Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem with loading windows


  • This topic is locked This topic is locked
19 replies to this topic

#1 denclock

denclock

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 23 June 2011 - 06:09 AM

I am having a similar problem that I have seen in these two post. http://www.bleepingcomputer.com/forums/topic405616.html & http://www.bleepingcomputer.com/forums/topic405133.html

My computer will not make it to the windows 7 log on screen, it just tries to load a system recovery, which fails. I have to do the boot scans from usb, as my dvd drive doesn't want to work for whatever reasons. My windows version is 7 64x Professional.

I have ran various scans through sardu. Several of the scans(bitdefender, and another that for some reason I can't recall) came back with two i/o errors that said avg denied access, and no viruses.

Other scans(avg,dr.cureit) came back with this.
/mnt/sda/trk3/trspack-1_0.exe:/pskill.exe
/mnt/sda/trk3/trsrun-1_0-nq.exe
/mnt/sda/trk3/trspack-1_0.exe
/mnt/sda/trk3/trsrun-1_0.exe:/pskill.exe
/mnt/sda/trk3/trsrun-1_0-nq.exe
/mnt/sda/trk3/trsrun-1_0.exe
/mnt/sdb2/users/npm/appdata/local/microsoft/windows/temporay/internetfiles/content.ie5/g82rathb/pack[1].exe
/mnt/sdb2/users/npm/appdata/local/temp/ea74.tmp

These results are copied from an avg rescue scan.

I am hoping someone can help me. Thanks.

Edited by denclock, 23 June 2011 - 06:12 AM.


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 23 June 2011 - 12:33 PM

Hi denclock,

Welcome to Bleeping Computer.

What do you mean by it fails. Does it give you a BSOD, or any error? If yes what the error says?

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64 and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#3 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 23 June 2011 - 04:17 PM

No BSOD, it just goes to system recovery,autoruns it, and always fails. It doesn't go to the windows log on screen.
Thanks for the help, farbar. It is much appreciated. Here is my log.


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.1
Ran by SYSTEM at 2011-06-23 17:08:34
Running from F:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1702400 2009-10-26] (Motorola Inc.)
HKLM-x32\...\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2334560 2011-04-18] (AVG Technologies CZ, s.r.o.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\NPM\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\NPM\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30208 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,
HKLM\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254


