 ____D () C:\FRST
2014-08-25 12:54 - 2014-04-16 03:20 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS.2\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 12:52 - 2012-07-06 09:31 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\SpeedMaxPc
2014-08-25 12:52 - 2012-07-06 09:31 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\SpeedMaxPc
2014-08-25 12:34 - 2014-08-21 23:38 - 00301343 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-25 10:57 - 2014-08-25 10:46 - 00047999 _____ () C:\Documents and Settings\Gary\Desktop\Addition.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00002778 _____ () C:\Documents and Settings\Gary\Desktop\aswMBR.txt
2014-08-25 10:31 - 2014-08-25 10:31 - 00000512 _____ () C:\Documents and Settings\Gary\Desktop\MBR.dat
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:26 - 2014-08-25 06:25 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-25 06:15 - 2013-01-09 13:05 - 00013646 _____ () C:\WINDOWS.2\system32\wpa.dbl
2014-08-24 20:03 - 2009-12-04 18:57 - 00000178 ___SH () C:\Documents and Settings\Gary\ntuser.ini
2014-08-24 15:41 - 2014-08-21 23:42 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-24 15:41 - 2014-08-21 23:42 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-24 15:41 - 2014-08-18 04:14 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-24 15:41 - 2009-12-04 18:56 - 00000006 ____H () C:\WINDOWS.2\Tasks\SA.DAT
2014-08-24 15:41 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\inetsrv
2014-08-24 15:40 - 2014-05-13 08:24 - 00000278 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Startup.job
2014-08-24 15:22 - 2014-07-16 14:17 - 00000974 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003UA.job
2014-08-24 15:15 - 2014-07-09 06:45 - 00000830 _____ () C:\WINDOWS.2\Tasks\Adobe Flash Player Updater.job
2014-08-24 15:03 - 2014-08-16 20:03 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-24 15:03 - 2012-06-05 11:27 - 00000508 _____ () C:\WINDOWS.2\Tasks\PrintProjects Communicator.job
2014-08-24 14:28 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Temp
2014-08-24 14:25 - 2014-04-03 11:33 - 00000398 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{9CF66ED3-999B-440B-ABD0-2BDFD528737D}.job
2014-08-24 14:25 - 2010-01-23 15:12 - 00000424 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{6A02D280-3935-45F3-8EC6-584928C95165}.job
2014-08-24 14:24 - 2014-07-16 14:17 - 00000922 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003Core.job
2014-08-24 14:20 - 2009-12-04 10:40 - 00434200 _____ () C:\WINDOWS.2\system32\PerfStringBackup.INI
2014-08-24 14:17 - 2014-08-02 07:20 - 00000272 _____ () C:\WINDOWS.2\Tasks\Driver Booster Scan.job
2014-08-24 14:16 - 2014-08-18 20:20 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-24 14:16 - 2014-05-10 17:22 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Update.job
2014-08-24 14:16 - 2014-04-03 11:46 - 00000224 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-24 14:16 - 2013-10-24 07:16 - 00000274 _____ () C:\WINDOWS.2\Tasks\Driver Booster Update.job
2014-08-24 14:16 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-24 14:16 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-24 14:12 - 2014-08-24 11:38 - 00000648 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 14:12 - 2014-04-16 03:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 14:12 - 2014-04-16 03:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 14:12 - 2012-08-03 07:44 - 00000000 ___RD () C:\Documents and Settings\Gary\Desktop\Tools
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-23 18:22 - 2013-10-26 23:52 - 00002684 _____ () C:\WINDOWS.2\system32\ScanResults.xml
2014-08-23 18:00 - 2014-08-18 21:13 - 00000446 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Registration3.job
2014-08-23 17:59 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-23 17:59 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-23 17:58 - 2014-08-19 20:52 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-23 11:28 - 2012-05-24 09:04 - 00001324 _____ () C:\WINDOWS.2\system32\d3d9caps.dat
2014-08-23 11:25 - 2011-11-10 14:39 - 00000618 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\calibre - E-book management.lnk
2014-08-22 16:55 - 2009-12-12 05:02 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\uTorrent
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 15:24 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2
2014-08-22 15:18 - 2011-04-03 09:31 - 00196608 _____ () C:\WINDOWS.2\system32\config\OAlerts.evt
2014-08-22 15:14 - 2011-04-03 10:25 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Outlook Files
2014-08-22 14:55 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-22 14:55 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-22 14:54 - 2011-12-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-22 12:39 - 2014-08-22 12:10 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 12:04 - 2014-08-22 12:04 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Tuneup Pro
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2006-03-11 18:16 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:20 - 2011-11-23 09:10 - 00000000 __SHD () C:\Documents and Settings\LocalService.NT AUTHORITY
2014-08-22 08:20 - 2009-12-04 18:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService.NT AUTHORITY.004
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-22 08:19 - 2009-12-04 18:57 - 00000000 ____D () C:\Documents and Settings\Gary
2014-08-22 08:17 - 2014-08-18 20:20 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-22 03:19 - 2014-08-20 17:26 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-22 03:19 - 2014-08-19 07:49 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-22 03:19 - 2014-07-31 12:41 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 06:55 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_30B6103C-DF5D-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 01:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_37B5F906-DF30-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-04-07 01:32 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_349FCC78-BE2F-11E3-8BAF-0007E9E3652D.job
2014-08-22 03:19 - 2014-02-24 02:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_B5A223C6-9D36-11E3-8B9B-0007E9E3652D.job
2014-08-22 01:09 - 2014-08-19 06:47 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-22 00:59 - 2013-07-25 10:54 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iobit
2014-08-22 00:59 - 2013-07-25 10:54 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 59805696 _____ () C:\WINDOWS.2\system32\config\software.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iobit
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:42 - 2009-12-05 18:15 - 00000000 ____D () C:\WINDOWS.2\system32\NtmsData
2014-08-21 23:17 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\MsDtc
2014-08-21 21:37 - 2014-08-16 21:23 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 21:37 - 2009-12-17 17:57 - 00001512 _____ () C:\Documents and Settings\Gary\Desktop\Calculator.lnk
2014-08-21 21:37 - 2009-11-25 16:59 - 00001529 _____ () C:\Documents and Settings\Gary\Desktop\Notepad.lnk
2014-08-21 21:24 - 2014-04-03 09:32 - 00000000 ____D () C:\rei
2014-08-21 21:24 - 2013-10-23 23:31 - 00000180 _____ () C:\WINDOWS.2\Reimage.ini
2014-08-21 20:46 - 2010-03-21 15:16 - 00000000 __SHD () C:\WINDOWS.2\CSC
2014-08-21 19:48 - 2014-08-21 10:38 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-21 19:47 - 2013-01-08 17:31 - 00000178 ___SH () C:\Documents and Settings\Administrator.BEDROOM\ntuser.ini
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:25 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\system32\Restore
2014-08-21 19:24 - 2013-01-05 20:41 - 00000813 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Help
2014-08-21 19:21 - 2009-12-04 10:39 - 00392776 _____ () C:\WINDOWS.2\system32\FNTCACHE.DAT
2014-08-21 19:17 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\security
2014-08-21 19:15 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\repair
2014-08-21 19:11 - 2013-01-08 13:30 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdifr
2014-08-21 19:11 - 2013-01-08 12:57 - 00000000 ___HD () C:\Documents and Settings\Default User.WINDOWS.2
2014-08-21 19:09 - 2014-08-17 07:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-21 19:09 - 2014-08-17 07:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-21 19:09 - 2013-01-08 13:30 - 00001621 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 19:09 - 2013-01-08 13:26 - 00000802 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:08 - 2009-12-04 10:40 - 00004249 _____ () C:\WINDOWS.2\ODBCINST.INI
2014-08-21 19:07 - 2009-12-04 18:47 - 00000000 ____D () C:\WINDOWS.2\Registration
2014-08-21 19:06 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\ias
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:04 - 2013-01-08 13:29 - 00000000 ___RD () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:04 - 2009-12-04 18:49 - 00000749 ___RH () C:\WINDOWS.2\system32\cdplayer.exe.manifest
2014-08-21 19:04 - 2009-12-04 18:49 - 00000488 ___RH () C:\WINDOWS.2\system32\WindowsLogon.manifest
2014-08-21 19:04 - 2009-12-04 10:35 - 00000000 ___RD () C:\WINDOWS.2\Web
2014-08-21 19:03 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\srchasst
2014-08-21 19:03 - 2009-12-04 10:35 - 00000000 ___SD () C:\WINDOWS.2\Offline Web Pages
2014-08-21 19:03 - 2006-03-11 20:55 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:59 - 2013-01-06 12:43 - 00000000 ____D () C:\Inetpub
2014-08-21 18:59 - 2009-12-04 18:47 - 00025456 _____ () C:\WINDOWS.2\system32\emptyregdb.dat
2014-08-21 18:59 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\Com
2014-08-21 18:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Cursors
2014-08-21 18:58 - 2006-03-04 14:17 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-21 18:57 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\addins
2014-08-21 18:53 - 2007-09-11 13:48 - 00000286 ___SH () C:\boot.ini
2014-08-21 18:43 - 2009-12-05 00:11 - 00000000 ____D () C:\WINDOWS.2\system32\ReinstallBackups
2014-08-21 18:15 - 2009-12-04 10:40 - 00004452 _____ () C:\WINDOWS.2\system32\pid.PNF
2014-08-21 18:15 - 2001-08-23 04:00 - 00000231 _____ () C:\WINDOWS.2\system.ini
2014-08-21 18:13 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system
2014-08-21 17:57 - 2009-12-04 10:39 - 00262144 _____ () C:\WINDOWS.2\system32\config\security.sav
2014-08-21 17:52 - 2010-03-17 18:30 - 00001129 _____ () C:\WINDOWS.2\UPGRADE.TXT
2014-08-21 13:23 - 2014-08-21 13:19 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 11:08 - 2009-12-04 10:38 - 62128128 _____ () C:\WINDOWS.2\system32\config\software.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 14680064 _____ () C:\WINDOWS.2\system32\config\system.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 06029312 _____ () C:\WINDOWS.2\system32\config\default.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdiff
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\usmt
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\scripting
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Media
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\L2Schemas
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\npp
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\PeerNet
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\mui
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\msagent
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\ime
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\twain_32
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\icsxml
2014-08-21 10:59 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\1033
2014-08-21 10:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Driver Cache
2014-08-20 21:42 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM
2014-08-18 22:00 - 2013-08-11 06:53 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag_Schedule.job
2014-08-18 21:13 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Local Settings\Temp
2014-08-18 20:29 - 2014-08-18 20:29 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Application Data\ParetoLogic
2014-08-18 20:26 - 2009-12-04 18:57 - 00120192 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-18 20:25 - 2014-08-18 20:25 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000416 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3.job
