Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 x64 Will Not Start - Startup Repair - ci.dll


  • This topic is locked This topic is locked
10 replies to this topic

#1 Tobyboom

Tobyboom

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 14 May 2011 - 03:47 PM

While browsing today, the computer just restarted out of no where. Once booted, it cam up with the startup repair. Once that was done, it gave an error of "ci.dll is corrupt"

I got to this site through Google and found a topic that seems very similar to the problem I have: http://www.bleepingcomputer.com/forums/topic395047.html

So I'm going to go ahead and post the FRST log now:

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.8
Ran by SYSTEM at 2011-05-14 15:31:36
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)[7940128 2009-07-06]
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)[1833504 2009-07-06]
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation)[161304 2010-08-25]
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation)[386584 2010-08-25]
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation)[415256 2010-08-25]
HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)[2045440 2010-09-02]
HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe
HKLM-x32\...\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)[225280 2009-08-19]
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)[31072 2008-10-25]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" (Sun Microsystems, Inc.)[248552 2010-05-14]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime (Apple Inc.)[421888 2010-11-29]
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE (Eastman Kodak Company)[2045440 2010-09-02]
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" (Apple Inc.)[421160 2011-04-14]
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475072 2009-07-13]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475072 2009-07-13]
HKU\Justin\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)[2289664 2008-03-17]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE (Microsoft Corporation)[296960 2009-07-13]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe (Microsoft Corporation)[30208 2009-07-13]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254


==================== Services ====================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [349472 2011-04-06] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [196608 2009-08-19] (ASUSTeK Computer Inc.)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2009-07-13] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
3 FontCache; C:\Windows\System32\FntCache.dll [1127936 2009-07-13] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [533360 2009-02-06] (Microsoft Corporation)
3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [45816 2009-08-07] (NOS Microsystems Ltd.)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [136120 2009-12-22] (Google)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [934176 2011-04-14] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [308656 2010-09-13] (Eastman Kodak Company)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
2 LightScribeService; "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [73728 2008-03-17] (Hewlett-Packard Company)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
3 NMIndexingService; "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe" [529704 2008-02-28] (Nero AG)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [441712 2008-11-03] (Microsoft Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [249136 2010-05-14] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
4 TeamViewer5; "C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service [173352 2010-07-06] (TeamViewer GmbH)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
2 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
2 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-05-13] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2009-07-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [254464 2009-07-13] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [438784 2009-07-13] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [500224 2009-07-13] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [106576 2009-07-13] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-13] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-03] ()
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
3 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-13] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982600 2009-10-01] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [61808 2009-02-06] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-07-13] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\DRIVERS\iaStorV.sys [410688 2009-07-13] (Intel Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10611552 2010-08-25] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [1824672 2009-07-06] (Realtek Semiconductor Corp.)
3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [138752 2009-05-25] (Intel® Corporation)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [286720 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-02-22] (Microsoft Corporation)
3 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [620544 2009-06-10] (Ralink Technology, Corp.)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659984 2009-07-13] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\DRIVERS\nvraid.sys [149056 2009-07-13] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\DRIVERS\nvstor.sys [167488 2009-07-13] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [215040 2009-05-22] (Realtek )
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh64.sys [221696 2009-09-02] (Realtek )
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-07-13] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-02-22] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [401920 2011-02-22] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-02-22] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-13] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-13] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-13] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-13] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)

========================= NetSvcs ============================

============ One Month Created Files and folders ============

2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\Users\All Users\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\ProgramData\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 08:09 - 0000000 ____A C:\Users\Justin\2gweorjqjutp92vjy9gake
2011-05-12 16:38 - 2011-05-12 16:38 - 0018405 ____A C:\Users\Justin\Desktop\Justin T.docx
2011-04-28 05:48 - 2011-04-28 05:48 - 0191291 ____A C:\Users\Justin\Desktop\Carbon Fiber_4.jpg
2011-04-25 18:24 - 2011-04-25 18:24 - 0047323 ____A C:\Users\Justin\Desktop\Justin Landon.pdf
2011-04-25 18:21 - 2011-04-25 18:21 - 0000000 ____D C:\Users\Justin\Desktop\New folder (4)
2011-04-23 09:29 - 2011-04-23 09:29 - 0001791 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iTunes
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iPod
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files\Bonjour
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-04-20 08:54 - 2011-04-20 08:54 - 0048991 ____A C:\Users\Justin\Desktop\booty.jpg
2011-04-18 11:31 - 2011-04-18 13:29 - 0000000 ____D C:\Users\Justin\Desktop\New folder (3)
2011-04-17 09:57 - 2011-04-17 17:57 - 0000000 ____D C:\Users\Justin\Desktop\New folder (2)


