Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 won't start / BSOD / Boot.Tidserv.B


  • This topic is locked This topic is locked
51 replies to this topic

#1 igbyny

igbyny

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 09:34 AM

Hi,

I'm running Windows 7 Home Premium 64b on a Gateway N53.

It all started when all of the sudden I couldn't start Windows normally, only on safe mode. When I tried safe mode with networking, after a few minutes, or sometimes instantly, I would get the BSOD saying something about a "amdsata.sys" so I thought that was the problem. Sometimes I would get the BSOD mentioning the "storport.sys".

Anyway, this is all in the past now, because my problem has gotten way worse! After a ran Norton Bootable Recovery Toll I discovered that my computer was infected with "Boot.Tidserv.B" and following instructions here I downloaded NTBR_CD and did everything that this topic (http://www.bleepingcomputer.com/forums/topic378867.html/page__p__2153104__hl__boot+tidserv__fromsearch__1#entry2153104) told me to. Now my computer won't even start on safe mode and I get the BSOD without any mention to any particular file, it only says that it cannot start and I should do a CHKDSK /F. Which I can't because my computer won't turn on in ANY mode (safe mode, safe mode with networking, safe mode with command prompt...)!

Do you guys have any idea what could I do to get this back to normal!?

No, I don't a a recovery point...

BC AdBot (Login to Remove)

 


#2 Zuhl3156

Zuhl3156

  • Members
  • 309 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bensalem, Pa.
  • Local time:09:51 PM

Posted 04 March 2011 - 09:49 AM

Try booting to a Windows 7 'repair disk' or your Windows 7 installation disk and select 'Repair my computer'.
http://windows.microsoft.com/en-US/windows7/What-are-the-system-recovery-options-in-Windows-7

#3 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 10:09 AM

Thank you so much for your reply but I try to do that with a Windows 7 recovery disc that I created on a clean computer but I get the message that it cannot repair!

This is like the worst thing that ever happened to me, I can't start AT ALL, can't recover... I have no idea what happened!!

#4 Zuhl3156

Zuhl3156

  • Members
  • 309 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bensalem, Pa.
  • Local time:09:51 PM

Posted 04 March 2011 - 10:22 AM

Try selecting 'Startup repair' and let it run. Sometimes you need to run the Startup repair several times before you get the desired result and your system is repaired and boots again.
http://www.sevenforums.com/tutorials/681-startup-repair.html?ltr=S

#5 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,947 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:51 PM

Posted 04 March 2011 - 11:08 AM

Sorry for over-ruling you Hamluis.

@ igbyny,

I see that you cannot boot your computer. I'm going to report this topic to those who specialize in these things.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#6 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 11:40 AM

I've done that seven times now and I always get the same message that it wasn't possible to repair! any other idea?

thank you so much Orange Blossom!

#7 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:51 AM

Posted 04 March 2011 - 12:18 PM

Hi igbyny,

I'm going to assist you.

Download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors.
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64 and press Enter.
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#8 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 12:52 PM

Thank you so much Farbar,

here's the result:
-----------------------------------------------

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.6
Ran by SYSTEM at 2011-03-04 14:50:14
Running from G:\
(X64) OS Language: English(US)
Attention: Could not load system hive.The subsystem needed to support the image type is not present.
Attention: Could not load Software hive.The subsystem needed to support the image type is not present.
========================== Registry ==========================

Winlogon: [Userinit]
Winlogon: [Shell]