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Program Files\Common Files\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\Gary\Start Menu\Programs\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 20:20 - 2014-08-18 20:20 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ParetoLogic
2014-08-18 16:06 - 2014-03-10 16:02 - 00000366 _____ () C:\WINDOWS.2\Tasks\APSnotifierCA.job
2014-08-18 15:32 - 2012-08-04 11:09 - 00000221 _____ () C:\WINDOWS.2\system32\lsprst7.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000207 _____ () C:\WINDOWS.2\system32\lsprst7.dll
2014-08-18 15:32 - 2012-08-04 11:09 - 00000089 _____ () C:\WINDOWS.2\system32\ssprs.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000075 _____ () C:\WINDOWS.2\system32\ssprs.dll
2014-08-18 09:25 - 2013-01-10 22:59 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\vlc
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:24 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\pchealth
2014-08-17 16:42 - 2014-06-24 03:18 - 00120192 _____ () C:\WINDOWS.2\system32\GDIPFONTCACHEV1.DAT
2014-08-17 16:23 - 2014-04-03 11:40 - 00000000 _____ () C:\WINDOWS.2\system32\reimage.rep
2014-08-17 15:27 - 2006-03-04 14:20 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-17 15:26 - 2006-03-04 14:21 - 00001627 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-08-17 15:26 - 2006-03-04 14:21 - 00000808 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2014-08-17 14:41 - 2014-08-16 20:31 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-17 14:41 - 2014-04-03 10:38 - 00000000 ____D () C:\ReimageUndo
2014-08-17 07:10 - 2009-12-04 18:51 - 00316640 _____ () C:\WINDOWS.2\WMSysPr9.prx
2014-08-17 01:32 - 2009-11-29 19:36 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Vso
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2013-07-01 12:25 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2013-01-08 17:31 - 00000000 ___RD () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2006-03-04 14:24 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-08-16 21:23 - 2006-03-04 14:18 - 00000000 ____D () C:\Program Files\Online Services
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\mui
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:19 - 2012-06-17 15:59 - 00000000 __HDC () C:\WINDOWS.2\ie8
2014-08-16 21:18 - 2009-12-05 00:10 - 00000000 ____D () C:\WINDOWS.2\ie8updates
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:03 - 2014-04-03 09:32 - 00000000 ____D () C:\Program Files\Reimage
2014-08-16 18:48 - 2009-11-29 20:36 - 00001191 _____ () C:\Documents and Settings\Gary\Application Data\vso_ts_preview.xml
2014-08-15 08:47 - 2010-01-24 10:03 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\dvdcss
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-11 05:57 - 2014-06-25 05:38 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Schedule.job
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-09 12:27 - 2006-03-11 20:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-09 12:25 - 2009-12-04 18:49 - 00000000 ____D () C:\WINDOWS.2\system32\DirectX
2014-08-09 06:42 - 2013-01-06 23:24 - 00000000 ____D () C:\Program Files\Red Sky
2014-08-08 15:00 - 2014-04-03 11:46 - 00000218 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-05 09:46 - 2014-08-05 09:45 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-08-05 09:46 - 2010-10-10 06:34 - 00051729 _____ () C:\WINDOWS.2\Aware40.mch
2014-08-05 09:45 - 2010-10-10 06:34 - 00000035 _____ () C:\WINDOWS.2\A4W.INI
2014-08-04 13:07 - 2013-09-18 10:49 - 00000000 ____D () C:\Documents and Settings\Gary\Desktop\Health
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-07-31 17:42 - 2009-12-05 07:15 - 00038912 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-31 05:54 - 2012-05-12 17:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 11:37 - 2014-07-30 11:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS.2\explorer.exe => File is digitally signed
C:\WINDOWS.2\system32\winlogon.exe => File is digitally signed
C:\WINDOWS.2\system32\svchost.exe => File is digitally signed
C:\WINDOWS.2\system32\services.exe => File is digitally signed
C:\WINDOWS.2\system32\User32.dll => File is digitally signed
C:\WINDOWS.2\system32\userinit.exe => File is digitally signed
C:\WINDOWS.2\system32\rpcss.dll => File is digitally signed
C:\WINDOWS.2\system32\Drivers\volsnap.sys => File is digitally signed
Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-08-2014 03
Ran by Gary at 2014-08-25 14:12:18
Running from C:\Documents and Settings\Gary\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
#7
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 26 August 2014 - 05:15 AM
Good Morning,
You have to realize that I am on a computer most likely 1000s of miles away from you, I am not sitting in front of yours, you are my eyes and ears and I can only go by what you post and I need you to read my posts and answer any questions I may ask
C:\WINDOWS.2 <--What happened to your windows folder, did you do a re install of windows at one time ?
It doesn't look like you uninstalled Iobit or SpeedMaxPc, I still see them on your FRST log but if there still running I dont know because I asked for the FRST additions log as well and you didnt post it
By pass those for now and lets do this
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next reply.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
- Windows XP : Double click on the icon to run it.
- Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
- On the Dashboard click on Update Now
- Go to the Setting Tab
- Under Setting go to Detection and Protection
- Under PUP and PUM make sure both are set to show Treat Detections as Malware
- Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
- Then on the Dashboard click on Scan
- Make sure to select THREAT SCAN
- Then click on Scan
- When the scan is finished and the log pops up...select Copy to Clipboard
- Please paste the log back into this thread for review
- Exit Malwarebytes
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#8
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 26 August 2014 - 09:38 AM
Ken545:
I ran AdwCleaner and it found two services which it said it cleaned but it did NOT generate any log file.
I normally run Malwarebytes but I supposedly had it turned off and when I downloaded a fresh installation of it from your link the install hung at a message saying "Self protection must be turned off in advanced settings" and the install turminated.
Now I can only run in Safe Mode and ANY Malwarebytes use gives me a screen that says that real-time protection is OFF.
The Malwarebytes screen is so big in Safe Mode that I do not have access to the Mode Buttons at the top. Any Update use says "Unavailable".
Is there and escape mode that would let me move arround the screen in Safe Mode.
I get the feeling that this bug is "All about" stopping Malwarebytes.
Thanks for fighting entropy,
Gary Zeranski
#9
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 26 August 2014 - 10:11 AM
C:\WINDOWS.2 <--What happened to your windows folder, did you do a re install of windows at one time ?
Do you have the paid or free version of Malwarebytes
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#10
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 26 August 2014 - 03:17 PM
Ken545:
I Have had to re-purchase Windows Xp three times in the last eleven years -- So, the way I did it was to add Windows1 and Windows2 as the previouse installation of Windows died.
I purchased Malwarebytes and used the Chamellian(sp?) to install and re-install it. Now that I've deleated SpeedMaxPC and my paid for Malwarebytes I have now malware protection at this time.
Thanks,
Gary Zeranski (zrski1)
Register to Remove
#11
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 26 August 2014 - 03:21 PM
Great, go ahead and run a scan with Malwarebytes and post the log
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#12
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 26 August 2014 - 08:23 PM
Ken545:
Malwarebytes is unusable but I re-ran MBR (4 hrs & two files) and FRST (two files).
I'm adding the 3 text files here (I've attached the .dat file to my response to your email):
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-26 15:19:16
-----------------------------
15:19:16.093 OS Version: Windows 5.1.2600 Service Pack 3
15:19:16.093 Number of processors: 1 586 0x207
15:19:16.093 ComputerName: BEDROOM UserName: Gary
15:19:21.718 Initialize success
15:19:21.906 VM: driver load error: 2
15:20:56.015 AVAST engine defs: 14082500
15:21:34.968 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
15:21:35.000 Disk 0 Vendor: ST3500830A 3.AAE Size: 476940MB BusType: 3
15:21:35.031 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
15:21:35.062 Disk 1 Vendor: ST3500630A 3.AAF Size: 476940MB BusType: 3
15:21:35.109 Disk 2 \Device\Harddisk2\DR2 -> \Device\Scsi\viamraid1Port2Path0Target0Lun0
15:21:35.140 Disk 2 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
15:21:35.187 Disk 3 \Device\Harddisk3\DR3 -> \Device\Scsi\viamraid1Port2Path0Target2Lun0
15:21:35.218 Disk 3 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
15:21:35.421 Disk 0 MBR read successfully
15:21:35.468 Disk 0 MBR scan
15:21:35.593 Disk 0 Windows XP default MBR code
15:21:35.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 190732 MB offset 63
15:21:35.765 Disk 0 default boot code
15:21:35.890 Disk 0 Partition - 00 0F Extended LBA 286204 MB offset 390620475
15:21:36.031 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 48634 MB offset 390620538
15:21:36.156 Disk 0 Partition - 00 05 Extended 237562 MB offset 490223475
15:21:36.296 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 237562 MB offset 490223538
15:21:36.453 Disk 0 scanning sectors +976768065
15:21:36.796 Disk 0 scanning C:\WINDOWS.2\system32\drivers
15:22:19.937 Service scanning
15:23:49.281 Modules scanning
15:24:06.890 Disk 0 trace - called modules:
15:24:07.015 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll
15:24:07.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f591b8]
15:24:07.265 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x85b3fb00]
15:24:11.781 AVAST engine scan C:\WINDOWS.2
15:24:24.890 AVAST engine scan C:\WINDOWS.2\system32
15:41:34.265 AVAST engine scan C:\WINDOWS.2\system32\drivers
15:42:43.562 AVAST engine scan C:\Documents and Settings\Gary
17:27:39.203 AVAST engine scan C:\Documents and Settings\All Users.WINDOWS.2
19:07:06.578 Scan finished successfully
19:07:32.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gary\Desktop\MBR.dat"
19:07:32.125 The log file has been saved successfully to "C:\Documents and Settings\Gary\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-08-2014 03
Ran by Gary (administrator) on BEDROOM on 26-08-2014 15:02:12
Running from C:\Documents and Settings\Gary\Desktop
Platform: Microsoft Windows XP Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS.2\system32\smss.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\winlogon.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\services.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\lsass.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\system32\svchost.exe
(Microsoft Corporation) C:\WINDOWS.2\explorer.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Advanced SystemCare 7] => "J:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2510848 2011-06-16] (Eastman Kodak Company)
HKLM\...\Run: [IMJPMIG8.1] => C:\WINDOWS.2\IME\imjp8_1\IMJPMIG.EXE [208952 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] => C:\WINDOWS.2\ime\imkr6_1\IMEKRMIG.EXE [44032 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] => C:\WINDOWS.2\system32\IME\PINTLGNT\ImScInst.exe [59392 2008-04-14] ()
HKLM\...\Run: [PHIME2002ASync] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] => C:\WINDOWS.2\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2008-04-14] (Microsoft Corporation)
HKLM\...\Run: [BCMSMMSG] => C:\WINDOWS.2\BCMSMMSG.exe [122880 2003-08-29] (Broadcom Corporation)
HKLM\...\Run: [DVDUpgrade] => DVDUpgrd.exe /async
HKLM\...\Run: [PowerDVD10.exe] => J:\Program Files\PowerDVD10\PowerDVD10.exe [4009592 2013-02-22] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] => J:\Program Files\PowerDirector10\MUITransfer\MUIStartMenu.exe [222504 2010-09-17] (CyberLink Corp.)
