Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I CANT GET PASSED THE BLUE SCREEN OF DEATH


  • This topic is locked This topic is locked
28 replies to this topic

#1 soliz53

soliz53

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 03 June 2011 - 12:08 AM

Well my son just walked in the room and his cpu isnt working lol. so i tried to log in and the blue screen pops up every time. its a toshiba with windows vista im not sure wat bit it is. thank you for the help ahead of time...

BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 04 June 2011 - 06:35 PM

Hi soliz53,

I will be assisting you.

Please use F8 at startup to get to Advanced boot Options. Do you have "Repair your computer" option there?

Edited by farbar, 04 June 2011 - 06:50 PM.


#3 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 04 June 2011 - 06:42 PM

yes it does
i hit it and im in the window with the options. ill wait for further instructions. thanks for helping me again..

Edited by soliz53, 04 June 2011 - 06:45 PM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 04 June 2011 - 06:48 PM

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#5 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 04 June 2011 - 06:54 PM

thanks im doing that right now. also i have not been able to fix my disk drive on this pc if you could please help me with that issue if you can thanks here is the file..




Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.8
Ran by SYSTEM at 2011-06-04 16:52:04
Running from G:\
Windows Vista ™ Home Premium Service Pack 1 (X86) OS Language: English(US)
The current controlset is ControlSet011

========================== Registry ==========================

HKLM\...\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [413696 2007-04-10] (Chicony)
HKLM\...\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe
HKLM\...\Run: [HWSetup] \HWSetup.exe hwSetUP
HKLM\...\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [448080 2007-06-15] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [712704 2008-01-22] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe
HKLM\...\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" [398728 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [13548064 2008-08-01] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [92704 2008-08-01] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [40368 2011-01-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM\...\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot [274608 2010-12-26] (RealNetworks, Inc.)
HKLM\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [3459712 2011-05-10] (AVAST Software)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421160 2011-04-14] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1233920 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem [1233920 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\Richard s\...\Run: [TOSCDSPD] TOSCDSPD.EXE
HKU\Richard s\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-06-30] (Google Inc.)
HKU\Richard s\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKU\richard2\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\richard2\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\richard2\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-06-30] (Google Inc.)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [25088 2008-01-20] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2926592 2009-04-10] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1


========================== Services ==========================

2 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [24576 2006-11-02] (Microsoft Corporation)
2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [9216 2006-10-05] (Agere Systems)
3 ALG; C:\Windows\System32\alg.exe [59392 2008-01-20] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [33280 2008-01-20] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [315392 2009-04-10] (Microsoft Corporation)
2 Audiosrv; C:\Windows\System32\Audiosrv.dll [315392 2009-04-10] (Microsoft Corporation)
2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [42184 2011-05-10] (AVAST Software)
2 BFE; C:\Windows\System32\bfe.dll [334848 2009-04-10] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [758784 2009-04-10] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [349472 2011-04-06] (Apple Inc.)
2 Browser; C:\Windows\System32\browser.dll [81920 2008-01-20] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [40448 2009-04-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66368 2009-03-29] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2006-11-02] (Microsoft Corporation)
2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [40960 2007-12-25] (TOSHIBA CORPORATION)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [129024 2009-04-10] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [550400 2009-04-10] (Microsoft Corporation)
3 DFSR; C:\Windows\System32\DFSR.exe [2092544 2009-04-10] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcsvc.dll [204288 2009-04-10] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [86528 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [175616 2009-04-10] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [134656 2008-01-20] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [57344 2008-01-20] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [292352 2008-01-20] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [131072 2006-11-02] (Microsoft Corporation)
2 ehstart; C:\Windows\ehome\ehstart.dll [13312 2006-11-02] (Microsoft Corporation)
2 EMDMgmt; C:\Windows\System32\emdmgmt.dll [564224 2009-04-10] (Microsoft Corporation)
2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-20] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [268800 2009-04-10] (Microsoft Corporation)
2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [643072 2007-03-06] (Intel Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [13312 2008-01-20] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [27648 2006-11-02] (Microsoft Corporation)
3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [655624 2009-06-19] (Acresso Software Inc.)
2 FontCache; C:\Windows\System32\FntCache.dll [797696 2011-02-22] (Microsoft Corporation)
2 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [1493352 2010-09-23] (Microsoft Corporation)
3 GameConsoleService; "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [165416 2008-05-05] (WildTangent, Inc.)
2 gpsvc; C:\Windows\System32\gpsvc.dll [576512 2009-04-10] (Microsoft Corporation)
2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe /svc [136176 2010-06-28] (Google Inc.)
3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc [136176 2010-06-28] (Google Inc.)
3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [182768 2010-06-30] (Google)
2 hidserv; C:\Windows\System32\hidserv.dll [26112 2009-04-10] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [68096 2008-01-20] (Microsoft Corporation)
3 IDriverT; "C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe" [69632 2005-11-14] (Macrovision Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [879448 2009-02-18] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [438784 2009-04-10] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [74240 2008-01-20] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [200704 2010-02-18] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [820520 2011-04-14] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [9728 2009-06-15] (Microsoft Corporation)
2 KtmRm; C:\Windows\System32\msdtckrm.dll [344576 2008-01-20] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [125952 2010-09-06] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [160256 2009-06-10] (Microsoft Corporation)
3 LiveUpdate; "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" [2999664 2007-09-12] (Symantec Corporation)
2 LiveUpdate Notice Service; "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" [537992 2008-04-10] (Symantec Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [188928 2008-01-20] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [18944 2006-11-02] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [53760 2008-01-20] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [45056 2008-01-20] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [407552 2009-04-10] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [105984 2008-01-20] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [111616 2008-01-20] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [302592 2009-04-10] (Microsoft Corporation)
3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [779824 2007-03-14] (Nero AG)
3 Netlogon; C:\Windows\System32\lsass.exe [9728 2009-06-15] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [274432 2008-01-20] (Microsoft Corporation)
2 netprofm; C:\Windows\System32\netprofm.dll [237056 2008-01-20] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [129880 2009-02-18] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [168448 2008-01-20] (Microsoft Corporation)
3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [271920 2007-03-12] (Nero AG)
2 nsi; C:\Windows\System32\nsisvc.dll [18432 2008-01-20] (Microsoft Corporation)
2 nvsvc; C:\Windows\System32\nvvsvc.exe [196608 2008-08-01] (NVIDIA Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [89136 2003-07-28] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [37888 2008-01-20] (Microsoft Corporation)
2 pinger; C:\Toshiba\IVP\ISM\pinger.exe [136816 2007-01-25] ()
3 pla; C:\Windows\System32\pla.dll [1502208 2008-01-20] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [222720 2009-04-10] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\p2psvc.dll [644608 2009-04-10] (Microsoft Corporation)
2 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [364032 2009-04-10] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [153088 2009-04-10] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [9728 2009-06-15] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [243712 2008-01-20] (Microsoft Corporation)
2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [183688 2007-05-30] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2008-01-20] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [262144 2009-04-10] (Microsoft Corporation)
2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2007-03-06] (Intel Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [68608 2008-01-20] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [107008 2009-04-10] (Microsoft Corporation)
2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [167936 2005-08-08] ()
3 RpcLocator; C:\Windows\System32\locator.exe [7680 2006-11-02] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [550400 2009-04-10] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [9728 2009-06-15] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [95232 2009-04-10] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [601600 2010-11-04] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [40448 2009-04-10] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [104960 2008-01-20] (Microsoft Corporation)
2 seclogon; C:\Windows\system32\seclogon.dll [19968 2008-01-20] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [47104 2008-01-20] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [84992 2008-01-20] (Microsoft Corporation)
3 SharedAccess; C:\Windows\System32\ipnathlp.dll [288256 2008-01-20] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation)
2 slsvc; C:\Windows\System32\SLsvc.exe [3408896 2009-04-10] (Microsoft Corporation)
3 SLUINotify; C:\Windows\System32\SLUINotify.dll [60928 2009-04-10] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2006-11-02] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [128000 2010-08-17] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [155648 2008-01-20] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [116736 2008-01-20] (Microsoft Corporation)
3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService [87288 2008-06-13] (Valve Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [453120 2009-04-10] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [311808 2009-04-10] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [558080 2009-04-10] (Microsoft Corporation)
2 TabletInputService; C:\Windows\System32\TabSvc.dll [68096 2006-11-02] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [242688 2009-04-10] (Microsoft Corporation)
2 TBS; C:\Windows\System32\tbssvc.dll [56320 2008-01-20] (Microsoft Corporation)
2 TermService; C:\Windows\System32\termsrv.dll [449024 2009-04-10] (Microsoft Corporation)
2 Themes; C:\Windows\System32\shsvcs.dll [247808 2009-07-10] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [45056 2008-01-20] (Microsoft Corporation)
2 TNaviSrv; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [83312 2008-01-21] (TOSHIBA Corporation)
2 TODDSrv; C:\Windows\system32\TODDSrv.exe [129632 2007-11-21] (TOSHIBA Corporation)
2 TosCoSrv; "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" [431456 2008-01-17] (TOSHIBA Corporation)
2 TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360 2007-09-28] (TOSHIBA CORPORATION)
2 TOSHIBA SMART Log Service; "C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [126976 2007-12-03] (TOSHIBA Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [75264 2008-01-20] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [39424 2009-04-10] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [35840 2008-01-20] (Microsoft Corporation)
2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
3 upnphost; C:\Windows\System32\upnphost.dll [259072 2008-01-20] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [29184 2009-04-10] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [385536 2009-04-10] (Microsoft Corporation)
2 Viewpoint Manager Service; "C:\Program Files\Viewpoint\Common\ViewpointService.exe" [24652 2007-01-04] (Viewpoint Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1055232 2009-04-10] (Microsoft Corporation)
2 W32Time; C:\Windows\System32\w32time.dll [282624 2009-04-10] (Microsoft Corporation)
2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [379784 2007-05-30] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [413696 2009-04-10] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32256 2006-11-02] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [73728 2008-01-20] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [73728 2008-01-20] (Microsoft Corporation)
2 WebClient; C:\Windows\System32\webclnt.dll [199680 2009-04-10] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [146944 2009-10-09] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [62976 2008-01-20] (Microsoft Corporation)
2 WerSvc; C:\Windows\System32\WerSvc.dll [126976 2009-04-10] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [377344 2009-08-24] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [162304 2009-04-10] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [1181696 2009-10-09] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [513536 2009-07-11] (Microsoft Corporation)
4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [51040 2010-09-22] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [1710464 2010-09-21] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [137728 2009-04-10] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [896512 2008-01-20] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [140288 2009-04-10] (Microsoft Corporation)
2 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [81920 2009-09-30] (Microsoft Corporation)
3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504 2010-03-18] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [61440 2009-04-10] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [441344 2009-04-10] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [1929952 2009-08-06] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [64512 2009-07-14] (Microsoft Corporation)
2 YahooAUService; "C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe" [602392 2008-11-09] (Yahoo! Inc.)
2 Akamai; c:\program files\common files\akamai\netsession_win_8832f4b.dll [x]
2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [x]