==================== Services ====================

3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-13] (Microsoft Corporation)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [44376 2010-03-18] (Microsoft Corporation)
2 Ati External Event Utility; C:\Windows\System32\Ati2evxx.exe [717824 2006-12-27] (ATI Technologies Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" [7398752 2011-04-18] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe" [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 CscService; C:\Windows\System32\cscsvc.dll [689152 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
3 DfSdkS; "C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe" [544768 2009-08-24] (mst software GmbH, Germany)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-03] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1135104 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [136176 2011-02-07] (Google Inc.)
3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [136176 2011-02-07] (Google Inc.)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
2 IS360service; C:\Program Files (x86)\IObit\IObit Security 360\IS360srv.exe [312152 2010-06-11] (IObit)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
2 lxdkCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdkserv.exe [33712 2007-06-14] (Lexmark International, Inc.)
2 lxdk_device; C:\Windows\system32\lxdkcoms.exe -service [1053104 2007-06-14] ( )
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [490280 2010-03-25] (Nero AG)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PeerDistSvc; C:\Windows\System32\peerdistsvc.dll [1361920 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 StorSvc; C:\Windows\System32\storsvc.dll [17920 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
3 UmRdpService; C:\Windows\System32\umrdp.dll [195072 2009-07-13] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
2 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2011-02-07] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
2 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [442880 2010-12-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2291568 2009-08-18] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [499712 2011-04-24] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [106576 2009-07-13] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [28752 2009-07-13] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 Avc; C:\Windows\System32\DRIVERS\avc.sys [48768 2009-07-13] (Microsoft Corporation)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-04-14] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl664.sys [2769400 2009-07-08] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 CSC; C:\Windows\System32\drivers\csc.sys [514048 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-26] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2011-01-25] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [34472 2009-12-17] (Elaborate Bytes AG)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-09-25] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\DRIVERS\iaStorV.sys [410688 2009-07-13] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-03] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-05-03] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-03] (Microsoft Corporation)
3 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
3 MSDV; C:\Windows\System32\DRIVERS\msdv.sys [61440 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1659984 2009-07-13] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\DRIVERS\nvraid.sys [149056 2009-07-13] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\DRIVERS\nvstor.sys [167488 2009-07-13] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
0 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [2798080 2006-12-27] (ATI Technologies Inc.)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165376 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 s3cap; C:\Windows\System32\DRIVERS\vms3cap.sys [6656 2009-07-13] (Microsoft Corporation)
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-10-09] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18232 2011-02-23] ()
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
3 smserial; C:\Windows\System32\DRIVERS\smserial.sys [1202688 2009-10-26] (Motorola Inc.)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-28] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-28] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-28] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [46672 2009-07-13] (Microsoft Corporation)
3 storvsc; C:\Windows\System32\DRIVERS\storvsc.sys [34896 2009-07-13] (Microsoft Corporation)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2011-04-24] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2011-04-24] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tifm21; C:\Windows\System32\drivers\tifm21.sys [319488 2007-12-14] (Texas Instruments)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-13] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [51200 2009-07-13] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2009-07-13] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [25600 2009-07-13] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-13] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2009-07-13] (Microsoft Corporation)
3 VClone; C:\Windows\System32\DRIVERS\VClone.sys [36352 2009-08-09] (Elaborate Bytes AG)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
3 vmbus; C:\Windows\System32\DRIVERS\vmbus.sys [200272 2009-07-13] (Microsoft Corporation)
3 VMBusHID; C:\Windows\System32\DRIVERS\VMBusHID.sys [21760 2009-07-13] (Microsoft Corporation)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-23 17:08 - 2011-06-23 17:08 - 0000000 ____D C:\FRST
2011-06-22 23:18 - 2011-06-22 23:18 - 0000000 ___AD C:\TRK-INFECTED
2011-06-22 18:33 - 2011-06-22 23:23 - 0000082 ____A C:\clamscan-hda2.log
2011-06-18 13:47 - 2011-06-19 06:03 - 524288000 ____A C:\REMOVE_THIS_FILE.livecd.swap
2011-06-16 23:34 - 2011-06-16 23:34 - 0000000 ____D C:\Users\NPM\Desktop\Appslib_2
2011-06-16 23:09 - 2011-06-16 23:09 - 0542200 ____A C:\Users\NPM\Desktop\Appslib_2.zip
2011-06-16 18:41 - 2011-06-16 18:41 - 0000000 ____D C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030
2011-06-16 18:39 - 2011-06-16 18:39 - 7735047 ____A C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030.rar
2011-06-16 09:13 - 2011-06-16 09:13 - 0000000 ____D C:\Users\NPM\AppData\Roaming\cYo
2011-06-16 09:13 - 2011-06-16 09:13 - 0000000 ____D C:\Users\NPM\AppData\Local\cYo
2011-06-16 09:11 - 2011-06-16 09:11 - 0772430 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-06-16 08:30 - 2011-05-27 21:22 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-06-16 08:30 - 2011-05-27 20:38 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-06-16 08:30 - 2011-05-27 19:25 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-06-16 08:30 - 2011-05-27 19:07 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-16 08:30 - 2011-05-27 19:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-06-16 08:30 - 2011-05-03 18:51 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-06-16 08:30 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-06-16 08:30 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-06-16 08:30 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-06-16 08:30 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-06-16 08:30 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-06-16 08:30 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-06-16 08:30 - 2011-04-24 21:32 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-06-16 08:30 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-06-16 08:30 - 2011-04-22 12:18 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-06-16 08:30 - 2011-04-22 12:18 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-16 08:30 - 2011-04-22 12:15 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-06-16 08:30 - 2011-04-22 12:14 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-16 08:30 - 2011-04-22 12:14 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-06-16 08:30 - 2011-04-22 12:14 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-06-16 08:30 - 2011-04-22 12:14 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-06-16 08:30 - 2011-04-22 12:13 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-16 08:30 - 2011-04-22 12:09 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-06-16 08:30 - 2011-04-22 11:31 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-16 08:30 - 2011-04-22 11:31 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-06-16 08:30 - 2011-04-22 11:30 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-06-16 08:30 - 2011-04-22 10:49 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-06-16 08:30 - 2011-04-22 10:23 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-06-16 08:30 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-06-16 08:30 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-06-16 08:30 - 2010-12-17 22:13 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-06-16 08:30 - 2010-12-17 21:31 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-06-16 08:29 - 2011-05-02 21:21 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-06-16 08:29 - 2011-05-02 20:50 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-06-16 08:19 - 2011-06-16 08:20 - 0000000 ____D C:\Program Files\ComicRack
2011-06-16 08:19 - 2011-06-16 08:19 - 0000840 ____A C:\Users\Public\Desktop\ComicRack.lnk
2011-06-16 06:54 - 2011-06-16 06:54 - 0000000 ____D C:\Users\NPM\Downloads\JLA__016-022_
2011-06-16 06:54 - 2011-06-16 06:54 - 0000000 ____D C:\Users\NPM\Downloads\JLA__008-015_
2011-06-16 03:00 - 2011-06-16 03:05 - 120596301 ____A C:\Users\NPM\Downloads\Superman_-_Earth_One__2010___c2c___Minutemen-DTs_.cbz
2011-06-15 22:22 - 2011-06-15 22:33 - 0179976 ____A C:\Windows\ntbtlog.txt
2011-06-15 19:38 - 2011-06-15 20:38 - 1470447616 ____A C:\Users\NPM\Downloads\Dylan.Dog.Dead.of.Night.2011.DVDRip.AC3.XViD-EP1C.avi
2011-06-15 03:38 - 2011-06-15 03:38 - 0063488 ____A C:\Users\NPM\Downloads\MONARI-TRAINING NEEDS ASSESSMENT.doc
2011-06-15 02:03 - 2011-06-15 02:04 - 24177237 ____A C:\Users\NPM\Downloads\JLA_-_JSA_Virtue_and_Vice.cbr
2011-06-15 02:00 - 2011-06-15 02:00 - 0000000 ____D C:\Users\NPM\Downloads\JLA__001-007_
2011-06-14 23:40 - 2011-06-14 23:44 - 95201048 ____A C:\Users\NPM\Downloads\JLA__031-037_.rar
2011-06-14 22:48 - 2011-06-14 22:51 - 93368332 ____A C:\Users\NPM\Downloads\JLA__023-030_.rar
2011-06-14 22:44 - 2011-06-14 22:49 - 94975594 ____A C:\Users\NPM\Downloads\JLA__016-022_.rar
2011-06-14 22:42 - 2011-06-14 22:44 - 102861621 ____A C:\Users\NPM\Downloads\JLA__008-015_.rar
2011-06-14 19:00 - 2011-06-14 19:05 - 89968068 ____A C:\Users\NPM\Downloads\JLA_That_Was_Now._This_Is_Then_TPB__Bchry-DCP_.cbz
2011-06-14 18:59 - 2011-06-14 19:01 - 94207280 ____A C:\Users\NPM\Downloads\JLA__001-007_.rar
2011-06-14 18:52 - 2011-06-14 18:52 - 0000000 ____D C:\Users\NPM\Downloads\JLA__038-047_
2011-06-14 18:47 - 2011-06-14 18:51 - 104062266 ____A C:\Users\NPM\Downloads\JLA__038-047_.rar
2011-06-13 01:38 - 2011-06-13 01:46 - 358914048 ____A C:\Users\NPM\Downloads\Veritas_The Quest_01.avi
2011-06-11 21:56 - 2011-06-11 21:57 - 11949285 ____A C:\Users\NPM\Downloads\Irredeemable 026 (2011) (noads) (2 covers) (Legion-CPS).cbr
2011-06-11 21:55 - 2011-06-11 21:56 - 13404566 ____A C:\Users\NPM\Downloads\Irredeemable_025_(2011)_(noads)_(2 covers)_(Legion-CPS).cbr
2011-06-11 17:31 - 2011-06-16 18:29 - 0000728 ____A C:\Windows\setupact.log
2011-06-11 17:31 - 2011-06-11 17:31 - 0000000 ____A C:\Windows\setuperr.log
2011-06-08 14:47 - 2011-06-08 14:47 - 0000000 ____D C:\Users\NPM\Desktop\Malwarebytes_Keys
2011-06-08 14:45 - 2011-06-08 14:45 - 0001937 ____A C:\Users\NPM\Desktop\Malwarebytes_Keys.rar
2011-06-08 13:09 - 2011-06-08 13:09 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-06-08 12:56 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-06-08 12:56 - 2011-04-08 22:45 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-06-08 12:56 - 2011-04-08 22:13 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-06-08 12:56 - 2011-04-08 22:13 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-06-08 12:56 - 2011-02-18 22:37 - 1540608 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2011-06-08 12:56 - 2011-02-18 22:37 - 1135104 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2011-06-08 12:56 - 2011-02-18 22:36 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2011-06-08 12:56 - 2011-02-18 21:32 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2011-06-08 12:56 - 2011-02-18 21:32 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2011-06-08 12:56 - 2010-12-22 22:07 - 1118720 ____A (Microsoft Corporation) C:\Windows\System32\sbe.dll