HKLM\...\Run: [IsoViewer.exe] => J:\Program Files\Power2Go\IsoViewer.exe [1815512 2013-03-27] (CyberLink Corp.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS.2\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] logonui.exe [x ] ()
Winlogon\Notify\AtiExtEvent: C:\WINDOWS.2\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\crypt32chain: C:\WINDOWS.2\system32\crypt32.dll (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINDOWS.2\system32\cryptnet.dll (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINDOWS.2\system32\cscdll.dll (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINDOWS.2\System32\dimsntfy.dll (Microsoft Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINDOWS.2\system32\sclgntfy.dll (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINDOWS.2\system32\WlNotify.dll (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
Winlogon\Notify\WgaLogon: C:\WINDOWS.2\system32\WgaLogon.dll (Microsoft Corporation)
Winlogon\Notify\wlballoon: C:\WINDOWS.2\system32\wlnotify.dll (Microsoft Corporation)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\.DEFAULT\...\RunOnce: [tscuninstall] => C:\WINDOWS.2\system32\tscupgrd.exe [44544 2006-02-28] (Microsoft Corporation)
HKU\.DEFAULT\...\RunOnce: [_nltide_3] => rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-19\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Run: [ctfmon.exe] => C:\WINDOWS.2\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S1].txt [2307 2014-08-26] ()
HKU\S-1-5-21-484763869-2111687655-1606980848-1003\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.2\system32\blank.htm
SearchScopes: HKCU - {52E2D971-34A9-49E7-88F6-078B653A9C12} URL = http://search.yahoo....rtPage?}&fr=ie8
SearchScopes: HKCU - {C060ED26-FF9B-4A56-8CC4-1C298C1D29DB} URL = http://search.condui...0431446912&UM=2
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> J:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS.2\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1357766330484
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS.2\system32\mshtml.dll (Microsoft Corporation)
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS.2\system32\wiascr.dll (Microsoft Corporation)
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS.2\system32\urlmon.dll (Microsoft Corporation)
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS.2\system32\SHELL32.dll (Microsoft Corporation)
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS.2\system32\shell32.dll [8463872 2012-06-08] (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 01 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984
FF SelectedSearchEngine: Google
FF Homepage: https://mail.google....mail/u/0/#inbox
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS.2\system32\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> J:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat -> J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll (Amnis Technology Ltd)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Gary\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npitunes.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Gary\Application Data\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\searchplugins\duckduckgo.xml
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\extensions [2012-06-06]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\foxmarks@kei.com [2012-11-02]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\searchplugins [2013-10-23]
FF Extension: Garmin Communicator - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012-10-07]
FF Extension: CleanPrint - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\profiles\extensions\cleanprint@formatdynamics.com.xpi [2012-11-13]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: Advanced SystemCare Surfing Protection - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\ascsurfingprotection@iobit.com [2014-05-22]
FF Extension: Xmarks - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\foxmarks@kei.com [2011-07-16]
FF Extension: AD Block - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\searchads@instair.net [2014-03-01]
FF Extension: No Name - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\staged [2012-06-06]
FF Extension: LastPass - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\support@lastpass.com [2011-08-16]
FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iy0wgnam.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-08-09]
FF Extension: Ads Removal - C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\9lwimcn2.default-1402710850984\Extensions\adremoveext@adremoveext.net [2014-08-24]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-07-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-07-07]
Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "https://search.yahoo...=spigot-yhp-ch"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS.2\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\10.0.648.133\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\10.0.648.133\gears.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npitunes.dll ()
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Documents and Settings\Gary\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS.2\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-22]
CHR Extension: (Ads Removal) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-26]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-03-12]
CHR Extension: (Web Enhancements) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhhjhpmajehomfpogoncjnhlannmkcgb [2011-03-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Documents and Settings\Gary\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2013-12-23]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - J:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 123MediaStreamer; J:\Program Files\123CopyDVDPlatinum 2012\MediaStreamerService.exe [47616 2013-04-17] (Microsoft) [File not signed]
S2 6to4; C:\WINDOWS.2\System32\6to4svc.dll [100864 2010-02-11] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS.2\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-07-09] (Adobe Systems Incorporated)
S4 Alerter; C:\WINDOWS.2\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation)
S3 ALG; C:\WINDOWS.2\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation)
S3 AppMgmt; C:\WINDOWS.2\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Corporation)
S3 aspnet_state; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [35160 2010-03-18] (Microsoft Corporation)
S2 Ati HotKey Poller; C:\WINDOWS.2\system32\Ati2evxx.exe [602112 2013-10-24] (ATI Technologies Inc.) [File not signed]
S2 AudioSrv; C:\WINDOWS.2\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation)
R2 Browser; C:\WINDOWS.2\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation)
S4 CiSvc; C:\WINDOWS.2\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation)
S4 ClipSrv; C:\WINDOWS.2\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation)
S2 CLKMSVC10_447BEDDB; J:\Program Files\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-03-08] (CyberLink)
S3 clr_optimization_v2.0.50727_32; C:\WINDOWS.2\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [69632 2008-07-25] (Microsoft Corporation)
S2 clr_optimization_v4.0.30319_32; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
S3 COMSysApp; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
R2 CryptSvc; C:\WINDOWS.2\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation)
R2 DcomLaunch; C:\WINDOWS.2\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS.2\System32\dhcpcsvc.dll [126976 2008-06-03] (Microsoft Corporation)
S3 dmadmin; C:\WINDOWS.2\System32\dmadmin.exe [224768 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS.2\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corp.)
R2 Dnscache; C:\WINDOWS.2\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation)
S3 Dot3svc; C:\WINDOWS.2\System32\dot3svc.dll [132096 2009-01-20] (Microsoft Corporation)
S3 EapHost; C:\WINDOWS.2\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 ERSvc; C:\WINDOWS.2\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation)
R2 Eventlog; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S3 EventSystem; C:\WINDOWS.2\system32\es.dll [253952 2008-07-07] (Microsoft Corporation)
S3 FastUserSwitchingCompatibility; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S2 Fax; C:\WINDOWS.2\system32\fxssvc.exe [267776 2008-04-14] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [443224 2014-05-15] (Garmin Ltd or its subsidiaries)
S3 helpsvc; C:\WINDOWS.2\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation)
S2 HidServ; C:\WINDOWS.2\System32\hidserv.dll [21504 2014-07-13] (Microsoft Corporation)
S3 hkmsvc; C:\WINDOWS.2\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation)
S3 HTTPFilter; C:\WINDOWS.2\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS.2\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [881664 2008-07-29] (Microsoft Corporation)
S2 IISADMIN; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S3 ImapiService; C:\WINDOWS.2\system32\imapi.exe [150528 2008-04-14] (Microsoft Corporation)
S2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-05-07] (Oracle Corporation)
S2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
S2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
R2 LanmanServer; C:\WINDOWS.2\System32\srvsvc.dll [99840 2010-08-26] (Microsoft Corporation)
R2 lanmanworkstation; C:\WINDOWS.2\System32\wkssvc.dll [134144 2009-06-09] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LmHosts; C:\WINDOWS.2\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation)
S2 LPDSVC; C:\WINDOWS.2\system32\tcpsvcs.exe [19456 2008-04-14] (Microsoft Corporation)
S4 Messenger; C:\WINDOWS.2\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation)
S4 mnmsrvc; C:\WINDOWS.2\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation)
S3 MSDTC; C:\WINDOWS.2\system32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation)
S3 MSIServer; C:\WINDOWS.2\System32\msiexec.exe [95744 2008-05-18] (Microsoft Corporation)
S3 napagent; C:\WINDOWS.2\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation)
S4 NetDDE; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 NetDDEdsdm; C:\WINDOWS.2\system32\netdde.exe [111104 2008-04-14] (Microsoft Corporation)
S4 Netlogon; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
R3 Netman; C:\WINDOWS.2\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [124240 2010-03-18] (Microsoft Corporation)
S3 NitroDriverReadSpool2; C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [184840 2012-07-25] (Nitro PDF Software)
S3 Nla; C:\WINDOWS.2\System32\mswsock.dll [245248 2008-06-20] (Microsoft Corporation)
S3 nlsX86cc; C:\WINDOWS.2\system32\NLSSRV32.EXE [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
S3 NMSAccess; J:\Program Files\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S3 NtLmSsp; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 NtmsSvc; C:\WINDOWS.2\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS.2\system32\services.exe [110592 2009-12-23] (Microsoft Corporation)
S2 PolicyAgent; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S2 ProtectedStorage; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 RasAuto; C:\WINDOWS.2\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation)
S3 RasMan; C:\WINDOWS.2\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation)
S4 RDSessMgr; C:\WINDOWS.2\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS.2\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation)
S4 RemoteRegistry; C:\WINDOWS.2\system32\regsvc.dll [59904 2008-04-14] (Microsoft Corporation)
S2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254512 2013-05-08] ()
S3 RpcLocator; C:\WINDOWS.2\system32\locator.exe [75264 2008-04-14] (Microsoft Corporation)
R2 RpcSs; C:\WINDOWS.2\System32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation)
S4 RSVP; C:\WINDOWS.2\system32\rsvp.exe [132608 2008-04-14] (Microsoft Corporation)
S2 SamSs; C:\WINDOWS.2\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation)
S3 SCardSvr; C:\WINDOWS.2\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Corporation)
S2 Schedule; C:\WINDOWS.2\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Corporation)
S2 seclogon; C:\WINDOWS.2\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation)
S2 SENS; C:\WINDOWS.2\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation)
R2 SharedAccess; C:\WINDOWS.2\System32\ipnathlp.dll [330752 2013-09-25] (Microsoft Corporation)
S2 ShellHWDetection; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S3 SMServer; C:\WINDOWS.2\system32\snmvtsvc.exe [245760 2010-11-18] (SMServer) [File not signed]
S2 SMTPSVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S2 SNMP; C:\WINDOWS.2\System32\snmp.exe [33280 2008-04-14] (Microsoft Corporation)
S3 SNMPTRAP; C:\WINDOWS.2\System32\snmptrap.exe [8704 2008-04-14] (Microsoft Corporation)
S2 Spooler; C:\WINDOWS.2\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation)
R2 srservice; C:\WINDOWS.2\system32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation)
S3 SSDPSRV; C:\WINDOWS.2\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation)
S2 stisvc; C:\WINDOWS.2\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation)
S3 SwPrv; C:\WINDOWS.2\system32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation)
S3 SysmonLog; C:\WINDOWS.2\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS.2\System32\tapisrv.dll [249856 2008-08-06] (Microsoft Corporation)
R2 TermService; C:\WINDOWS.2\System32\termsrv.dll [296960 2009-05-18] (Microsoft Corporation)
S2 Themes; C:\WINDOWS.2\System32\shsvcs.dll [135168 2009-07-27] (Microsoft Corporation)
S4 TlntSvr; C:\WINDOWS.2\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Corporation)
S3 TrkWks; C:\WINDOWS.2\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation)
S3 upnphost; C:\WINDOWS.2\System32\upnphost.dll [185856 2008-04-14] (Microsoft Corporation)
S3 UPS; C:\WINDOWS.2\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation)
S3 VSS; C:\WINDOWS.2\System32\vssvc.exe [289792 2008-04-14] (Microsoft Corporation)
S2 W32Time; C:\WINDOWS.2\system32\w32time.dll [175616 2008-07-04] (Microsoft Corporation)
S2 W3SVC; C:\WINDOWS.2\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
S4 WebClient; C:\WINDOWS.2\System32\webclnt.dll [68096 2010-11-18] (Microsoft Corporation)
R2 winmgmt; C:\WINDOWS.2\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS.2\system32\WsmSvc.dll [1107456 2009-10-09] (Microsoft Corporation)
S3 WmdmPmSN; C:\WINDOWS.2\system32\MsPMSNSv.dll [27136 2009-01-30] (Microsoft Corporation)
S3 Wmi; C:\WINDOWS.2\System32\advapi32.dll [618496 2013-04-22] (Microsoft Corporation)
S3 WmiApSrv; C:\WINDOWS.2\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation)
S3 WPFFontCache_v0400; C:\WINDOWS.2\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [754856 2013-07-20] (Microsoft Corporation)
S2 wscsvc; C:\WINDOWS.2\System32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation)
S2 WSearch; C:\WINDOWS.2\system32\SearchIndexer.exe [439808 2008-05-26] (Microsoft Corporation)
R2 WudfSvc; C:\WINDOWS.2\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation)
R2 WZCSVC; C:\WINDOWS.2\System32\wzcsvc.dll [483328 2014-07-13] (Microsoft Corporation)
S4 xmlprov; C:\WINDOWS.2\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation)
S2 BITS; C:\WINDOWS\system32\qmgr.dll [X]
S2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\WINDOWS.2\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
R0 ACPI; C:\WINDOWS.2\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Corporation)
S4 ACPIEC; C:\WINDOWS.2\system32\Drivers\ACPIEC.sys [11648 2008-04-14] (Microsoft Corporation)
S3 aeaudio; C:\WINDOWS.2\System32\drivers\aeaudio.sys [4816 2002-04-01] (Andrea Electronics Corporation)
S3 aec; C:\WINDOWS.2\System32\drivers\aec.sys [142592 2014-07-13] (Microsoft Corporation)
R1 AFD; C:\WINDOWS.2\System32\drivers\afd.sys [138496 2014-05-28] (Microsoft Corporation)
R0 agp440; C:\WINDOWS.2\System32\DRIVERS\agp440.sys [42368 2008-04-14] (Microsoft Corporation)
S3 anvsnddrv; C:\WINDOWS.2\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
S3 Apowersoft_AudioDevice; C:\WINDOWS.2\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare) [File not signed]
S3 AsyncMac; C:\WINDOWS.2\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Corporation)
R0 atapi; C:\WINDOWS.2\System32\DRIVERS\atapi.sys [96512 2008-04-14] (Microsoft Corporation)
S3 ati2mtag; C:\WINDOWS.2\System32\DRIVERS\ati2mtag.sys [3565056 2013-10-24] (ATI Technologies Inc.) [File not signed]
S3 Atmarpc; C:\WINDOWS.2\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Corporation)
S3 audstub; C:\WINDOWS.2\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Corporation)
S3 BCMModem; C:\WINDOWS.2\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
R1 Beep; C:\WINDOWS.2\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Corporation)
S3 BVRPMPR5; C:\WINDOWS.2\system32\drivers\BVRPMPR5.SYS [49904 2009-08-19] (Avanquest Software) [File not signed]
S4 cbidf2k; C:\WINDOWS.2\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Corporation)
S1 Cdaudio; C:\WINDOWS.2\system32\Drivers\Cdaudio.sys [18688 2014-07-13] (Microsoft Corporation)
R4 Cdfs; C:\WINDOWS.2\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Corporation)
R1 Cdrom; C:\WINDOWS.2\System32\DRIVERS\cdrom.sys [62976 2008-05-02] (Microsoft Corporation)
R1 CLBStor; C:\WINDOWS.2\system32\Drivers\CLBStor.sys [15784 2009-10-07] (Cyberlink Co.,Ltd.)