========================== Drivers ===========================

0 ACPI; C:\Windows\System32\drivers\acpi.sys [265688 2009-04-10] (Microsoft Corporation)
4 adp94xx; C:\Windows\System32\drivers\adp94xx.sys [422968 2008-01-20] (Adaptec, Inc.)
4 adpahci; C:\Windows\System32\drivers\adpahci.sys [300600 2008-01-20] (Adaptec, Inc.)
4 adpu160m; C:\Windows\System32\drivers\adpu160m.sys [101432 2008-01-20] (Adaptec, Inc.)
4 adpu320; C:\Windows\System32\drivers\adpu320.sys [149560 2008-01-20] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [273920 2009-04-10] (Microsoft Corporation)
3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1161888 2006-11-28] (Agere Systems)
3 agp440; C:\Windows\System32\drivers\agp440.sys [56376 2008-01-20] (Microsoft Corporation)
4 aic78xx; C:\Windows\System32\drivers\djsvs.sys [71272 2006-11-02] (Adaptec, Inc.)
4 aliide; C:\Windows\System32\drivers\aliide.sys [17464 2008-01-20] (Acer Laboratories Inc.)
3 amdagp; C:\Windows\System32\drivers\amdagp.sys [57400 2008-01-20] (Microsoft Corporation)
4 amdide; C:\Windows\System32\drivers\amdide.sys [17976 2008-01-20] (Microsoft Corporation)
4 AmdK7; C:\Windows\System32\drivers\amdk7.sys [41472 2008-01-20] (Microsoft Corporation)
4 AmdK8; C:\Windows\System32\drivers\amdk8.sys [44032 2008-01-20] (Microsoft Corporation)
4 arc; C:\Windows\System32\drivers\arc.sys [79416 2008-01-20] (Adaptec, Inc.)
4 arcsas; C:\Windows\System32\drivers\arcsas.sys [79928 2008-01-20] (Adaptec, Inc.)
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [19544 2011-05-10] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [53592 2011-05-10] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [25432 2011-05-10] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [441176 2011-05-10] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [307928 2011-05-10] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [49240 2011-05-10] (AVAST Software)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17408 2008-01-20] (Microsoft Corporation)
0 atapi; C:\Windows\System32\drivers\atapi.sys [19944 2009-04-10] (Microsoft Corporation)
4 blbdrive; C:\Windows\System32\drivers\blbdrive.sys [45568 2008-01-20] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\drivers\brfiltlo.sys [13568 2006-11-02] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\drivers\brfiltup.sys [5248 2006-11-02] (Brother Industries, Ltd.)
4 Brserid; C:\Windows\System32\drivers\brserid.sys [71808 2006-11-02] (Brother Industries Ltd.)
4 BrSerWdm; C:\Windows\System32\drivers\brserwdm.sys [62336 2006-11-02] (Brother Industries Ltd.)
4 BrUsbMdm; C:\Windows\System32\drivers\brusbmdm.sys [12160 2006-11-02] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\drivers\brusbser.sys [11904 2006-11-02] (Brother Industries Ltd.)
4 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [39936 2006-11-02] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70144 2008-01-20] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [67072 2009-04-10] (Microsoft Corporation)
4 circlass; C:\Windows\System32\drivers\circlass.sys [35328 2008-01-20] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14208 2008-01-20] (Microsoft Corporation)
4 cmdide; C:\Windows\System32\drivers\cmdide.sys [19000 2008-01-20] (CMD Technology, Inc.)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [20792 2008-01-20] (Microsoft Corporation)
0 crcdisk; C:\Windows\System32\drivers\crcdisk.sys [24632 2008-01-20] (Microsoft Corporation)
4 Crusoe; C:\Windows\System32\drivers\crusoe.sys [40960 2008-01-20] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [75264 2009-04-10] (Microsoft Corporation)
0 disk; C:\Windows\System32\drivers\disk.sys [53736 2009-04-10] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2008-01-20] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [638336 2011-01-20] (Microsoft Corporation)
3 E1G60; C:\Windows\System32\DRIVERS\E1G60I32.sys [118784 2008-01-20] (Intel Corporation)
0 Ecache; C:\Windows\System32\drivers\ecache.sys [141288 2009-04-10] (Microsoft Corporation)
4 elxstor; C:\Windows\System32\drivers\elxstor.sys [342584 2008-01-20] (Emulex)
4 ErrDev; C:\Windows\System32\drivers\errdev.sys [6656 2008-01-20] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [136704 2009-04-10] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [142848 2009-04-10] (Microsoft Corporation)
4 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2008-01-20] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58936 2008-01-20] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [27648 2008-01-20] (Microsoft Corporation)
4 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [20480 2008-01-20] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-10] (Microsoft Corporation)
3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [39272 2010-09-23] (Microsoft Corporation)
1 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [12800 2008-01-20] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [61496 2008-01-20] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26600 2010-01-25] (GEAR Software Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [236544 2009-04-10] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [561152 2009-04-10] (Microsoft Corporation)
4 HidBth; C:\Windows\System32\drivers\hidbth.sys [29184 2006-11-02] (Microsoft Corporation)
4 HidIr; C:\Windows\System32\drivers\hidir.sys [21504 2006-11-02] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [12800 2009-04-10] (Microsoft Corporation)
4 HpCISSs; C:\Windows\System32\drivers\hpcisss.sys [40504 2008-01-20] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [411648 2010-02-20] (Microsoft Corporation)
4 i2omp; C:\Windows\System32\drivers\i2omp.sys [30264 2008-01-20] (Microsoft Corporation)
1 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [54784 2008-01-20] (Microsoft Corporation)
4 iaStorV; C:\Windows\System32\drivers\iastorv.sys [235064 2008-01-20] (Intel Corporation)
4 iirsp; C:\Windows\System32\drivers\iirsp.sys [41576 2006-11-02] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHDA.sys [2058528 2008-01-30] (Realtek Semiconductor Corp.)
0 intelide; C:\Windows\System32\drivers\intelide.sys [17976 2008-01-20] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [41472 2008-01-20] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [47616 2008-01-20] (Microsoft Corporation)
4 IPMIDRV; C:\Windows\System32\drivers\ipmidrv.sys [64512 2008-01-20] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\DRIVERS\ipnat.sys [100864 2008-01-20] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13312 2008-01-20] (Microsoft Corporation)
4 isapnp; C:\Windows\System32\drivers\isapnp.sys [49720 2008-01-20] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [180712 2009-04-10] (Microsoft Corporation)
4 iteatapi; C:\Windows\System32\drivers\iteatapi.sys [35944 2006-11-02] (Integrated Technology Express, Inc.)
4 iteraid; C:\Windows\System32\drivers\iteraid.sys [35944 2006-11-02] (Integrated Technology Express, Inc.)
1 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [35384 2008-01-20] (Microsoft Corporation)
4 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [15872 2008-01-20] (Microsoft Corporation)
4 KR10I; C:\Windows\System32\drivers\kr10i.sys [219264 2006-11-08] (TOSHIBA CORPORATION)
4 KR10N; C:\Windows\System32\drivers\kr10n.sys [211072 2006-11-08] (TOSHIBA CORPORATION)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [439864 2009-06-15] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [47104 2008-01-20] (Microsoft Corporation)
0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
4 LSI_FC; C:\Windows\System32\drivers\lsi_fc.sys [96312 2008-01-20] (LSI Logic)
4 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [89656 2008-01-20] (LSI Logic)
4 LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [96312 2008-01-20] (LSI Logic)
2 luafv; C:\Windows\System32\drivers\luafv.sys [84480 2008-01-20] (Microsoft Corporation)
4 megasas; C:\Windows\System32\drivers\megasas.sys [31288 2008-01-20] (LSI Corporation)
4 MegaSR; C:\Windows\System32\drivers\megasr.sys [386616 2008-01-20] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2008-01-20] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [41984 2008-01-20] (Microsoft Corporation)
1 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [34360 2008-01-20] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [15872 2008-01-20] (Microsoft Corporation)
0 MountMgr; C:\Windows\System32\drivers\mountmgr.sys [57400 2008-01-20] (Microsoft Corporation)
4 mpio; C:\Windows\System32\drivers\mpio.sys [105016 2008-01-20] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [64000 2008-01-20] (Microsoft Corporation)
4 Mraid35x; C:\Windows\System32\drivers\mraid35x.sys [33384 2006-11-02] (LSI Logic Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [114688 2009-04-10] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [106496 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [213504 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [79360 2011-02-22] (Microsoft Corporation)
0 msahci; C:\Windows\System32\drivers\msahci.sys [27112 2009-04-10] (Microsoft Corporation)
4 msdsm; C:\Windows\System32\drivers\msdsm.sys [94776 2008-01-20] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2008-01-20] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [16440 2008-01-20] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8192 2008-01-20] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2008-01-20] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2008-01-20] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [161752 2009-04-10] (Microsoft Corporation)
3 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [31288 2008-01-20] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6016 2008-01-20] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [48104 2009-04-10] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [148480 2009-04-10] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [527848 2009-04-10] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2008-01-20] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [16896 2008-01-20] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [121344 2009-04-10] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [49664 2008-01-20] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [35840 2008-01-20] (Microsoft Corporation)
1 netbt; C:\Windows\System32\DRIVERS\netbt.sys [185856 2009-04-10] (Microsoft Corporation)
3 NETw4v32; C:\Windows\System32\DRIVERS\NETw4v32.sys [2251776 2007-09-26] (Intel Corporation)
4 nfrd960; C:\Windows\System32\drivers\nfrd960.sys [45160 2006-11-02] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-04-10] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16384 2008-01-20] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-10] (Microsoft Corporation)