==================== Drivers and Services ====================


========================= NetSvcs ============================

============ One Month Created Files and folders ============

2011-03-04 12:53 - 2011-02-13 13:03 - 0087040 ____A C:\Program Files (x86)\reg.exe
2011-03-04 12:51 - 2011-02-13 13:03 - 0087040 ____A C:\reg.exe
2011-03-04 03:36 - 2011-03-04 03:37 - 0274672 ____A C:\Windows\Minidump\030411-27159-01.dmp
2011-03-04 02:24 - 2011-03-04 03:33 - 1374808 ____N (Kaspersky Lab ZAO) C:\Users\user\Desktop\tdsskiller.exe
2011-03-04 02:24 - 2011-03-03 12:11 - 0715832 ____N (Duplex Secure Ltd.) C:\Users\user\Desktop\SPTDinst-v177-x64.exe
2011-03-04 02:23 - 2011-03-03 14:36 - 2005557 ____N (BestSpywareScanner.net, Inc. ) C:\Users\user\Desktop\BestSpywareScanner_Setup.exe
2011-03-04 02:23 - 2011-03-03 13:06 - 6080440 ____N (Symantec Corporation) C:\Users\user\Desktop\npe.exe
2011-03-04 02:23 - 2011-03-03 13:02 - 11787264 ____N C:\Users\user\Desktop\KillDiskSuiteFree-Setup.exe
2011-03-04 02:23 - 2011-03-03 12:13 - 3306678 ____N (Bart Lagerweij ) C:\Users\user\Desktop\pebuilder3110a.exe
2011-03-04 02:23 - 2011-02-13 05:03 - 0087040 ____A C:\progr~2
2011-03-04 02:22 - 2011-03-04 05:01 - 4280109 ____A C:\Users\user\Desktop\combofix.com
2011-03-03 18:18 - 2011-03-03 18:18 - 0000000 ____D C:\NBRT
2011-03-03 14:58 - 2011-03-04 12:54 - 0000000 ____D C:\Program Files (x86)\RegTweaker
2011-03-03 14:58 - 2011-03-03 14:58 - 0000997 ____A C:\Users\Public\Desktop\RegTweaker.lnk
2011-03-03 14:40 - 2011-03-03 14:40 - 0270200 ____A C:\Windows\Minidump\030311-32791-01.dmp
2011-03-03 13:45 - 2011-03-03 13:45 - 0270200 ____A C:\Windows\Minidump\030311-39093-01.dmp
2011-03-03 13:13 - 2011-03-03 13:13 - 0270376 ____A C:\Windows\Minidump\030311-34117-01.dmp
2011-03-03 12:55 - 2011-03-03 12:55 - 0270232 ____A C:\Windows\Minidump\030311-34460-01.dmp
2011-03-03 12:47 - 2011-03-03 12:47 - 0274672 ____A C:\Windows\Minidump\030311-32666-01.dmp
2011-03-03 12:27 - 2011-03-03 12:28 - 0270200 ____A C:\Windows\Minidump\030311-53414-01.dmp
2011-03-03 12:04 - 2011-03-03 12:04 - 0270200 ____A C:\Windows\Minidump\030311-29889-01.dmp
2011-03-03 11:36 - 2011-03-03 11:36 - 0270200 ____A C:\Windows\Minidump\030311-26769-01.dmp
2011-03-03 11:18 - 2011-03-03 11:18 - 0274512 ____A C:\Windows\Minidump\030311-26644-01.dmp
2011-03-03 11:11 - 2011-03-03 11:11 - 0278984 ____A C:\Windows\Minidump\030311-70028-01.dmp
2011-03-03 11:10 - 2011-03-04 03:36 - 400951897 ____A C:\Windows\MEMORY.DMP
2011-03-03 10:37 - 2011-03-03 10:38 - 0278984 ____A C:\Windows\Minidump\030311-61901-01.dmp
2011-03-03 10:34 - 2011-03-03 10:34 - 0278984 ____A C:\Windows\Minidump\030311-75847-01.dmp
2011-03-03 10:28 - 2011-03-03 10:28 - 0274544 ____A C:\Windows\Minidump\030311-57283-01.dmp
2011-03-03 10:23 - 2011-03-03 10:24 - 0274512 ____A C:\Windows\Minidump\030311-63445-01.dmp
2011-03-03 10:21 - 2011-03-03 10:21 - 0274512 ____A C:\Windows\Minidump\030311-60138-01.dmp
2011-03-03 10:08 - 2011-03-03 10:08 - 0001075 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-03-03 10:08 - 2011-03-03 10:08 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-03 10:08 - 2010-12-20 13:09 - 0038224 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-03-03 10:06 - 2011-02-12 15:17 - 2230570 ____A ( ) C:\Users\user\Desktop\regtweaker.exe
2011-03-03 10:02 - 2011-02-25 14:58 - 0049392 ____A C:\Users\user\Bookmarks.bak
2011-03-03 10:02 - 2011-02-25 14:58 - 0049392 ____A C:\Users\user\Bookmarks
2011-03-03 10:00 - 2011-03-03 11:44 - 234227016 ____A (Avira GmbH) C:\Users\user\Desktop\rescue_system-common-en.exe
2011-03-03 08:21 - 2011-03-03 08:21 - 0000000 ____D C:\Users\user\AppData\Roaming\Packard Bell
2011-03-03 08:21 - 2011-03-03 08:21 - 0000000 ____D C:\Users\user\AppData\Local\Gateway
2011-03-03 07:56 - 2011-03-03 07:57 - 0274688 ____A C:\Windows\Minidump\030311-45770-01.dmp
2011-03-03 07:52 - 2011-03-03 07:52 - 0279040 ____A C:\Windows\Minidump\030311-45365-01.dmp
2011-03-03 06:10 - 2011-03-03 06:10 - 0274672 ____A C:\Windows\Minidump\030311-38501-01.dmp
2011-03-02 18:04 - 2011-03-02 18:04 - 0270200 ____A C:\Windows\Minidump\030211-82805-01.dmp
2011-03-02 17:53 - 2011-03-02 17:53 - 0270256 ____A C:\Windows\Minidump\030211-38189-01.dmp
2011-03-02 10:20 - 2011-03-02 10:20 - 0009992 ____N C:\bootsqm.dat
2011-03-02 09:12 - 2011-03-02 09:12 - 0000012 ____A C:\Windows\sruna.log
2011-03-02 09:12 - 2011-03-02 09:12 - 0000012 ____A C:\Windows\srun.log
2011-03-02 09:05 - 2011-03-02 09:05 - 0000000 ____D C:\56040D1D2D3
2011-03-02 07:45 - 2011-03-02 07:45 - 0000000 ____D C:\Users\user\Documents\DVDFab Passkey
2011-03-02 07:29 - 2011-03-02 07:29 - 2008672 ____A (Fengtao Software Inc. ) C:\Users\user\Downloads\DVDFabPasskey8022.exe
2011-03-02 06:46 - 2011-03-02 06:46 - 0000000 ____D C:\Users\user\Downloads\AnyDVD 6.7.1.0 + Key-[HB]
2011-03-02 06:43 - 2011-03-02 06:43 - 6669160 ____A C:\Users\user\Downloads\SetupAnyDVD6780.exe
2011-03-02 05:06 - 2011-03-02 05:06 - 0000000 ____D C:\Users\user\Downloads\Love.and.Other.Impossible.Pursuits.2009.DVD5
2011-03-02 05:01 - 2011-03-02 05:14 - 0000000 ____D C:\Users\user\Downloads\Web.Therapy.S01.720p.WEB-DL.AVC.AAC-DarkSide
2011-03-01 15:53 - 2011-03-01 15:54 - 0000000 ____D C:\Users\user\Downloads\Blue Valentine Soundtrack [2011] - Grisly Bear
2011-03-01 08:33 - 2011-03-01 08:33 - 0000000 ____D C:\Users\user\Downloads\30.Rock.S05E14.720p.HDTV.X264-DIMENSION [ALEX]
2011-03-01 08:29 - 2011-03-01 08:41 - 0000000 ____D C:\Users\user\Downloads\[ www.TorrentKit.com ] - Modern.Family.S02E16.720p.HDTV.X264-DIMENSION
2011-03-01 08:27 - 2011-03-01 08:46 - 0000000 ____D C:\Users\user\Downloads\[ www.TorrentKit.com ] - 30.Rock.S05E16.720p.HDTV.X264-DIMENSION
2011-02-24 05:13 - 2010-09-13 22:45 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2011-02-24 05:13 - 2010-09-13 22:07 - 0276992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2011-02-23 13:11 - 2011-01-07 00:07 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-02-23 13:11 - 2011-01-07 00:07 - 0475648 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-02-23 13:11 - 2011-01-06 23:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-02-23 13:11 - 2011-01-06 23:31 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-02-19 21:03 - 2010-02-23 00:16 - 0294912 ____A (Microsoft Corporation) C:\Windows\System32\browserchoice.exe
2011-02-13 13:04 - 2011-02-13 13:11 - 0000000 ____D C:\Users\user\Downloads\Skins.S05E03.720p.HDTV.x264-BiA [ALEX]
2011-02-13 13:00 - 2011-02-13 13:00 - 0700973 ____A C:\Users\user\Desktop\thesocialnetwork_screenplay.pdf
2011-02-10 06:07 - 2011-02-10 06:58 - 0000000 ____D C:\Users\user\Downloads\Carlos.2010. Complete.1.2.3.Part.720p.BluRay.x264-CiNEFiLE