============ 3 Months Modified Files and folders =============

2011-05-14 11:35 - 2009-11-17 15:19 - 0000000 ____D C:\users\Justin
2011-05-14 11:35 - 2009-09-07 14:55 - 0000000 ____D C:\Users\Justin\AppData\Roaming\Adobe
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wbem
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-05-14 11:34 - 2009-11-17 15:14 - 0000000 ____D C:\Users\All Users\Kodak
2011-05-14 11:34 - 2009-11-17 15:14 - 0000000 ____D C:\ProgramData\Kodak
2011-05-14 11:13 - 2011-05-14 08:09 - 0000000 ____D C:\Users\All Users\kK06509BaEpK06509
2011-05-14 11:13 - 2011-05-14 08:09 - 0000000 ____D C:\ProgramData\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 08:09 - 0000000 ____A C:\Users\Justin\2gweorjqjutp92vjy9gake
2011-05-12 16:38 - 2011-05-12 16:38 - 0018405 ____A C:\Users\Justin\Desktop\Justin T.docx
2011-05-11 00:17 - 2009-11-17 15:56 - 2107766 ___AH C:\Users\Justin\AppData\Local\IconCache.db
2011-05-11 00:17 - 2009-09-07 21:17 - 509435904 __ASH C:\hiberfil.sys
2011-05-11 00:00 - 2009-11-17 15:39 - 1921778 ____A C:\Windows\WindowsUpdate.log
2011-05-08 09:25 - 2009-07-13 21:13 - 0717892 ____A C:\Windows\System32\PerfStringBackup.INI
2011-05-08 09:25 - 2009-07-13 18:36 - 0618026 ____A C:\Windows\System32\perfh009.dat
2011-05-08 09:25 - 2009-07-13 18:36 - 0104340 ____A C:\Windows\System32\perfc009.dat
2011-05-08 02:08 - 2009-11-17 15:16 - 0010960 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-05-08 02:08 - 2009-11-17 15:16 - 0010960 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-05-07 12:16 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-05-07 12:16 - 2009-07-13 20:51 - 2062034 ____A C:\Windows\setupact.log
2011-04-28 08:54 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\FxsTmp
2011-04-28 08:53 - 2011-04-11 06:28 - 0000000 ____D C:\Users\Justin\Desktop\Gracelyn Haircut
2011-04-28 08:52 - 2009-09-07 14:34 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-04-28 05:48 - 2011-04-28 05:48 - 0191291 ____A C:\Users\Justin\Desktop\Carbon Fiber_4.jpg
2011-04-25 18:27 - 2010-07-13 17:28 - 0000000 ____D C:\Users\Justin\AppData\Local\ElevatedDiagnostics
2011-04-25 18:24 - 2011-04-25 18:24 - 0047323 ____A C:\Users\Justin\Desktop\Justin Landon.pdf
2011-04-25 18:21 - 2011-04-25 18:21 - 0000000 ____D C:\Users\Justin\Desktop\New folder (4)
2011-04-23 09:29 - 2011-04-23 09:29 - 0001791 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iTunes
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iPod
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-04-23 09:29 - 2009-07-13 19:20 - 0000000 ___RD C:\Program Files (x86)
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files\Bonjour
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-04-20 18:16 - 2009-11-13 14:27 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-04-20 08:54 - 2011-04-20 08:54 - 0048991 ____A C:\Users\Justin\Desktop\booty.jpg
2011-04-18 13:29 - 2011-04-18 11:31 - 0000000 ____D C:\Users\Justin\Desktop\New folder (3)
2011-04-18 13:22 - 2009-12-10 12:23 - 43802056 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-04-17 17:57 - 2011-04-17 09:57 - 0000000 ____D C:\Users\Justin\Desktop\New folder (2)
2011-04-14 00:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-04-14 00:25 - 2009-07-13 20:45 - 0423744 ____A C:\Windows\System32\FNTCACHE.DAT
2011-04-14 00:09 - 2009-05-04 06:45 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-04-14 00:09 - 2009-05-04 06:45 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-04-13 14:40 - 2011-04-13 14:40 - 4284416 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2011-04-11 06:29 - 2011-04-11 06:29 - 0000000 ____D C:\Users\Justin\Desktop\Friends
2011-04-06 16:37 - 2011-04-06 16:37 - 0843242 ____A C:\Users\Justin\Desktop\racist.jpg
2011-04-06 13:26 - 2011-04-06 13:26 - 0237856 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-04-06 13:26 - 2011-04-06 13:26 - 0119584 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-04-06 13:26 - 2011-04-06 13:26 - 0096544 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-04-06 13:26 - 2011-04-06 13:26 - 0069408 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0197920 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0107808 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-04-06 13:20 - 2011-04-06 13:20 - 0091424 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0075040 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-03-25 14:36 - 2011-03-24 15:39 - 0000000 ____D C:\Users\Justin\Desktop\DGR COILOVERS
2011-03-23 16:29 - 2011-03-17 06:56 - 0000000 ____D C:\Users\Justin\Desktop\New folder
2011-03-21 12:25 - 2010-07-19 08:10 - 0000000 ____D C:\Program Files (x86)\Google
2011-03-21 12:25 - 2009-11-17 15:31 - 0017360 ____A C:\Windows\PFRO.log
2011-03-20 08:42 - 2010-01-27 13:19 - 0000000 ____D C:\Users\Justin\AppData\Local\Google
2011-03-20 08:42 - 2009-09-07 15:26 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-03-10 22:19 - 2011-04-13 12:40 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-03-10 22:19 - 2011-04-13 12:40 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-03-10 21:40 - 2011-04-13 12:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-03-10 21:40 - 2011-04-13 12:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-03-09 01:00 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\debug