2011-06-08 12:56 - 2010-12-22 22:07 - 0961024 ____A (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2011-06-08 12:56 - 2010-12-22 22:07 - 0723968 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2011-06-08 12:56 - 2010-12-22 22:02 - 0259072 ____A (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2011-06-08 12:56 - 2010-12-22 21:28 - 0850432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2011-06-08 12:56 - 2010-12-22 21:28 - 0642048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2011-06-08 12:56 - 2010-12-22 21:28 - 0534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2011-06-08 12:56 - 2010-12-22 21:24 - 0199680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2011-06-08 12:55 - 2011-03-12 04:03 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-06-08 12:55 - 2011-03-12 03:31 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-06-08 12:55 - 2011-03-10 22:19 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-06-08 12:55 - 2011-03-10 22:19 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-06-08 12:55 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2011-06-08 12:55 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2011-06-08 12:55 - 2011-03-02 22:17 - 0356352 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-06-08 12:55 - 2011-03-02 22:17 - 0182272 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-06-08 12:55 - 2011-03-02 22:14 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-06-08 12:55 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2011-06-08 12:55 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2011-06-08 12:55 - 2011-02-25 22:23 - 2870272 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2011-06-08 12:55 - 2011-02-25 21:33 - 2614784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2011-06-08 12:55 - 2011-02-23 22:30 - 0476160 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-06-08 12:55 - 2011-02-23 21:32 - 0288256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-06-08 12:55 - 2011-02-18 22:36 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-06-08 12:55 - 2011-02-18 21:32 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2011-06-08 12:55 - 2011-02-18 20:13 - 0367104 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-06-08 12:55 - 2011-02-18 19:37 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2011-06-08 12:55 - 2011-02-17 22:37 - 0612352 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-06-08 12:55 - 2011-02-17 22:36 - 0852480 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-06-08 12:55 - 2011-02-17 21:36 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-06-08 12:55 - 2011-02-17 21:35 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-06-08 12:55 - 2011-02-05 04:41 - 0640896 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2011-06-08 12:55 - 2011-02-05 04:41 - 0556928 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2011-06-08 12:55 - 2011-02-05 04:41 - 0020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2011-06-08 12:55 - 2011-02-05 04:41 - 0019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2011-06-08 12:55 - 2011-02-05 04:41 - 0017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2011-06-08 12:55 - 2011-02-05 04:39 - 0603976 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2011-06-08 12:55 - 2011-02-05 04:39 - 0518160 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2011-06-08 12:54 - 2011-02-22 21:15 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-06-08 12:54 - 2011-02-11 22:14 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2011-06-08 12:54 - 2010-12-17 22:12 - 3138048 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2011-06-08 12:54 - 2010-12-17 22:08 - 1097216 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2011-06-08 12:54 - 2010-12-17 21:30 - 2690560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2011-06-08 12:54 - 2010-12-17 21:26 - 1034240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2011-06-08 12:52 - 2011-02-17 22:33 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2011-06-08 12:52 - 2011-02-17 21:33 - 0031232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2011-06-07 08:27 - 2011-06-07 08:27 - 0001065 ____A C:\Users\Public\Desktop\Lexmark Productivity Studio - 5300 Series.LNK
2011-06-07 08:26 - 2011-06-07 08:28 - 0070467 ____A C:\Windows\System32\LexFiles.ulf
2011-06-07 08:26 - 2011-06-07 08:27 - 0000000 ____D C:\Program Files\Lexmark 5300 Series
2011-06-07 08:26 - 2011-06-07 08:27 - 0000000 ____D C:\Program Files (x86)\Lexmark 5300 Series
2011-06-07 08:26 - 2007-06-14 03:15 - 1053104 ____A ( ) C:\Windows\System32\lxdkcoms.exe
2011-06-07 08:26 - 2007-06-14 03:15 - 0598960 ____A ( ) C:\Windows\SysWOW64\lxdkcoms.exe
2011-06-07 08:26 - 2007-06-14 03:15 - 0598960 ____A ( ) C:\Windows\System32\lxdkcfg.exe
2011-06-07 08:26 - 2007-06-14 03:15 - 0515504 ____A ( ) C:\Windows\System32\lxdkih.exe
2011-06-07 08:26 - 2007-06-14 03:15 - 0365488 ____A ( ) C:\Windows\SysWOW64\lxdkcfg.exe
2011-06-07 08:26 - 2007-06-14 03:15 - 0320432 ____A ( ) C:\Windows\SysWOW64\lxdkih.exe
2011-06-07 08:26 - 2007-06-14 02:56 - 0001992 ____A C:\Windows\SysWOW64\lxdk.loc
2011-06-07 08:26 - 2007-06-14 02:56 - 0001992 ____A C:\Windows\System32\lxdk.loc
2011-06-07 08:26 - 2007-06-06 05:32 - 0090624 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkinsr.dll
2011-06-07 08:26 - 2007-06-06 05:32 - 0022528 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkcur.dll
2011-06-07 08:26 - 2007-06-06 05:30 - 0129024 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkjswr.dll
2011-06-07 08:26 - 2007-06-06 05:17 - 0189440 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkinsb.dll
2011-06-07 08:26 - 2007-06-06 05:17 - 0073216 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkcub.dll
2011-06-07 08:26 - 2007-06-06 05:03 - 0235520 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkins.dll
2011-06-07 08:26 - 2007-06-06 05:03 - 0100864 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkcu.dll
2011-06-07 08:26 - 2007-06-06 04:57 - 0715264 ____A (Lexmark International, Inc.) C:\Windows\System32\lxdkutil.dll
2011-06-07 08:26 - 2007-06-06 04:56 - 0299520 ____A () C:\Windows\System32\lxdkgrd.dll
2011-06-07 08:26 - 2007-06-06 03:58 - 0143360 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkjswr.dll
2011-06-07 08:26 - 2007-06-06 03:58 - 0106496 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkinsr.dll
2011-06-07 08:26 - 2007-06-06 03:58 - 0036864 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkcur.dll
2011-06-07 08:26 - 2007-06-06 03:51 - 0204800 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkinsb.dll
2011-06-07 08:26 - 2007-06-06 03:51 - 0090112 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkcub.dll
2011-06-07 08:26 - 2007-06-06 03:42 - 0176128 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkins.dll
2011-06-07 08:26 - 2007-06-06 03:42 - 0077824 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkcu.dll
2011-06-07 08:26 - 2007-06-06 03:28 - 0503808 ____A (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdkutil.dll
2011-06-07 08:26 - 2007-06-04 07:50 - 1059507 ____A C:\Windows\SysWOW64\LXDKhelp.chm
2011-06-07 08:26 - 2007-06-04 07:50 - 1059507 ____A C:\Windows\System32\LXDKhelp.chm
2011-06-07 08:26 - 2007-05-28 17:37 - 0385024 ____A () C:\Windows\SysWOW64\lxdkcomx.dll
2011-06-07 08:26 - 2007-05-17 09:34 - 0980992 ____A ( ) C:\Windows\System32\lxdkpmui.dll
2011-06-07 08:26 - 2007-05-17 09:30 - 1895936 ____A ( ) C:\Windows\System32\lxdkserv.dll
2011-06-07 08:26 - 2007-05-17 09:25 - 0879104 ____A ( ) C:\Windows\System32\lxdklmpm.dll
2011-06-07 08:26 - 2007-05-17 09:25 - 0563200 ____A ( ) C:\Windows\System32\lxdkcomm.dll
2011-06-07 08:26 - 2007-05-17 09:25 - 0541184 ____A ( ) C:\Windows\System32\lxdkinpa.dll
2011-06-07 08:26 - 2007-05-17 09:23 - 1501696 ____A ( ) C:\Windows\System32\lxdkusb1.dll
2011-06-07 08:26 - 2007-05-17 09:23 - 1489408 ____A ( ) C:\Windows\System32\lxdkcomc.dll
2011-06-07 08:26 - 2007-05-17 09:23 - 1065984 ____A ( ) C:\Windows\System32\lxdkhbn3.dll
2011-06-07 08:26 - 2007-05-17 09:21 - 0047104 ____A ( ) C:\Windows\System32\lxdkprox.dll
2011-06-07 08:26 - 2007-05-17 09:19 - 0668672 ____A ( ) C:\Windows\System32\lxdkhcp.dll
2011-06-07 08:26 - 2007-05-17 09:19 - 0509440 ____A ( ) C:\Windows\System32\lxdkiesc.dll
2011-06-07 08:26 - 2007-05-17 09:18 - 0524288 ____A C:\Windows\System32\lxdkinst.dll
2011-06-07 08:26 - 2007-05-17 09:11 - 0647168 ____A ( ) C:\Windows\SysWOW64\lxdkpmui.dll
2011-06-07 08:26 - 2007-05-17 09:08 - 1200128 ____A ( ) C:\Windows\SysWOW64\lxdkserv.dll
2011-06-07 08:26 - 2007-05-17 09:03 - 0356352 ____A ( ) C:\Windows\SysWOW64\lxdkinpa.dll
2011-06-07 08:26 - 2007-05-17 09:02 - 0565248 ____A ( ) C:\Windows\SysWOW64\lxdklmpm.dll
2011-06-07 08:26 - 2007-05-17 09:02 - 0364544 ____A ( ) C:\Windows\SysWOW64\lxdkcomm.dll
2011-06-07 08:26 - 2007-05-17 09:01 - 0663552 ____A ( ) C:\Windows\SysWOW64\lxdkhbn3.dll
2011-06-07 08:26 - 2007-05-17 09:00 - 0950272 ____A ( ) C:\Windows\SysWOW64\lxdkusb1.dll
2011-06-07 08:26 - 2007-05-17 09:00 - 0860160 ____A ( ) C:\Windows\SysWOW64\lxdkcomc.dll
2011-06-07 08:26 - 2007-05-17 08:59 - 0053248 ____A ( ) C:\Windows\SysWOW64\lxdkprox.dll
2011-06-07 08:26 - 2007-05-17 08:57 - 0339968 ____A ( ) C:\Windows\SysWOW64\lxdkiesc.dll
2011-06-07 08:26 - 2007-05-17 08:56 - 0348160 ____A C:\Windows\SysWOW64\lxdkinst.dll
2011-06-07 08:26 - 2007-05-01 19:39 - 0065536 ____A (Lexmark International) C:\Windows\System32\lxdkcfg.dll
2011-06-07 08:26 - 2007-05-01 19:36 - 0077906 ____A (Lexmark International) C:\Windows\SysWOW64\lxdkcfg.dll
2011-06-07 08:26 - 2007-01-22 00:53 - 0126976 ____A (Lexmark International Inc.) C:\Windows\SysWOW64\lxdklnks.dll
2011-06-07 08:26 - 2007-01-04 17:18 - 0983121 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lxdkgf.dll
2011-06-07 08:26 - 2007-01-04 17:18 - 0983121 ____A (Microsoft Corporation) C:\Windows\System32\lxdkgf.dll
2011-06-07 01:34 - 2011-06-07 01:34 - 136642560 ____A C:\Users\NPM\Desktop\cjq5300en.exe
2011-06-07 00:14 - 2011-06-07 02:19 - 0000000 ____D C:\Users\NPM\AppData\Roaming\GlarySoft
2011-06-06 23:58 - 2011-06-06 23:58 - 0000000 ____D C:\Users\All Users\App4rTemp
2011-06-06 23:58 - 2011-06-06 23:58 - 0000000 ____D C:\ProgramData\App4rTemp
2011-06-06 22:55 - 2011-06-07 00:15 - 0000534 ____A C:\lxdk.log
2011-06-06 22:29 - 2011-06-07 08:48 - 0000000 ____D C:\Users\All Users\lx_cats
2011-06-06 22:29 - 2011-06-07 08:48 - 0000000 ____D C:\ProgramData\lx_cats
2011-06-06 22:29 - 2011-06-07 08:31 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Lexmark Productivity Studio
2011-06-06 22:28 - 2011-06-06 22:56 - 0074558 ____A C:\Windows\SysWOW64\LexFiles.ulf
2011-06-06 22:28 - 2011-06-06 22:28 - 0000360 ____A C:\lxdkcomx.log
2011-06-06 22:28 - 2011-06-06 22:28 - 0000000 ____D C:\Program Files (x86) (x86)
2011-06-06 22:27 - 2011-06-06 22:27 - 0000000 ____D C:\lexmark
2011-06-05 12:15 - 2011-06-05 12:16 - 0893574 ____A C:\Users\NPM\Downloads\Foreclosure.pdf
2011-06-04 16:41 - 2011-06-04 16:41 - 4349192 ____A (IObit ) C:\Users\NPM\Desktop\defragsetup.exe
2011-06-04 16:41 - 2011-06-04 16:41 - 0001170 ____A C:\Users\Public\Desktop\Smart Defrag 2.lnk
2011-06-04 16:41 - 2011-06-04 16:41 - 0000000 ____D C:\Users\NPM\AppData\Roaming\IObit
2011-06-04 16:41 - 2011-02-23 12:50 - 0032136 ____A C:\Windows\System32\SmartDefragBootTime.exe
2011-06-04 16:41 - 2011-02-23 12:50 - 0018232 ____A C:\Windows\System32\Drivers\SmartDefragDriver.sys
2011-06-03 22:58 - 2011-06-09 07:01 - 0000000 ____D C:\Users\NPM\Desktop\DG Manga
2011-06-03 22:22 - 2011-06-10 08:04 - 0000000 ____D C:\Users\NPM\Downloads\D. Gray-Man Volume - 15
2011-06-03 22:17 - 2011-06-03 22:27 - 0000000 ____D C:\Users\NPM\Downloads\D.Gray Man - Family Walker (volume II) by Seil [BangAQUA]
2011-06-02 11:45 - 2011-06-02 11:49 - 182761918 ____A C:\Users\NPM\Downloads\D Gray-man - 103.avi
2011-06-02 11:32 - 2011-06-02 11:38 - 181881844 ____A C:\Users\NPM\Downloads\D Gray-man - 102.avi
2011-06-02 11:20 - 2011-06-08 12:44 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-05-30 19:01 - 2011-05-30 19:38 - 735975424 ____A C:\Users\NPM\Downloads\Stake Land .avi
2011-05-28 22:42 - 2011-06-17 22:34 - 0000000 ____D C:\Program Files (x86)\Glary Utilities
2011-05-28 22:42 - 2011-06-16 18:30 - 0000320 ____A C:\Windows\Tasks\GlaryInitialize.job
2011-05-28 22:42 - 2011-05-28 22:42 - 0001066 ____A C:\Users\NPM\Desktop\Glary Utilities.lnk
2011-05-28 22:20 - 2011-05-28 22:20 - 6385636 ____A C:\Users\NPM\Desktop\Glary Utilities PRO 2.33.0.1158.rar
2011-05-28 16:26 - 2011-05-28 16:27 - 0000000 ____D C:\Users\NPM\Desktop\Wii Stuff
2011-05-28 16:06 - 2011-05-28 16:06 - 0000000 ____D C:\Users\NPM\Desktop\Henry Interview
2011-05-28 15:17 - 2011-05-28 15:22 - 306450095 ____A C:\Users\NPM\Desktop\Nero 10.rar
2011-05-28 14:37 - 2011-06-12 06:41 - 0000000 ____D C:\Users\NPM\Desktop\C2C
2011-05-26 15:44 - 2011-05-26 16:26 - 734734336 ____A C:\Users\NPM\Downloads\The Borgias 101.avi
2011-05-25 18:58 - 2011-05-26 10:35 - 0000000 ____D C:\Users\NPM\AppData\Local\Dexter the Game
2011-05-25 11:26 - 2011-06-06 02:02 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-05-25 11:26 - 2011-06-06 02:02 - 0000000 ____D C:\Users\NPM\AppData\Local\Nero
2011-05-25 11:26 - 2011-05-25 11:26 - 0000000 ____D C:\Users\NPM\AppData\Local\Nero_AG
2011-05-24 14:14 - 2011-05-24 14:52 - 736264946 ____A C:\Users\NPM\Downloads\Red Riding Hood.avi