S2 CLBUDF; C:\WINDOWS.2\system32\Drivers\CLBUDF.sys [163368 2009-10-07] (CyberLink Corporation.)
S3 DbusAudio; C:\WINDOWS.2\System32\drivers\DbusAudio.sys [23608 2010-11-18] (Windows ® Codename Longhorn DDK provider) [File not signed]
R3 dc3d; C:\WINDOWS.2\System32\DRIVERS\dc3d.sys [45288 2011-08-10] (Microsoft Corporation)
R0 Disk; C:\WINDOWS.2\System32\DRIVERS\disk.sys [36352 2008-05-07] (Microsoft Corporation)
S4 dmboot; C:\WINDOWS.2\System32\drivers\dmboot.sys [799744 2008-04-13] (Microsoft Corp., Veritas Software) [File not signed]
R0 dmio; C:\WINDOWS.2\System32\DRIVERS\dmio.sys [153344 2008-04-14] (Microsoft Corp., Veritas Software)
R0 dmload; C:\WINDOWS.2\system32\Drivers\dmload.sys [5888 2008-04-14] (Microsoft Corp., Veritas Software.)
S3 dmodusb; C:\WINDOWS.2\System32\DRIVERS\dmodusb.sys [26240 2009-05-11] (Windows ® Codename Longhorn DDK provider)
S3 DMusic; C:\WINDOWS.2\System32\drivers\DMusic.sys [52864 2008-04-14] (Microsoft Corporation)
S3 drmkaud; C:\WINDOWS.2\System32\drivers\drmkaud.sys [2944 2014-07-13] (Microsoft Corporation)
R3 E100B; C:\WINDOWS.2\System32\DRIVERS\e100b325.sys [165496 2007-11-16] (Intel Corporation)
S4 exFat; C:\WINDOWS.2\system32\Drivers\exFat.sys [133632 2008-09-29] (Microsoft Corporation)
S4 Fastfat; C:\WINDOWS.2\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Corporation)
R3 Fdc; C:\WINDOWS.2\System32\DRIVERS\fdc.sys [27392 2008-04-14] (Microsoft Corporation)
S1 Fips; C:\WINDOWS.2\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation)
S3 Flpydisk; C:\WINDOWS.2\System32\DRIVERS\flpydisk.sys [20480 2008-04-14] (Microsoft Corporation)
R0 FltMgr; C:\WINDOWS.2\System32\drivers\fltmgr.sys [129792 2008-04-14] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS.2\system32\Drivers\Fs_Rec.sys [9216 2008-09-29] (Microsoft Corporation)
R0 Ftdisk; C:\WINDOWS.2\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Corporation)
R3 Gpc; C:\WINDOWS.2\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Corporation)
S3 hcdriver; C:\WINDOWS.2\System32\DRIVERS\hcdriver.sys [50688 2012-01-27] (Intel Corporation) [File not signed]
R3 HidUsb; C:\WINDOWS.2\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Corporation)
S3 hitmanpro36; C:\WINDOWS.2\system32\drivers\hitmanpro36.sys [27424 2013-01-08] ()
S3 HTTP; C:\WINDOWS.2\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation)
S1 i8042prt; C:\WINDOWS.2\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation)
R0 IdeBusDr; C:\WINDOWS.2\System32\DRIVERS\IdeBusDr.sys [13891 2002-10-15] (Intel Corporation)
R0 IdeChnDr; C:\WINDOWS.2\System32\DRIVERS\IdeChnDr.sys [101431 2002-10-15] (Intel Corporation)
R1 Imapi; C:\WINDOWS.2\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Corporation)
R0 IntelIde; C:\WINDOWS.2\system32\Drivers\IntelIde.sys [5504 2008-04-14] (Microsoft Corporation)
S1 intelppm; C:\WINDOWS.2\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Corporation)
R3 Ip6Fw; C:\WINDOWS.2\System32\drivers\ip6fw.sys [36608 2008-04-14] (Microsoft Corporation)
S3 IpFilterDriver; C:\WINDOWS.2\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Corporation)
S3 IpInIp; C:\WINDOWS.2\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Corporation)
R3 IpNat; C:\WINDOWS.2\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Corporation)
R1 IPSec; C:\WINDOWS.2\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Corporation)
S3 IRENUM; C:\WINDOWS.2\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Corporation)
R0 isapnp; C:\WINDOWS.2\System32\DRIVERS\isapnp.sys [37248 2008-04-14] (Microsoft Corporation)
R1 Kbdclass; C:\WINDOWS.2\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Corporation)
R1 kbdhid; C:\WINDOWS.2\System32\DRIVERS\kbdhid.sys [14592 2008-04-14] (Microsoft Corporation)
S3 kmixer; C:\WINDOWS.2\System32\drivers\kmixer.sys [172416 2014-07-13] (Microsoft Corporation)
R0 KSecDD; C:\WINDOWS.2\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation)
S3 LHidFilt; C:\WINDOWS.2\System32\DRIVERS\LHidFilt.Sys [35344 2008-02-29] (Logitech, Inc.)
S3 LMouFilt; C:\WINDOWS.2\System32\DRIVERS\LMouFilt.Sys [36880 2008-02-29] (Logitech, Inc.)
R0 LPCFilter; C:\WINDOWS.2\System32\DRIVERS\LPCFilter.sys [28464 2011-12-29] (COMPAL ELECTRONIC INC.)
S3 MEMSWEEP2; C:\WINDOWS.2\system32\1C.tmp [6144 2011-05-12] (Sophos Plc) [File not signed]
S1 mnmdd; C:\WINDOWS.2\system32\Drivers\mnmdd.sys [4224 2006-02-28] (Microsoft Corporation)
S3 Modem; C:\WINDOWS.2\system32\Drivers\Modem.sys [30080 2014-07-13] (Microsoft Corporation)
S3 MODEMCSA; C:\WINDOWS.2\System32\drivers\MODEMCSA.sys [16128 2001-08-17] (Microsoft Corporation)
R1 Mouclass; C:\WINDOWS.2\System32\DRIVERS\mouclass.sys [23040 2014-07-13] (Microsoft Corporation)
R3 mouhid; C:\WINDOWS.2\System32\DRIVERS\mouhid.sys [12160 2014-07-13] (Microsoft Corporation)
R0 MountMgr; C:\WINDOWS.2\system32\Drivers\MountMgr.sys [42752 2009-05-18] (Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS.2\System32\DRIVERS\mrxdav.sys [180096 2010-06-30] (Microsoft Corporation)
R1 MRxSmb; C:\WINDOWS.2\System32\DRIVERS\mrxsmb.sys [457856 2011-07-15] (Microsoft Corporation)
R1 Msfs; C:\WINDOWS.2\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Corporation)
S3 MSKSSRV; C:\WINDOWS.2\System32\drivers\MSKSSRV.sys [7552 2014-07-13] (Microsoft Corporation)
S3 MSPCLOCK; C:\WINDOWS.2\System32\drivers\MSPCLOCK.sys [5376 2014-07-13] (Microsoft Corporation)
S3 MSPQM; C:\WINDOWS.2\System32\drivers\MSPQM.sys [4992 2014-07-13] (Microsoft Corporation)
R3 mssmbios; C:\WINDOWS.2\System32\DRIVERS\mssmbios.sys [15488 2014-07-13] (Microsoft Corporation)
R0 Mup; C:\WINDOWS.2\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation)
R0 mv61xxmm; C:\WINDOWS.2\system32\Drivers\mv61xxmm.sys [14184 2014-07-13] (Marvell Semiconductor Inc.)
R0 mv64xxmm; C:\WINDOWS.2\system32\Drivers\mv64xxmm.sys [5632 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
R0 mvxxmm; C:\WINDOWS.2\system32\Drivers\mvxxmm.sys [6656 2014-07-13] (Marvell Semiconductor Inc.) [File not signed]
R0 MxEFUF; C:\WINDOWS.2\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
R0 NDIS; C:\WINDOWS.2\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Corporation)
R3 NdisTapi; C:\WINDOWS.2\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation)
R3 Ndisuio; C:\WINDOWS.2\System32\DRIVERS\ndisuio.sys [14592 2014-07-13] (Microsoft Corporation)
R3 NdisWan; C:\WINDOWS.2\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Corporation)
R3 NDProxy; C:\WINDOWS.2\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation)
R1 NetBIOS; C:\WINDOWS.2\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Corporation)
R1 NetBT; C:\WINDOWS.2\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Corporation)
S2 NPF; C:\WINDOWS.2\system32\drivers\npf.sys [35088 2012-12-15] (CACE Technologies, Inc.)