2011-02-09 17:42 - 2011-02-09 18:54 - 0000000 ____D C:\Users\user\Downloads\Sons.of.Anarchy.S01.720p.BluRay.x264
2011-02-09 05:06 - 2011-01-25 22:53 - 0982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2011-02-09 05:06 - 2011-01-25 22:53 - 0265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2011-02-09 05:06 - 2011-01-25 22:31 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2011-02-09 05:06 - 2011-01-04 22:20 - 0612352 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-02-09 05:06 - 2011-01-04 22:16 - 0852480 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-02-09 05:06 - 2011-01-04 21:37 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-02-09 05:06 - 2011-01-04 21:34 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-02-09 05:06 - 2011-01-04 20:00 - 3127808 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-02-09 05:06 - 2010-12-20 22:16 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-02-09 05:06 - 2010-12-20 22:16 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2011-02-09 05:06 - 2010-12-20 22:16 - 0258048 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2011-02-09 05:06 - 2010-12-20 22:16 - 0214016 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-02-09 05:06 - 2010-12-20 22:16 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2011-02-09 05:06 - 2010-12-20 22:16 - 0062976 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2011-02-09 05:06 - 2010-12-20 22:15 - 1498112 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-02-09 05:06 - 2010-12-20 22:15 - 0264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2011-02-09 05:06 - 2010-12-20 22:15 - 0015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2011-02-09 05:06 - 2010-12-20 22:13 - 2003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2011-02-09 05:06 - 2010-12-20 22:13 - 1880576 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2011-02-09 05:06 - 2010-12-20 22:11 - 12369408 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-02-09 05:06 - 2010-12-20 22:10 - 0100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 1228288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2011-02-09 05:06 - 2010-12-20 21:38 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2011-02-09 05:06 - 2010-12-20 21:36 - 1389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2011-02-09 05:06 - 2010-12-20 21:36 - 1236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2011-02-09 05:06 - 2010-12-20 21:35 - 10989056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-02-09 05:06 - 2010-12-20 21:34 - 0080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2011-02-09 05:06 - 2010-12-17 22:12 - 9302528 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-02-09 05:06 - 2010-12-17 22:12 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-02-09 05:06 - 2010-12-17 22:12 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-02-09 05:06 - 2010-12-17 22:12 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-02-09 05:06 - 2010-12-17 22:12 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-02-09 05:06 - 2010-12-17 22:11 - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-02-09 05:06 - 2010-12-17 22:11 - 0714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2011-02-09 05:06 - 2010-12-17 22:11 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-02-09 05:06 - 2010-12-17 22:11 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-02-09 05:06 - 2010-12-17 22:11 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-02-09 05:06 - 2010-12-17 22:08 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-02-09 05:06 - 2010-12-17 21:30 - 5980672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-02-09 05:06 - 2010-12-17 21:30 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-02-09 05:06 - 2010-12-17 21:30 - 0599040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-02-09 05:06 - 2010-12-17 21:30 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-02-09 05:06 - 2010-12-17 21:30 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-02-09 05:06 - 2010-12-17 21:29 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-02-09 05:06 - 2010-12-17 21:29 - 0541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2011-02-09 05:06 - 2010-12-17 21:29 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-02-09 05:06 - 2010-12-17 21:29 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-02-09 05:06 - 2010-12-17 21:29 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-02-09 05:06 - 2010-12-17 21:26 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-02-09 05:06 - 2010-12-17 20:55 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-02-09 05:06 - 2010-12-17 20:20 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-02-09 05:06 - 2010-12-17 20:13 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-02-09 05:06 - 2010-12-17 19:47 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-02-09 05:05 - 2011-01-07 00:06 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-02-09 05:05 - 2011-01-06 23:27 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2011-02-09 05:05 - 2011-01-06 21:49 - 0366080 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-02-09 05:05 - 2011-01-06 21:33 - 0294400 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2011-02-09 05:05 - 2010-10-26 21:18 - 5510528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-02-09 05:05 - 2010-10-26 21:16 - 1739176 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2011-02-09 05:05 - 2010-10-26 20:43 - 3957120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-02-09 05:05 - 2010-10-26 20:43 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-02-09 05:05 - 2010-10-26 20:40 - 1293120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2011-02-07 19:49 - 2011-02-07 19:49 - 0000000 ___RD C:\Users\user\Documents\Scanned Documents
2011-02-07 19:49 - 2011-02-07 19:49 - 0000000 ____D C:\Users\user\Documents\Fax
2011-02-07 00:23 - 2011-02-09 07:31 - 0000000 ____D C:\Users\user\Downloads\50 Ans de Chanson
2011-02-06 08:51 - 2011-02-07 01:49 - 0000000 ____D C:\Users\user\AppData\Roaming\Photo DVD Slideshow
2011-02-06 08:51 - 2011-02-06 08:51 - 0000000 ____D C:\Users\All Users\Anvsoft
2011-02-06 08:51 - 2011-02-06 08:51 - 0000000 ____D C:\ProgramData\Anvsoft
2011-02-06 08:50 - 2011-02-06 08:52 - 0000000 ____D C:\Program Files (x86)\Photo DVD Slideshow Professional
2011-02-06 08:43 - 2011-02-06 08:43 - 0000286 ____A C:\Gamebound.exe
2011-02-06 08:43 - 2011-02-06 08:43 - 0000000 ____D C:\Data
2011-02-05 10:35 - 2011-02-05 10:37 - 0000000 ____D C:\Program Files\iTunes
2011-02-05 10:35 - 2011-02-05 10:35 - 0000000 ____D C:\Program Files\iPod
2011-02-04 16:41 - 2011-02-04 16:53 - 0000000 ____D C:\Users\user\Downloads\Get.Low.2009.720p.BluRay.x264-TWiZTED.BOZX