2011-03-07 22:14 - 2011-04-13 12:40 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-03-07 21:38 - 2011-04-13 12:40 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-03-02 22:17 - 2011-04-13 12:40 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-03-02 22:17 - 2011-04-13 12:40 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-03-02 22:14 - 2011-04-13 12:40 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-03-02 21:29 - 2011-04-13 12:40 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-03-02 21:27 - 2011-04-13 12:40 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-03-02 19:58 - 2011-04-13 12:40 - 3133440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-03-02 18:28 - 2010-04-12 18:59 - 0000000 ____D C:\Users\Justin\AppData\Local\Microsoft Corporation
2011-02-28 18:24 - 2011-02-28 18:24 - 1722565 ____A C:\Users\Justin\Desktop\IMAG0031.jpg
2011-02-28 18:24 - 2011-02-28 18:24 - 1691809 ____A C:\Users\Justin\Desktop\IMAG0032.jpg
2011-02-28 18:24 - 2011-02-28 18:24 - 1483262 ____A C:\Users\Justin\Desktop\IMAG0030.jpg
2011-02-26 17:41 - 2011-02-26 17:41 - 0247701 ____A C:\Users\Justin\Desktop\WillPedley.JPG
2011-02-26 17:41 - 2011-02-26 17:41 - 0226671 ____A C:\Users\Justin\Desktop\WillPedley2.JPG
2011-02-23 22:29 - 2011-04-13 12:40 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-02-23 22:28 - 2011-04-13 12:40 - 1499136 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-02-23 22:25 - 2011-04-13 12:40 - 9311744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-02-23 22:25 - 2011-04-13 12:40 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-02-23 22:25 - 2011-04-13 12:40 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-02-23 22:25 - 2011-04-13 12:40 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-02-23 22:25 - 2011-04-13 12:40 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 12369408 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-02-23 22:24 - 2011-04-13 12:40 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-02-23 22:21 - 2011-04-13 12:40 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-02-23 21:32 - 2011-04-13 12:40 - 1228800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-02-23 21:32 - 2011-04-13 12:40 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 5981696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0599040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-02-23 21:30 - 2011-04-13 12:40 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-02-23 21:29 - 2011-04-13 12:40 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-02-23 21:29 - 2011-04-13 12:40 - 10989056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-02-23 21:29 - 2011-04-13 12:40 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-02-23 21:29 - 2011-04-13 12:40 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-02-23 21:29 - 2011-04-13 12:40 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-02-23 21:27 - 2011-04-13 12:40 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-02-23 21:05 - 2011-04-13 12:40 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-02-23 20:24 - 2011-04-13 12:40 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-02-23 20:23 - 2011-04-13 12:40 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-02-23 19:50 - 2011-04-13 12:40 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-02-22 21:16 - 2011-04-13 12:40 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-02-22 21:16 - 2011-04-13 12:40 - 0401920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-02-22 21:15 - 2011-04-13 12:40 - 0286720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-02-22 21:15 - 2011-04-13 12:40 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-02-22 21:15 - 2011-04-13 12:40 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-02-22 21:15 - 2011-04-13 12:40 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-02-22 21:15 - 2011-04-13 12:40 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-02-20 19:09 - 2009-09-07 15:25 - 0000000 ____D C:\Users\Justin\AppData\Local\Eastman Kodak Company
2011-02-20 18:45 - 2011-02-20 18:44 - 0003206 ____A C:\Users\Justin\AppData\Local\installer.log
2011-02-20 18:44 - 2011-02-20 18:44 - 0000236 ____A C:\Users\Justin\AppData\Local\LaunchHomeCenter.log
2011-02-20 18:41 - 2011-02-20 18:41 - 0002082 ____A C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2011-02-20 18:41 - 2011-02-20 18:41 - 0000000 ____D C:\Users\Justin\AppData\Local\Eastman_Kodak_Company
2011-02-20 18:40 - 2011-02-20 18:40 - 0000000 ____D C:\Windows\SysWOW64\spool
2011-02-20 18:40 - 2011-02-20 18:40 - 0000000 ____D C:\Windows\SysWOW64\kodak
2011-02-20 18:40 - 2011-02-20 18:40 - 0000000 ____D C:\Program Files (x86)\Kodak
2011-02-20 18:40 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\twain_32
2011-02-20 18:24 - 2009-10-25 18:01 - 0000000 ____D C:\Users\All Users\kds_kodak
2011-02-20 18:24 - 2009-10-25 18:01 - 0000000 ____D C:\ProgramData\kds_kodak
2011-02-19 18:59 - 2011-02-19 18:59 - 0047694 ____A C:\Users\Justin\Desktop\vct_install.pdf
2011-02-18 22:36 - 2011-04-13 12:40 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-02-18 21:32 - 2011-04-13 12:40 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2011-02-18 20:13 - 2011-04-13 12:40 - 0367104 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-02-18 19:37 - 2011-04-13 12:40 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2011-02-18 14:36 - 2011-02-18 14:36 - 4184352 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2011-02-18 14:36 - 2011-02-18 14:36 - 0051712 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2011-02-17 22:37 - 2011-04-13 12:40 - 0612352 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-02-17 22:36 - 2011-04-13 12:40 - 0852480 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-02-17 21:36 - 2011-04-13 12:40 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-02-17 21:35 - 2011-04-13 12:40 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-02-15 17:13 - 2009-10-07 11:56 - 0000000 ____D C:\Users\Justin\AppData\Roaming\LimeWire