R1 Npfs; C:\WINDOWS.2\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Corporation)
R4 Ntfs; C:\WINDOWS.2\system32\Drivers\Ntfs.sys [576384 2008-11-18] (Microsoft Corporation)
R1 Null; C:\WINDOWS.2\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Corporation)
S3 NwlnkFlt; C:\WINDOWS.2\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Corporation)
S3 NwlnkFwd; C:\WINDOWS.2\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Corporation)
R1 omci; C:\WINDOWS.2\System32\DRIVERS\omci.sys [17153 2002-10-15] (Dell Computer Corporation) [File not signed]
S3 Parport; C:\WINDOWS.2\System32\DRIVERS\parport.sys [80128 2014-07-13] (Microsoft Corporation)
R0 PartMgr; C:\WINDOWS.2\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Corporation)
S2 ParVdm; C:\WINDOWS.2\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Corporation)
R0 PCI; C:\WINDOWS.2\System32\DRIVERS\pci.sys [68224 2008-04-14] (Microsoft Corporation)
S4 Pcmcia; C:\WINDOWS.2\system32\Drivers\Pcmcia.sys [120192 2008-04-14] (Microsoft Corporation)
S3 pcouffin; C:\WINDOWS.2\System32\Drivers\pcouffin.sys [47360 2014-03-15] (VSO Software) [File not signed]
S2 PfFilter; J:\Program Files\IObit\Protected Folder\pffilter.sys [141016 2012-11-23] (IObit Information Technology)
R3 Point32; C:\WINDOWS.2\System32\DRIVERS\point32.sys [40936 2011-08-01] (Microsoft Corporation)
R3 PptpMiniport; C:\WINDOWS.2\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Corporation)
R3 PSched; C:\WINDOWS.2\System32\DRIVERS\psched.sys [70272 2009-07-18] (Microsoft Corporation)
R3 Ptilink; C:\WINDOWS.2\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Parallel Technologies, Inc.)
R1 RasAcd; C:\WINDOWS.2\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Corporation)
R3 Rasl2tp; C:\WINDOWS.2\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Corporation)
R3 RasPppoe; C:\WINDOWS.2\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Corporation)
R3 Raspti; C:\WINDOWS.2\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Corporation)
R1 Rdbss; C:\WINDOWS.2\System32\DRIVERS\rdbss.sys [174848 2008-07-18] (Microsoft Corporation)
R1 RDPCDD; C:\WINDOWS.2\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Corporation)
R3 rdpdr; C:\WINDOWS.2\System32\DRIVERS\rdpdr.sys [195712 2009-09-04] (Microsoft Corporation)
S3 RDPWD; C:\WINDOWS.2\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation)
R1 redbook; C:\WINDOWS.2\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Corporation)
R1 SBRE; C:\WINDOWS.2\system32\drivers\SBREdrv.sys [101112 2012-01-12] (GFI Software)
S1 SCDEmu; C:\WINDOWS.2\system32\Drivers\SCDEmu.sys [56572 2008-11-02] (PowerISO Computing, Inc.) [File not signed]
S3 Secdrv; C:\WINDOWS.2\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 serenum; C:\WINDOWS.2\System32\DRIVERS\serenum.sys [15744 2008-04-14] (Microsoft Corporation)
S1 Serial; C:\WINDOWS.2\System32\DRIVERS\serial.sys [64512 2008-04-14] (Microsoft Corporation)
S1 Sfloppy; C:\WINDOWS.2\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Corporation)
R0 SmartDefragDriver; C:\WINDOWS.2\System32\Drivers\SmartDefragDriver.sys [15808 2013-12-24] (IObit)
R3 smbusp; C:\WINDOWS.2\System32\DRIVERS\intelsmb.sys [22528 2010-06-10] (Intel Corporation)
S3 smwdm; C:\WINDOWS.2\System32\drivers\smwdm.sys [539008 2002-12-19] (Analog Devices, Inc.)
S3 SONYPVU1; C:\WINDOWS.2\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 splitter; C:\WINDOWS.2\System32\drivers\splitter.sys [6272 2008-04-14] (Microsoft Corporation)
R0 Sr; C:\WINDOWS.2\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Corporation)
R3 Srv; C:\WINDOWS.2\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation)
S3 STAC97; C:\WINDOWS.2\System32\drivers\STAC97.sys [273296 2005-04-14] (SigmaTel, Inc.) [File not signed]
R3 swenum; C:\WINDOWS.2\System32\DRIVERS\swenum.sys [4352 2014-07-13] (Microsoft Corporation)
S3 swmidi; C:\WINDOWS.2\System32\drivers\swmidi.sys [56576 2014-07-13] (Microsoft Corporation)
S3 sysaudio; C:\WINDOWS.2\System32\drivers\sysaudio.sys [60800 2014-07-13] (Microsoft Corporation)
R1 Tcpip; C:\WINDOWS.2\System32\DRIVERS\tcpip.sys [361600 2014-07-13] (Microsoft Corporation) [File not signed]
R1 Tcpip6; C:\WINDOWS.2\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 TDPIPE; C:\WINDOWS.2\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation)
S3 TDTCP; C:\WINDOWS.2\system32\Drivers\TDTCP.sys [22024 2009-03-02] (Microsoft Corporation)
R1 TermDD; C:\WINDOWS.2\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation)
R3 tunmp; C:\WINDOWS.2\System32\DRIVERS\tunmp.sys [12288 2014-07-13] (Microsoft Corporation)
S4 Udfs; C:\WINDOWS.2\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Corporation)
S3 udsstub; C:\WINDOWS.2\System32\DRIVERS\udsstub.sys [16000 2012-06-18] (SysNucleus) [File not signed]
R3 Update; C:\WINDOWS.2\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Corporation)
S3 usbaudio; C:\WINDOWS.2\System32\drivers\usbaudio.sys [60160 2013-07-16] (Microsoft Corporation)
R3 usbccgp; C:\WINDOWS.2\System32\DRIVERS\usbccgp.sys [32384 2013-08-08] (Microsoft Corporation)
R3 usbehci; C:\WINDOWS.2\System32\DRIVERS\usbehci.sys [30464 2013-03-06] (Microsoft Corporation)
R3 usbhub; C:\WINDOWS.2\System32\DRIVERS\usbhub.sys [59520 2008-04-14] (Microsoft Corporation)
S3 usbprint; C:\WINDOWS.2\System32\DRIVERS\usbprint.sys [25856 2008-04-14] (Microsoft Corporation)
S3 usbscan; C:\WINDOWS.2\System32\DRIVERS\usbscan.sys [14976 2013-07-02] (Microsoft Corporation)
R3 usbstor; C:\WINDOWS.2\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-14] (Microsoft Corporation)
R3 usbuhci; C:\WINDOWS.2\System32\DRIVERS\usbuhci.sys [20736 2013-03-06] (Microsoft Corporation)
R1 VgaSave; C:\WINDOWS.2\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Corporation)
R0 viamraid; C:\WINDOWS.2\System32\DRIVERS\viamraid.sys [116608 2013-10-24] (VIA Technologies inc,.ltd)
S3 VIAudio; C:\WINDOWS.2\System32\drivers\vinyl97.sys [207488 2014-04-25] (VIA Technologies, Inc.)
R0 VolSnap; C:\WINDOWS.2\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Corporation)
S3 Wanarp; C:\WINDOWS.2\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Corporation)
R3 Wdf01000; C:\WINDOWS.2\System32\DRIVERS\Wdf01000.sys [444136 2009-07-14] (Microsoft Corporation)
S3 wdmaud; C:\WINDOWS.2\System32\drivers\wdmaud.sys [83072 2014-07-13] (Microsoft Corporation)
S3 WinDriver6; C:\WINDOWS.2\System32\drivers\windrvr6.sys [195968 2011-06-20] (Jungo) [File not signed]
S3 WpdUsb; C:\WINDOWS.2\System32\DRIVERS\wpdusb.sys [38528 2009-01-30] (Microsoft Corporation)
R1 WS2IFSL; C:\WINDOWS.2\System32\drivers\ws2ifsl.sys [12032 2008-04-14] (Microsoft Corporation)
S3 WsAudio_DeviceS(1); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(1).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(2); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(2).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(3); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(3).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(4); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(4).sys [25704 2009-12-04] (Wondershare)
S3 WsAudio_DeviceS(5); C:\WINDOWS.2\System32\drivers\WsAudio_DeviceS(5).sys [25704 2009-12-04] (Wondershare)
R0 WudfPf; C:\WINDOWS.2\System32\DRIVERS\WudfPf.sys [91904 2009-07-13] (Microsoft Corporation)
S3 WudfRd; C:\WINDOWS.2\System32\DRIVERS\wudfrd.sys [132224 2009-07-13] (Microsoft Corporation)
S2 XilinxPC4Driver; C:\WINDOWS.2\System32\drivers\xpc4drvr.sys [16000 2005-11-16] (Xilinx, Inc.) [File not signed]
S3 ZD1211BU(ZyDAS); C:\WINDOWS.2\System32\DRIVERS\zd1211Bu.sys [477696 2006-08-24] (ZyDAS Technology Corporation)
S4 Aspi32; System32\drivers\aspi32.sys [X]
S4 BCMH43XX; system32\DRIVERS\bcmwlhigh5.sys [X]
S4 DbusVideo; system32\DRIVERS\DbusVideo.sys [X]
S4 eqjjgu; System32\drivers\lmwtiq.sys [X]
S4 L8042Kbd; system32\DRIVERS\L8042Kbd.sys [X]
S4 L8042mou; system32\DRIVERS\L8042mou.Sys [X]
S4 LMouKE; system32\DRIVERS\LMouKE.Sys [X]
S3 mbamchameleon; \SystemRoot\system32\drivers\mbamchameleon.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS.2\system32\drivers\MBAMSwissArmy.sys [X]
S4 MCSTRM; No ImagePath
S4 MFE_RR; No ImagePath
S4 qyknl; System32\drivers\qwsvmq.sys [X]
S4 rckxrvet; System32\drivers\khbmtx.sys [X]
U5 ScsiPort; C:\WINDOWS.2\system32\drivers\scsiport.sys [96384 2011-01-27] (Microsoft Corporation)
S4 sptd; \SystemRoot\System32\Drivers\sptd.sys [X]
U2 WinDefend; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 15:02 - 2014-08-26 15:03 - 00052193 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-26 09:16 - 2014-08-26 09:16 - 04872677 _____ () C:\Documents and Settings\Gary\Desktop\mbam-chameleon-3.1.4.0.zip
2014-08-26 08:08 - 2014-08-26 09:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Gary\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-26 07:32 - 2014-08-26 08:56 - 00000000 ____D () C:\AdwCleaner
2014-08-26 07:25 - 2014-08-26 07:26 - 01364531 _____ () C:\Documents and Settings\Gary\Desktop\AdwCleaner.exe
2014-08-25 16:26 - 2014-08-25 16:26 - 00003845 _____ () C:\WINDOWS.2\KB2659262.log
2014-08-25 16:26 - 2014-08-25 16:26 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2659262$
2014-08-25 16:25 - 2014-08-25 16:25 - 00003883 _____ () C:\WINDOWS.2\KB2834886.log
2014-08-25 16:25 - 2014-08-25 16:25 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2834886$
2014-08-25 16:21 - 2014-08-25 16:21 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2686509$
2014-08-25 16:20 - 2014-08-25 16:21 - 00006955 _____ () C:\WINDOWS.2\KB2686509.log
2014-08-25 16:19 - 2014-08-25 16:20 - 00004799 _____ () C:\WINDOWS.2\KB961118.log
2014-08-25 16:19 - 2014-08-25 16:19 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB961118$
2014-08-25 16:18 - 2014-08-25 16:19 - 00006430 _____ () C:\WINDOWS.2\KB2570947.log
2014-08-25 16:18 - 2014-08-25 16:18 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2570947$
2014-08-25 16:16 - 2014-08-25 16:26 - 00049325 _____ () C:\WINDOWS.2\iis6.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00036978 _____ () C:\WINDOWS.2\FaxSetup.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00020934 _____ () C:\WINDOWS.2\ocgen.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00016926 _____ () C:\WINDOWS.2\tsoc.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00012350 _____ () C:\WINDOWS.2\comsetup.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00011426 _____ () C:\WINDOWS.2\msmqinst.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00007483 _____ () C:\WINDOWS.2\ntdtcsetup.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00006498 _____ () C:\WINDOWS.2\netfxocm.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00002550 _____ () C:\WINDOWS.2\MedCtrOC.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00001866 _____ () C:\WINDOWS.2\tabletoc.log
2014-08-25 16:16 - 2014-08-25 16:26 - 00001374 _____ () C:\WINDOWS.2\imsins.log
2014-08-25 16:16 - 2014-08-25 16:25 - 00001374 _____ () C:\WINDOWS.2\imsins.BAK
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2603381$
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 _____ () C:\WINDOWS.2\setuperr.log
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 _____ () C:\WINDOWS.2\setupact.log
2014-08-25 16:07 - 2014-08-25 16:17 - 00006349 _____ () C:\WINDOWS.2\KB2603381.log
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:25 - 2014-08-25 06:26 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-24 14:30 - 2009-01-09 12:19 - 01089593 ____N () C:\WINDOWS.2\system32\dllcache\ntprint.cat
2014-08-23 09:50 - 2014-08-26 15:02 - 00000000 ____D () C:\FRST
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1C.tmp