============ 3 Months Modified Files and folders =============

2011-06-23 17:08 - 2011-06-23 17:08 - 0000000 ____D C:\FRST
2011-06-22 23:23 - 2011-06-22 18:33 - 0000082 ____A C:\clamscan-hda2.log
2011-06-22 23:18 - 2011-06-22 23:18 - 0000000 ___AD C:\TRK-INFECTED
2011-06-19 06:03 - 2011-06-18 13:47 - 524288000 ____A C:\REMOVE_THIS_FILE.livecd.swap
2011-06-17 22:34 - 2011-05-28 22:42 - 0000000 ____D C:\Program Files (x86)\Glary Utilities
2011-06-17 22:34 - 2011-02-07 03:43 - 0000000 ____D C:\Windows\System32\Drivers\AVG
2011-06-17 22:34 - 2011-02-07 01:07 - 0000000 ____D C:\users\NPM
2011-06-17 22:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-06-17 22:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-06-17 22:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-06-17 22:33 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-06-17 20:13 - 2009-07-13 23:45 - 0000000 ___RD C:\Users\Public\Recorded TV
2011-06-17 20:09 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-06-16 23:34 - 2011-06-16 23:34 - 0000000 ____D C:\Users\NPM\Desktop\Appslib_2
2011-06-16 23:09 - 2011-06-16 23:09 - 0542200 ____A C:\Users\NPM\Desktop\Appslib_2.zip
2011-06-16 20:40 - 2011-02-07 00:42 - 3119075328 __ASH C:\hiberfil.sys
2011-06-16 20:39 - 2011-03-14 11:05 - 3990278 ___AH C:\Users\NPM\AppData\Local\IconCache.db
2011-06-16 19:17 - 2011-02-07 04:36 - 0000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-06-16 19:01 - 2011-02-14 12:41 - 0000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-631999887-905934083-2728520643-1001UA.job
2011-06-16 18:41 - 2011-06-16 18:41 - 0000000 ____D C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030
2011-06-16 18:39 - 2011-06-16 18:39 - 7735047 ____A C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030.rar
2011-06-16 18:38 - 2009-07-13 20:45 - 0014976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-16 18:38 - 2009-07-13 20:45 - 0014976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-16 18:34 - 2011-02-07 00:45 - 1301289 ____A C:\Windows\WindowsUpdate.log
2011-06-16 18:30 - 2011-05-28 22:42 - 0000320 ____A C:\Windows\Tasks\GlaryInitialize.job
2011-06-16 18:30 - 2011-02-07 04:36 - 0000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-06-16 18:29 - 2011-06-11 17:31 - 0000728 ____A C:\Windows\setupact.log
2011-06-16 18:29 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-16 17:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-06-16 09:13 - 2011-06-16 09:13 - 0000000 ____D C:\Users\NPM\AppData\Roaming\cYo
2011-06-16 09:13 - 2011-06-16 09:13 - 0000000 ____D C:\Users\NPM\AppData\Local\cYo
2011-06-16 09:11 - 2011-06-16 09:11 - 0772430 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-06-16 09:11 - 2009-07-13 21:13 - 0772430 ____A C:\Windows\System32\PerfStringBackup.INI
2011-06-16 09:11 - 2009-07-13 18:36 - 0659818 ____A C:\Windows\System32\perfh009.dat
2011-06-16 09:11 - 2009-07-13 18:36 - 0120714 ____A C:\Windows\System32\perfc009.dat
2011-06-16 09:03 - 2009-07-13 20:45 - 0274320 ____A C:\Windows\System32\FNTCACHE.DAT
2011-06-16 09:02 - 2011-02-07 04:31 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-16 08:36 - 2011-02-07 01:55 - 49454024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-06-16 08:36 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\debug
2011-06-16 08:20 - 2011-06-16 08:19 - 0000000 ____D C:\Program Files\ComicRack
2011-06-16 08:19 - 2011-06-16 08:19 - 0000840 ____A C:\Users\Public\Desktop\ComicRack.lnk
2011-06-16 06:54 - 2011-06-16 06:54 - 0000000 ____D C:\Users\NPM\Downloads\JLA__016-022_
2011-06-16 06:54 - 2011-06-16 06:54 - 0000000 ____D C:\Users\NPM\Downloads\JLA__008-015_
2011-06-16 03:05 - 2011-06-16 03:00 - 120596301 ____A C:\Users\NPM\Downloads\Superman_-_Earth_One__2010___c2c___Minutemen-DTs_.cbz
2011-06-15 22:33 - 2011-06-15 22:22 - 0179976 ____A C:\Windows\ntbtlog.txt
2011-06-15 20:38 - 2011-06-15 19:38 - 1470447616 ____A C:\Users\NPM\Downloads\Dylan.Dog.Dead.of.Night.2011.DVDRip.AC3.XViD-EP1C.avi
2011-06-15 14:01 - 2011-02-14 12:41 - 0000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-631999887-905934083-2728520643-1001Core.job
2011-06-15 03:38 - 2011-06-15 03:38 - 0063488 ____A C:\Users\NPM\Downloads\MONARI-TRAINING NEEDS ASSESSMENT.doc
2011-06-15 02:04 - 2011-06-15 02:03 - 24177237 ____A C:\Users\NPM\Downloads\JLA_-_JSA_Virtue_and_Vice.cbr
2011-06-15 02:00 - 2011-06-15 02:00 - 0000000 ____D C:\Users\NPM\Downloads\JLA__001-007_
2011-06-14 23:44 - 2011-06-14 23:40 - 95201048 ____A C:\Users\NPM\Downloads\JLA__031-037_.rar
2011-06-14 22:51 - 2011-06-14 22:48 - 93368332 ____A C:\Users\NPM\Downloads\JLA__023-030_.rar
2011-06-14 22:49 - 2011-06-14 22:44 - 94975594 ____A C:\Users\NPM\Downloads\JLA__016-022_.rar
2011-06-14 22:44 - 2011-06-14 22:42 - 102861621 ____A C:\Users\NPM\Downloads\JLA__008-015_.rar
2011-06-14 19:05 - 2011-06-14 19:00 - 89968068 ____A C:\Users\NPM\Downloads\JLA_That_Was_Now._This_Is_Then_TPB__Bchry-DCP_.cbz
2011-06-14 19:01 - 2011-06-14 18:59 - 94207280 ____A C:\Users\NPM\Downloads\JLA__001-007_.rar
2011-06-14 18:52 - 2011-06-14 18:52 - 0000000 ____D C:\Users\NPM\Downloads\JLA__038-047_
2011-06-14 18:51 - 2011-06-14 18:47 - 104062266 ____A C:\Users\NPM\Downloads\JLA__038-047_.rar
2011-06-14 05:21 - 2011-02-07 03:45 - 0000953 ____A C:\Users\Public\Desktop\AVG 2011.lnk
2011-06-14 05:21 - 2011-02-07 03:45 - 0000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2011-06-13 01:46 - 2011-06-13 01:38 - 358914048 ____A C:\Users\NPM\Downloads\Veritas_The Quest_01.avi
2011-06-12 06:41 - 2011-05-28 14:37 - 0000000 ____D C:\Users\NPM\Desktop\C2C
2011-06-11 21:57 - 2011-06-11 21:56 - 11949285 ____A C:\Users\NPM\Downloads\Irredeemable 026 (2011) (noads) (2 covers) (Legion-CPS).cbr
2011-06-11 21:56 - 2011-06-11 21:55 - 13404566 ____A C:\Users\NPM\Downloads\Irredeemable_025_(2011)_(noads)_(2 covers)_(Legion-CPS).cbr
2011-06-11 20:01 - 2011-02-08 03:40 - 0000000 ____D C:\Program Files (x86)\JDownloader
2011-06-11 17:32 - 2009-07-13 21:08 - 0032594 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-06-11 17:31 - 2011-06-11 17:31 - 0000000 ____A C:\Windows\setuperr.log
2011-06-11 16:35 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\SysWOW64\LogFiles
2011-06-10 08:04 - 2011-06-03 22:22 - 0000000 ____D C:\Users\NPM\Downloads\D. Gray-Man Volume - 15
2011-06-09 07:01 - 2011-06-03 22:58 - 0000000 ____D C:\Users\NPM\Desktop\DG Manga
2011-06-08 17:04 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-06-08 14:52 - 2009-07-13 19:20 - 0000000 ___RD C:\Program Files (x86)
2011-06-08 14:47 - 2011-06-08 14:47 - 0000000 ____D C:\Users\NPM\Desktop\Malwarebytes_Keys
2011-06-08 14:45 - 2011-06-08 14:45 - 0001937 ____A C:\Users\NPM\Desktop\Malwarebytes_Keys.rar
2011-06-08 13:09 - 2011-06-08 13:09 - 0000000 ____D C:\Program Files (x86)\MSXML 4.0
2011-06-08 12:44 - 2011-06-02 11:20 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-06-08 12:38 - 2011-02-07 14:36 - 0001109 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-06-08 12:38 - 2011-02-07 14:36 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-07 08:48 - 2011-06-06 22:29 - 0000000 ____D C:\Users\All Users\lx_cats
2011-06-07 08:48 - 2011-06-06 22:29 - 0000000 ____D C:\ProgramData\lx_cats
2011-06-07 08:31 - 2011-06-06 22:29 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Lexmark Productivity Studio
2011-06-07 08:28 - 2011-06-07 08:26 - 0070467 ____A C:\Windows\System32\LexFiles.ulf
2011-06-07 08:27 - 2011-06-07 08:27 - 0001065 ____A C:\Users\Public\Desktop\Lexmark Productivity Studio - 5300 Series.LNK
2011-06-07 08:27 - 2011-06-07 08:26 - 0000000 ____D C:\Program Files\Lexmark 5300 Series
2011-06-07 08:27 - 2011-06-07 08:26 - 0000000 ____D C:\Program Files (x86)\Lexmark 5300 Series
2011-06-07 02:24 - 2011-02-13 01:46 - 0000000 ____D C:\Program Files (x86)\Freedom Force vs The 3rd Reich
2011-06-07 02:24 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Default
2011-06-07 02:19 - 2011-06-07 00:14 - 0000000 ____D C:\Users\NPM\AppData\Roaming\GlarySoft
2011-06-07 01:34 - 2011-06-07 01:34 - 136642560 ____A C:\Users\NPM\Desktop\cjq5300en.exe
2011-06-07 00:15 - 2011-06-06 22:55 - 0000534 ____A C:\lxdk.log
2011-06-06 23:58 - 2011-06-06 23:58 - 0000000 ____D C:\Users\All Users\App4rTemp
2011-06-06 23:58 - 2011-06-06 23:58 - 0000000 ____D C:\ProgramData\App4rTemp
2011-06-06 23:27 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\twain_32
2011-06-06 22:56 - 2011-06-06 22:28 - 0074558 ____A C:\Windows\SysWOW64\LexFiles.ulf
2011-06-06 22:28 - 2011-06-06 22:28 - 0000360 ____A C:\lxdkcomx.log
2011-06-06 22:28 - 2011-06-06 22:28 - 0000000 ____D C:\Program Files (x86) (x86)
2011-06-06 22:27 - 2011-06-06 22:27 - 0000000 ____D C:\lexmark
2011-06-06 02:02 - 2011-05-25 11:26 - 0000069 ____A C:\Windows\NeroDigital.ini
2011-06-06 02:02 - 2011-05-25 11:26 - 0000000 ____D C:\Users\NPM\AppData\Local\Nero
2011-06-05 18:00 - 2011-02-07 15:35 - 0000404 ____A C:\Windows\Tasks\SmartDefrag.job
2011-06-05 12:16 - 2011-06-05 12:15 - 0893574 ____A C:\Users\NPM\Downloads\Foreclosure.pdf
2011-06-04 16:41 - 2011-06-04 16:41 - 4349192 ____A (IObit ) C:\Users\NPM\Desktop\defragsetup.exe
2011-06-04 16:41 - 2011-06-04 16:41 - 0001170 ____A C:\Users\Public\Desktop\Smart Defrag 2.lnk
2011-06-04 16:41 - 2011-06-04 16:41 - 0000000 ____D C:\Users\NPM\AppData\Roaming\IObit
2011-06-04 16:41 - 2011-02-07 15:35 - 0000000 ____D C:\Program Files (x86)\IObit
2011-06-03 22:27 - 2011-06-03 22:17 - 0000000 ____D C:\Users\NPM\Downloads\D.Gray Man - Family Walker (volume II) by Seil [BangAQUA]
2011-06-02 11:49 - 2011-06-02 11:45 - 182761918 ____A C:\Users\NPM\Downloads\D Gray-man - 103.avi
2011-06-02 11:38 - 2011-06-02 11:32 - 181881844 ____A C:\Users\NPM\Downloads\D Gray-man - 102.avi
2011-05-30 19:38 - 2011-05-30 19:01 - 735975424 ____A C:\Users\NPM\Downloads\Stake Land .avi
2011-05-29 05:11 - 2011-02-07 14:36 - 0039984 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-05-29 05:11 - 2011-02-07 14:36 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-05-28 22:42 - 2011-05-28 22:42 - 0001066 ____A C:\Users\NPM\Desktop\Glary Utilities.lnk
2011-05-28 22:20 - 2011-05-28 22:20 - 6385636 ____A C:\Users\NPM\Desktop\Glary Utilities PRO 2.33.0.1158.rar
2011-05-28 16:35 - 2011-04-18 19:20 - 0000000 ____D C:\Program Files (x86)\AV Vcs 6.0 DIAMOND
2011-05-28 16:28 - 2011-03-28 23:33 - 0000000 ____D C:\Users\NPM\Desktop\Games
2011-05-28 16:28 - 2011-03-19 15:38 - 0000000 ____D C:\Users\NPM\Desktop\New Music
2011-05-28 16:27 - 2011-05-28 16:26 - 0000000 ____D C:\Users\NPM\Desktop\Wii Stuff
2011-05-28 16:06 - 2011-05-28 16:06 - 0000000 ____D C:\Users\NPM\Desktop\Henry Interview
2011-05-28 16:05 - 2011-05-15 12:57 - 0000000 ____D C:\Users\NPM\Desktop\Books,Comics,Manuals
2011-05-28 16:03 - 2011-05-15 12:55 - 0000000 ____D C:\Users\NPM\Desktop\Guitar Programs
2011-05-28 15:22 - 2011-05-28 15:17 - 306450095 ____A C:\Users\NPM\Desktop\Nero 10.rar