============ Known DLLs ============

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-04-13 12:40] - [2011-02-23 22:24] - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-04-13 12:40] - [2011-02-23 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-13 11:41] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-13 11:41] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2009-07-13 15:59] - [2009-07-13 17:41] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2009-07-13 15:44] - [2009-07-13 17:16] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-02 16:10] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-02 16:10] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-04-13 12:40] - [2011-02-23 22:28] - 1499136 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-04-13 12:40] - [2011-02-23 21:32] - 1228800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-04-13 12:40] - [2011-02-23 22:29] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-04-13 12:40] - [2011-02-23 21:32] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

======================= Bamital Check ========================

C:\Windows\System32\winlogon.exe
[2010-01-27 13:07] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2010-01-27 13:07] - [2009-10-30 22:34] - 2870272 ____A (Microsoft Corporation) 9AAAEC8DAC27AA17B053E6352AD233AE


========================= Memory info ========================

Percentage of memory in use: 11%
Total physical RAM: 6109.12 MB
Available physical RAM: 5425.39 MB
Total Pagefile: 6107.27 MB
Available Pagefile: 5410.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions ===========================

1 Drive c: (WINVISTA) (Fixed) (Total:238.48 GB) (Free:190.02 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:347.69 GB) (Free:347.58 GB) NTFS
4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

I'm really hoping to resolve this without a format and fresh install. I just transferred a crap ton of pics from an external HD and they are just sitting in a folder on my desktop. If I can get to those so I can move them, I have no problem with formatting.

Any help is appreciated and donations are of course coming.

EDIT: Please be patient. There are over 290 unanswered topics in this forum at present and the current average wait time to receive help is 9 days. ~Budapest

Edited by Budapest, 15 May 2011 - 04:19 PM.


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,854 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:05 AM

Posted 26 May 2011 - 10:21 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Thanks and again sorry for the delay.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 Tobyboom

Tobyboom
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 27 May 2011 - 10:09 AM

I am indeed unable to start windows. Once the computer boots up, it goes into STARTUP REPAIR and comes back with the error "CI.DLL"

The only scan I have been able to do so far was the FRST scan by farbar which I posted above, but will post a new scan below.

I do have the the windows disc that I got from ASUS, but it is an upgrade disc. Not sure if that matters or not.


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.8
Ran by SYSTEM at 2011-05-27 10:06:30
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)[7940128 2009-07-06]
HKLM\...\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)[1833504 2009-07-06]
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation)[161304 2010-08-25]
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation)[386584 2010-08-25]
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation)[415256 2010-08-25]
HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)[2045440 2010-09-02]
HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe
HKLM-x32\...\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)[225280 2009-08-19]
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)[31072 2008-10-25]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" (Sun Microsystems, Inc.)[248552 2010-05-14]
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime (Apple Inc.)[421888 2010-11-29]
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.EXE (Eastman Kodak Company)[2045440 2010-09-02]
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" (Apple Inc.)[421160 2011-04-14]
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475072 2009-07-13]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1475072 2009-07-13]
HKU\Justin\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)[2289664 2008-03-17]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE (Microsoft Corporation)[296960 2009-07-13]
HKLM-x32\...\Winlogon: [Userinit] userinit.exe
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254