2014-08-22 16:03 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1B.tmp
2014-08-22 12:10 - 2014-08-22 12:39 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\4.tmp
2014-08-22 09:46 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\3.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\2.tmp
2014-08-22 09:45 - 2011-05-12 15:03 - 00006144 ____N (Sophos Plc) C:\WINDOWS.2\system32\1.tmp
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-21 23:42 - 2014-08-26 07:54 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-21 23:42 - 2014-08-26 07:54 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:38 - 2014-08-26 10:41 - 00349275 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:10 - 2010-06-02 01:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_7.dll
2014-08-21 19:10 - 2010-06-02 01:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_5.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\xactengine3_6.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_4.dll
2014-08-21 19:10 - 2010-02-04 08:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_7.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_5.dll
2014-08-21 19:10 - 2009-09-04 14:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\Xactengine3_5.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dcsx_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_42.dll
2014-08-21 19:10 - 2009-09-04 14:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx11_42.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_4.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00069448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_3.dll
2014-08-21 19:10 - 2009-03-16 11:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_6.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_41.dll
2014-08-21 19:10 - 2009-03-09 12:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_41.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_3.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_2.dll
2014-08-21 19:10 - 2008-10-27 07:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\X3DAudio1_5.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_40.dll
2014-08-21 19:10 - 2008-10-15 03:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_40.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XactEngine3_2.dll
2014-08-21 19:10 - 2008-07-31 07:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAPOFX1_1.dll
2014-08-21 19:10 - 2008-07-31 07:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\XAudio2_2.dll
2014-08-21 19:10 - 2008-07-10 08:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx9_39.dll
2014-08-21 19:10 - 2008-07-10 08:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\D3DCompiler_39.dll
2014-08-21 19:10 - 2006-11-29 10:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\d3dx10.dll
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:02 - 2014-05-30 15:09 - 06024704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\mshtml.dll
2014-08-21 19:02 - 2014-05-30 15:09 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetcpl.cpl
2014-08-21 19:02 - 2014-05-30 15:09 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\occache.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\webcheck.dll
2014-08-21 19:02 - 2009-03-07 13:34 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\msrating.dll
2014-08-21 19:02 - 2009-03-07 13:32 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inseng.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\pngfilt.dll
2014-08-21 19:02 - 2009-03-07 13:31 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\imgutil.dll
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:57 - 2008-04-14 05:00 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\adsiis.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iisext.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismap.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\convlog.exe
2014-08-21 18:57 - 2008-04-14 05:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admwprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00038576 _____ () C:\WINDOWS.2\system32\w3ctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\inetsloc.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\exstrace.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00011435 _____ () C:\WINDOWS.2\system32\infoctrs.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\smtpapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\aspperf.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00010225 _____ () C:\WINDOWS.2\system32\axperf.ini
2014-08-21 18:57 - 2008-04-14 05:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\rwnh.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\infoctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\staxmem.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\wamregps.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\admxprox.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3svapi.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00005379 _____ () C:\WINDOWS.2\system32\w3ctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\w3ctrs.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\iismui.dll
2014-08-21 18:57 - 2008-04-14 05:00 - 00003276 _____ () C:\WINDOWS.2\system32\infoctrs.h
2014-08-21 18:57 - 2008-04-14 05:00 - 00002024 _____ () C:\WINDOWS.2\system32\axctrnm.h
2014-08-21 18:15 - 2008-04-14 05:00 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\TINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\PINTLGNT.IME
2014-08-21 18:15 - 2008-04-14 05:00 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\CINTLGNT.IME
2014-08-21 18:14 - 2008-04-14 05:00 - 00016254 _____ () C:\WINDOWS.2\system32\PINTLPAE.HLP
2014-08-21 18:14 - 2008-04-14 05:00 - 00014821 _____ () C:\WINDOWS.2\system32\PINTLPAD.HLP
2014-08-21 18:13 - 2008-04-14 05:00 - 00024661 _____ (Perle Systems Ltd.) C:\WINDOWS.2\system32\spxcoins.dll
2014-08-21 18:13 - 2008-04-14 05:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS.2\system32\irclass.dll
2014-08-21 18:11 - 2014-07-13 14:24 - 00000630 _____ () C:\DPsFnshr.ini
2014-08-21 18:11 - 2011-09-12 00:07 - 00322985 _____ () C:\DPsFnshr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00279585 _____ () C:\DSPdsblr.exe
2014-08-21 18:11 - 2011-09-12 00:07 - 00269955 _____ () C:\pmtimer.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00137728 _____ () C:\mute.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00055808 _____ (Microsoft Corporation) C:\devcon.exe
2014-08-21 18:11 - 2010-11-21 15:09 - 00020992 _____ () C:\makePNF.exe
2014-08-21 18:10 - 2014-07-11 08:17 - 00046192 _____ () C:\DriverPack_WLAN_wnt5_x86-32.ini
2014-08-21 18:10 - 2014-05-17 08:39 - 00169702 _____ () C:\DriverPack_MassStorage_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-06-04 07:48 - 00004173 _____ () C:\DriverPack_LAN_wnt5_x86-32.ini
2014-08-21 18:09 - 2014-04-01 05:15 - 00000000 ____D () C:\D
2014-08-21 18:09 - 2010-05-29 04:57 - 00000458 _____ () C:\DriverPack_CPU_wnt5_x86-32.ini
2014-08-21 13:19 - 2014-08-21 13:23 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 11:34 - 2014-08-21 12:41 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 10:38 - 2014-08-21 19:48 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-20 17:26 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-19 20:52 - 2014-08-23 17:58 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-19 07:49 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-19 06:47 - 2014-08-22 01:09 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-18 20:20 - 2014-08-26 07:46 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-18 20:20 - 2014-08-22 08:17 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-18 18:29 - 2008-04-14 06:42 - 01033728 _____ (Microsoft Corporation) C:\WINDOWS.2\gzeranski.exe
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:14 - 2014-08-26 07:54 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-17 07:09 - 2014-08-21 19:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-17 07:09 - 2014-08-21 19:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-21 21:37 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:23 - 2014-08-16 21:17 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:20 - 2001-08-17 14:11 - 00035328 _____ (AMD Inc.) C:\WINDOWS.2\system32\Drivers\pcntpci5.sys
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 20:31 - 2014-08-17 14:41 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-16 20:03 - 2014-08-26 07:46 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 21:17 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:02 - 2014-08-16 20:03 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2013-05-08 15:05 - 00118784 _____ () C:\WINDOWS.2\system32\DriverCoInstaller.dll
2014-08-05 09:45 - 2014-08-05 09:46 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-07-31 12:41 - 2014-08-22 03:19 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-07-30 11:36 - 2014-08-26 07:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 15:03 - 2014-08-26 15:02 - 00052193 _____ () C:\Documents and Settings\Gary\Desktop\FRST.txt
2014-08-26 15:03 - 2012-08-05 10:42 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Temp
2014-08-26 15:02 - 2014-08-23 09:50 - 00000000 ____D () C:\FRST
2014-08-26 14:49 - 2012-05-24 09:04 - 00001324 _____ () C:\WINDOWS.2\system32\d3d9caps.dat
2014-08-26 10:41 - 2014-08-21 23:38 - 00349275 _____ () C:\WINDOWS.2\WindowsUpdate.log
2014-08-26 10:41 - 2009-12-04 18:57 - 00000178 ___SH () C:\Documents and Settings\Gary\ntuser.ini
2014-08-26 09:16 - 2014-08-26 09:16 - 04872677 _____ () C:\Documents and Settings\Gary\Desktop\mbam-chameleon-3.1.4.0.zip
2014-08-26 09:02 - 2014-08-26 08:08 - 17292760 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Gary\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-26 09:01 - 2013-01-09 13:05 - 00013646 _____ () C:\WINDOWS.2\system32\wpa.dbl
2014-08-26 08:56 - 2014-08-26 07:32 - 00000000 ____D () C:\AdwCleaner
2014-08-26 07:54 - 2014-08-21 23:42 - 00000216 _____ () C:\WINDOWS.2\wiadebug.log
2014-08-26 07:54 - 2014-08-21 23:42 - 00000049 _____ () C:\WINDOWS.2\wiaservc.log
2014-08-26 07:54 - 2014-08-18 04:14 - 00032582 _____ () C:\WINDOWS.2\SchedLgU.Txt
2014-08-26 07:54 - 2014-05-13 08:24 - 00000278 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Startup.job
2014-08-26 07:54 - 2009-12-04 18:56 - 00000006 ____H () C:\WINDOWS.2\Tasks\SA.DAT
2014-08-26 07:54 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\inetsrv
2014-08-26 07:53 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Temp
2014-08-26 07:51 - 2014-04-03 11:33 - 00000398 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{9CF66ED3-999B-440B-ABD0-2BDFD528737D}.job
2014-08-26 07:51 - 2010-01-23 15:12 - 00000424 ____H () C:\WINDOWS.2\Tasks\User_Feed_Synchronization-{6A02D280-3935-45F3-8EC6-584928C95165}.job
2014-08-26 07:49 - 2009-12-04 10:40 - 00434200 _____ () C:\WINDOWS.2\system32\PerfStringBackup.INI
2014-08-26 07:47 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2
2014-08-26 07:46 - 2014-08-18 20:20 - 00000468 _____ () C:\WINDOWS.2\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-26 07:46 - 2014-08-16 20:03 - 00000330 _____ () C:\WINDOWS.2\Tasks\ReimageUpdater.job
2014-08-26 07:46 - 2014-05-10 17:22 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Update.job
2014-08-26 07:46 - 2014-04-03 11:46 - 00000224 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-08-26 07:46 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-26 07:46 - 2010-05-28 11:18 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Kodak