2011-05-27 21:22 - 2011-06-16 08:30 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-05-27 20:38 - 2011-06-16 08:30 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-05-27 19:25 - 2011-06-16 08:30 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-05-27 19:07 - 2011-06-16 08:30 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-05-27 19:00 - 2011-06-16 08:30 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-05-26 16:26 - 2011-05-26 15:44 - 734734336 ____A C:\Users\NPM\Downloads\The Borgias 101.avi
2011-05-26 10:35 - 2011-05-25 18:58 - 0000000 ____D C:\Users\NPM\AppData\Local\Dexter the Game
2011-05-25 11:26 - 2011-05-25 11:26 - 0000000 ____D C:\Users\NPM\AppData\Local\Nero_AG
2011-05-24 14:52 - 2011-05-24 14:14 - 736264946 ____A C:\Users\NPM\Downloads\Red Riding Hood.avi
2011-05-15 20:44 - 2011-05-15 20:44 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Nero
2011-05-15 20:43 - 2011-05-15 20:37 - 0000000 ____D C:\Users\All Users\Nero
2011-05-15 20:43 - 2011-05-15 20:37 - 0000000 ____D C:\ProgramData\Nero
2011-05-15 20:43 - 2011-05-15 20:36 - 0000000 ____D C:\Program Files (x86)\Nero
2011-05-15 20:41 - 2011-05-15 20:41 - 0002923 ____A C:\Users\Public\Desktop\Nero StartSmart 10.lnk
2011-05-15 20:40 - 2011-05-15 20:40 - 0002901 ____A C:\Users\Public\Desktop\Nero Vision 10.lnk
2011-05-15 20:39 - 2011-05-15 20:39 - 0002895 ____A C:\Users\Public\Desktop\Nero MediaHub 10.lnk
2011-05-15 20:38 - 2011-05-15 20:38 - 0003013 ____A C:\Users\Public\Desktop\Nero BackItUp 10.lnk
2011-05-15 20:37 - 2011-05-15 20:37 - 0002915 ____A C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
2011-05-15 20:29 - 2011-02-07 02:37 - 0000000 ____D C:\Program Files (x86)\Microsoft.NET
2011-05-15 13:56 - 2011-05-15 13:55 - 0000000 ____D C:\Users\NPM\Desktop\Android sim
2011-05-15 12:22 - 2011-05-15 12:22 - 0000243 ____A C:\Program Files (x86)\0FO5JV4K.bat
2011-05-15 11:35 - 2011-05-07 09:29 - 0000000 ____D C:\Users\NPM\Desktop\Guitar rig presets
2011-05-14 06:24 - 2011-05-14 06:24 - 0000000 ____D C:\Users\All Users\nL06509EfPaP06509
2011-05-14 06:24 - 2011-05-14 06:24 - 0000000 ____D C:\ProgramData\nL06509EfPaP06509
2011-05-14 06:24 - 2011-02-07 15:46 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Adobe
2011-05-10 07:02 - 2011-05-10 05:57 - 0000000 ____D C:\Users\NPM\AppData\Roaming\DraftSight
2011-05-10 05:58 - 2011-05-10 05:58 - 0000000 ____D C:\Users\NPM\Documents\My Drawings
2011-05-07 10:28 - 2011-05-07 09:34 - 1318689196 ____A C:\Users\NPM\Downloads\Drive Angry.avi
2011-05-05 22:56 - 2011-05-05 22:56 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Mozilla
2011-05-03 18:51 - 2011-06-16 08:30 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-05-03 18:51 - 2011-06-16 08:30 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-05-03 18:51 - 2011-06-16 08:30 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-05-02 21:21 - 2011-06-16 08:29 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-05-02 20:50 - 2011-06-16 08:29 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-04-28 19:13 - 2011-06-16 08:30 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-04-28 19:12 - 2011-06-16 08:30 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-04-28 19:12 - 2011-06-16 08:30 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-04-27 22:39 - 2011-02-07 04:36 - 0000000 ____D C:\Program Files (x86)\Google
2011-04-27 21:23 - 2011-02-07 04:36 - 0000000 ____D C:\Users\NPM\AppData\Local\Google
2011-04-26 18:57 - 2011-06-16 08:30 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-04-25 17:19 - 2011-04-25 17:19 - 0001044 ____A C:\Users\Public\Desktop\Guitar Rig 4.lnk
2011-04-25 17:19 - 2011-04-25 17:19 - 0000000 __HDC C:\Users\All Users\{D69A48BF-7653-4AA8-94BC-5847522A4573}
2011-04-25 17:19 - 2011-04-25 17:19 - 0000000 __HDC C:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}
2011-04-25 17:18 - 2011-04-25 17:18 - 0000000 __HDC C:\Users\All Users\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}
2011-04-25 17:18 - 2011-04-25 17:18 - 0000000 __HDC C:\ProgramData\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}
2011-04-25 17:18 - 2011-04-25 17:17 - 0000000 ____D C:\Program Files\Native Instruments
2011-04-25 17:18 - 2011-04-25 15:18 - 0000000 ____D C:\Program Files\Common Files\Native Instruments
2011-04-25 17:17 - 2011-04-25 17:17 - 0000000 __HDC C:\Users\All Users\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
2011-04-25 17:17 - 2011-04-25 17:17 - 0000000 __HDC C:\ProgramData\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
2011-04-25 17:05 - 2011-04-25 17:04 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Waves Preferences
2011-04-25 17:04 - 2011-04-25 17:04 - 0001767 ____A C:\Users\Public\Desktop\GTR 3.lnk
2011-04-25 17:04 - 2011-04-25 17:04 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Waves
2011-04-25 17:04 - 2011-04-25 17:04 - 0000000 ____D C:\Program Files (x86)\Steinberg
2011-04-25 17:04 - 2011-04-25 17:03 - 0000000 ____D C:\Program Files (x86)\Waves
2011-04-25 16:54 - 2011-02-07 01:07 - 0000000 ____D C:\Users\NPM\AppData\LocalLow
2011-04-25 15:33 - 2011-04-25 15:33 - 0000000 ____D C:\Users\NPM\Documents\Native Instruments
2011-04-25 15:24 - 2011-04-25 15:24 - 0000000 ____D C:\Users\All Users\Native Instruments
2011-04-25 15:24 - 2011-04-25 15:24 - 0000000 ____D C:\ProgramData\Native Instruments
2011-04-25 05:12 - 2011-04-14 03:52 - 0000000 ____D C:\Users\NPM\AppData\Local\Conduit
2011-04-25 05:10 - 2011-04-23 00:53 - 0000000 ____D C:\Program Files (x86)\NCH Swift Sound
2011-04-24 21:32 - 2011-06-16 08:30 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-04-24 18:44 - 2011-06-16 08:30 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-04-24 02:46 - 2011-04-24 02:46 - 0000000 ___DC C:\Users\All Users\{3FC66E2C-85B6-4398-82FB-C13C51DE9DD8}
2011-04-24 02:46 - 2011-04-24 02:46 - 0000000 ___DC C:\ProgramData\{3FC66E2C-85B6-4398-82FB-C13C51DE9DD8}
2011-04-24 01:31 - 2011-04-24 01:28 - 0000000 ____D C:\Program Files\Guitar FX BOX 2.6
2011-04-24 01:28 - 2011-04-24 01:28 - 0000894 ____A C:\Users\Public\Desktop\Guitar FX BOX 2.6.LNK
2011-04-23 05:38 - 2011-04-23 05:18 - 0011014 __ASH C:\Users\NPM\AppData\Local\l6d7264887hh286
2011-04-23 05:38 - 2011-04-23 05:18 - 0011014 __ASH C:\Users\All Users\l6d7264887hh286
2011-04-23 05:38 - 2011-04-23 05:18 - 0011014 __ASH C:\ProgramData\l6d7264887hh286
2011-04-23 03:04 - 2011-04-23 00:36 - 0000000 ____D C:\Program Files (x86)\AP Tuner
2011-04-23 02:32 - 2011-04-23 00:53 - 0000000 ____D C:\Users\All Users\NCH Swift Sound
2011-04-23 02:32 - 2011-04-23 00:53 - 0000000 ____D C:\ProgramData\NCH Swift Sound
2011-04-23 00:53 - 2011-04-23 00:53 - 0001221 ____A C:\Users\Public\Desktop\PitchPerfect Musical Instrument Tuner.lnk
2011-04-22 12:18 - 2011-06-16 08:30 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-04-22 12:18 - 2011-06-16 08:30 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-04-22 12:18 - 2011-06-08 12:56 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-04-22 12:15 - 2011-06-16 08:30 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-04-22 12:14 - 2011-06-16 08:30 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-04-22 12:14 - 2011-06-16 08:30 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-04-22 12:14 - 2011-06-16 08:30 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-04-22 12:14 - 2011-06-16 08:30 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-04-22 12:13 - 2011-06-16 08:30 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-04-22 12:09 - 2011-06-16 08:30 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-04-22 11:31 - 2011-06-16 08:30 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-04-22 11:31 - 2011-06-16 08:30 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-04-22 11:30 - 2011-06-16 08:30 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-04-22 10:49 - 2011-06-16 08:30 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-04-22 10:23 - 2011-06-16 08:30 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-04-21 14:18 - 2011-04-21 14:18 - 0000000 ____D C:\Users\All Users\FreeApp
2011-04-21 14:18 - 2011-04-21 14:18 - 0000000 ____D C:\ProgramData\FreeApp
2011-04-21 14:17 - 2011-03-09 00:18 - 0001164 ____A C:\Users\Public\Desktop\IObit Security 360.lnk
2011-04-19 20:05 - 2011-04-19 20:05 - 0000943 ____A C:\Users\NPM\Desktop\Audacity.lnk
2011-04-19 20:05 - 2011-04-19 20:05 - 0000000 ____D C:\Program Files (x86)\Audacity
2011-04-18 20:01 - 2011-04-18 20:01 - 0000123 ____A C:\Windows\MXSkypeRecorder.INI
2011-04-18 20:00 - 2011-04-18 20:00 - 0000000 ____D C:\Users\NPM\Documents\Call Recordings
2011-04-18 19:47 - 2011-04-18 19:45 - 2136538 ____A C:\Users\NPM\Documents\rec_Vcs6Core_23-44-38.mp3
2011-04-18 19:37 - 2011-04-18 19:37 - 0350560 ____A C:\Users\NPM\Documents\rec_Vcs6Core_23-36-46.mp3
2011-04-18 19:31 - 2011-04-18 19:31 - 0000000 ____D C:\vcs5BGEffects
2011-04-18 19:21 - 2011-04-18 19:21 - 0001225 ____A C:\Users\NPM\Desktop\Voice Changer 6.0 Diamond.lnk
2011-04-14 17:28 - 2011-04-14 17:28 - 0118864 ____A (AVG Technologies CZ, s.r.o. ) C:\Windows\System32\Drivers\AVGIDSDriver.sys
2011-04-14 13:57 - 2011-02-07 03:36 - 0000000 ____D C:\Users\All Users\MFAData
2011-04-14 13:57 - 2011-02-07 03:36 - 0000000 ____D C:\ProgramData\MFAData
2011-04-14 04:55 - 2011-04-14 04:55 - 0000000 ____D C:\Users\NPM\AppData\Local\Alexander_Nikiforov
2011-04-14 04:39 - 2011-04-14 04:39 - 0000000 ____D C:\oreka
2011-04-14 03:55 - 2011-04-14 03:53 - 0000000 ____D C:\Users\NPM\Documents\Free Sound Recorder
2011-04-14 03:54 - 2011-04-14 03:53 - 0000000 ____D C:\Users\NPM\AppData\Roaming\Free Sound Recorder
2011-04-10 12:33 - 2011-05-07 08:58 - 907968020 ____A C:\Users\NPM\Downloads\The Rite.avi
2011-04-09 13:23 - 2011-04-09 12:53 - 735219712 ____A C:\Users\NPM\Downloads\Fading of the Cries.avi
2011-04-08 22:58 - 2011-06-16 08:30 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-04-08 22:45 - 2011-06-08 12:56 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-04-08 22:13 - 2011-06-08 12:56 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-04-08 22:13 - 2011-06-08 12:56 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-04-08 21:56 - 2011-06-16 08:30 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-04-06 18:17 - 2011-04-06 18:17 - 0000000 ____D C:\Users\NPM\Desktop\WRCFree
2011-04-04 20:59 - 2011-04-04 20:59 - 0377936 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2011-04-01 05:07 - 2011-04-01 04:54 - 576741376 ____A C:\Users\NPM\Downloads\Bibles Buried Secrets 103.avi
2011-04-01 01:48 - 2011-04-01 01:24 - 576581632 ____A C:\Users\NPM\Downloads\Bibles Buried Secrets 102.avi
2011-03-31 23:40 - 2011-03-31 23:16 - 576798720 ____A C:\Users\NPM\Downloads\Bibles Buried Secrets 101.avi
2011-03-28 05:49 - 2011-03-28 05:49 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-03-25 11:35 - 2011-03-25 11:31 - 182387900 ____A C:\Users\NPM\Downloads\AEMH117.avi
2011-03-25 11:31 - 2011-03-25 11:27 - 183603772 ____A C:\Users\NPM\Downloads\AEMH116.avi
2011-03-25 11:06 - 2011-03-25 10:10 - 183549874 ____A C:\Users\NPM\Downloads\AEMH119.avi