==================== Services ====================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [349472 2011-04-06] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [196608 2009-08-19] (ASUSTeK Computer Inc.)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2009-07-13] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
3 FontCache; C:\Windows\System32\FntCache.dll [1127936 2009-07-13] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [533360 2009-02-06] (Microsoft Corporation)
3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [45816 2009-08-07] (NOS Microsystems Ltd.)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [136120 2009-12-22] (Google)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [934176 2011-04-14] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [308656 2010-09-13] (Eastman Kodak Company)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
2 LightScribeService; "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [73728 2008-03-17] (Hewlett-Packard Company)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
3 NMIndexingService; "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe" [529704 2008-02-28] (Nero AG)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [441712 2008-11-03] (Microsoft Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [249136 2010-05-14] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
4 TeamViewer5; "C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe" -service [173352 2010-07-06] (TeamViewer GmbH)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
2 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
2 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-05-13] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2009-07-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [254464 2009-07-13] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [438784 2009-07-13] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [500224 2009-07-13] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [106576 2009-07-13] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-13] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-03] ()
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
3 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-13] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982600 2009-10-01] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [61808 2009-02-06] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-07-13] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\DRIVERS\iaStorV.sys [410688 2009-07-13] (Intel Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10611552 2010-08-25] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [1824672 2009-07-06] (Realtek Semiconductor Corp.)
3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [138752 2009-05-25] (Intel® Corporation)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [286720 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-02-22] (Microsoft Corporation)
3 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [620544 2009-06-10] (Ralink Technology, Corp.)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659984 2009-07-13] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\DRIVERS\nvraid.sys [149056 2009-07-13] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\DRIVERS\nvstor.sys [167488 2009-07-13] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [215040 2009-05-22] (Realtek )
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh64.sys [221696 2009-09-02] (Realtek )
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-07-13] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-02-22] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [401920 2011-02-22] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-02-22] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-13] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-13] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-13] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-13] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)

========================= NetSvcs ============================

============ One Month Created Files and folders ============

2011-05-14 15:31 - 2011-05-27 10:06 - 0000000 ____D C:\FRST
2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\Users\All Users\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\ProgramData\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 08:09 - 0000000 ____A C:\Users\Justin\2gweorjqjutp92vjy9gake
2011-05-12 16:38 - 2011-05-12 16:38 - 0018405 ____A C:\Users\Justin\Desktop\Justin T.docx
2011-04-28 05:48 - 2011-04-28 05:48 - 0191291 ____A C:\Users\Justin\Desktop\Carbon Fiber_4.jpg