2014-08-26 07:41 - 2014-07-30 11:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-26 07:41 - 2009-12-04 10:39 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2
2014-08-26 07:26 - 2014-08-26 07:25 - 01364531 _____ () C:\Documents and Settings\Gary\Desktop\AdwCleaner.exe
2014-08-25 16:34 - 2012-08-03 07:44 - 00000000 ___RD () C:\Documents and Settings\Gary\Desktop\Tools
2014-08-25 16:26 - 2014-08-25 16:26 - 00003845 _____ () C:\WINDOWS.2\KB2659262.log
2014-08-25 16:26 - 2014-08-25 16:26 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2659262$
2014-08-25 16:26 - 2014-08-25 16:16 - 00049325 _____ () C:\WINDOWS.2\iis6.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00036978 _____ () C:\WINDOWS.2\FaxSetup.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00020934 _____ () C:\WINDOWS.2\ocgen.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00016926 _____ () C:\WINDOWS.2\tsoc.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00012350 _____ () C:\WINDOWS.2\comsetup.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00011426 _____ () C:\WINDOWS.2\msmqinst.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00007483 _____ () C:\WINDOWS.2\ntdtcsetup.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00006498 _____ () C:\WINDOWS.2\netfxocm.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00002550 _____ () C:\WINDOWS.2\MedCtrOC.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00001866 _____ () C:\WINDOWS.2\tabletoc.log
2014-08-25 16:26 - 2014-08-25 16:16 - 00001374 _____ () C:\WINDOWS.2\imsins.log
2014-08-25 16:25 - 2014-08-25 16:25 - 00003883 _____ () C:\WINDOWS.2\KB2834886.log
2014-08-25 16:25 - 2014-08-25 16:25 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2834886$
2014-08-25 16:25 - 2014-08-25 16:16 - 00001374 _____ () C:\WINDOWS.2\imsins.BAK
2014-08-25 16:24 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-25 16:24 - 2011-04-03 09:25 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Microsoft Help
2014-08-25 16:22 - 2014-07-16 14:17 - 00000974 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003UA.job
2014-08-25 16:21 - 2014-08-25 16:21 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2686509$
2014-08-25 16:21 - 2014-08-25 16:20 - 00006955 _____ () C:\WINDOWS.2\KB2686509.log
2014-08-25 16:20 - 2014-08-25 16:19 - 00004799 _____ () C:\WINDOWS.2\KB961118.log
2014-08-25 16:19 - 2014-08-25 16:19 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB961118$
2014-08-25 16:19 - 2014-08-25 16:18 - 00006430 _____ () C:\WINDOWS.2\KB2570947.log
2014-08-25 16:18 - 2014-08-25 16:18 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2570947$
2014-08-25 16:17 - 2014-08-25 16:07 - 00006349 _____ () C:\WINDOWS.2\KB2603381.log
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 __HDC () C:\WINDOWS.2\$NtUninstallKB2603381$
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 _____ () C:\WINDOWS.2\setuperr.log
2014-08-25 16:16 - 2014-08-25 16:16 - 00000000 _____ () C:\WINDOWS.2\setupact.log
2014-08-25 16:15 - 2014-07-09 06:45 - 00000830 _____ () C:\WINDOWS.2\Tasks\Adobe Flash Player Updater.job
2014-08-25 16:03 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-25 16:03 - 2013-11-11 12:33 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\ProductData
2014-08-25 16:03 - 2012-06-05 11:27 - 00000508 _____ () C:\WINDOWS.2\Tasks\PrintProjects Communicator.job
2014-08-25 06:28 - 2014-08-25 06:28 - 01095168 _____ (Farbar) C:\Documents and Settings\Gary\Desktop\FRST.exe
2014-08-25 06:26 - 2014-08-25 06:25 - 05185536 _____ (AVAST Software) C:\Documents and Settings\Gary\Desktop\aswMBR.exe
2014-08-24 14:24 - 2014-07-16 14:17 - 00000922 _____ () C:\WINDOWS.2\Tasks\GoogleUpdateTaskUserS-1-5-21-484763869-2111687655-1606980848-1003Core.job
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-24 14:11 - 2013-06-21 08:43 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Malwarebytes' Anti-Malware (portable)
2014-08-23 18:22 - 2013-10-26 23:52 - 00002684 _____ () C:\WINDOWS.2\system32\ScanResults.xml
2014-08-23 17:58 - 2014-08-19 20:52 - 00000464 _____ () C:\WINDOWS.2\system32\ScannerSettings
2014-08-23 11:25 - 2011-11-10 14:39 - 00000618 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Desktop\calibre - E-book management.lnk
2014-08-22 16:55 - 2009-12-12 05:02 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\uTorrent
2014-08-22 16:54 - 2014-08-22 16:54 - 00000000 ____D () C:\WINDOWS.2\Tasks\ImCleanDisabled
2014-08-22 15:18 - 2011-04-03 09:31 - 00196608 _____ () C:\WINDOWS.2\system32\config\OAlerts.evt
2014-08-22 15:14 - 2011-04-03 10:25 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Outlook Files
2014-08-22 14:54 - 2011-12-14 19:42 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-08-22 12:39 - 2014-08-22 12:10 - 00000000 ____D () C:\Program Files\HijackThis
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2009-12-04 23:50 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Spybot - Search & Destroy
2014-08-22 08:58 - 2006-03-11 18:16 - 00000000 ____D () C:\Documents and Settings\Administrator
2014-08-22 08:20 - 2014-08-22 08:20 - 60071936 _____ () C:\WINDOWS.2\system32\config\software.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iodefrag.bak
2014-08-22 08:20 - 2014-08-22 08:20 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iodefrag.bak
2014-08-22 08:20 - 2011-11-23 09:10 - 00000000 __SHD () C:\Documents and Settings\LocalService.NT AUTHORITY
2014-08-22 08:20 - 2009-12-04 18:55 - 00000000 __SHD () C:\Documents and Settings\NetworkService.NT AUTHORITY.004
2014-08-22 08:19 - 2014-08-22 08:19 - 00000000 _____ () C:\asc_rdflag
2014-08-22 08:19 - 2009-12-04 18:57 - 00000000 ____D () C:\Documents and Settings\Gary
2014-08-22 08:17 - 2014-08-18 20:20 - 00000384 _____ () C:\WINDOWS.2\Tasks\RegCure Pro.job
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:07 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Microsoft Silverlight
2014-08-22 07:01 - 2011-02-25 09:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-22 03:19 - 2014-08-20 17:26 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_DB739962-28C9-11E4-A741-0007E9E3652D.job
2014-08-22 03:19 - 2014-08-19 07:49 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_FC34B912-27AF-11E4-A73A-0007E9E3652D.job
2014-08-22 03:19 - 2014-07-31 12:41 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_A760A460-18EA-11E4-A711-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 06:55 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_30B6103C-DF5D-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-05-19 01:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_37B5F906-DF30-11E3-A6D9-0007E9E3652D.job
2014-08-22 03:19 - 2014-04-07 01:32 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_349FCC78-BE2F-11E3-8BAF-0007E9E3652D.job
2014-08-22 03:19 - 2014-02-24 02:33 - 00000529 _____ () C:\WINDOWS.2\Tasks\SpeedMaxPc_sch_B5A223C6-9D36-11E3-8B9B-0007E9E3652D.job
2014-08-22 01:09 - 2014-08-19 06:47 - 00000537 _____ () C:\WINDOWS.2\Tasks\RegCure Pro_sch_4E1B87AA-27A7-11E4-A739-0007E9E3652D.job
2014-08-22 00:59 - 2013-07-25 10:54 - 05922816 _____ () C:\WINDOWS.2\system32\config\default.iobit
2014-08-22 00:59 - 2013-07-25 10:54 - 00032768 _____ () C:\WINDOWS.2\system32\config\SAM.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 59805696 _____ () C:\WINDOWS.2\system32\config\software.iobit
2014-08-22 00:59 - 2013-07-25 10:53 - 00073728 _____ () C:\WINDOWS.2\system32\config\SECURITY.iobit
2014-08-21 23:42 - 2014-08-21 23:42 - 00000000 ____N () C:\WINDOWS.2\Sti_Trace.log
2014-08-21 23:42 - 2009-12-05 18:15 - 00000000 ____D () C:\WINDOWS.2\system32\NtmsData
2014-08-21 23:17 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\MsDtc
2014-08-21 21:37 - 2014-08-16 21:23 - 00001621 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 21:37 - 2009-12-17 17:57 - 00001512 _____ () C:\Documents and Settings\Gary\Desktop\Calculator.lnk
2014-08-21 21:37 - 2009-11-25 16:59 - 00001529 _____ () C:\Documents and Settings\Gary\Desktop\Notepad.lnk
2014-08-21 21:24 - 2014-04-03 09:32 - 00000000 ____D () C:\rei
2014-08-21 21:24 - 2013-10-23 23:31 - 00000180 _____ () C:\WINDOWS.2\Reimage.ini
2014-08-21 20:46 - 2010-03-21 15:16 - 00000000 __SHD () C:\WINDOWS.2\CSC
2014-08-21 19:48 - 2014-08-21 10:38 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows 7 ACTIVATION
2014-08-21 19:47 - 2013-01-08 17:31 - 00000178 ___SH () C:\Documents and Settings\Administrator.BEDROOM\ntuser.ini
2014-08-21 19:26 - 2014-08-21 19:26 - 00000802 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:25 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\system32\Restore
2014-08-21 19:24 - 2013-01-05 20:41 - 00000813 _____ () C:\Documents and Settings\Gary\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Help
2014-08-21 19:21 - 2009-12-04 10:39 - 00392776 _____ () C:\WINDOWS.2\system32\FNTCACHE.DAT
2014-08-21 19:17 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\security
2014-08-21 19:15 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\repair
2014-08-21 19:11 - 2013-01-08 13:30 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdifr
2014-08-21 19:11 - 2013-01-08 12:57 - 00000000 ___HD () C:\Documents and Settings\Default User.WINDOWS.2
2014-08-21 19:09 - 2014-08-17 07:09 - 00023392 _____ () C:\WINDOWS.2\system32\nscompat.tlb
2014-08-21 19:09 - 2014-08-17 07:09 - 00016832 _____ () C:\WINDOWS.2\system32\amcompat.tlb
2014-08-21 19:09 - 2013-01-08 13:30 - 00001621 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Remote Assistance.lnk
2014-08-21 19:09 - 2013-01-08 13:26 - 00000802 _____ () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Windows Media Player.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001629 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Set Program Access and Defaults.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00001529 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Update.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:09 - 2009-12-04 18:51 - 00000398 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Windows Catalog.lnk
2014-08-21 19:08 - 2009-12-04 10:40 - 00004249 _____ () C:\WINDOWS.2\ODBCINST.INI
2014-08-21 19:07 - 2009-12-04 18:47 - 00000000 ____D () C:\WINDOWS.2\Registration
2014-08-21 19:06 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\ias
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\WindowsShell.Manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\wuaucpl.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\sapi.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\nwc.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000749 ___RH () C:\WINDOWS.2\system32\ncpa.cpl.manifest
2014-08-21 19:04 - 2014-08-21 19:04 - 00000488 ___RH () C:\WINDOWS.2\system32\logonui.exe.manifest
2014-08-21 19:04 - 2013-01-08 13:29 - 00000000 ___RD () C:\Documents and Settings\Default User.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:04 - 2009-12-04 18:49 - 00000749 ___RH () C:\WINDOWS.2\system32\cdplayer.exe.manifest
2014-08-21 19:04 - 2009-12-04 18:49 - 00000488 ___RH () C:\WINDOWS.2\system32\WindowsLogon.manifest
2014-08-21 19:04 - 2009-12-04 10:35 - 00000000 ___RD () C:\WINDOWS.2\Web
2014-08-21 19:03 - 2009-12-04 18:48 - 00000000 ____D () C:\WINDOWS.2\srchasst
2014-08-21 19:03 - 2009-12-04 10:35 - 00000000 ___SD () C:\WINDOWS.2\Offline Web Pages
2014-08-21 19:03 - 2006-03-11 20:55 - 00000000 ____D () C:\Program Files\Windows Media Connect 2
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 19:01 - 2009-12-04 18:45 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Accessories
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\FxsTmp
2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\WINDOWS.2\system32\Cache