4 ntrigdigi; C:\Windows\System32\drivers\ntrigdigi.sys [20608 2006-11-01] (N-trig Innovative Technologies)
3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2008-01-20] (Microsoft Corporation)
3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7549568 2008-08-01] (NVIDIA Corporation)
4 nvraid; C:\Windows\System32\drivers\nvraid.sys [102968 2008-01-20] (NVIDIA Corporation)
4 nvstor; C:\Windows\System32\drivers\nvstor.sys [45112 2008-01-20] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [109112 2008-01-20] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [62208 2009-04-10] (Microsoft Corporation)
3 Parport; C:\Windows\System32\drivers\parport.sys [79360 2006-11-02] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [54248 2009-04-10] (Microsoft Corporation)
2 Parvdm; C:\Windows\System32\drivers\parvdm.sys [8704 2006-11-02] (Microsoft Corporation)
0 pci; C:\Windows\System32\drivers\pci.sys [149480 2009-04-10] (Microsoft Corporation)
4 pciide; C:\Windows\System32\drivers\pciide.sys [16440 2008-01-20] (Microsoft Corporation)
0 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [177640 2009-04-10] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [878080 2006-11-02] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [62976 2008-01-20] (Microsoft Corporation)
4 Processor; C:\Windows\System32\drivers\processr.sys [40960 2008-01-20] (Microsoft Corporation)
1 PSched; C:\Windows\System32\DRIVERS\pacer.sys [72192 2009-04-10] (Microsoft Corporation)
0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36560 2006-09-27] (Sonic Solutions)
4 ql2300; C:\Windows\System32\drivers\ql2300.sys [1122360 2008-01-20] (QLogic Corporation)
4 ql40xx; C:\Windows\System32\drivers\ql40xx.sys [106088 2006-11-02] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [31232 2008-01-20] (Microsoft Corporation)
1 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2008-01-20] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [76288 2008-01-20] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [41472 2009-04-10] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [69120 2009-04-10] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [225280 2009-04-10] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6144 2008-01-20] (Microsoft Corporation)
4 rdpdr; C:\Windows\System32\drivers\rdpdr.sys [248832 2008-01-20] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6144 2008-01-20] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [180736 2009-04-10] (Microsoft Corporation)
3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial.sys [27136 2009-01-09] (Research in Motion Ltd)
3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [8192 2008-01-20] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60416 2008-01-20] (Microsoft Corporation)
3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [81408 2007-04-30] (Realtek Corporation )
4 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [76392 2006-11-02] (Microsoft Corporation)
3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [89088 2009-04-10] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2006-11-01] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\drivers\serenum.sys [17920 2006-11-02] (Microsoft Corporation)
3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2006-11-02] (Microsoft Corporation)
4 sermouse; C:\Windows\System32\drivers\sermouse.sys [19968 2008-01-20] (Microsoft Corporation)
4 sffdisk; C:\Windows\System32\drivers\sffdisk.sys [13312 2008-01-20] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\drivers\sffp_mmc.sys [12288 2008-01-20] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\drivers\sffp_sd.sys [11776 2008-01-20] (Microsoft Corporation)
4 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [13312 2006-11-02] (Microsoft Corporation)
3 sisagp; C:\Windows\System32\drivers\sisagp.sys [55864 2008-01-20] (Microsoft Corporation)
4 SiSRaid2; C:\Windows\System32\drivers\sisraid2.sys [41016 2008-01-20] (Microsoft Corporation)
4 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [74808 2008-01-20] (Silicon Integrated Systems)
1 Smb; C:\Windows\System32\DRIVERS\smb.sys [66560 2009-04-10] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [21048 2008-01-20] (Microsoft Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-08-31] (Duplex Secure Ltd.)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [305152 2011-02-18] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [146432 2011-02-18] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [102400 2011-02-18] (Microsoft Corporation)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [15288 2008-01-20] (Microsoft Corporation)
4 Symc8xx; C:\Windows\System32\drivers\symc8xx.sys [35944 2006-11-02] (LSI Logic)
4 Sym_hi; C:\Windows\System32\drivers\sym_hi.sys [31848 2006-11-02] (LSI Logic)
4 Sym_u3; C:\Windows\System32\drivers\sym_u3.sys [34920 2006-11-02] (LSI Logic)
3 SynTP; C:\Windows\System32\DRIVERS\SynTP.sys [208688 2009-03-20] (Synaptics Incorporated)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [905088 2010-06-16] (Microsoft Corporation)
3 Tcpip6; C:\Windows\System32\DRIVERS\tcpip.sys [905088 2010-06-16] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [30720 2009-12-08] (Microsoft Corporation)
3 TcUsb; C:\Windows\System32\Drivers\tcusb.sys [39056 2006-12-03] (UPEK Inc.)
3 tdcmdpst; C:\Windows\System32\DRIVERS\tdcmdpst.sys [16128 2006-10-18] (TOSHIBA Corporation.)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2008-01-20] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [29184 2008-01-20] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [72192 2009-04-10] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [53224 2009-04-10] (Microsoft Corporation)
3 tifm21; C:\Windows\System32\drivers\tifm21.sys [290304 2007-01-24] (Texas Instruments)
3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation)
3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [131584 2007-12-26] (TOSHIBA CORPORATION)
3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36608 2007-11-29] (TOSHIBA Corporation)
1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64128 2007-10-02] (TOSHIBA Corporation)
3 tosrfec; C:\Windows\System32\DRIVERS\tosrfec.sys [9728 2009-06-01] (TOSHIBA Corporation)
3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [74240 2007-11-29] (TOSHIBA Corporation.)
3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-07] (TOSHIBA Corporation.)
3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [54144 2008-01-22] (TOSHIBA Corporation)
3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41856 2007-10-18] (TOSHIBA CORPORATION)
0 tos_sps32; C:\Windows\System32\DRIVERS\tos_sps32.sys [285184 2008-01-21] (TOSHIBA Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [23552 2008-01-20] (Microsoft Corporation)
3 tunmp; C:\Windows\System32\DRIVERS\tunmp.sys [15360 2008-01-20] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [25088 2010-02-18] (Microsoft Corporation)
0 TVALZ; C:\Windows\System32\DRIVERS\TVALZ_O.SYS [23640 2007-11-09] (TOSHIBA Corporation)
3 uagp35; C:\Windows\System32\drivers\uagp35.sys [59448 2008-01-20] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [226816 2009-04-10] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [60984 2008-01-20] (Microsoft Corporation)
4 uliahci; C:\Windows\System32\drivers\uliahci.sys [238648 2008-01-20] (ULi Electronics Inc.)
4 UlSata; C:\Windows\System32\drivers\ulsata.sys [98408 2006-11-02] (Promise Technology, Inc.)
4 ulsata2; C:\Windows\System32\drivers\ulsata2.sys [115816 2008-01-20] (Promise Technology, Inc.)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [34816 2008-01-20] (Microsoft Corporation)
3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2011-02-18] (Apple, Inc.)
3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [73216 2009-04-10] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [73216 2008-01-20] (Microsoft Corporation)
4 usbcir; C:\Windows\System32\drivers\usbcir.sys [68608 2006-11-02] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [39936 2009-04-10] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [196096 2009-04-10] (Microsoft Corporation)
4 usbohci; C:\Windows\System32\drivers\usbohci.sys [19456 2006-11-02] (Microsoft Corporation)
4 usbprint; C:\Windows\System32\drivers\usbprint.sys [18944 2006-11-02] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [65536 2009-04-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [23552 2008-01-20] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [134016 2008-01-20] (Microsoft Corporation)
3 usb_rndisx; C:\Windows\System32\DRIVERS\usb8023x.sys [15872 2009-04-10] (Microsoft Corporation)
3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2008-01-20] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2008-01-20] (Microsoft Corporation)
3 viaagp; C:\Windows\System32\drivers\viaagp.sys [56888 2008-01-20] (Microsoft Corporation)
4 ViaC7; C:\Windows\System32\drivers\viac7.sys [41472 2008-01-20] (Microsoft Corporation)
4 viaide; C:\Windows\System32\drivers\viaide.sys [20024 2008-01-20] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\drivers\volmgr.sys [52792 2008-01-20] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [292840 2009-04-10] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\drivers\volsnap.sys [226280 2009-04-10] (Microsoft Corporation)
4 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [130616 2008-01-20] (VIA Technologies Inc.,Ltd)
4 WacomPen; C:\Windows\System32\drivers\wacompen.sys [20608 2006-11-02] (Microsoft Corporation)
3 Wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [62464 2008-01-20] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [62464 2008-01-20] (Microsoft Corporation)
4 Wd; C:\Windows\System32\drivers\wd.sys [22072 2008-01-20] (Microsoft Corporation)
3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [11520 2008-05-06] (Western Digital Technologies)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [445008 2009-07-14] (Microsoft Corporation)
3 WinUSB; C:\Windows\System32\DRIVERS\WinUSB.sys [31616 2008-01-20] (Microsoft Corporation)
4 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [11264 2008-01-20] (Microsoft Corporation)
3 WpdUsb; C:\Windows\System32\DRIVERS\wpdusb.sys [40448 2009-09-30] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [15872 2008-01-20] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2009-07-14] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2009-07-14] (Microsoft Corporation)
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 msiserver; C:\Windows\System32\msiexec /V [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [x]
3 TpChoice; C:\Windows\System32\DRIVERS\TpChoice.sys [x]
3 XDva385; \??\C:\Windows\system32\XDva385.sys [x]