============ 3 Months Modified Files and folders =============

2011-03-04 14:50 - 2011-03-04 14:50 - 0000000 ____D C:\FRST
2011-03-04 12:54 - 2011-03-03 14:58 - 0000000 ____D C:\Program Files (x86)\RegTweaker
2011-03-04 12:53 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files (x86)
2011-03-04 12:22 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2011-03-04 05:01 - 2011-03-04 02:22 - 4280109 ____A C:\Users\user\Desktop\combofix.com
2011-03-04 03:37 - 2011-03-04 03:36 - 0274672 ____A C:\Windows\Minidump\030411-27159-01.dmp
2011-03-04 03:37 - 2009-12-30 00:24 - 7439192 ____A C:\Windows\ntbtlog.txt
2011-03-04 03:36 - 2011-03-03 11:10 - 400951897 ____A C:\Windows\MEMORY.DMP
2011-03-04 03:36 - 2009-12-04 16:17 - 0000000 ____D C:\Windows\Minidump
2011-03-04 03:33 - 2011-03-04 02:24 - 1374808 ____N (Kaspersky Lab ZAO) C:\Users\user\Desktop\tdsskiller.exe
2011-03-04 02:58 - 2011-01-06 16:04 - 0056436 ____A C:\Windows\setupact.log
2011-03-04 02:58 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-03-03 18:18 - 2011-03-03 18:18 - 0000000 ____D C:\NBRT
2011-03-03 15:54 - 2010-02-24 12:05 - 0000000 ____D C:\Users\user\AppData\Local\CrashDumps
2011-03-03 14:58 - 2011-03-03 14:58 - 0000997 ____A C:\Users\Public\Desktop\RegTweaker.lnk
2011-03-03 14:42 - 2009-07-13 21:13 - 0822388 ____A C:\Windows\System32\PerfStringBackup.INI
2011-03-03 14:42 - 2009-07-13 18:36 - 0692394 ____A C:\Windows\System32\perfh009.dat
2011-03-03 14:42 - 2009-07-13 18:36 - 0131928 ____A C:\Windows\System32\perfc009.dat
2011-03-03 14:40 - 2011-03-03 14:40 - 0270200 ____A C:\Windows\Minidump\030311-32791-01.dmp
2011-03-03 14:36 - 2011-03-04 02:23 - 2005557 ____N (BestSpywareScanner.net, Inc. ) C:\Users\user\Desktop\BestSpywareScanner_Setup.exe
2011-03-03 13:45 - 2011-03-03 13:45 - 0270200 ____A C:\Windows\Minidump\030311-39093-01.dmp
2011-03-03 13:13 - 2011-03-03 13:13 - 0270376 ____A C:\Windows\Minidump\030311-34117-01.dmp
2011-03-03 13:06 - 2011-03-04 02:23 - 6080440 ____N (Symantec Corporation) C:\Users\user\Desktop\npe.exe
2011-03-03 13:02 - 2011-03-04 02:23 - 11787264 ____N C:\Users\user\Desktop\KillDiskSuiteFree-Setup.exe
2011-03-03 12:55 - 2011-03-03 12:55 - 0270232 ____A C:\Windows\Minidump\030311-34460-01.dmp
2011-03-03 12:47 - 2011-03-03 12:47 - 0274672 ____A C:\Windows\Minidump\030311-32666-01.dmp
2011-03-03 12:28 - 2011-03-03 12:27 - 0270200 ____A C:\Windows\Minidump\030311-53414-01.dmp
2011-03-03 12:13 - 2011-03-04 02:23 - 3306678 ____N (Bart Lagerweij ) C:\Users\user\Desktop\pebuilder3110a.exe
2011-03-03 12:11 - 2011-03-04 02:24 - 0715832 ____N (Duplex Secure Ltd.) C:\Users\user\Desktop\SPTDinst-v177-x64.exe
2011-03-03 12:04 - 2011-03-03 12:04 - 0270200 ____A C:\Windows\Minidump\030311-29889-01.dmp
2011-03-03 11:44 - 2011-03-03 10:00 - 234227016 ____A (Avira GmbH) C:\Users\user\Desktop\rescue_system-common-en.exe
2011-03-03 11:36 - 2011-03-03 11:36 - 0270200 ____A C:\Windows\Minidump\030311-26769-01.dmp
2011-03-03 11:18 - 2011-03-03 11:18 - 0274512 ____A C:\Windows\Minidump\030311-26644-01.dmp
2011-03-03 11:11 - 2011-03-03 11:11 - 0278984 ____A C:\Windows\Minidump\030311-70028-01.dmp
2011-03-03 10:57 - 2009-11-26 17:19 - 0000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-03-03 10:38 - 2011-03-03 10:37 - 0278984 ____A C:\Windows\Minidump\030311-61901-01.dmp
2011-03-03 10:34 - 2011-03-03 10:34 - 0278984 ____A C:\Windows\Minidump\030311-75847-01.dmp
2011-03-03 10:28 - 2011-03-03 10:28 - 0274544 ____A C:\Windows\Minidump\030311-57283-01.dmp
2011-03-03 10:24 - 2011-03-03 10:23 - 0274512 ____A C:\Windows\Minidump\030311-63445-01.dmp
2011-03-03 10:21 - 2011-03-03 10:21 - 0274512 ____A C:\Windows\Minidump\030311-60138-01.dmp
2011-03-03 10:10 - 2009-11-23 16:35 - 0000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2011-03-03 10:08 - 2011-03-03 10:08 - 0001075 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-03-03 10:08 - 2011-03-03 10:08 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-03-03 10:02 - 2009-11-19 18:36 - 0000000 ____D C:\users\user
2011-03-03 08:21 - 2011-03-03 08:21 - 0000000 ____D C:\Users\user\AppData\Roaming\Packard Bell
2011-03-03 08:21 - 2011-03-03 08:21 - 0000000 ____D C:\Users\user\AppData\Local\Gateway
2011-03-03 07:57 - 2011-03-03 07:56 - 0274688 ____A C:\Windows\Minidump\030311-45770-01.dmp
2011-03-03 07:52 - 2011-03-03 07:52 - 0279040 ____A C:\Windows\Minidump\030311-45365-01.dmp
2011-03-03 06:42 - 2009-11-01 23:23 - 1530898 ____A C:\Windows\WindowsUpdate.log
2011-03-03 06:10 - 2011-03-03 06:10 - 0274672 ____A C:\Windows\Minidump\030311-38501-01.dmp
2011-03-02 18:04 - 2011-03-02 18:04 - 0270200 ____A C:\Windows\Minidump\030211-82805-01.dmp
2011-03-02 17:53 - 2011-03-02 17:53 - 0270256 ____A C:\Windows\Minidump\030211-38189-01.dmp
2011-03-02 10:20 - 2011-03-02 10:20 - 0009992 ____N C:\bootsqm.dat
2011-03-02 09:30 - 2009-08-14 22:59 - 0146340 ____A C:\Windows\PFRO.log
2011-03-02 09:12 - 2011-03-02 09:12 - 0000012 ____A C:\Windows\sruna.log
2011-03-02 09:12 - 2011-03-02 09:12 - 0000012 ____A C:\Windows\srun.log
2011-03-02 09:12 - 2009-11-19 18:47 - 0000000 ____D C:\Users\user\AppData\Roaming\Adobe
2011-03-02 09:05 - 2011-03-02 09:05 - 0000000 ____D C:\56040D1D2D3
2011-03-02 09:00 - 2009-11-26 17:19 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-03-02 08:40 - 2010-01-17 00:41 - 0000000 ____D C:\Users\All Users\DVD Shrink
2011-03-02 08:40 - 2010-01-17 00:41 - 0000000 ____D C:\ProgramData\DVD Shrink
2011-03-02 08:29 - 2009-12-08 16:47 - 0000000 ____D C:\Users\user\AppData\Roaming\Ahead
2011-03-02 08:18 - 2010-11-27 09:13 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1083507625-3580915373-969096420-1000UA.job
2011-03-02 07:45 - 2011-03-02 07:45 - 0000000 ____D C:\Users\user\Documents\DVDFab Passkey
2011-03-02 07:39 - 2009-07-13 20:45 - 0017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-03-02 07:39 - 2009-07-13 20:45 - 0017600 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-03-02 07:29 - 2011-03-02 07:29 - 2008672 ____A (Fengtao Software Inc. ) C:\Users\user\Downloads\DVDFabPasskey8022.exe
2011-03-02 07:13 - 2009-12-13 12:29 - 0000165 ___SH C:\Users\All Users\.zreglib
2011-03-02 07:13 - 2009-12-13 12:29 - 0000165 ___SH C:\ProgramData\.zreglib
2011-03-02 07:02 - 2009-12-07 16:59 - 0000000 ____D C:\Program Files (x86)\SlySoft
2011-03-02 06:52 - 2009-11-25 11:25 - 0000000 ____D C:\Users\user\Documents\Outlook Files
2011-03-02 06:46 - 2011-03-02 06:46 - 0000000 ____D C:\Users\user\Downloads\AnyDVD 6.7.1.0 + Key-[HB]
2011-03-02 06:43 - 2011-03-02 06:43 - 6669160 ____A C:\Users\user\Downloads\SetupAnyDVD6780.exe
2011-03-02 05:14 - 2011-03-02 05:01 - 0000000 ____D C:\Users\user\Downloads\Web.Therapy.S01.720p.WEB-DL.AVC.AAC-DarkSide
2011-03-02 05:06 - 2011-03-02 05:06 - 0000000 ____D C:\Users\user\Downloads\Love.and.Other.Impossible.Pursuits.2009.DVD5
2011-03-01 15:54 - 2011-03-01 15:53 - 0000000 ____D C:\Users\user\Downloads\Blue Valentine Soundtrack [2011] - Grisly Bear
2011-03-01 10:33 - 2010-11-27 09:13 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1083507625-3580915373-969096420-1000Core.job
2011-03-01 08:46 - 2011-03-01 08:27 - 0000000 ____D C:\Users\user\Downloads\[ www.TorrentKit.com ] - 30.Rock.S05E16.720p.HDTV.X264-DIMENSION
2011-03-01 08:41 - 2011-03-01 08:29 - 0000000 ____D C:\Users\user\Downloads\[ www.TorrentKit.com ] - Modern.Family.S02E16.720p.HDTV.X264-DIMENSION