2014-08-21 18:59 - 2013-01-06 12:43 - 00000000 ____D () C:\Inetpub
2014-08-21 18:59 - 2009-12-04 18:47 - 00025456 _____ () C:\WINDOWS.2\system32\emptyregdb.dat
2014-08-21 18:59 - 2009-12-04 18:46 - 00000000 ____D () C:\WINDOWS.2\system32\Com
2014-08-21 18:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Cursors
2014-08-21 18:58 - 2006-03-04 14:17 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-21 18:57 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\addins
2014-08-21 18:53 - 2007-09-11 13:48 - 00000286 ___SH () C:\boot.ini
2014-08-21 18:43 - 2009-12-05 00:11 - 00000000 ____D () C:\WINDOWS.2\system32\ReinstallBackups
2014-08-21 18:15 - 2009-12-04 10:40 - 00004452 _____ () C:\WINDOWS.2\system32\pid.PNF
2014-08-21 18:15 - 2001-08-23 04:00 - 00000231 _____ () C:\WINDOWS.2\system.ini
2014-08-21 18:13 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system
2014-08-21 17:57 - 2009-12-04 10:39 - 00262144 _____ () C:\WINDOWS.2\system32\config\security.sav
2014-08-21 17:52 - 2010-03-17 18:30 - 00001129 _____ () C:\WINDOWS.2\UPGRADE.TXT
2014-08-21 13:23 - 2014-08-21 13:19 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\Windows XP Professional SP3 x86 - Black Edition 2014.7.13
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagwrn.xml
2014-08-21 12:41 - 2014-08-21 11:34 - 00001908 _____ () C:\WINDOWS.2\diagerr.xml
2014-08-21 11:08 - 2009-12-04 10:38 - 62128128 _____ () C:\WINDOWS.2\system32\config\software.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 14680064 _____ () C:\WINDOWS.2\system32\config\system.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 06029312 _____ () C:\WINDOWS.2\system32\config\default.sav
2014-08-21 11:08 - 2009-12-04 10:38 - 00262144 _____ () C:\WINDOWS.2\system32\config\userdiff
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\usmt
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\scripting
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Media
2014-08-21 11:03 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\L2Schemas
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\npp
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\PeerNet
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\mui
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\msagent
2014-08-21 11:02 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\ime
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\twain_32
2014-08-21 11:00 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\icsxml
2014-08-21 10:59 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\1033
2014-08-21 10:58 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\Driver Cache
2014-08-20 21:42 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM
2014-08-18 22:00 - 2013-08-11 06:53 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag_Schedule.job
2014-08-18 21:13 - 2013-01-08 17:31 - 00000000 ____D () C:\Documents and Settings\Administrator.BEDROOM\Local Settings\Temp
2014-08-18 20:26 - 2009-12-04 18:57 - 00120192 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-08-18 15:32 - 2012-08-04 11:09 - 00000221 _____ () C:\WINDOWS.2\system32\lsprst7.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000207 _____ () C:\WINDOWS.2\system32\lsprst7.dll
2014-08-18 15:32 - 2012-08-04 11:09 - 00000089 _____ () C:\WINDOWS.2\system32\ssprs.tgz
2014-08-18 15:32 - 2012-08-04 11:09 - 00000075 _____ () C:\WINDOWS.2\system32\ssprs.dll
2014-08-18 09:25 - 2013-01-10 22:59 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\vlc
2014-08-18 05:21 - 2014-08-18 05:21 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\PCHealth
2014-08-18 04:24 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\pchealth
2014-08-17 16:42 - 2014-06-24 03:18 - 00120192 _____ () C:\WINDOWS.2\system32\GDIPFONTCACHEV1.DAT
2014-08-17 16:23 - 2014-04-03 11:40 - 00000000 _____ () C:\WINDOWS.2\system32\reimage.rep
2014-08-17 15:27 - 2006-03-04 14:20 - 00000000 ___RD () C:\Documents and Settings\Default User\Start Menu\Programs\Accessories
2014-08-17 15:26 - 2006-03-04 14:21 - 00001627 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2014-08-17 15:26 - 2006-03-04 14:21 - 00000808 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Windows Media Player.lnk
2014-08-17 14:41 - 2014-08-16 20:31 - 00015712 _____ () C:\WINDOWS.2\system32\Native.exe
2014-08-17 14:41 - 2014-04-03 10:38 - 00000000 ____D () C:\ReimageUndo
2014-08-17 07:10 - 2009-12-04 18:51 - 00316640 _____ () C:\WINDOWS.2\WMSysPr9.prx
2014-08-17 01:32 - 2009-11-29 19:36 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\Vso
2014-08-16 21:41 - 2014-08-16 21:41 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temp
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\ComPlus Applications
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Program Files\Common Files\ODBC
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\PrivacIE
2014-08-16 21:23 - 2014-08-16 21:23 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\PrivacIE
2014-08-16 21:23 - 2013-07-01 12:25 - 00000000 ____D () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2013-01-08 17:31 - 00000000 ___RD () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Accessories
2014-08-16 21:23 - 2006-03-04 14:24 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-08-16 21:23 - 2006-03-04 14:18 - 00000000 ____D () C:\Program Files\Online Services
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\wins
2014-08-16 21:22 - 2014-08-16 21:22 - 00000000 ____D () C:\WINDOWS.2\system32\ShellExt
2014-08-16 21:22 - 2009-12-04 10:35 - 00000000 ____D () C:\WINDOWS.2\system32\mui
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\export
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\dhcp
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3com_dmi
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\3076
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\2052
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1054
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1042
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1037
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1031
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1028
2014-08-16 21:20 - 2014-08-16 21:20 - 00000000 ____D () C:\WINDOWS.2\system32\1025
2014-08-16 21:19 - 2014-08-16 21:19 - 00000000 ____D () C:\WINDOWS.2\Connection Wizard
2014-08-16 21:19 - 2012-06-17 15:59 - 00000000 __HDC () C:\WINDOWS.2\ie8
2014-08-16 21:18 - 2009-12-05 00:10 - 00000000 ____D () C:\WINDOWS.2\ie8updates
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00002002 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\MSN.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00001627 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Remote Assistance.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000819 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Internet Explorer.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000808 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Windows Media Player.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000801 _____ () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Windows Messenger.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\NetworkService.NT AUTHORITY.004\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\LocalService.NT AUTHORITY\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:23 - 00000754 _____ () C:\Documents and Settings\Administrator.BEDROOM\Start Menu\Programs\Outlook Express.lnk
2014-08-16 21:17 - 2014-08-16 21:17 - 00000000 ____D () C:\WINDOWS.2\java
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 21:17 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Reimage Repair
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 20:03 - 2014-08-16 20:02 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\Reimage Protector
2014-08-16 18:48 - 2009-11-29 20:36 - 00001191 _____ () C:\Documents and Settings\Gary\Application Data\vso_ts_preview.xml
2014-08-15 08:47 - 2010-01-24 10:03 - 00000000 ____D () C:\Documents and Settings\Gary\Application Data\dvdcss
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-15 07:45 - 2009-12-05 07:27 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\DVD Shrink
2014-08-11 05:57 - 2014-06-25 05:38 - 00000280 _____ () C:\WINDOWS.2\Tasks\SmartDefrag3_Schedule.job
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\My Documents\World in Conflict
2014-08-09 12:30 - 2014-08-09 12:30 - 00000000 ____D () C:\Documents and Settings\Gary\Local Settings\Application Data\World in Conflict
2014-08-09 12:27 - 2006-03-11 20:53 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-09 12:25 - 2009-12-04 18:49 - 00000000 ____D () C:\WINDOWS.2\system32\DirectX
2014-08-08 15:00 - 2014-04-03 11:46 - 00000218 _____ () C:\WINDOWS.2\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-08 11:38 - 2014-06-25 05:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Application Data\YTD Video Downloader
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-07 17:04 - 2014-08-07 17:04 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\One Touch Upgrade
2014-08-05 09:46 - 2014-08-05 09:45 - 00000000 ____D () C:\WINDOWS.2\A4W_DATA
2014-08-05 09:46 - 2010-10-10 06:34 - 00051729 _____ () C:\WINDOWS.2\Aware40.mch
2014-08-05 09:45 - 2010-10-10 06:34 - 00000035 _____ () C:\WINDOWS.2\A4W.INI
2014-08-04 13:07 - 2013-09-18 10:49 - 00000000 ____D () C:\Documents and Settings\Gary\Desktop\Health
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-08-02 07:20 - 2013-10-24 07:16 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS.2\Start Menu\Programs\Driver Booster
2014-07-31 17:42 - 2009-12-05 07:15 - 00038912 _____ () C:\Documents and Settings\Gary\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-31 05:54 - 2012-05-12 17:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Documents and Settings\Gary\Local Settings\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS.2\explorer.exe => File is digitally signed
C:\WINDOWS.2\system32\winlogon.exe => File is digitally signed
C:\WINDOWS.2\system32\svchost.exe => File is digitally signed
C:\WINDOWS.2\system32\services.exe => File is digitally signed
C:\WINDOWS.2\system32\User32.dll => File is digitally signed
C:\WINDOWS.2\system32\userinit.exe => File is digitally signed
C:\WINDOWS.2\system32\rpcss.dll => File is digitally signed
C:\WINDOWS.2\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
#13
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 27 August 2014 - 05:10 AM
I can help you fix Malwarebytes a bit later. There was no reason to run aswMBR again as all it is is a log and you already ran it. What I need you to do is run a new scan with FRST but i need to see the additions log also, So open FRST and on the bottom you will see Optional Scans....put a checkmark in Additions .......ONLY Additions Then post both logs
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#14
-
- Authentic Member
-
- 10 posts
New Member
- Interests:DVDs, Gym, ebooks, and all else
Posted 27 August 2014 - 08:37 AM
Ken545:
I have already sent you these files in your email because one was a MBR.dat file.
You'll find bothe the FRST.txt and the Additions.txt.
Thanks,
Gary Zeranski
#15
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 27 August 2014 - 08:59 AM
Gary,we are going round and round and getting nowhere. What email, we don't do email or PM messages to help with malware. If you want to continue than run FRST again and post both the new FRST log and also the New Additions and copy and paste both logs into this thread. I dont need the mbr.dat file
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