============ 3 Months Modified Files and folders =============

2011-05-14 11:35 - 2009-11-17 15:19 - 0000000 ____D C:\users\Justin
2011-05-14 11:35 - 2009-09-07 14:55 - 0000000 ____D C:\Users\Justin\AppData\Roaming\Adobe
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wbem
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-05-14 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-05-14 11:34 - 2009-11-17 15:14 - 0000000 ____D C:\Users\All Users\Kodak
2011-05-14 11:34 - 2009-11-17 15:14 - 0000000 ____D C:\ProgramData\Kodak
2011-05-14 11:13 - 2011-05-14 08:09 - 0000000 ____D C:\Users\All Users\kK06509BaEpK06509
2011-05-14 11:13 - 2011-05-14 08:09 - 0000000 ____D C:\ProgramData\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 08:09 - 0000000 ____A C:\Users\Justin\2gweorjqjutp92vjy9gake
2011-05-12 16:38 - 2011-05-12 16:38 - 0018405 ____A C:\Users\Justin\Desktop\Justin T.docx
2011-05-11 00:17 - 2009-11-17 15:56 - 2107766 ___AH C:\Users\Justin\AppData\Local\IconCache.db
2011-05-11 00:17 - 2009-09-07 21:17 - 509435904 __ASH C:\hiberfil.sys
2011-05-11 00:00 - 2009-11-17 15:39 - 1921778 ____A C:\Windows\WindowsUpdate.log
2011-05-08 09:25 - 2009-07-13 21:13 - 0717892 ____A C:\Windows\System32\PerfStringBackup.INI
2011-05-08 09:25 - 2009-07-13 18:36 - 0618026 ____A C:\Windows\System32\perfh009.dat
2011-05-08 09:25 - 2009-07-13 18:36 - 0104340 ____A C:\Windows\System32\perfc009.dat
2011-05-08 02:08 - 2009-11-17 15:16 - 0010960 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-05-08 02:08 - 2009-11-17 15:16 - 0010960 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-05-07 12:16 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-05-07 12:16 - 2009-07-13 20:51 - 2062034 ____A C:\Windows\setupact.log
2011-04-28 08:54 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\FxsTmp
2011-04-28 08:53 - 2011-04-11 06:28 - 0000000 ____D C:\Users\Justin\Desktop\Gracelyn Haircut
2011-04-28 08:52 - 2009-09-07 14:34 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-04-28 05:48 - 2011-04-28 05:48 - 0191291 ____A C:\Users\Justin\Desktop\Carbon Fiber_4.jpg
2011-04-25 18:27 - 2010-07-13 17:28 - 0000000 ____D C:\Users\Justin\AppData\Local\ElevatedDiagnostics
2011-04-25 18:24 - 2011-04-25 18:24 - 0047323 ____A C:\Users\Justin\Desktop\Justin Landon.pdf
2011-04-25 18:21 - 2011-04-25 18:21 - 0000000 ____D C:\Users\Justin\Desktop\New folder (4)
2011-04-23 09:29 - 2011-04-23 09:29 - 0001791 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iTunes
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files\iPod
2011-04-23 09:29 - 2011-04-23 09:29 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-04-23 09:29 - 2009-07-13 19:20 - 0000000 ___RD C:\Program Files (x86)
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files\Bonjour
2011-04-23 09:28 - 2011-04-23 09:28 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-04-20 18:16 - 2009-11-13 14:27 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-04-20 08:54 - 2011-04-20 08:54 - 0048991 ____A C:\Users\Justin\Desktop\booty.jpg
2011-04-18 13:29 - 2011-04-18 11:31 - 0000000 ____D C:\Users\Justin\Desktop\New folder (3)
2011-04-18 13:22 - 2009-12-10 12:23 - 43802056 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-04-17 17:57 - 2011-04-17 09:57 - 0000000 ____D C:\Users\Justin\Desktop\New folder (2)
2011-04-14 00:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-04-14 00:25 - 2009-07-13 20:45 - 0423744 ____A C:\Windows\System32\FNTCACHE.DAT
2011-04-14 00:09 - 2009-05-04 06:45 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-04-14 00:09 - 2009-05-04 06:45 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-04-13 14:40 - 2011-04-13 14:40 - 4284416 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2011-04-11 06:29 - 2011-04-11 06:29 - 0000000 ____D C:\Users\Justin\Desktop\Friends
2011-04-06 16:37 - 2011-04-06 16:37 - 0843242 ____A C:\Users\Justin\Desktop\racist.jpg
2011-04-06 13:26 - 2011-04-06 13:26 - 0237856 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-04-06 13:26 - 2011-04-06 13:26 - 0119584 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-04-06 13:26 - 2011-04-06 13:26 - 0096544 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-04-06 13:26 - 2011-04-06 13:26 - 0069408 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0197920 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0107808 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-04-06 13:20 - 2011-04-06 13:20 - 0091424 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-04-06 13:20 - 2011-04-06 13:20 - 0075040 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-03-25 14:36 - 2011-03-24 15:39 - 0000000 ____D C:\Users\Justin\Desktop\DGR COILOVERS
2011-03-23 16:29 - 2011-03-17 06:56 - 0000000 ____D C:\Users\Justin\Desktop\New folder
2011-03-21 12:25 - 2010-07-19 08:10 - 0000000 ____D C:\Program Files (x86)\Google
2011-03-21 12:25 - 2009-11-17 15:31 - 0017360 ____A C:\Windows\PFRO.log
2011-03-20 08:42 - 2010-01-27 13:19 - 0000000 ____D C:\Users\Justin\AppData\Local\Google
2011-03-20 08:42 - 2009-09-07 15:26 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-03-10 22:19 - 2011-04-13 12:40 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-03-10 22:19 - 2011-04-13 12:40 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-03-10 21:40 - 2011-04-13 12:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-03-10 21:40 - 2011-04-13 12:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-03-09 01:00 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\debug
2011-03-07 22:14 - 2011-04-13 12:40 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-03-07 21:38 - 2011-04-13 12:40 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-03-02 22:17 - 2011-04-13 12:40 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-03-02 22:17 - 2011-04-13 12:40 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-03-02 22:14 - 2011-04-13 12:40 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-03-02 21:29 - 2011-04-13 12:40 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-03-02 21:27 - 2011-04-13 12:40 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-03-02 19:58 - 2011-04-13 12:40 - 3133440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-03-02 18:28 - 2010-04-12 18:59 - 0000000 ____D C:\Users\Justin\AppData\Local\Microsoft Corporation
2011-02-28 18:24 - 2011-02-28 18:24 - 1722565 ____A C:\Users\Justin\Desktop\IMAG0031.jpg
2011-02-28 18:24 - 2011-02-28 18:24 - 1691809 ____A C:\Users\Justin\Desktop\IMAG0032.jpg
2011-02-28 18:24 - 2011-02-28 18:24 - 1483262 ____A C:\Users\Justin\Desktop\IMAG0030.jpg


============ Known DLLs ============

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-04-13 12:40] - [2011-02-23 22:24] - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-04-13 12:40] - [2011-02-23 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-13 11:41] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-13 11:41] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2009-07-13 15:59] - [2009-07-13 17:41] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2009-07-13 15:44] - [2009-07-13 17:16] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-02 16:10] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-02 16:10] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-04-13 12:40] - [2011-02-23 22:28] - 1499136 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-04-13 12:40] - [2011-02-23 21:32] - 1228800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-04-13 12:40] - [2011-02-23 22:29] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-04-13 12:40] - [2011-02-23 21:32] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

======================= Bamital Check ========================

C:\Windows\System32\winlogon.exe
[2010-01-27 13:07] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2010-01-27 13:07] - [2009-10-30 22:34] - 2870272 ____A (Microsoft Corporation) 9AAAEC8DAC27AA17B053E6352AD233AE


========================= Memory info ========================

Percentage of memory in use: 11%
Total physical RAM: 6109.12 MB
Available physical RAM: 5399.86 MB
Total Pagefile: 6107.27 MB
Available Pagefile: 5381.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions ===========================

1 Drive c: (WINVISTA) (Fixed) (Total:238.48 GB) (Free:190.02 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:347.69 GB) (Free:347.58 GB) NTFS
3 Drive e: (Driver_Win7) (CDROM) (Total:3.44 GB) (Free:0 GB) CDFS
4 Drive f: () (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