2011-03-01 08:33 - 2011-03-01 08:33 - 0000000 ____D C:\Users\user\Downloads\30.Rock.S05E14.720p.HDTV.X264-DIMENSION [ALEX]
2011-03-01 08:28 - 2009-12-17 17:03 - 0000000 ____D C:\Users\user\Downloads\----------- TV SHOWS
2011-02-28 08:05 - 2009-11-23 15:46 - 0000000 ____D C:\Users\user\AppData\Roaming\Skype
2011-02-28 05:31 - 2009-11-23 15:48 - 0000000 ____D C:\Users\user\AppData\Roaming\skypePM
2011-02-25 14:58 - 2011-03-03 10:02 - 0049392 ____A C:\Users\user\Bookmarks.bak
2011-02-25 14:58 - 2011-03-03 10:02 - 0049392 ____A C:\Users\user\Bookmarks
2011-02-25 03:26 - 2010-12-08 08:31 - 0000233 ____A C:\Users\user\AppData\default.pls
2011-02-23 12:59 - 2009-12-10 12:53 - 0000000 __SHD C:\Config.Msi
2011-02-14 08:42 - 2009-11-23 15:45 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-02-14 07:01 - 2010-12-07 11:59 - 0513498 ____A C:\Users\user\Desktop\Impressão de Boletins.pdf
2011-02-13 22:01 - 2010-01-11 20:29 - 0000000 ___RD C:\Users\user\Desktop\Library
2011-02-13 13:11 - 2011-02-13 13:04 - 0000000 ____D C:\Users\user\Downloads\Skins.S05E03.720p.HDTV.x264-BiA [ALEX]
2011-02-13 13:03 - 2011-03-04 12:53 - 0087040 ____A C:\Program Files (x86)\reg.exe
2011-02-13 13:03 - 2011-03-04 12:51 - 0087040 ____A C:\reg.exe
2011-02-13 13:00 - 2011-02-13 13:00 - 0700973 ____A C:\Users\user\Desktop\thesocialnetwork_screenplay.pdf
2011-02-13 05:03 - 2011-03-04 02:23 - 0087040 ____A C:\progr~2
2011-02-12 15:17 - 2011-03-03 10:06 - 2230570 ____A ( ) C:\Users\user\Desktop\regtweaker.exe
2011-02-10 06:58 - 2011-02-10 06:07 - 0000000 ____D C:\Users\user\Downloads\Carlos.2010. Complete.1.2.3.Part.720p.BluRay.x264-CiNEFiLE
2011-02-10 06:07 - 2011-01-14 12:36 - 0000000 ____D C:\Users\user\Downloads\Jumper.2008.720p.x264.DTS-WAF
2011-02-09 18:54 - 2011-02-09 17:42 - 0000000 ____D C:\Users\user\Downloads\Sons.of.Anarchy.S01.720p.BluRay.x264
2011-02-09 16:28 - 2009-07-13 20:45 - 5527576 ____A C:\Windows\System32\FNTCACHE.DAT
2011-02-09 07:46 - 2009-08-21 22:04 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-02-09 07:46 - 2009-08-21 22:04 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-02-09 07:38 - 2009-11-19 19:02 - 39403464 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-02-09 07:32 - 2011-01-28 12:32 - 0043008 ____A C:\Users\user\Documents\polly.xls
2011-02-09 07:31 - 2011-02-07 00:23 - 0000000 ____D C:\Users\user\Downloads\50 Ans de Chanson
2011-02-09 05:28 - 2011-02-02 08:37 - 261013086 ____A C:\Users\user\Downloads\pj harvey - from the basement (2007 12 22).avi
2011-02-08 11:01 - 2009-12-18 12:47 - 0000000 ____D C:\Users\All Users\Soulseek
2011-02-08 11:01 - 2009-12-18 12:47 - 0000000 ____D C:\ProgramData\Soulseek
2011-02-07 19:49 - 2011-02-07 19:49 - 0000000 ___RD C:\Users\user\Documents\Scanned Documents
2011-02-07 19:49 - 2011-02-07 19:49 - 0000000 ____D C:\Users\user\Documents\Fax
2011-02-07 01:59 - 2009-12-15 23:35 - 0014848 ____A C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-07 01:49 - 2011-02-06 08:51 - 0000000 ____D C:\Users\user\AppData\Roaming\Photo DVD Slideshow
2011-02-07 01:49 - 2010-01-13 21:07 - 0000000 ____D C:\Users\user\Documents\Clients
2011-02-06 08:52 - 2011-02-06 08:50 - 0000000 ____D C:\Program Files (x86)\Photo DVD Slideshow Professional
2011-02-06 08:51 - 2011-02-06 08:51 - 0000000 ____D C:\Users\All Users\Anvsoft
2011-02-06 08:51 - 2011-02-06 08:51 - 0000000 ____D C:\ProgramData\Anvsoft
2011-02-06 08:43 - 2011-02-06 08:43 - 0000286 ____A C:\Gamebound.exe
2011-02-06 08:43 - 2011-02-06 08:43 - 0000000 ____D C:\Data
2011-02-05 10:37 - 2011-02-05 10:35 - 0000000 ____D C:\Program Files\iTunes
2011-02-05 10:37 - 2009-11-23 22:28 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-02-05 10:35 - 2011-02-05 10:35 - 0000000 ____D C:\Program Files\iPod
2011-02-05 10:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-02-04 16:53 - 2011-02-04 16:41 - 0000000 ____D C:\Users\user\Downloads\Get.Low.2009.720p.BluRay.x264-TWiZTED.BOZX
2011-02-03 11:32 - 2010-08-21 08:51 - 0001617 ____A C:\Users\user\AppData\Roaming\Rim.Desktop.Exception.log
2011-02-03 11:25 - 2010-03-17 15:23 - 0018998 ____A C:\Users\user\Documents\AdressBB.CSV
2011-02-02 14:21 - 2011-02-02 14:21 - 0000000 ____D C:\Program Files (x86)\iLyrics
2011-02-02 13:53 - 2011-02-02 13:53 - 0000000 ____D C:\Program Files (x86)\LyricsFetcher
2011-02-02 12:31 - 2011-02-01 20:13 - 545996800 ____A C:\Users\user\Downloads\PJ HARVEY-BBC4 Session (St Lukes Chusrch 24-08-2004) (640x352).avi
2011-02-02 06:39 - 2009-12-17 17:11 - 0000000 ____D C:\Users\user\Downloads\----------- TO BE PRESENTED
2011-02-01 22:38 - 2011-02-01 20:15 - 40972120 ____A C:\Users\user\Downloads\Nick Cave & PJ Harvey - Henry Lee.mpg
2011-02-01 20:33 - 2011-02-01 20:33 - 0120302 ____A C:\Users\user\Desktop\05 LON-BRU.pdf
2011-02-01 17:03 - 2011-01-26 18:29 - 0000000 ____D C:\Users\user\AppData\Roaming\vlc
2011-02-01 16:41 - 2011-02-01 16:35 - 62136788 ____A C:\Users\user\Downloads\2004_Shame__live_at_TIM_Festival_2004__svcd.m2v
2011-02-01 11:24 - 2011-02-01 11:24 - 1340555 ____A C:\Users\user\Desktop\document frederik.pdf
2011-02-01 10:31 - 2011-02-01 10:31 - 0043520 ____A C:\Users\user\Documents\viagogo.doc
2011-02-01 06:48 - 2010-10-24 10:19 - 0000000 ____D C:\Users\user\AppData\Local\Windows Live
2011-02-01 06:47 - 2009-12-04 16:38 - 0000000 ____D C:\Users\user\Tracing
2011-01-31 18:03 - 2011-01-31 18:00 - 0002081 ____A C:\Users\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
2011-01-31 18:03 - 2011-01-31 18:00 - 0000000 ____D C:\Users\Public\Documents\Adobe PDF 6.0
2011-01-31 17:58 - 2011-01-27 20:55 - 0025600 ____A C:\Users\user\Documents\PROCURAÇÃO.doc
2011-01-31 16:10 - 2011-01-31 16:10 - 0438842 ____A C:\Users\user\Desktop\Devolucao - cliente internet - Lucio.pdf
2011-01-31 08:30 - 2011-01-31 08:30 - 0053901 ___AT C:\Users\user\Desktop\14 GRU-BRU.pdf
2011-01-31 06:25 - 2011-01-26 10:27 - 533812168 ____A C:\Users\user\Downloads\Dogtooth (2009) bdRIP 720p.mkv
2011-01-30 14:44 - 2011-01-30 14:44 - 0025600 ____A C:\Users\user\Documents\PROCURAÇÃO (SEMDIG.doc
2011-01-29 22:16 - 2009-11-19 18:36 - 0000000 ____D C:\Users\user\AppData\LocalLow
2011-01-29 22:12 - 2011-01-28 14:44 - 0000000 ____D C:\Program Files (x86)\NCH Software
2011-01-29 12:04 - 2010-10-02 10:02 - 0000000 ____D C:\Users\All Users\GbPlugin
2011-01-29 12:04 - 2010-10-02 10:02 - 0000000 ____D C:\ProgramData\GbPlugin
2011-01-29 10:06 - 2011-01-29 10:06 - 0000000 ____D C:\Program Files (x86)\Real Alternative
2011-01-29 09:26 - 2009-08-14 22:56 - 0000000 ____D C:\Program Files (x86)\Google
2011-01-29 09:23 - 2010-03-16 09:16 - 0000000 ____D C:\Users\All Users\InstallShield
2011-01-29 09:23 - 2010-03-16 09:16 - 0000000 ____D C:\ProgramData\InstallShield
2011-01-29 09:13 - 2009-11-19 18:37 - 0221832 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2011-01-29 09:09 - 2009-08-14 22:50 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-01-28 15:45 - 2011-01-28 13:44 - 0000000 ____D C:\Users\user\AppData\Local\PCDJ Red Mobile
2011-01-28 15:28 - 2011-01-28 15:28 - 0000000 ____D C:\Windows\SysWOW64\ipp20
2011-01-28 14:45 - 2011-01-28 14:45 - 0059234 ____A C:\Users\user\AppData\Roaming\Zulu.dmp
2011-01-28 14:44 - 2011-01-28 14:44 - 0000000 ____D C:\Users\user\AppData\Roaming\NCH Software
2011-01-28 14:44 - 2011-01-28 14:44 - 0000000 ____D C:\Users\All Users\NCH Software