========================= Known DLLs =========================

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-06-16 08:30] - [2011-04-22 12:13] - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-06-16 08:30] - [2011-04-22 11:31] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2011-02-07 01:23] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2011-02-07 01:23] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2011-06-16 08:30] - [2010-12-17 22:13] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2011-06-16 08:30] - [2010-12-17 21:31] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2011-02-07 01:24] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2011-02-07 01:24] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-06-16 08:30] - [2011-04-22 12:18] - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-06-16 08:30] - [2011-04-22 11:31] - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-06-16 08:30] - [2011-04-22 12:18] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-06-16 08:30] - [2011-04-22 11:31] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

================== Bamital & volsnap Check ===================

C:\Windows\System32\winlogon.exe
[2011-02-07 01:24] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-06-08 12:55] - [2011-02-25 22:23] - 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-13 15:20] - [2009-07-13 17:45] - 0294992 ____A (Microsoft Corporation) 58F82EED8CA24B461441F9C3E4F0BF5C


========================= Memory info ========================

Percentage of memory in use: 14%
Total physical RAM: 3966.09 MB
Available physical RAM: 3379.6 MB
Total Pagefile: 3964.24 MB
Available Pagefile: 3373.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions ===========================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:33.03 GB) NTFS
3 Drive f: () (Removable) (Total:3.76 GB) (Free:3.62 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

Edited by denclock, 23 June 2011 - 04:18 PM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 23 June 2011 - 04:52 PM

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2011-06-16 18:41 - 2011-06-16 18:41 - 0000000 ____D C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030
2011-06-16 18:39 - 2011-06-16 18:39 - 7735047 ____A C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030.rar
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart normally and tell me how it went.

#5 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 23 June 2011 - 06:53 PM

Thank you very much. My computer is now running, and I don't have to type on a tablet. Is there anything else I need to do?

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.1)
Ran by SYSTEM at 2011-06-23 19:32:21 R:1
Running from F:\

==============================================

C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030 moved successfully.
C:\Users\NPM\Desktop\Revo Uninstaller Pro 2.5.3 - stevsinus030.rar moved successfully.

========= bootrec /FixMbr =========

˙ūT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 23 June 2011 - 07:30 PM

Great. :thumbsup:

Open your Malwarebytes' Anti-Malware.
  • First update it, to do that under the Update tab press "Check for Updates".
  • Under Scanner tab select "Perform Quick Scan", then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the MBAM log.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


Just to let you know I see the log tomorrow and we will finish it off then.

#7 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2011 - 08:10 AM

Here is my malwarebytes log. Once again, thanks for the help farbar, this has been driving me crazy.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6937

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/24/2011 7:20:19 AM
mbam-log-2011-06-24 (07-20-19).txt

Scan type: Quick scan
Objects scanned: 160728
Time elapsed: 2 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\NPM\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.

Edited by denclock, 24 June 2011 - 08:13 AM.


#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 24 June 2011 - 09:44 AM

Let's take a look at the possible vulnerabilities.