#4 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:05:05 PM

Posted 28 May 2011 - 02:38 AM

Hello Tobyboom and welcome to BC. :)

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\Users\All Users\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 11:13 - 0000000 ____D C:\ProgramData\kK06509BaEpK06509
2011-05-14 08:09 - 2011-05-14 08:09 - 0000000 ____A C:\Users\Justin\2gweorjqjutp92vjy9gake>

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Also reboot and tell me how it went.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#5 Tobyboom

Tobyboom
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 28 May 2011 - 11:42 AM

Here is the Fixlog:

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.0.8)
Ran by SYSTEM at 2011-05-28 11:37:39 R:1
Running from F:\

==============================================

C:\Users\All Users\kK06509BaEpK06509 moved successfully.
C:\ProgramData\kK06509BaEpK06509 not found.
C:\Users\Justin\2gweorjqjutp92vjy9gake> moved successfully.



I rebooted afterwards, but the computer is still doing the same thing. It goes into STARTUP REPAIR and after a minute or so, it says "WINDOWS CANNOT REPAIR THIS COMPUTER AUTOMATICALLY"

grrrrr

#6 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:05:05 PM

Posted 28 May 2011 - 11:49 AM

Try this please.

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Also reboot and tell me how it went.

Edited by sempai, 28 May 2011 - 11:50 AM.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#7 Tobyboom

Tobyboom
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 28 May 2011 - 12:03 PM

WOOOOOT!!!!

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.0.8)
Ran by SYSTEM at 2011-05-28 11:55:44 R:3
Running from F:\

==============================================


========= bootrec /FixMbr =========

T h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========



That seems to have done the trick. Booted up normally!!! thank you so much. I guess its time to install a different antivirus huh?

Donation is on the way!!!

#8 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:05:05 PM

Posted 28 May 2011 - 12:12 PM

Glad that worked. :)


1. Please download Malwarebytes' Anti-Malware from here:

MalwareBytes' AntiMalware download link

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.




2. We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#9 Tobyboom

Tobyboom
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:05 AM

Posted 28 May 2011 - 01:23 PM

Malwarebytes log:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6702

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5/28/2011 1:19:21 PM
mbam-log-2011-05-28 (13-19-21).txt

Scan type: Quick scan
Objects scanned: 159597
Time elapsed: 1 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Justin\AppData\Local\Temp\34C0.tmp (Rootkit.TDSS.Gen) -> Quarantined and deleted successfully.


OTL Report:

OTL logfile created on: 5/28/2011 1:20:50 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.97 Gb Total Physical Memory | 4.53 Gb Available Physical Memory | 75.92% Memory free
11.93 Gb Paging File | 10.39 Gb Available in Paging File | 87.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.48 Gb Total Space | 189.35 Gb Free Space | 79.40% Space Free | Partition Type: NTFS
Drive D: | 347.69 Gb Total Space | 347.58 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 232.89 Gb Total Space | 194.06 Gb Free Space | 83.33% Space Free | Partition Type: NTFS
Drive G: | 74.51 Gb Total Space | 3.61 Gb Free Space | 4.85% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/28 13:20:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/09/14 17:59:44 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/09/13 18:18:32 | 000,308,656 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/08/19 22:55:40 | 000,196,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\AsHookDevice.exe
PRC - [2009/08/19 22:37:26 | 000,225,280 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
PRC - [2009/06/04 16:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe


========== Modules (SafeList) ==========

MOD - [2011/05/28 13:20:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/09/13 18:18:32 | 000,308,656 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2010/07/06 10:03:00 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009/08/19 22:55:40 | 000,196,608 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\AsHookDevice.exe -- (Device Handle Service)
SRV - [2009/08/07 12:44:18 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/09/02 04:09:34 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/07/15 22:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 15:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2009/05/22 09:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/06 18:42:12 | 000,061,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1884249194-1713116218-2850791551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.asus.com [binary data]
IE - HKU\S-1-5-21-1884249194-1713116218-2850791551-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1884249194-1713116218-2850791551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1884249194-1713116218-2850791551-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 15:10:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/11 15:17:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 15:10:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/11 15:17:55 | 000,000,000 | ---D | M]

[2009/11/17 18:29:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions
[2009/10/07 14:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/26 12:00:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\jc7ad4fg.default\extensions
[2009/11/17 18:29:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\jc7ad4fg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/17 18:29:50 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\jc7ad4fg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/02/26 14:11:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/11 19:17:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/08 15:34:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/01/21 16:33:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Conime] File not found
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1884249194-1713116218-2850791551-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{455e66b2-8f20-11df-9fd9-002618c06aae}\Shell - "" = AutoRun
O33 - MountPoints2\{455e66b2-8f20-11df-9fd9-002618c06aae}\Shell\AutoRun\command - "" = H:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/28 13:20:20 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011/05/28 13:14:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/28 13:14:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/28 13:14:42 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 13:14:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/05/28 13:13:44 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/28 13:09:44 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\Malwarebytes
[2011/05/28 13:09:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/14 18:31:24 | 000,000,000 | ---D | C] -- C:\FRST