2011-01-28 14:44 - 2011-01-28 14:44 - 0000000 ____D C:\ProgramData\NCH Software
2011-01-28 13:43 - 2011-01-28 13:42 - 0000000 ____D C:\Program Files (x86)\PCDJ Red Mobile
2011-01-28 11:22 - 2011-01-28 11:22 - 0012434 ____A C:\Users\user\Documents\polly.xlsx
2011-01-28 07:27 - 2011-01-28 07:02 - 0000000 ____D C:\Program Files (x86)\CoolSMS
2011-01-27 08:55 - 2011-01-27 08:55 - 0099269 ____A C:\Users\user\Documents\3.wma
2011-01-26 20:20 - 2011-01-26 20:20 - 0000000 ____D C:\Program Files (x86)\DtsFilter
2011-01-26 19:01 - 2009-12-21 11:17 - 0000000 ____D C:\Users\user\Downloads\----------- NO PARTICULAR REASON
2011-01-26 19:01 - 2009-12-17 17:11 - 0000000 ____D C:\Users\user\Downloads\----------- RECOMMENDATIONS
2011-01-26 18:55 - 2011-01-26 17:31 - 0000000 ___HD C:\Windows\msdownld.tmp
2011-01-26 18:07 - 2010-11-20 22:48 - 0000000 ____D C:\Users\user\Documents\the social network
2011-01-26 17:56 - 2009-12-07 09:07 - 0000000 ___RD C:\Users\user\Downloads\.---------- ---------- ---------- ---------- ---------- --------- ---------
2011-01-26 17:31 - 2011-01-26 17:31 - 0000000 ____D C:\Windows\SysWOW64\directx
2011-01-26 17:26 - 2011-01-26 17:26 - 0000000 ____D C:\Program Files\Media Player Classic - Home Cinema
2011-01-26 17:19 - 2011-01-26 17:19 - 0000000 ____D C:\Program Files\KLCP64
2011-01-26 17:02 - 2010-12-15 21:01 - 0000000 ____D C:\AdobeTemp
2011-01-26 16:56 - 2010-04-05 15:01 - 0000000 ____D C:\Program Files\LockHunter
2011-01-26 16:56 - 2010-04-04 15:20 - 0000000 ____D C:\Program Files (x86)\Gabest
2011-01-26 16:56 - 2010-04-04 15:16 - 0000000 ____D C:\Program Files (x86)\AviSynth 2.5
2011-01-26 16:50 - 2010-05-16 17:58 - 0000000 ____D C:\Users\user\AppData\Roaming\FMZilla
2011-01-26 16:48 - 2010-04-05 13:23 - 0000000 ____D C:\Program Files (x86)\Babylon
2011-01-26 16:47 - 2009-08-14 22:55 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-01-26 16:46 - 2009-08-14 22:56 - 0000000 ____D C:\Users\All Users\Symantec
2011-01-26 16:46 - 2009-08-14 22:56 - 0000000 ____D C:\ProgramData\Symantec
2011-01-26 16:44 - 2010-10-26 12:22 - 0000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2011-01-26 16:43 - 2009-11-01 23:37 - 0000000 ____D C:\Users\All Users\CyberLink
2011-01-26 16:43 - 2009-11-01 23:37 - 0000000 ____D C:\ProgramData\CyberLink
2011-01-26 16:43 - 2009-11-01 23:36 - 0000000 ____D C:\Program Files (x86)\Cyberlink
2011-01-26 16:37 - 2011-01-26 16:37 - 0000000 ____D C:\Users\user\Downloads\Mr. and Mrs. Smith (720p)
2011-01-26 16:32 - 2010-01-13 21:04 - 0000000 ____D C:\Users\user\Documents\(o - Vertentes - o)
2011-01-26 16:17 - 2010-01-13 20:35 - 0000000 ____D C:\Users\user\Documents\(D)
2011-01-26 15:13 - 2009-12-17 17:08 - 0000000 ____D C:\Users\user\Downloads\----------- RELATED INTEREST
2011-01-25 22:53 - 2011-02-09 05:06 - 0982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2011-01-25 22:53 - 2011-02-09 05:06 - 0265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2011-01-25 22:31 - 2011-02-09 05:06 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2011-01-24 18:49 - 2009-12-17 17:06 - 0000000 ____D C:\Users\user\Downloads\----------- AWARD SEASON
2011-01-24 18:26 - 2011-01-24 18:26 - 0000000 ____D C:\Users\user\AppData\Roaming\GRETECH
2011-01-24 18:25 - 2011-01-24 18:25 - 0000000 ____D C:\Program Files (x86)\GRETECH
2011-01-22 08:27 - 2010-01-13 21:10 - 0000000 ____D C:\Users\user\Documents\Docs
2011-01-22 08:20 - 2009-12-02 19:22 - 0000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2011-01-16 14:35 - 2010-08-03 18:23 - 0000000 ____D C:\Users\All Users\Screentime
2011-01-16 14:35 - 2010-08-03 18:23 - 0000000 ____D C:\ProgramData\Screentime
2011-01-16 14:35 - 2009-12-18 13:33 - 0000000 ____D C:\Program Files (x86)\Replay Media Catcher
2011-01-16 14:34 - 2009-12-03 00:04 - 0000000 ____D C:\Program Files (x86)\DivX
2011-01-16 14:31 - 2009-08-21 22:03 - 0000000 ____D C:\Program Files (x86)\NewTech Infosystems
2011-01-16 13:42 - 2009-08-21 22:06 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2011-01-14 13:17 - 2011-01-14 13:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01009.Wdf
2011-01-14 13:17 - 2011-01-14 13:17 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_NuidFltr_01009.Wdf
2011-01-14 13:16 - 2010-09-29 12:43 - 0000000 ____D C:\Program Files\Microsoft IntelliPoint
2011-01-13 14:55 - 2010-03-12 23:51 - 0389548 ___AH C:\Windows\SysWOW64\mlfcache.dat
2011-01-13 10:00 - 2011-01-26 17:19 - 0092672 ____A C:\Windows\System32\ff_vfw.dll
2011-01-10 21:18 - 2009-07-13 21:08 - 0032530 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-01-10 19:59 - 2011-01-10 19:49 - 0000000 ____D C:\Users\user\AppData\Local\Microsoft Games
2011-01-10 19:22 - 2010-04-21 10:22 - 0008176 ____A C:\Windows\NUGRAF.INI
2011-01-07 17:08 - 2011-01-07 17:07 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-01-07 00:07 - 2011-02-23 13:11 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-01-07 00:07 - 2011-02-23 13:11 - 0475648 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-01-07 00:06 - 2011-02-09 05:05 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-01-06 23:31 - 2011-02-23 13:11 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-01-06 23:31 - 2011-02-23 13:11 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-01-06 23:27 - 2011-02-09 05:05 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2011-01-06 21:49 - 2011-02-09 05:05 - 0366080 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-01-06 21:33 - 2011-02-09 05:05 - 0294400 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2011-01-06 16:06 - 2009-11-23 21:53 - 0000000 ____D C:\Users\All Users\Apple Computer
2011-01-06 16:06 - 2009-11-23 21:53 - 0000000 ____D C:\ProgramData\Apple Computer
2011-01-06 16:04 - 2011-01-06 16:04 - 0000000 ____A C:\Windows\setuperr.log
2011-01-05 20:00 - 2009-08-14 22:55 - 0000000 ____D C:\Users\All Users\Adobe
2011-01-05 20:00 - 2009-08-14 22:55 - 0000000 ____D C:\ProgramData\Adobe
2011-01-05 18:13 - 2011-01-05 18:13 - 0072621 ____A C:\Windows\rodflashvideoss_uninst.exe
2011-01-05 17:41 - 2009-12-18 13:08 - 0000000 ____D C:\Users\user\AppData\Roaming\AVS4YOU
2011-01-05 17:40 - 2009-12-18 13:08 - 0000000 ____D C:\Program Files (x86)\AVS4YOU
2011-01-05 17:17 - 2010-05-05 12:43 - 0000021 ____A C:\Windows\SurCode.INI
2011-01-05 17:17 - 2009-07-13 19:20 - 0000000 ___AD C:\Program Files\Common Files\Microsoft Shared
2011-01-04 22:20 - 2011-02-09 05:06 - 0612352 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-01-04 22:16 - 2011-02-09 05:06 - 0852480 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-01-04 21:37 - 2011-02-09 05:06 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-01-04 21:34 - 2011-02-09 05:06 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-01-04 20:00 - 2011-02-09 05:06 - 3127808 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-01-01 16:09 - 2009-12-30 00:32 - 0000000 ____D C:\Windows\pss
2010-12-28 15:29 - 2010-11-10 10:51 - 0000000 ___HD C:\Users\user\Desktop\.picasaoriginals
2010-12-26 16:31 - 2010-12-26 16:31 - 0007605 ____A C:\Users\user\AppData\Local\Resmon.ResmonCfg
2010-12-26 16:12 - 2009-11-23 16:36 - 0000000 ____D C:\Program Files (x86)\uTorrent
2010-12-23 19:17 - 2009-12-10 14:42 - 0000000 ____D C:\Program Files (x86)\ImTOO