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste OTL.txt and attacht Extra.txt to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized


#9 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2011 - 11:09 AM

Thanks again, here is the OTL.txt

OTL logfile created on: 6/24/2011 11:56:02 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\NPM\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 63.31% Memory free
7.74 Gb Paging File | 6.16 Gb Available in Paging File | 79.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 29.76 Gb Free Space | 26.64% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.14% Space Free | Partition Type: FAT32

Computer Name: NPM-PC | User Name: NPM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/24 11:50:55 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\NPM\Desktop\OTL.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/04/18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/01 00:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe
PRC - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (SafeList) ==========

MOD - [2011/06/24 11:50:55 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\NPM\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/07/17 09:31:34 | 004,948,992 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/06/14 07:15:50 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdkcoms.exe -- (lxdk_device)
SRV:64bit: - [2007/06/14 07:15:40 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdkserv.exe -- (lxdkCATSCustConnectService)
SRV:64bit: - [2006/12/27 14:59:28 | 000,717,824 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2010/03/25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 17:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe -- (DfSdkS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/14 07:15:34 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxdkcoms.exe -- (lxdk_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/04/14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2009/12/17 18:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2009/10/26 19:36:22 | 001,202,688 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\smserial.sys -- (smserial)
DRV:64bit: - [2009/09/28 13:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/09 17:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:10:49 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV:64bit: - [2009/07/13 20:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/13 20:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/13 20:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/08 04:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/12/14 13:22:56 | 000,319,488 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tifm21.sys -- (tifm21)
DRV:64bit: - [2006/12/27 15:09:58 | 002,798,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (R300)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-631999887-905934083-2728520643-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-631999887-905934083-2728520643-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-631999887-905934083-2728520643-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 77 BC 22 00 32 CC 01 [binary data]
IE - HKU\S-1-5-21-631999887-905934083-2728520643-1001\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-631999887-905934083-2728520643-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/03/09 05:15:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/03/09 05:15:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/06/23 19:42:15 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2005/11/03 21:54:06 | 000,000,731 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No CLSID value found.
O3 - HKU\S-1-5-21-631999887-905934083-2728520643-1001\..\Toolbar\WebBrowser: (no name) - {32B29DF0-2237-4370-9A29-37CEBB730E9B} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-631999887-905934083-2728520643-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.16.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8bd49d46-3303-11e0-9a74-00e0b8bae5ed}\Shell\AutoRun\command - "" = F:\.\Install.exe
O33 - MountPoints2\{8bd49d46-3303-11e0-9a74-00e0b8bae5ed}\Shell\directx\command - "" = .\DirectX\DXSetup.exe
O33 - MountPoints2\{8bd49d46-3303-11e0-9a74-00e0b8bae5ed}\Shell\install\command - "" = F:\.\install.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\.\Install.exe
O33 - MountPoints2\F\Shell\directx\command - "" = .\DirectX\DXSetup.exe
O33 - MountPoints2\F\Shell\install\command - "" = F:\.\install.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 11:50:55 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\NPM\Desktop\OTL.exe
[2011/06/23 21:08:14 | 000,000,000 | ---D | C] -- C:\FRST
[2011/06/23 20:01:32 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Roaming\Mozilla
[2011/06/23 03:18:53 | 000,000,000 | ---D | C] -- C:\TRK-INFECTED
[2011/06/17 03:34:26 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\Appslib_2
[2011/06/16 13:13:04 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Roaming\cYo
[2011/06/16 13:13:04 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Local\cYo
[2011/06/16 12:30:43 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/16 12:30:08 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/16 12:30:07 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/16 12:30:07 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/16 12:30:07 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/16 12:30:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/16 12:30:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/16 12:30:06 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/16 12:30:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/16 12:30:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/16 12:30:06 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/16 12:30:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/16 12:30:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/16 12:30:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/16 12:30:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/16 12:30:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/06/16 12:30:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/06/16 12:19:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
[2011/06/16 12:19:02 | 000,000,000 | ---D | C] -- C:\Program Files\ComicRack
[2011/06/08 18:47:01 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\Malwarebytes_Keys
[2011/06/08 17:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/06/08 16:56:29 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/08 16:56:27 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/06/08 16:56:27 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/06/08 16:56:26 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011/06/08 16:56:25 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/06/08 16:56:25 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/06/08 16:56:25 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011/06/08 16:56:24 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/06/08 16:56:24 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/06/08 16:56:23 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/06/08 16:56:23 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/06/08 16:56:23 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/06/08 16:56:23 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/06/08 16:56:23 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/06/08 16:56:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/06/08 16:56:21 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/06/08 16:55:26 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/06/08 16:55:26 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/06/08 16:55:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/06/08 16:55:24 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/06/08 16:55:24 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/06/08 16:55:22 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/06/08 16:55:21 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/06/08 16:55:21 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/06/08 16:55:20 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/06/08 16:55:19 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/06/08 16:55:19 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/06/08 16:55:17 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/08 16:55:17 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/08 16:55:17 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/06/08 16:55:11 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/06/08 16:55:11 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/06/08 16:55:10 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/06/08 16:55:09 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/06/08 16:55:09 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/06/08 16:55:09 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/06/08 16:55:09 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/06/08 16:55:05 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/06/08 16:55:04 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/06/08 16:55:04 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/06/08 16:55:04 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/06/08 16:55:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/06/08 16:55:03 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/06/08 16:54:52 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011/06/08 16:54:51 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011/06/08 16:54:51 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011/06/08 16:54:51 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011/06/08 16:54:41 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/06/08 16:52:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/06/08 16:52:01 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/06/07 12:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 5300 Series
[2011/06/07 12:26:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark 5300 Series
[2011/06/07 12:26:55 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkinpa.dll
[2011/06/07 12:26:55 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkiesc.dll
[2011/06/07 12:26:55 | 000,143,360 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkjswr.dll
[2011/06/07 12:26:55 | 000,126,976 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxdklnks.dll
[2011/06/07 12:26:54 | 001,200,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkserv.dll
[2011/06/07 12:26:54 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxdkgf.dll
[2011/06/07 12:26:54 | 000,950,272 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkusb1.dll
[2011/06/07 12:26:54 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkcomc.dll
[2011/06/07 12:26:54 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkhbn3.dll
[2011/06/07 12:26:54 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkpmui.dll
[2011/06/07 12:26:54 | 000,598,960 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkcoms.exe
[2011/06/07 12:26:54 | 000,565,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdklmpm.dll
[2011/06/07 12:26:54 | 000,503,808 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkutil.dll
[2011/06/07 12:26:54 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkcomm.dll
[2011/06/07 12:26:54 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkih.exe
[2011/06/07 12:26:54 | 000,204,800 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkinsb.dll
[2011/06/07 12:26:54 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkins.dll
[2011/06/07 12:26:54 | 000,106,496 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkinsr.dll
[2011/06/07 12:26:54 | 000,090,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkcub.dll
[2011/06/07 12:26:54 | 000,077,824 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkcu.dll
[2011/06/07 12:26:54 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkprox.dll
[2011/06/07 12:26:54 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdkcur.dll
[2011/06/07 12:26:53 | 000,365,488 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdkcfg.exe
[2011/06/07 12:26:53 | 000,077,906 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\lxdkcfg.dll
[2011/06/07 12:26:40 | 001,895,936 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkserv.dll
[2011/06/07 12:26:40 | 001,501,696 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkusb1.dll
[2011/06/07 12:26:40 | 000,980,992 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkpmui.dll
[2011/06/07 12:26:40 | 000,715,264 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkutil.dll
[2011/06/07 12:26:40 | 000,668,672 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkhcp.dll
[2011/06/07 12:26:40 | 000,541,184 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkinpa.dll
[2011/06/07 12:26:40 | 000,509,440 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkiesc.dll
[2011/06/07 12:26:40 | 000,047,104 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkprox.dll
[2011/06/07 12:26:39 | 001,489,408 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkcomc.dll
[2011/06/07 12:26:39 | 001,065,984 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkhbn3.dll
[2011/06/07 12:26:39 | 001,053,104 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkcoms.exe
[2011/06/07 12:26:39 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lxdkgf.dll
[2011/06/07 12:26:39 | 000,879,104 | ---- | C] ( ) -- C:\Windows\SysNative\lxdklmpm.dll
[2011/06/07 12:26:39 | 000,598,960 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkcfg.exe
[2011/06/07 12:26:39 | 000,563,200 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkcomm.dll
[2011/06/07 12:26:39 | 000,515,504 | ---- | C] ( ) -- C:\Windows\SysNative\lxdkih.exe
[2011/06/07 12:26:39 | 000,235,520 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkins.dll
[2011/06/07 12:26:39 | 000,189,440 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkinsb.dll
[2011/06/07 12:26:39 | 000,129,024 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkjswr.dll
[2011/06/07 12:26:39 | 000,100,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkcu.dll
[2011/06/07 12:26:39 | 000,090,624 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkinsr.dll
[2011/06/07 12:26:39 | 000,073,216 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkcub.dll
[2011/06/07 12:26:39 | 000,065,536 | ---- | C] (Lexmark International) -- C:\Windows\SysNative\lxdkcfg.dll
[2011/06/07 12:26:39 | 000,022,528 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\lxdkcur.dll
[2011/06/07 12:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 5300 Series
[2011/06/07 04:14:05 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Roaming\GlarySoft
[2011/06/07 03:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\App4rTemp
[2011/06/07 03:28:26 | 000,000,000 | ---D | C] -- C:\logs
[2011/06/07 02:29:30 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Roaming\Lexmark Productivity Studio
[2011/06/07 02:29:09 | 000,000,000 | ---D | C] -- C:\ProgramData\lx_cats
[2011/06/07 02:28:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86) (x86)
[2011/06/07 02:27:22 | 000,000,000 | ---D | C] -- C:\lexmark
[2011/06/04 20:41:56 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Roaming\IObit
[2011/06/04 20:41:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2011/06/04 20:41:09 | 004,349,192 | ---- | C] (IObit ) -- C:\Users\NPM\Desktop\defragsetup.exe
[2011/06/04 02:58:34 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\DG Manga
[2011/06/02 15:20:09 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/29 02:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2011/05/29 02:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2011/05/28 20:26:59 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\Wii Stuff
[2011/05/28 20:06:15 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\Henry Interview
[2011/05/28 18:37:43 | 000,000,000 | ---D | C] -- C:\Users\NPM\Desktop\C2C
[2011/05/25 22:58:14 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Local\Dexter the Game
[2011/05/25 15:26:42 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Local\Nero_AG
[2011/05/25 15:26:20 | 000,000,000 | ---D | C] -- C:\Users\NPM\AppData\Local\Nero