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-04 15:40 - 2011-06-04 15:40 - 0143360 ____A C:\Windows\Minidump\Mini060411-01.dmp
2011-06-02 21:22 - 2011-06-02 21:22 - 0000000 ____A C:\Users\Richard s\AppData\Local\{D75AE092-57D0-4468-8F20-467B246613AE}
2011-06-02 21:21 - 2011-06-02 21:21 - 0143360 ____A C:\Windows\Minidump\Mini060211-14.dmp
2011-06-02 21:19 - 2011-06-02 21:19 - 0143360 ____A C:\Windows\Minidump\Mini060211-13.dmp
2011-06-02 18:25 - 2011-06-02 18:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-12.dmp
2011-06-02 18:03 - 2011-06-02 18:03 - 0143360 ____A C:\Windows\Minidump\Mini060211-11.dmp
2011-06-02 18:01 - 2011-06-02 18:01 - 0143360 ____A C:\Windows\Minidump\Mini060211-10.dmp
2011-06-02 18:01 - 2011-06-02 18:01 - 0000000 ____A C:\Users\richard2\AppData\Local\{E9A95CB7-7239-45A6-A8BB-99FED9C2CC87}
2011-06-02 16:52 - 2011-06-02 16:52 - 0143360 ____A C:\Windows\Minidump\Mini060211-09.dmp
2011-06-02 16:25 - 2011-06-02 16:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-08.dmp
2011-06-02 16:23 - 2011-06-02 16:23 - 0000000 ____A C:\Users\Richard s\AppData\Local\{EF51B675-12E0-4286-9C92-8A02FBA753B7}
2011-06-02 15:30 - 2011-06-02 15:30 - 0143360 ____A C:\Windows\Minidump\Mini060211-07.dmp
2011-06-02 15:27 - 2011-06-02 15:27 - 0143360 ____A C:\Windows\Minidump\Mini060211-06.dmp
2011-06-02 15:25 - 2011-06-02 15:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-05.dmp
2011-06-02 15:23 - 2011-06-02 15:23 - 0000000 ____A C:\Users\Richard s\AppData\Local\{FB936808-5442-4743-880D-B6056C8427F1}
2011-06-02 15:22 - 2011-06-02 15:22 - 0139096 ____A C:\Windows\Minidump\Mini060211-04.dmp
2011-06-02 15:04 - 2011-06-02 15:04 - 0143360 ____A C:\Windows\Minidump\Mini060211-03.dmp
2011-06-02 15:04 - 2011-06-02 15:04 - 0000000 ____A C:\Users\Richard s\AppData\Local\{9E8D0678-786C-48AD-9B1B-40F357B94CCD}
2011-06-02 15:01 - 2011-06-02 15:01 - 0143360 ____A C:\Windows\Minidump\Mini060211-02.dmp
2011-06-02 15:00 - 2011-06-02 15:00 - 0000000 ____A C:\Users\Richard s\AppData\Local\{7D20DCA0-E9C9-4AC5-987C-24EEEA3F3721}
2011-06-02 14:56 - 2011-06-04 15:39 - 316587449 ____A C:\Windows\MEMORY.DMP
2011-06-02 14:56 - 2011-06-02 14:56 - 0143360 ____A C:\Windows\Minidump\Mini060211-01.dmp
2011-06-01 19:56 - 2011-06-01 19:56 - 0000000 ____D C:\Users\All Users\WindowsSearch
2011-06-01 19:56 - 2011-06-01 19:56 - 0000000 ____D C:\ProgramData\WindowsSearch
2011-06-01 17:12 - 2011-06-02 18:06 - 0000292 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2181276184-2582907876-741267775-1002.job
2011-06-01 06:23 - 2011-06-01 06:23 - 0000000 ____D C:\Users\richard2\AppData\Roaming\ParetoLogic
2011-06-01 06:23 - 2011-06-01 06:23 - 0000000 ____D C:\Users\richard2\AppData\Roaming\DriverCure
2011-05-31 21:55 - 2011-05-31 21:55 - 0000000 ____D C:\Users\Richard s\AppData\Local\{4F3DC1EA-8524-4B69-ABEC-753269C6A90B}
2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\Users\All Users\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\ProgramData\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0099480 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\Users\All Users\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\ProgramData\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\Users\All Users\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\ProgramData\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\Users\All Users\~37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\ProgramData\~37412600
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\Users\All Users\AhGkYJyFIC.exe
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\ProgramData\AhGkYJyFIC.exe
2011-05-31 21:20 - 2011-05-31 21:20 - 0000000 ____D C:\Adobe
2011-05-31 19:13 - 2011-06-01 19:30 - 0000294 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2181276184-2582907876-741267775-1001.job
2011-05-31 14:07 - 2011-05-31 14:07 - 0000000 ____D C:\Users\Richard s\AppData\Local\{2D963F91-53A8-4F7D-A1B7-79889A4FDCCD}
2011-05-30 21:15 - 2011-05-30 21:15 - 0000000 ____D C:\Windows\Sun
2011-05-30 12:22 - 2011-05-30 12:22 - 0000000 ____D C:\Users\Richard s\AppData\Local\{516EC79D-CD83-4497-9733-119CBEEE8307}
2011-05-29 17:17 - 2011-05-29 17:17 - 0000000 ____D C:\Users\richard2\AppData\Roaming\CyberDefender
2011-05-29 16:04 - 2011-05-29 16:04 - 0143312 ____A C:\Windows\Minidump\Mini052911-01.dmp
2011-05-29 14:15 - 2011-05-30 17:00 - 0000452 ____A C:\Windows\Tasks\ParetoLogic Registration3.job
2011-05-29 14:14 - 2011-05-29 16:05 - 0000426 ____A C:\Windows\Tasks\ParetoLogic Update Version3.job
2011-05-29 14:14 - 2011-05-29 16:05 - 0000384 ____A C:\Windows\Tasks\PC Health Advisor Defrag.job
2011-05-29 14:14 - 2011-05-29 16:05 - 0000366 ____A C:\Windows\Tasks\PC Health Advisor.job
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ___HD C:\Program Files\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ___HD C:\Program Files\Common Files\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\DriverCure
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\All Users\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\ProgramData\ParetoLogic
2011-05-29 08:56 - 2011-05-29 08:56 - 0000000 ____D C:\Users\Richard s\AppData\Local\{9E829CAF-2CF9-4D3D-B872-58C81AD8BC44}
2011-05-28 22:27 - 2011-06-02 21:12 - 0001356 ____A C:\Users\Richard s\AppData\Local\d3d9caps.dat
2011-05-28 22:17 - 2011-05-28 22:17 - 0000000 ___HD C:\Program Files\CyberDefender
2011-05-28 22:17 - 2011-05-28 22:17 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\CyberDefender
2011-05-28 22:16 - 2011-05-28 22:17 - 0005867 ____A C:\CD3rdPartyWrapper.log
2011-05-28 18:21 - 2011-05-28 18:21 - 0000000 ____D C:\Users\Richard s\AppData\Local\{9B3BA507-911D-4E45-8CFA-46233D5A3A1F}
2011-05-28 17:34 - 2011-05-28 17:34 - 0000000 ____D C:\Users\All Users\Sun
2011-05-28 17:34 - 2011-05-28 17:34 - 0000000 ____D C:\ProgramData\Sun
2011-05-28 17:33 - 2011-05-28 17:33 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2011-05-28 17:33 - 2011-05-28 17:33 - 0153376 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2011-05-28 17:33 - 2011-05-28 17:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2011-05-28 17:33 - 2011-05-28 17:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2011-05-27 06:40 - 2011-05-27 06:58 - 2377931650 ____A C:\Users\richard2\Desktop\MSSetupv98.exe.downloading
2011-05-27 06:38 - 2011-05-27 06:38 - 1926768 ____A C:\Users\richard2\Downloads\MSDownloaderV98.exe
2011-05-26 06:48 - 2011-05-27 06:54 - 680794248 ____A C:\Users\richard2\Downloads\FullPakTrickster.exe
2011-05-25 15:33 - 2011-05-25 15:34 - 0000000 ____D C:\Users\Richard s\AppData\Local\{B50FA95F-A5A1-486B-97AF-50D31FDD86B5}
2011-05-23 14:21 - 2011-05-31 04:37 - 0000808 ____A C:\Windows\System32\spsys.log
2011-05-21 17:36 - 2011-05-21 17:36 - 0479248 ____A C:\Users\richard2\Downloads\VirtualFamilies-setup.exe
2011-05-18 16:56 - 2011-05-18 16:56 - 0000000 ____D C:\Users\Richard s\AppData\Local\{A0B676A9-BAB2-4FB0-A4B3-697C02C84CA4}
2011-05-17 22:26 - 2011-05-18 22:27 - 0030720 ____A C:\Users\Richard s\Documents\Dwight David.doc
2011-05-17 14:05 - 2011-05-10 04:03 - 0441176 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ___HD C:\Program Files\Yontoo Layers Client
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\Users\Richard s\AppData\Local\Conduit
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\Users\All Users\Tarma Installer
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\ProgramData\Tarma Installer
2011-05-16 14:20 - 2011-05-16 14:20 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2011-05-14 21:08 - 2011-05-14 21:08 - 0000000 ____D C:\Users\Richard s\AppData\Local\{42C817AD-0990-408F-9B75-BEC46DEA3810}
2011-05-14 13:04 - 2011-05-14 13:04 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515(2).exe
2011-05-13 19:23 - 2011-05-13 19:39 - 0000000 ____D C:\Users\richard2\AppData\Roaming\uTorrent
2011-05-13 19:12 - 2011-05-13 19:12 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515(1).exe
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ___HD C:\Program Files\PopCap Games
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ____D C:\Users\All Users\PopCap Games
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ____D C:\ProgramData\PopCap Games
2011-05-13 15:33 - 2011-05-13 15:33 - 0000000 ___HD C:\Program Files\playfingamestoolbar
2011-05-13 15:31 - 2011-05-13 15:31 - 0000000 ___HD C:\Program Files\Shop to Win 9
2011-05-13 15:31 - 2011-05-13 15:31 - 0000000 ___HD C:\Program Files\Common Files\FreeCause
2011-05-13 15:30 - 2011-05-13 15:32 - 0003830 ____A C:\scramble.log
2011-05-12 14:08 - 2011-05-12 14:08 - 0000000 ____D C:\Users\Richard s\AppData\Local\{7E41349C-2A03-4CFC-AECF-C01839528740}
2011-05-12 06:19 - 2011-05-23 06:20 - 0000000 ____D C:\Users\richard2\AppData\Roaming\GetRightToGo
2011-05-12 06:18 - 2011-05-12 06:18 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515.exe
2011-05-11 21:25 - 2011-05-12 21:28 - 0028160 ____A C:\Users\Richard s\Documents\Chapter 17 Section 4.doc
2011-05-10 18:00 - 2011-05-09 17:04 - 28845534 ____A C:\Users\Richard s\French Project avec Aldrynne_0001.wmv
2011-05-09 17:17 - 2011-05-09 17:17 - 0000162 ___AH C:\Users\Richard s\Documents\~$apter 17 Section 1.doc
2011-05-09 16:51 - 2011-05-09 16:52 - 0000000 ____D C:\Users\Richard s\AppData\Local\{F15F309A-2D5D-4C33-A141-7CA245C99916}
2011-05-08 07:55 - 2011-05-08 07:55 - 0000000 ____D C:\Users\Richard s\AppData\Local\{3E9D783F-A1D3-4EFB-8554-7248EEE2E942}
2011-05-06 06:27 - 2010-01-13 16:48 - 0230752 ____A C:\Windows\patchw32.dll
2011-05-06 06:27 - 2010-01-13 16:48 - 0118176 ____A C:\Windows\patchw.dll
2011-05-06 06:14 - 2011-05-06 06:14 - 0000000 ___HD C:\Program Files\Outspark