2010-12-20 22:16 - 2011-02-09 05:06 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2010-12-20 22:16 - 2011-02-09 05:06 - 0442880 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2010-12-20 22:16 - 2011-02-09 05:06 - 0258048 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2010-12-20 22:16 - 2011-02-09 05:06 - 0214016 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2010-12-20 22:16 - 2011-02-09 05:06 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2010-12-20 22:16 - 2011-02-09 05:06 - 0062976 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2010-12-20 22:15 - 2011-02-09 05:06 - 1498112 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2010-12-20 22:15 - 2011-02-09 05:06 - 0264192 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2010-12-20 22:15 - 2011-02-09 05:06 - 0015360 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2010-12-20 22:13 - 2011-02-09 05:06 - 2003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2010-12-20 22:13 - 2011-02-09 05:06 - 1880576 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2010-12-20 22:11 - 2011-02-09 05:06 - 12369408 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2010-12-20 22:10 - 2011-02-09 05:06 - 0100864 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 1228288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0350720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0204288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0051200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2010-12-20 21:38 - 2011-02-09 05:06 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2010-12-20 21:36 - 2011-02-09 05:06 - 1389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2010-12-20 21:36 - 2011-02-09 05:06 - 1236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2010-12-20 21:35 - 2011-02-09 05:06 - 10989056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2010-12-20 21:34 - 2011-02-09 05:06 - 0080384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2010-12-20 13:09 - 2011-03-03 10:08 - 0038224 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2010-12-20 13:08 - 2009-12-30 01:51 - 0024152 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2010-12-17 22:12 - 2011-02-09 05:06 - 9302528 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2010-12-17 22:12 - 2011-02-09 05:06 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2010-12-17 22:12 - 2011-02-09 05:06 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2010-12-17 22:12 - 2011-02-09 05:06 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2010-12-17 22:12 - 2011-02-09 05:06 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2010-12-17 22:11 - 2011-02-09 05:06 - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2010-12-17 22:11 - 2011-02-09 05:06 - 0714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2010-12-17 22:11 - 2011-02-09 05:06 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2010-12-17 22:11 - 2011-02-09 05:06 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2010-12-17 22:11 - 2011-02-09 05:06 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2010-12-17 22:08 - 2011-02-09 05:06 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2010-12-17 21:30 - 2011-02-09 05:06 - 5980672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2010-12-17 21:30 - 2011-02-09 05:06 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2010-12-17 21:30 - 2011-02-09 05:06 - 0599040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2010-12-17 21:30 - 2011-02-09 05:06 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2010-12-17 21:30 - 2011-02-09 05:06 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2010-12-17 21:29 - 2011-02-09 05:06 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2010-12-17 21:29 - 2011-02-09 05:06 - 0541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2010-12-17 21:29 - 2011-02-09 05:06 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2010-12-17 21:29 - 2011-02-09 05:06 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2010-12-17 21:29 - 2011-02-09 05:06 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2010-12-17 21:26 - 2011-02-09 05:06 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2010-12-17 20:55 - 2011-02-09 05:06 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2010-12-17 20:20 - 2011-02-09 05:06 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2010-12-17 20:13 - 2011-02-09 05:06 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2010-12-17 19:47 - 2011-02-09 05:06 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2010-12-17 05:24 - 2009-11-23 15:46 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2010-12-17 01:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2010-12-16 15:41 - 2010-11-27 09:12 - 0000000 ____D C:\Users\user\AppData\Local\Deployment
2010-12-16 15:03 - 2009-11-24 09:16 - 0000000 ____D C:\Users\user\AppData\Local\Adobe
2010-12-16 14:58 - 2010-12-16 14:58 - 0040816 ____N (Elaborate Bytes AG) C:\Windows\System32\Drivers\ElbyCDIO.sys
2010-12-15 23:00 - 2010-12-15 23:00 - 0000000 ____D C:\Users\user\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-12-15 22:57 - 2010-12-15 22:57 - 0000000 ____D C:\Users\user\AppData\Roaming\PACE Anti-Piracy
2010-12-15 22:57 - 2010-12-15 22:57 - 0000000 ____D C:\Users\user\AppData\Local\PACE Anti-Piracy
2010-12-15 22:57 - 2010-12-15 22:57 - 0000000 ____D C:\Users\All Users\PACE Anti-Piracy
2010-12-15 22:57 - 2010-12-15 22:57 - 0000000 ____D C:\ProgramData\PACE Anti-Piracy
2010-12-15 22:57 - 2010-12-15 22:57 - 0000000 ____D C:\Program Files\Common Files\PACE Anti-Piracy
2010-12-15 22:56 - 2010-12-15 22:56 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2010-12-15 22:56 - 2010-12-15 22:56 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2010-12-15 21:48 - 2009-12-02 13:15 - 0000000 ____D C:\Program Files\Adobe
2010-12-15 21:48 - 2009-12-02 13:05 - 0000000 ____D C:\Program Files\Common Files\Adobe
2010-12-15 21:40 - 2010-12-15 21:40 - 0000000 ____D C:\Program Files (x86)\My Company Name
2010-12-15 21:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2010-12-15 20:51 - 2010-05-05 12:43 - 0000219 ____A C:\Windows\SysWOW64\lsprst7.tgz
2010-12-15 20:51 - 2010-05-05 12:43 - 0000205 ____A C:\Windows\SysWOW64\lsprst7.dll
2010-12-15 20:51 - 2010-05-05 12:43 - 0000087 ____A C:\Windows\SysWOW64\ssprs.tgz
2010-12-15 20:51 - 2010-05-05 12:43 - 0000073 ____A C:\Windows\SysWOW64\ssprs.dll
2010-12-15 15:07 - 2010-12-15 15:07 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2010-12-13 13:10 - 2010-12-12 08:35 - 0000000 ____D C:\Users\user\Downloads\Red.Riding.Trilogy.720p.BluRay.x264,CiNEFiLE
2010-12-13 13:01 - 2009-12-08 21:39 - 0000000 ____D C:\Users\user\AppData\Local\Ahead
2010-12-13 13:00 - 2010-05-07 10:27 - 0000000 ____D C:\Users\All Users\DivX
2010-12-13 13:00 - 2010-05-07 10:27 - 0000000 ____D C:\ProgramData\DivX
2010-12-13 08:45 - 2010-12-13 08:45 - 0000000 ____D C:\Users\user\Documents\My eBooks
2010-12-13 08:45 - 2010-12-13 08:45 - 0000000 ____D C:\Users\user\AppData\Roaming\AdobeUM
2010-12-12 09:59 - 2009-11-23 15:45 - 0000000 ____D C:\Users\All Users\Skype
2010-12-12 09:59 - 2009-11-23 15:45 - 0000000 ____D C:\ProgramData\Skype
2010-12-10 15:35 - 2009-07-13 19:20 - 0000000 __RHD C:\Users\Public\Libraries
2010-12-06 22:25 - 2010-12-06 22:25 - 0000000 ____D C:\Users\user\AppData\Roaming\ImTOO
2010-12-06 22:24 - 2010-12-06 22:24 - 0000000 ____D C:\Users\All Users\ImTOO
2010-12-06 22:24 - 2010-12-06 22:24 - 0000000 ____D C:\ProgramData\ImTOO