========== Files - Modified Within 30 Days ==========

[2011/05/28 13:20:23 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2011/05/28 13:14:45 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/28 13:14:19 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Justin\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/28 13:08:14 | 000,000,572 | ---- | M] () -- C:\Users\Justin\Desktop\MUSIC - Shortcut.lnk
[2011/05/28 12:19:42 | 000,717,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/28 12:19:42 | 000,618,026 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/28 12:19:42 | 000,104,340 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/28 12:15:58 | 000,000,393 | ---- | M] () -- C:\Users\Justin\Desktop\LACIE (G) - Shortcut.lnk
[2011/05/28 12:13:16 | 000,010,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 12:13:16 | 000,010,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 12:05:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/28 12:05:52 | 509,435,903 | -HS- | M] () -- C:\hiberfil.sys

========== Files Created - No Company Name ==========

[2011/05/28 13:14:45 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/28 12:15:58 | 000,000,393 | ---- | C] () -- C:\Users\Justin\Desktop\LACIE (G) - Shortcut.lnk
[2010/12/28 20:21:13 | 000,004,096 | -H-- | C] () -- C:\Users\Justin\AppData\Local\keyfile3.drm
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/17 18:50:24 | 000,192,808 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/04/12 21:52:26 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/23 20:29:12 | 000,000,000 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\wklnhst.dat
[2009/11/23 01:08:40 | 000,007,622 | ---- | C] () -- C:\Users\Justin\AppData\Local\Resmon.ResmonCfg
[2009/11/17 19:03:21 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/11/17 19:03:21 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/11/17 18:55:50 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/11/17 18:54:27 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/11/13 17:27:32 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/09/07 18:26:33 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/05/04 06:00:01 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
[2009/05/04 05:56:18 | 000,014,713 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2009/05/04 05:55:54 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009/05/04 05:55:54 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009/05/04 05:41:10 | 000,023,119 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/05/04 05:41:00 | 000,014,199 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2007/12/28 10:22:02 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

< End of report >


EXTRA:

OTL Extras logfile created on: 5/28/2011 1:20:50 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Justin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.97 Gb Total Physical Memory | 4.53 Gb Available Physical Memory | 75.92% Memory free
11.93 Gb Paging File | 10.39 Gb Available in Paging File | 87.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 238.48 Gb Total Space | 189.35 Gb Free Space | 79.40% Space Free | Partition Type: NTFS
Drive D: | 347.69 Gb Total Space | 347.58 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
Drive F: | 232.89 Gb Total Space | 194.06 Gb Free Space | 83.33% Space Free | Partition Type: NTFS
Drive G: | 74.51 Gb Total Space | 3.61 Gb Free Space | 4.85% Space Free | Partition Type: FAT32

Computer Name: DESKTOP | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1884249194-1713116218-2850791551-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{54E4B319-0CE0-448D-B299-EE05BC30E4D1}" = Windows Live Family Safety
"{5AFA78B0-D9BE-4EBE-ACE4-358F14A32044}" = Touch Manager
"{80A620C1-B22C-4781-A351-B14B8A37BFE3}" = Image Resizer Powertoy Clone for Windows (64 bit)
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"HDMI" = Intel® Graphics Media Accelerator Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 23
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}" = AI Manager
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Azurewave Wireless LAN Card
"{8FCD1382-5295-4C68-BFDB-319B2AC01033}" = Nero 8 Essentials
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}" = WinZip 11.1
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Center
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_7" = AIM 7
"ENTERPRISE" = Microsoft Office Enterprise 2007
"LimeWire" = LimeWire 4.16.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Picasa 3" = Picasa 3
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TeamViewer 5" = TeamViewer 5
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
"YInstHelper" = Yahoo! Install Manager

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#10 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:05:05 PM

Posted 29 May 2011 - 12:13 AM

Hi Tobyboom and thanks for the donation.

How's the computer running?


P2P Warning:

LimeWire

Your log(s) show that you are using so called peer-to-peer or file-sharing programmes .

These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."


=======================================


1. I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

Avast! is a good anti virus program free for non-commercial home use.


2. Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
  • Download the latest version of Java Runtime Environment (JRE) Version 6.
  • Look for "JDK 6 Update 25 (JDK or JRE).
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".

    • Select "Windows x64" and click on jre-6u25-windows-x64.exe
  • Save it to your desktop
  • Close any programs you may have running - especially your web browser.
  • Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).
  • Reboot your computer once all Java components are removed.
  • Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

3. Update Adobe Reader so you will not become vulnerable for infections.
  • Uninstall your old version of Adobe Reader.
  • Download the latest version of Adobe Reader. --> HERE
  • Click download to download the file and install it by following the prompts.

Edited by sempai, 29 May 2011 - 12:19 AM.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#11 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:05:05 PM

Posted 04 June 2011 - 08:31 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users