============ 3 Months Modified Files and folders =============

2011-06-04 16:51 - 2011-06-04 16:51 - 0000000 ____D C:\FRST
2011-06-04 15:40 - 2011-06-04 15:40 - 0143360 ____A C:\Windows\Minidump\Mini060411-01.dmp
2011-06-04 15:40 - 2010-10-24 14:35 - 0078644 ____A C:\Users\All Users\nvModes.001
2011-06-04 15:40 - 2010-10-24 14:35 - 0078644 ____A C:\ProgramData\nvModes.001
2011-06-04 15:40 - 2010-06-28 11:55 - 0000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-06-04 15:40 - 2009-04-14 18:47 - 0000000 ____D C:\Windows\Minidump
2011-06-04 15:40 - 2006-11-02 05:01 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-04 15:40 - 2006-11-02 04:47 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-04 15:40 - 2006-11-02 04:47 - 0003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-04 15:39 - 2011-06-02 14:56 - 316587449 ____A C:\Windows\MEMORY.DMP
2011-06-02 21:22 - 2011-06-02 21:22 - 0000000 ____A C:\Users\Richard s\AppData\Local\{D75AE092-57D0-4468-8F20-467B246613AE}
2011-06-02 21:21 - 2011-06-02 21:21 - 0143360 ____A C:\Windows\Minidump\Mini060211-14.dmp
2011-06-02 21:21 - 2010-04-30 21:23 - 0000000 ___HD C:\Program Files\Common Files\Akamai
2011-06-02 21:19 - 2011-06-02 21:19 - 0143360 ____A C:\Windows\Minidump\Mini060211-13.dmp
2011-06-02 21:13 - 2008-06-12 11:15 - 1096654 ____A C:\Windows\WindowsUpdate.log
2011-06-02 21:12 - 2011-05-28 22:27 - 0001356 ____A C:\Users\Richard s\AppData\Local\d3d9caps.dat
2011-06-02 21:09 - 2010-12-19 23:58 - 2482262 ____A C:\Windows\ntbtlog.txt
2011-06-02 18:25 - 2011-06-02 18:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-12.dmp
2011-06-02 18:06 - 2011-06-01 17:12 - 0000292 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2181276184-2582907876-741267775-1002.job
2011-06-02 18:03 - 2011-06-02 18:03 - 0143360 ____A C:\Windows\Minidump\Mini060211-11.dmp
2011-06-02 18:01 - 2011-06-02 18:01 - 0143360 ____A C:\Windows\Minidump\Mini060211-10.dmp
2011-06-02 18:01 - 2011-06-02 18:01 - 0000000 ____A C:\Users\richard2\AppData\Local\{E9A95CB7-7239-45A6-A8BB-99FED9C2CC87}
2011-06-02 16:52 - 2011-06-02 16:52 - 0143360 ____A C:\Windows\Minidump\Mini060211-09.dmp
2011-06-02 16:50 - 2006-11-02 05:01 - 0032564 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-06-02 16:42 - 2011-04-25 19:17 - 0002609 ____A C:\Users\Richard s\Desktop\Microsoft Office Word 2003.lnk
2011-06-02 16:25 - 2011-06-02 16:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-08.dmp
2011-06-02 16:23 - 2011-06-02 16:23 - 0000000 ____A C:\Users\Richard s\AppData\Local\{EF51B675-12E0-4286-9C92-8A02FBA753B7}
2011-06-02 15:30 - 2011-06-02 15:30 - 0143360 ____A C:\Windows\Minidump\Mini060211-07.dmp
2011-06-02 15:27 - 2011-06-02 15:27 - 0143360 ____A C:\Windows\Minidump\Mini060211-06.dmp
2011-06-02 15:25 - 2011-06-02 15:25 - 0143360 ____A C:\Windows\Minidump\Mini060211-05.dmp
2011-06-02 15:23 - 2011-06-02 15:23 - 0000000 ____A C:\Users\Richard s\AppData\Local\{FB936808-5442-4743-880D-B6056C8427F1}
2011-06-02 15:22 - 2011-06-02 15:22 - 0139096 ____A C:\Windows\Minidump\Mini060211-04.dmp
2011-06-02 15:04 - 2011-06-02 15:04 - 0143360 ____A C:\Windows\Minidump\Mini060211-03.dmp
2011-06-02 15:04 - 2011-06-02 15:04 - 0000000 ____A C:\Users\Richard s\AppData\Local\{9E8D0678-786C-48AD-9B1B-40F357B94CCD}
2011-06-02 15:01 - 2011-06-02 15:01 - 0143360 ____A C:\Windows\Minidump\Mini060211-02.dmp
2011-06-02 15:00 - 2011-06-02 15:00 - 0000000 ____A C:\Users\Richard s\AppData\Local\{7D20DCA0-E9C9-4AC5-987C-24EEEA3F3721}
2011-06-02 14:57 - 2010-01-24 10:27 - 0125440 ____A C:\Users\Richard s\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-06-02 14:56 - 2011-06-02 14:56 - 0143360 ____A C:\Windows\Minidump\Mini060211-01.dmp
2011-06-01 19:56 - 2011-06-01 19:56 - 0000000 ____D C:\Users\All Users\WindowsSearch
2011-06-01 19:56 - 2011-06-01 19:56 - 0000000 ____D C:\ProgramData\WindowsSearch
2011-06-01 19:30 - 2011-05-31 19:13 - 0000294 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2181276184-2582907876-741267775-1001.job
2011-06-01 17:06 - 2010-10-24 14:35 - 0078644 ____A C:\Users\All Users\nvModes.dat
2011-06-01 17:06 - 2010-10-24 14:35 - 0078644 ____A C:\ProgramData\nvModes.dat
2011-06-01 10:12 - 2010-06-28 11:55 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-06-01 06:23 - 2011-06-01 06:23 - 0000000 ____D C:\Users\richard2\AppData\Roaming\ParetoLogic
2011-06-01 06:23 - 2011-06-01 06:23 - 0000000 ____D C:\Users\richard2\AppData\Roaming\DriverCure
2011-05-31 21:55 - 2011-05-31 21:55 - 0000000 ____D C:\Users\Richard s\AppData\Local\{4F3DC1EA-8524-4B69-ABEC-753269C6A90B}
2011-05-31 21:55 - 2010-12-12 14:21 - 0000000 ____D C:\Users\Richard s\AppData\Local\Windows Live
2011-05-31 21:55 - 2010-10-24 14:08 - 0000000 ____D C:\Users\Richard s\Tracing
2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\Users\All Users\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\ProgramData\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0099480 ____A C:\Windows\System32\GDIPFONTCACHEV1.DAT
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\Users\All Users\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\ProgramData\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\Users\All Users\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\ProgramData\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\Users\All Users\~37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\ProgramData\~37412600
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\Users\All Users\AhGkYJyFIC.exe
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\ProgramData\AhGkYJyFIC.exe
2011-05-31 21:20 - 2011-05-31 21:20 - 0000000 ____D C:\Adobe
2011-05-31 14:07 - 2011-05-31 14:07 - 0000000 ____D C:\Users\Richard s\AppData\Local\{2D963F91-53A8-4F7D-A1B7-79889A4FDCCD}
2011-05-31 04:37 - 2011-05-23 14:21 - 0000808 ____A C:\Windows\System32\spsys.log
2011-05-30 21:15 - 2011-05-30 21:15 - 0000000 ____D C:\Windows\Sun
2011-05-30 18:24 - 2010-04-19 16:22 - 0000000 ____D C:\Users\Richard s\AppData\Local\CrashDumps
2011-05-30 17:00 - 2011-05-29 14:15 - 0000452 ____A C:\Windows\Tasks\ParetoLogic Registration3.job
2011-05-30 12:22 - 2011-05-30 12:22 - 0000000 ____D C:\Users\Richard s\AppData\Local\{516EC79D-CD83-4497-9733-119CBEEE8307}
2011-05-29 17:22 - 2011-01-07 22:53 - 0000000 ____D C:\Users\richard2\AppData\LocalLow
2011-05-29 17:17 - 2011-05-29 17:17 - 0000000 ____D C:\Users\richard2\AppData\Roaming\CyberDefender
2011-05-29 16:05 - 2011-05-29 14:14 - 0000426 ____A C:\Windows\Tasks\ParetoLogic Update Version3.job
2011-05-29 16:05 - 2011-05-29 14:14 - 0000384 ____A C:\Windows\Tasks\PC Health Advisor Defrag.job
2011-05-29 16:05 - 2011-05-29 14:14 - 0000366 ____A C:\Windows\Tasks\PC Health Advisor.job
2011-05-29 16:04 - 2011-05-29 16:04 - 0143312 ____A C:\Windows\Minidump\Mini052911-01.dmp
2011-05-29 14:25 - 2011-04-28 08:45 - 0000997 ____A C:\Users\richard2\Desktop\TalesRunner.lnk
2011-05-29 14:25 - 2006-11-02 03:17 - 0000000 __SHD C:\$Recycle.Bin
2011-05-29 14:24 - 2011-04-28 08:45 - 0001039 ____A C:\Users\Richard s\Desktop\TalesRunner.lnk
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ___HD C:\Program Files\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ___HD C:\Program Files\Common Files\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\DriverCure
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\Users\All Users\ParetoLogic
2011-05-29 14:14 - 2011-05-29 14:14 - 0000000 ____D C:\ProgramData\ParetoLogic
2011-05-29 08:56 - 2011-05-29 08:56 - 0000000 ____D C:\Users\Richard s\AppData\Local\{9E829CAF-2CF9-4D3D-B872-58C81AD8BC44}
2011-05-28 23:35 - 2008-12-27 09:59 - 0000000 ___HD C:\Program Files\Real
2011-05-28 22:17 - 2011-05-28 22:17 - 0000000 ___HD C:\Program Files\CyberDefender
2011-05-28 22:17 - 2011-05-28 22:17 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\CyberDefender
2011-05-28 22:17 - 2011-05-28 22:16 - 0005867 ____A C:\CD3rdPartyWrapper.log
2011-05-28 18:21 - 2011-05-28 18:21 - 0000000 ____D C:\Users\Richard s\AppData\Local\{9B3BA507-911D-4E45-8CFA-46233D5A3A1F}
2011-05-28 17:34 - 2011-05-28 17:34 - 0000000 ____D C:\Users\All Users\Sun
2011-05-28 17:34 - 2011-05-28 17:34 - 0000000 ____D C:\ProgramData\Sun
2011-05-28 17:34 - 2008-02-18 17:53 - 0000000 ___HD C:\Program Files\Common Files\Java
2011-05-28 17:33 - 2011-05-28 17:33 - 0472808 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll
2011-05-28 17:33 - 2011-05-28 17:33 - 0153376 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2011-05-28 17:33 - 2011-05-28 17:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe
2011-05-28 17:33 - 2011-05-28 17:33 - 0145184 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe
2011-05-27 17:10 - 2006-11-02 02:33 - 0709582 ____A C:\Windows\System32\PerfStringBackup.INI
2011-05-27 17:10 - 2006-11-02 02:33 - 0608644 ____A C:\Windows\System32\perfh009.dat
2011-05-27 17:10 - 2006-11-02 02:33 - 0106114 ____A C:\Windows\System32\perfc009.dat
2011-05-27 06:58 - 2011-05-27 06:40 - 2377931650 ____A C:\Users\richard2\Desktop\MSSetupv98.exe.downloading
2011-05-27 06:58 - 2011-04-27 08:47 - 0000000 ____D C:\Users\richard2\AppData\Local\PMB Files
2011-05-27 06:54 - 2011-05-26 06:48 - 680794248 ____A C:\Users\richard2\Downloads\FullPakTrickster.exe
2011-05-27 06:49 - 2011-04-27 09:02 - 0000000 ____D C:\Users\richard2\AppData\Local\CrashDumps
2011-05-27 06:40 - 2010-05-21 16:59 - 0000000 ____D C:\Users\All Users\PMB Files
2011-05-27 06:40 - 2010-05-21 16:59 - 0000000 ____D C:\ProgramData\PMB Files
2011-05-27 06:38 - 2011-05-27 06:38 - 1926768 ____A C:\Users\richard2\Downloads\MSDownloaderV98.exe
2011-05-25 15:34 - 2011-05-25 15:33 - 0000000 ____D C:\Users\Richard s\AppData\Local\{B50FA95F-A5A1-486B-97AF-50D31FDD86B5}
2011-05-23 06:20 - 2011-05-12 06:19 - 0000000 ____D C:\Users\richard2\AppData\Roaming\GetRightToGo
2011-05-21 17:36 - 2011-05-21 17:36 - 0479248 ____A C:\Users\richard2\Downloads\VirtualFamilies-setup.exe
2011-05-18 22:27 - 2011-05-17 22:26 - 0030720 ____A C:\Users\Richard s\Documents\Dwight David.doc
2011-05-18 16:56 - 2011-05-18 16:56 - 0000000 ____D C:\Users\Richard s\AppData\Local\{A0B676A9-BAB2-4FB0-A4B3-697C02C84CA4}
2011-05-17 14:05 - 2006-11-02 02:23 - 0002577 ____A C:\Windows\System32\config.nt
2011-05-16 16:09 - 2008-01-20 18:47 - 0625484 ____A C:\Windows\PFRO.log
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ___HD C:\Program Files\Yontoo Layers Client
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\Users\Richard s\AppData\Local\Conduit
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\Users\All Users\Tarma Installer
2011-05-16 16:03 - 2011-05-16 16:03 - 0000000 ____D C:\ProgramData\Tarma Installer
2011-05-16 16:03 - 2010-05-04 19:03 - 0000000 ___HD C:\Program Files\PageRage
2011-05-16 14:20 - 2011-05-16 14:20 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2011-05-14 21:08 - 2011-05-14 21:08 - 0000000 ____D C:\Users\Richard s\AppData\Local\{42C817AD-0990-408F-9B75-BEC46DEA3810}
2011-05-14 13:04 - 2011-05-14 13:04 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515(2).exe
2011-05-14 11:29 - 2011-01-07 22:55 - 0000000 ____D C:\Users\richard2\AppData\Roaming\Real
2011-05-14 10:37 - 2011-04-27 07:56 - 0000000 ____D C:\Users\richard2\AppData\Local\Google
2011-05-13 19:39 - 2011-05-13 19:23 - 0000000 ____D C:\Users\richard2\AppData\Roaming\uTorrent
2011-05-13 19:12 - 2011-05-13 19:12 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515(1).exe
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ___HD C:\Program Files\PopCap Games