============ Known DLLs ============

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-02-09 05:06] - [2010-12-17 22:11] - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-02-09 05:06] - [2010-12-17 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-19 12:20] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-19 12:20] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2010-08-25 04:32] - [2010-04-06 23:37] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2010-08-25 04:32] - [2010-04-06 23:10] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-02 19:13] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-02 19:13] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-02-09 05:06] - [2010-12-20 22:15] - 1498112 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-02-09 05:06] - [2010-12-20 21:38] - 1228288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-02-09 05:06] - [2010-12-20 22:16] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-02-09 05:06] - [2010-12-20 21:38] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

========================= Memory info ========================

Percentage of memory in use: 18%
Total physical RAM: 2814.36 MB
Available physical RAM: 2291.9 MB
Total Pagefile: 2812.51 MB
Available Pagefile: 2273.59 MB
Total Virtual: 8388607.88 MB
Available Virtual: 8388506.07 MB

======================= Partitions ===========================

1 Drive c: (HD 300) (Fixed) (Total:286.27 GB) (Free:4.44 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:3.03 GB) NTFS
4 Drive g: (!GBY 160) (Removable) (Total:148.79 GB) (Free:1.65 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

-------------------------------------------------------------------------------

Edited by Orange Blossom, 04 March 2011 - 12:54 PM.
Moved to log forum. ~ OB


#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:51 AM

Posted 04 March 2011 - 01:57 PM

Well done. :thumbup2:

I think we can restore the system. But before doing anything I see a weird thing. The services section is empty and we need to see all the drivers listed there but your system gives an error. If you bear with me we might be able to troubleshoot that and have a list of drivers.

Please tell me if you used Windows DVD or F8 key to get to System Recovery Options. What method did you use to get there?

#10 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 02:10 PM

yes, I pressed F8, then chose "recover system" then after it tried to recover I clicked on command prompt, then I did what you instructed me... btw, thank you so much for your help!!

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:51 AM

Posted 04 March 2011 - 02:26 PM

Thanks for the feedback. Let's see if we can do something to have a full log.

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

cmd: dir /a/s x:\reg.exe
cmd: dir /a/s c:\reg.exe

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

#12 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 03:01 PM

After a couple of minutes waiting the fix i got the message: " the file or directory C:\Users\user is corrupt and unreadable. please run Chkdsk utility".... I'm running it now....

here's the log:

------------------------------------------

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.0.6)
Ran by SYSTEM at 2011-03-04 16:56:22 R:1
Running from G:\

==============================================


========= dir /a/s x:\reg.exe =========

Volume in drive X is Boot
Volume Serial Number is D60A-0DC2

Directory of x:\Windows\System32

07/13/2009 05:39 PM 74,752 reg.exe
1 File(s) 74,752 bytes

Directory of x:\Windows\winsxs\amd64_microsoft-windows-r..-commandline-editor_31bf3856ad364e35_6.1.7600.16385_none_8d8925a444607f8c

07/13/2009 05:39 PM 74,752 reg.exe
1 File(s) 74,752 bytes

Total Files Listed:
2 File(s) 149,504 bytes
0 Dir(s) 30,666,752 bytes free

========= End of CMD: =========


========= dir /a/s c:\reg.exe =========

Volume in drive C is HD 300
Volume Serial Number is 382E-FF14

Directory of c:\

02/13/2011 01:03 PM 87,040 reg.exe
1 File(s) 87,040 bytes

Directory of c:\Program Files (x86)

02/13/2011 01:03 PM 87,040 reg.exe
1 File(s) 87,040 bytes

Directory of c:\Program Files (x86)\RegTweaker

02/13/2011 01:03 PM 87,040 reg.exe
1 File(s) 87,040 bytes

========= End of CMD: =========

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:51 AM

Posted 04 March 2011 - 04:50 PM

It will take a while, please wait until it is done.

Looks some system files are missing too.

Let me know when it finished and give detailed feed back it you rebooted after Chkdsk. Which command did you use, and how far the system goes when you start the system.

#14 igbyny

igbyny
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:08:51 PM

Posted 04 March 2011 - 05:04 PM

hello farbar,

Well, the check disk finished without mentioning anything in particular. when I tried to reboot I got the same BSOD. to get to prompt command I once again used the F8 key, went into system recovery, then prompt command... I also did a memory diagnose but it turned out fine...

I honestly have no idea what could possibly had gone this wrong. I, like most people, have been having problems every once in a while since windows 98, but never something that complicated.... I've been trying to fix this for almost 72 hours now!

do you know if there's a way to install windows 7 only repairing the original installation, without loosing my files or something? like windows xp had?

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,708 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:51 AM

Posted 04 March 2011 - 05:29 PM

Hi,

Let's concentrate on recovery. I have few question, some of them already asked. To make it easy for you I ask them one by one.

Which command did you use for Chkdsk ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users