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ____D C:\Users\All Users\PopCap Games
2011-05-13 15:50 - 2011-05-13 15:50 - 0000000 ____D C:\ProgramData\PopCap Games
2011-05-13 15:33 - 2011-05-13 15:33 - 0000000 ___HD C:\Program Files\playfingamestoolbar
2011-05-13 15:33 - 2010-01-24 10:14 - 0000000 ____D C:\Users\Richard s\AppData\LocalLow
2011-05-13 15:32 - 2011-05-13 15:30 - 0003830 ____A C:\scramble.log
2011-05-13 15:31 - 2011-05-13 15:31 - 0000000 ___HD C:\Program Files\Shop to Win 9
2011-05-13 15:31 - 2011-05-13 15:31 - 0000000 ___HD C:\Program Files\Common Files\FreeCause
2011-05-13 15:30 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\Resources
2011-05-12 21:28 - 2011-05-11 21:25 - 0028160 ____A C:\Users\Richard s\Documents\Chapter 17 Section 4.doc
2011-05-12 14:08 - 2011-05-12 14:08 - 0000000 ____D C:\Users\Richard s\AppData\Local\{7E41349C-2A03-4CFC-AECF-C01839528740}
2011-05-12 06:25 - 2011-04-28 08:41 - 0000000 ____D C:\Users\richard2\Desktop\TalesRunner
2011-05-12 06:18 - 2011-05-12 06:18 - 0528216 ____A (Perfect World Entertainment) C:\Users\richard2\Downloads\PWI_Downloader_v515.exe
2011-05-11 21:32 - 2006-11-02 02:24 - 42829768 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2011-05-10 22:06 - 2011-04-27 21:23 - 0034304 ____A C:\Users\Richard s\Documents\Chapter 17 Section 1.doc
2011-05-10 18:00 - 2010-01-24 10:13 - 0000000 ____D C:\users\Richard s
2011-05-10 17:52 - 2010-01-25 16:52 - 0051113 ____A C:\Windows\setupact.log
2011-05-10 04:10 - 2011-01-27 12:05 - 0199304 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2011-05-10 04:10 - 2011-01-27 12:05 - 0040112 ____A (AVAST Software) C:\Windows\avastSS.scr
2011-05-10 04:03 - 2011-05-17 14:05 - 0441176 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2011-05-10 04:03 - 2011-01-27 12:06 - 0307928 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2011-05-10 04:02 - 2011-01-27 12:06 - 0049240 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2011-05-10 03:59 - 2011-01-27 12:06 - 0053592 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2011-05-10 03:59 - 2011-01-27 12:06 - 0025432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys
2011-05-10 03:59 - 2011-01-27 12:06 - 0019544 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2011-05-09 17:17 - 2011-05-09 17:17 - 0000162 ___AH C:\Users\Richard s\Documents\~$apter 17 Section 1.doc
2011-05-09 17:04 - 2011-05-10 18:00 - 28845534 ____A C:\Users\Richard s\French Project avec Aldrynne_0001.wmv
2011-05-09 16:52 - 2011-05-09 16:51 - 0000000 ____D C:\Users\Richard s\AppData\Local\{F15F309A-2D5D-4C33-A141-7CA245C99916}
2011-05-08 07:55 - 2011-05-08 07:55 - 0000000 ____D C:\Users\Richard s\AppData\Local\{3E9D783F-A1D3-4EFB-8554-7248EEE2E942}
2011-05-06 06:14 - 2011-05-06 06:14 - 0000000 ___HD C:\Program Files\Outspark
2011-05-06 06:14 - 2008-02-18 16:00 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-05-01 18:58 - 2011-05-01 18:57 - 0000000 ____D C:\Users\Richard s\AppData\Local\{E859668B-C569-49F1-9F9C-FDFC96F02DBF}
2011-04-30 09:34 - 2009-07-25 16:17 - 0000000 ___HD C:\Program Files\Mozilla Firefox
2011-04-29 20:25 - 2011-04-29 20:25 - 0000000 ____D C:\Users\Richard s\AppData\Local\{DCCE5537-93FE-41F8-85CC-6FF9294126F7}
2011-04-29 12:43 - 2011-04-29 12:43 - 0001457 ____A C:\Users\richard2\Desktop\Grand Fantasia.lnk
2011-04-29 12:28 - 2011-04-29 12:13 - 795911552 ____A C:\Users\richard2\Desktop\grandfantasia_install_20101210.exe
2011-04-29 12:19 - 2011-01-23 11:59 - 0000000 ____D C:\Download
2011-04-28 17:59 - 2010-09-18 09:01 - 0000629 ____A C:\Windows\System32\mapisvc.inf
2011-04-28 09:57 - 2010-04-30 22:02 - 0000000 ____D C:\Users\All Users\Xfire
2011-04-28 09:57 - 2010-04-30 22:02 - 0000000 ____D C:\ProgramData\Xfire
2011-04-28 09:56 - 2011-04-28 08:46 - 0000000 ____D C:\Users\richard2\AppData\Roaming\Xfire
2011-04-28 09:04 - 2011-04-28 08:59 - 0000000 ____D C:\Users\richard2\AppData\Roaming\TalesRunner
2011-04-28 08:55 - 2010-04-30 22:02 - 0000000 ___HD C:\Program Files\Xfire
2011-04-28 08:46 - 2011-04-28 08:46 - 0000000 ___HD C:\Program Files\ConduitEngine
2011-04-28 08:46 - 2011-04-28 08:46 - 0000000 ____D C:\Users\richard2\AppData\Local\Conduit
2011-04-28 08:46 - 2010-04-30 22:02 - 0000000 ___HD C:\Program Files\XfireXO
2011-04-27 21:23 - 2011-04-27 21:23 - 0026624 ____A C:\Users\Richard s\Documents\Chapter 17 Section 3.doc
2011-04-27 16:51 - 2011-04-27 16:51 - 0000000 ____D C:\Users\Richard s\AppData\Local\{CFE4DE76-4C01-4B67-81C2-3CAFD65CE67E}
2011-04-27 08:03 - 2008-06-20 09:47 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2011-04-27 08:03 - 2008-06-20 09:47 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2011-04-27 07:57 - 2011-04-27 07:57 - 0000000 ____D C:\Users\richard2\AppData\Local\Yahoo
2011-04-27 07:56 - 2011-04-27 07:56 - 0000000 ____D C:\Users\richard2\AppData\Roaming\Yahoo!
2011-04-27 07:56 - 2011-04-27 07:56 - 0000000 ____D C:\Users\richard2\AppData\Roaming\Google
2011-04-27 07:50 - 2011-04-27 07:50 - 0000000 ____D C:\Users\richard2\AppData\Roaming\InstallShield
2011-04-27 07:45 - 2011-04-27 07:12 - 1496688816 ____A (Macrovision Corporation) C:\Users\richard2\Documents\shaiya_us_install_20110225.exe
2011-04-25 20:50 - 2011-04-21 18:23 - 0048640 ____A C:\Users\Richard s\Documents\Chapter 16 Section 2.doc
2011-04-25 16:46 - 2011-04-25 16:46 - 0000000 ____D C:\Users\Richard s\AppData\Local\{48173FE2-A470-4CCE-99A6-7374B49178DB}
2011-04-24 17:21 - 2011-04-24 17:21 - 0000000 ____D C:\Users\Richard s\AppData\Local\{EEF38177-9489-41EE-96C4-74C92C24EF95}
2011-04-24 07:00 - 2011-04-24 07:00 - 0000000 ____D C:\Users\Richard s\AppData\Local\{28D4642A-EF37-4437-81C3-EF228002D455}
2011-04-23 20:08 - 2010-01-25 16:36 - 0000000 ____D C:\Users\Richard s\AppData\Roaming\uTorrent
2011-04-23 16:51 - 2011-04-23 16:51 - 0000000 ____D C:\Users\Richard s\AppData\Local\{ACBBA675-0B85-4C81-9FE4-53C95B60DCA3}
2011-04-23 11:57 - 2011-04-23 11:57 - 0000000 ____D C:\Users\Richard s\AppData\Local\{FF6F96AE-71FD-44C2-8E25-DED9735A2AD2}
2011-04-22 16:17 - 2006-11-02 04:47 - 0375048 ____A C:\Windows\System32\FNTCACHE.DAT
2011-04-22 09:37 - 2011-01-07 22:55 - 0099480 ____A C:\Users\richard2\AppData\Local\GDIPFONTCACHEV1.DAT
2011-04-21 18:23 - 2010-01-24 10:14 - 0099480 ____A C:\Users\Richard s\AppData\Local\GDIPFONTCACHEV1.DAT
2011-04-21 17:55 - 2011-04-21 17:54 - 0000000 ___HD C:\Program Files\iTunes
2011-04-21 17:54 - 2011-04-21 17:54 - 0000000 ___HD C:\Program Files\iPod
2011-04-21 17:54 - 2010-04-25 10:37 - 0000000 ___HD C:\Program Files\Common Files\Apple
2011-04-21 17:50 - 2011-04-21 17:50 - 0000000 ___HD C:\Program Files\Bonjour
2011-04-21 17:44 - 2011-04-20 20:58 - 0000559 ____A C:\Users\Richard s\Desktop\Chapter 16 Section 3.lnk
2011-04-21 17:27 - 2011-04-21 17:27 - 0000376 ____A C:\Windows\ODBC.INI
2011-04-21 17:25 - 2011-04-21 17:25 - 0000000 ___HD C:\Program Files\Microsoft ActiveSync
2011-04-21 17:25 - 2011-04-21 17:25 - 0000000 ___HD C:\Program Files\Common Files\DESIGNER
2011-04-21 17:25 - 2008-06-12 11:25 - 0000000 ___HD C:\Program Files\Microsoft Office
2011-04-21 17:25 - 2006-11-02 04:42 - 0000000 ____D C:\Windows\WindowsMobile
2011-04-21 17:25 - 2006-11-02 04:37 - 0000000 ____D C:\Windows\ShellNew
2011-04-21 17:25 - 2006-11-02 03:18 - 0000000 ___HD C:\Program Files\Common Files\microsoft shared
2011-04-21 17:24 - 2008-06-12 11:29 - 0000000 ___HD C:\Program Files\Microsoft.NET
2011-04-21 17:22 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\system
2011-04-21 16:54 - 2008-06-12 11:27 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-04-21 16:54 - 2008-06-12 11:27 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-04-20 18:31 - 2010-01-24 10:13 - 0000000 ____D C:\Users\Richard s\AppData\Local\Microsoft Help
2011-04-20 17:28 - 2010-05-24 13:20 - 0000000 ___HD C:\Program Files\Microsoft Silverlight
2011-04-16 20:25 - 2011-04-16 20:25 - 0000000 ____D C:\Users\Richard s\AppData\Local\{AD9CE89C-7F2D-4077-B0DF-34DEE99AF3D6}
2011-04-14 18:14 - 2010-09-18 09:01 - 0000000 ___HD C:\Program Files\Safari
2011-04-14 14:55 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\rescache
2011-04-14 14:43 - 2011-04-14 14:43 - 0000000 ____D C:\Users\Richard s\AppData\Local\{D51E6021-A04E-427C-93BC-D85CC07BF530}
2011-04-14 14:35 - 2006-11-02 03:18 - 0000000 ___SD C:\Windows\Downloaded Program Files
2011-04-14 14:35 - 2006-11-02 03:18 - 0000000 ___RD C:\Windows\Offline Web Pages
2011-04-14 14:35 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\System32\wbem
2011-04-14 14:35 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-04-14 14:34 - 2011-04-14 14:34 - 9702400 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-04-14 14:34 - 2011-04-14 14:34 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-04-14 14:34 - 2011-04-14 14:34 - 1797632 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 1785344 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 1427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-04-14 14:34 - 2011-04-14 14:34 - 12268544 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 1126912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 1102336 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-04-14 14:34 - 2011-04-14 14:34 - 0353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-04-14 14:34 - 2011-04-14 14:34 - 0072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-04-14 14:34 - 2011-04-14 14:34 - 0054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-04-14 14:34 - 2011-04-14 14:34 - 0011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-04-14 14:34 - 2011-04-14 14:34 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-04-14 14:34 - 2011-04-14 14:32 - 0002856 ____A C:\Windows\IE9_main.log
2011-04-14 14:34 - 2006-11-01 22:32 - 0008798 ____A C:\Windows\System32\icrav03.rat
2011-04-14 14:34 - 2006-11-01 22:32 - 0001988 ____A C:\Windows\System32\ticrf.rat
2011-04-14 02:51 - 2006-11-02 03:18 - 0000000 ____D C:\Windows\Microsoft.NET
2011-04-11 12:45 - 2011-04-11 12:45 - 0000000 ____D C:\Users\Richard s\AppData\Local\{EF35D574-6398-471E-A894-F9B3EA9C705F}
2011-04-08 03:28 - 2011-04-08 03:28 - 0041872 ____A C:\Windows\System32\xfcodec.dll
2011-04-07 07:06 - 2011-04-07 07:06 - 0000000 ____D C:\Users\Richard s\AppData\Local\{D06D2EDF-D34E-42E9-8999-0A47C2A0F43F}
2011-04-06 15:20 - 2011-04-06 15:20 - 0107808 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-04-06 15:20 - 2011-04-06 15:20 - 0091424 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-04-05 16:30 - 2011-04-05 16:30 - 0000000 ____D C:\Users\Richard s\AppData\Local\{F56EA8DC-92C8-4428-8943-DD77C3C54D48}
2011-04-01 06:40 - 2011-04-01 06:40 - 0000000 ____D C:\Users\Richard s\AppData\Local\{32D65EE0-0764-48DC-8978-B7B5EC8AEAF3}
2011-03-30 06:06 - 2011-03-30 06:06 - 0000000 ____D C:\Users\Richard s\AppData\Local\{9A96E349-2767-421F-86B7-9AEA1F6E2A8D}
2011-03-30 06:03 - 2009-07-25 16:17 - 0000000 ___HD C:\Program Files\uTorrent
2011-03-29 20:53 - 2010-10-24 13:59 - 0000000 ___HD C:\Program Files\Windows Live
2011-03-18 16:55 - 2011-03-18 16:55 - 0147472 ____A C:\Windows\Minidump\Mini031811-01.dmp
2011-03-12 13:55 - 2011-04-27 18:38 - 0876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-03-10 18:54 - 2011-03-10 18:54 - 0054156 ___AH C:\Windows\QTFont.qfn
2011-03-10 18:54 - 2011-03-10 18:54 - 0001409 ____A C:\Windows\QTFont.for
2011-03-10 09:03 - 2011-04-13 22:11 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-03-10 09:03 - 2011-04-13 22:11 - 1136640 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll

========================= Known DLLs =========================

[2009-09-24 12:41] - [2009-04-10 22:28] - 0800768 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0523776 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0450560 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0297472 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2011-04-14 14:34] - [2011-04-14 14:34] - 1785344 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0153088 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-09-24 12:40] - [2009-04-10 22:28] - 0114688 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0891392 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-25 14:59] - [2009-06-15 06:52] - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2006-11-02 00:33] - [2006-11-02 00:33] - 0003072 ____A (Microsoft Corporation) C:\Windows\System32\lz32.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0807424 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0679936 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2006-11-02 00:33] - [2006-11-02 00:33] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0008192 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2010-10-12 19:39] - [2010-06-28 09:00] - 1316864 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0563712 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0078848 ____A (Microsoft Corporation) C:\Windows\System32\olecli32.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0027648 ____A (Microsoft Corporation) C:\Windows\System32\olesvr32.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0077824 ____A (Microsoft Corporation) C:\Windows\System32\olethk32.dll
[2009-07-25 14:58] - [2009-04-23 04:15] - 0784896 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 1591296 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2011-02-09 13:59] - [2011-01-21 08:35] - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2011-02-09 13:59] - [2011-01-21 08:35] - 0353280 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2011-04-14 14:34] - [2011-04-14 14:34] - 0231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
[2011-04-14 14:34] - [2011-04-14 14:34] - 1102336 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0627712 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2010-09-15 17:00] - [2010-04-16 08:46] - 0502272 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-09-24 12:40] - [2009-04-10 22:28] - 0020480 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2011-04-14 14:34] - [2011-04-14 14:34] - 1126912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2009-09-24 12:41] - [2009-04-10 22:28] - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2008-01-20 18:24] - [2008-01-20 18:24] - 0179200 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll

========================= Bamital Check ======================

C:\Windows\System32\winlogon.exe
[2009-09-24 12:41] - [2009-04-10 22:28] - 0314368 ____A (Microsoft Corporation) 898E7C06A350D4A1A64A9EA264D55452

C:\Windows\System32\wininit.exe
[2008-01-20 18:23] - [2008-01-20 18:23] - 0096768 ____A (Microsoft Corporation) 101BA3EA053480BB5D957EF37C06B5ED

C:\Windows\explorer.exe
[2009-09-24 12:41] - [2009-04-10 22:27] - 2926592 ____A (Microsoft Corporation) D07D4C3038F3578FFCE1C0237F2A1253


========================= Memory info ========================

Percentage of memory in use: 13%
Total physical RAM: 3069.69 MB
Available physical RAM: 2643.57 MB
Total Pagefile: 2859.28 MB
Available Pagefile: 2721.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.32 MB

======================= Partitions ===========================

1 Drive c: (Programs) (Fixed) (Total:147.58 GB) (Free:40.67 GB) NTFS
2 Drive d: (movies music) (Fixed) (Total:149.05 GB) (Free:148.79 GB) NTFS
4 Drive f: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.32 GB) NTFS
5 Drive g: (8GBDSCARD) (Removable) (Total:7.39 GB) (Free:3.3 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 04 June 2011 - 07:24 PM

also i have not been able to fix my disk drive on this pc if you could please help me with that issue if you can

Please explain what do you mean.

#7 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 04 June 2011 - 07:47 PM

Sorry for my bad typing. ok the issue i tried to explain before is as follows.. The laptop with the not booting normal issue which we are talking about today is the same one i have the issue were the cd drive is not working. the cd drive on the laptop has never worked. I have tried to reload the drive for the cd drive but the cd laptop will not recognize the cd drive. i just figured since i posted the log with the driver info you might be able to see why my cd drive is not working.

Edited by soliz53, 04 June 2011 - 08:13 PM.


#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 04 June 2011 - 08:02 PM

I see you are doing the best you can to explain something to me and I'm trying to understand what you are telling. But I seem not to understand you.

If you please try to put it another way other than the chatting language and also instead of "it" use what you are referring to perhaps I can understand you.

Also please tell me if the thing you are trying to explain is related to this computer and if yes in what way. Should I wait to understand you before proceeding or I can go on based on the log and the fact that the computer is not able to boot normally?

#9 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 04 June 2011 - 08:09 PM

sorry about my spelling. Please just help me with my original problem. computer not boot normally. So the log i posted is the correct one. Ill explain the other issue im having with the same laptop after we are done fixing this issue on it the boot issue that is.. thank you

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 04 June 2011 - 08:43 PM

No deed to apologize.:)

I read your post again and I might understand it. The laptop is not reading any CD/DVD when you insert one into CD/DVD-ROM drive. We will attend to that later on after troubleshooting the boot problem. It might be related to the boot problem and the possible infection on it.

To be able to have a through check I have some work for you.

  • Please download MBR.EXE by GMER. Save the file to your flash drive.

    Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    cmd: copy /y g:\MBR.exe C:\
    cmd: c:\mbr.exe -c 0 1 g:\MBR.zip
    cmd: copy /y C:\ProgramData\37412600.exe g:\
    cmd: ren g:\37412600.exe 37412600.exe.zip
    cmd: copy /y C:\ProgramData\AhGkYJyFIC.exe g:\
    cmd: ren g:\AhGkYJyFIC.exe AhGkYJyFIC.exe.zip
    cmd: md g:\mini
    cmd: copy /y C:\Windows\Minidump\Mini*.dmp g:\mini
    
    
    Now please enter System Recovery Options.
    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • There will be a MBR.zip file on the flash drive. Please attach it to your reply.
  • There will be a folder named mini on the flash drive. It contains some files. Please upload them so that I can take a look at them. They are the crush dumps the system has made after those BSOD incidents.
    If you don't have a third party archiving software do the following.
    To zip the files:
    • Select one of them.
    • Hold down Ctrl key and select all of them.
    • Right-click and from the context menu select Sent to.
    • Select Compressed (zipped) Folder.
    To submit the file, you can upload it to my channel:
  • Also there will be two files (37412600.exe.zip and AhGkYJyFIC.exe.zip) on the flash drive. Please upload them one by one to my channel too. You may delete the mini folder and the two files from your flash drive after uploading them.

Just to let you know it is too late over here and I am going to sleep. I will get back to you tomorrow after going through the files you have uploaded.

#11 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 04 June 2011 - 08:56 PM

here is the fixlog

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.0.8)
Ran by SYSTEM at 2011-06-04 18:52:00 R:1
Running from G:\

==============================================


========= copy /y g:\MBR.exe C:\ =========

1 file(s) copied.

========= End of CMD: =========


========= c:\mbr.exe -c 0 1 g:\MBR.zip =========

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6001 Disk: TOSHIBA_MK1637GSX rev.DL030M -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4

0x1 sector(s) have been successfully saved to "g:\MBR.zip".

========= End of CMD: =========


========= copy /y C:\ProgramData\37412600.exe g:\ =========

1 file(s) copied.

========= End of CMD: =========


========= ren g:\37412600.exe 37412600.exe.zip =========


========= End of CMD: =========


========= copy /y C:\ProgramData\AhGkYJyFIC.exe g:\ =========

1 file(s) copied.

========= End of CMD: =========


========= ren g:\AhGkYJyFIC.exe AhGkYJyFIC.exe.zip =========


========= End of CMD: =========


========= md g:\mini =========


========= End of CMD: =========


========= copy /y C:\Windows\Minidump\Mini*.dmp g:\mini =========

C:\Windows\Minidump\Mini031811-01.dmp
C:\Windows\Minidump\Mini052911-01.dmp
C:\Windows\Minidump\Mini060211-01.dmp
C:\Windows\Minidump\Mini060211-02.dmp
C:\Windows\Minidump\Mini060211-03.dmp
C:\Windows\Minidump\Mini060211-04.dmp
C:\Windows\Minidump\Mini060211-05.dmp
C:\Windows\Minidump\Mini060211-06.dmp
C:\Windows\Minidump\Mini060211-07.dmp
C:\Windows\Minidump\Mini060211-08.dmp
C:\Windows\Minidump\Mini060211-09.dmp
C:\Windows\Minidump\Mini060211-10.dmp
C:\Windows\Minidump\Mini060211-11.dmp
C:\Windows\Minidump\Mini060211-12.dmp
C:\Windows\Minidump\Mini060211-13.dmp
C:\Windows\Minidump\Mini060211-14.dmp
C:\Windows\Minidump\Mini060411-01.dmp
C:\Windows\Minidump\Mini072210-01.dmp
18 file(s) copied.

========= End of CMD: =========


thank you again and goodnight ill upload all the stuff right now and ill check tommorew for a response. its only 7pm here.

i have uploaded all the files you requested.

Attached Files

  • Attached File  MBR.zip   512bytes   1 downloads

Edited by soliz53, 04 June 2011 - 09:01 PM.


#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 05 June 2011 - 05:18 AM

Well done and thanks for uploading the files.

The system is indeed infected with TDSS MBT infection and other things and we are going to remove them.

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\Users\All Users\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0333312 ____A (Microsoft Corporation) C:\ProgramData\37412600.exe
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\Users\All Users\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000336 ____A C:\ProgramData\37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\Users\All Users\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000152 ____A C:\ProgramData\~37412600r
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\Users\All Users\~37412600
2011-05-31 21:32 - 2011-05-31 21:32 - 0000136 ____A C:\ProgramData\~37412600
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\Users\All Users\AhGkYJyFIC.exe
2011-05-31 21:25 - 2011-05-31 21:25 - 0418816 ____A (Microsoft Corporation) C:\ProgramData\AhGkYJyFIC.exe
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Please reboot and see if you can boot normally.

#13 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 05 June 2011 - 11:07 AM

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.0.8)
Ran by SYSTEM at 2011-06-05 09:03:16 R:2
Running from G:\

==============================================

C:\Users\All Users\37412600.exe moved successfully.
C:\ProgramData\37412600.exe not found.
C:\Users\All Users\37412600 moved successfully.
C:\ProgramData\37412600 not found.
C:\Users\All Users\~37412600r moved successfully.
C:\ProgramData\~37412600r not found.
C:\Users\All Users\~37412600 moved successfully.
C:\ProgramData\~37412600 not found.
C:\Users\All Users\AhGkYJyFIC.exe moved successfully.
C:\ProgramData\AhGkYJyFIC.exe not found.

========= bootrec /FixMbr =========

ÿþT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========



and yes it booted up normaly. thank you very much for all the help.

oh and my cd drive works. I didnt know there was a virus that would prevent your cd drive from working. the fact that the cd drive didnt work is why i got the laptop so cheap lol.. thank you very much..

Edited by soliz53, 05 June 2011 - 11:12 AM.


#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:11 AM

Posted 05 June 2011 - 11:21 AM

Great. :thumbsup:

Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder as there are infected files in it.

Please tell me if you still need my assistance or you can take it from here.

#15 soliz53

soliz53
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:san diego
  • Local time:07:11 PM

Posted 05 June 2011 - 11:23 AM

no i got it from here ill just the other stuff you asked me to do on my other laptop to help keep it clean thank you again.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users