========== Files - Modified Within 30 Days ==========

[2011/06/24 11:50:55 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\NPM\Desktop\OTL.exe
[2011/06/24 11:49:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/24 11:49:22 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-631999887-905934083-2728520643-1001UA.job
[2011/06/24 11:49:22 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/24 10:41:24 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/24 10:41:24 | 000,659,818 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/24 10:41:24 | 000,120,714 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/24 09:21:47 | 119,720,941 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011/06/24 08:46:52 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/24 07:30:56 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 07:30:56 | 000,014,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 07:23:42 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/06/24 07:22:58 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/24 07:21:50 | 3119,075,328 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/23 19:42:16 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/06/23 19:34:05 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/19 10:03:21 | 524,288,000 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2011/06/17 03:09:29 | 000,542,200 | ---- | M] () -- C:\Users\NPM\Desktop\Appslib_2.zip
[2011/06/16 13:11:21 | 000,772,430 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/16 12:19:05 | 000,000,840 | ---- | M] () -- C:\Users\Public\Desktop\ComicRack.lnk
[2011/06/15 18:01:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-631999887-905934083-2728520643-1001Core.job
[2011/06/14 09:21:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2011/06/14 09:21:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2011/06/11 18:48:20 | 000,276,995 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2011/06/08 18:45:37 | 000,001,937 | ---- | M] () -- C:\Users\NPM\Desktop\Malwarebytes_Keys.rar
[2011/06/08 16:38:54 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/07 12:28:14 | 000,070,467 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/06/07 12:27:14 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5300 Series.LNK
[2011/06/07 05:34:44 | 136,642,560 | ---- | M] () -- C:\Users\NPM\Desktop\cjq5300en.exe
[2011/06/07 02:56:08 | 000,074,558 | ---- | M] () -- C:\Windows\SysWow64\LexFiles.ulf
[2011/06/06 06:02:56 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011/06/05 22:00:00 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011/06/04 20:41:55 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011/06/04 20:41:15 | 004,349,192 | ---- | M] (IObit ) -- C:\Users\NPM\Desktop\defragsetup.exe
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/29 02:42:10 | 000,001,066 | ---- | M] () -- C:\Users\NPM\Desktop\Glary Utilities.lnk
[2011/05/29 02:20:09 | 006,385,636 | ---- | M] () -- C:\Users\NPM\Desktop\Glary Utilities PRO 2.33.0.1158.rar
[2011/05/28 19:22:51 | 306,450,095 | ---- | M] () -- C:\Users\NPM\Desktop\Nero 10.rar

========== Files Created - No Company Name ==========

[2011/06/18 17:47:29 | 524,288,000 | ---- | C] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2011/06/17 03:09:29 | 000,542,200 | ---- | C] () -- C:\Users\NPM\Desktop\Appslib_2.zip
[2011/06/16 13:11:18 | 000,772,430 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/16 12:19:05 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\ComicRack.lnk
[2011/06/08 18:45:37 | 000,001,937 | ---- | C] () -- C:\Users\NPM\Desktop\Malwarebytes_Keys.rar
[2011/06/07 12:27:14 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5300 Series.LNK
[2011/06/07 12:26:55 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdkcomx.dll
[2011/06/07 12:26:55 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\lxdkinst.dll
[2011/06/07 12:26:54 | 001,059,507 | ---- | C] () -- C:\Windows\SysWow64\LXDKhelp.chm
[2011/06/07 12:26:53 | 000,001,992 | ---- | C] () -- C:\Windows\SysWow64\lxdk.loc
[2011/06/07 12:26:40 | 000,524,288 | ---- | C] () -- C:\Windows\SysNative\lxdkinst.dll
[2011/06/07 12:26:39 | 001,059,507 | ---- | C] () -- C:\Windows\SysNative\LXDKhelp.chm
[2011/06/07 12:26:39 | 000,299,520 | ---- | C] () -- C:\Windows\SysNative\lxdkgrd.dll
[2011/06/07 12:26:39 | 000,070,467 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011/06/07 12:26:39 | 000,001,992 | ---- | C] () -- C:\Windows\SysNative\lxdk.loc
[2011/06/07 05:34:43 | 136,642,560 | ---- | C] () -- C:\Users\NPM\Desktop\cjq5300en.exe
[2011/06/07 02:28:21 | 000,074,558 | ---- | C] () -- C:\Windows\SysWow64\LexFiles.ulf
[2011/06/04 20:41:56 | 000,032,136 | ---- | C] () -- C:\Windows\SysNative\SmartDefragBootTime.exe
[2011/06/04 20:41:56 | 000,018,232 | ---- | C] () -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys
[2011/06/04 20:41:55 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\Smart Defrag 2.lnk
[2011/05/29 02:42:12 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/05/29 02:42:10 | 000,001,066 | ---- | C] () -- C:\Users\NPM\Desktop\Glary Utilities.lnk
[2011/05/29 02:20:00 | 006,385,636 | ---- | C] () -- C:\Users\NPM\Desktop\Glary Utilities PRO 2.33.0.1158.rar
[2011/05/28 19:17:22 | 306,450,095 | ---- | C] () -- C:\Users\NPM\Desktop\Nero 10.rar
[2011/05/25 15:26:38 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/05/15 16:22:53 | 000,000,243 | ---- | C] () -- C:\Program Files (x86)\0FO5JV4K.bat
[2011/04/23 09:18:37 | 000,011,014 | -HS- | C] () -- C:\Users\NPM\AppData\Local\l6d7264887hh286
[2011/04/23 09:18:37 | 000,011,014 | -HS- | C] () -- C:\ProgramData\l6d7264887hh286
[2011/04/19 00:01:34 | 000,000,123 | ---- | C] () -- C:\Windows\MXSkypeRecorder.INI
[2011/02/10 02:13:45 | 000,000,514 | ---- | C] () -- C:\Windows\eReg.dat
[2010/10/14 05:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/12/27 14:47:02 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[1998/03/17 13:15:00 | 000,000,117 | ---- | C] () -- C:\Windows\smp32.dll

< End of report >

Extras.txt

OTL Extras logfile created on: 6/24/2011 11:56:02 AM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\NPM\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 63.31% Memory free
7.74 Gb Paging File | 6.16 Gb Available in Paging File | 79.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 29.76 Gb Free Space | 26.64% Space Free | Partition Type: NTFS
Drive E: | 3.76 Gb Total Space | 0.01 Gb Free Space | 0.14% Space Free | Partition Type: FAT32

Computer Name: NPM-PC | User Name: NPM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{11C0E99B-1A2D-9E88-2EC0-242509730208}" = ccc-utility64
"{1F221874-9C3D-6A3C-A739-C25D8BAB8287}" = ATI Catalyst Install Manager
"{481A433E-2DB0-4650-9CEC-BE02413DF815}" = AVG 2011
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78DC83C7-7E9D-4518-8DFE-C8BBF69173D9}" = AVG 2011
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2011
"CCleaner" = CCleaner
"ComicRack" = ComicRack v0.9.142
"Defraggler" = Defraggler
"Lexmark 5300 Series" = Lexmark 5300 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Recuva" = Recuva
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Speccy" = Speccy

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0ED5203A-41A3-1ED9-A413-23A656011945}" = Catalyst Control Center Core Implementation
"{16891F82-D618-EF86-7F38-9FE19874357E}" = Catalyst Control Center Graphics Previews Vista
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 23
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"{3733D893-EBBF-6A31-EF05-086E66FC3D9E}" = CCC Help English
"{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1" = Ashampoo Home Designer1.0.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{503F62C9-99C2-376A-9B74-AB03E7CDB980}" = Google Talk Plugin
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5AECAA2C-2D43-5DE6-5FA7-B17F0C99238D}" = Catalyst Control Center Graphics Full Existing
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{607398CF-354B-4E21-B1BC-549424BFD04C}" = TIPCI
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E22AFBF-D6AC-DB16-4EDA-05D79EB8972B}" = Catalyst Control Center Graphics Light
"{6FCBE08B-EB47-448E-8566-CE38E8B8D065}" = System Requirements Lab CYRI
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75AD7D33-EF26-4609-9D8D-CBF7F9AC5E08}" = Freedom Force
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{9046E7F5-F4C0-E330-C79E-0AE7FBEEE87F}" = Catalyst Control Center Graphics Full New
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EB1C655-331C-5034-CCF8-436FA4B4A3DA}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D4135FD2-8B19-0B8E-A7D3-5102077E8177}" = Skins
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AP Tuner 3.06" = AP Tuner 3.06
"AP Tuner 3.08" = AP Tuner 3.08
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"Audacity_is1" = Audacity 1.2.6
"AV Voice Changer Software DIAMOND 6.0" = AV Voice Changer Software DIAMOND 6.0
"CDisplay_is1" = CDisplay 1.8
"Champions Online" = Champions Online
"Crisis Version 1" = Crisis Version 1
"DivX Setup.divx.com" = DivX Setup
"Glary Utilities_is1" = Glary Utilities Pro 2.33.0.1158
"Google Chrome" = Google Chrome
"Guitar FX BOX 2.6" = Guitar FX BOX 2.6
"ImgBurn" = ImgBurn
"InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"InstallShield_{607398CF-354B-4E21-B1BC-549424BFD04C}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IObit Security 360_is1" = IObit Security 360
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments Service Center" = Native Instruments Service Center
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"Revo Uninstaller" = Revo Uninstaller 1.91
"Smart Defrag 2_is1" = Smart Defrag 2
"Spiderman & The Marvel Knights" = Spiderman & The Marvel Knights
"VirtualCloneDrive" = VirtualCloneDrive
"Waves GTR 3" = Waves GTR 3
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-631999887-905934083-2728520643-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"The DC Universe Mod" = The DC Universe Mod

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/2/2011 3:02:27 PM | Computer Name = NPM-PC | Source = IS360service | ID = 0
Description =

Error - 6/3/2011 6:50:42 PM | Computer Name = NPM-PC | Source = IS360service | ID = 0
Description =

Error - 6/3/2011 6:50:42 PM | Computer Name = NPM-PC | Source = IS360service | ID = 0
Description =

Error - 6/5/2011 11:58:46 PM | Computer Name = NPM-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16722,
time stamp: 0x4d0c2f29 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x8b1a6a02 Faulting process id:
0x1710 Faulting application start time: 0x01cc23fd271bbac3 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 4699ed3f-8ff1-11e0-bb1c-00e0b8bae5ed

Error - 6/8/2011 3:56:44 PM | Computer Name = NPM-PC | Source = IS360service | ID = 0
Description =

Error - 6/8/2011 3:56:44 PM | Computer Name = NPM-PC | Source = IS360service | ID = 0
Description =

Error - 6/11/2011 11:09:15 AM | Computer Name = NPM-PC | Source = Application Error | ID = 1000
Description = Faulting application name: WO6.exe, version: 6.6.0.0, time stamp:
0x4b740037 Faulting module name: defragwrapper.dll, version: 1.0.0.1, time stamp:
0x49a61c9a Exception code: 0xc0000005 Fault offset: 0x00004a57 Faulting process id:
0x124 Faulting application start time: 0x01cc2810f4ce086c Faulting application path:
C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\WO6.exe Faulting module
path: C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\defragwrapper.dll Report
Id: c5168316-943c-11e0-9803-00e0b8bae5ed

Error - 6/16/2011 1:14:39 PM | Computer Name = NPM-PC | Source = Application Hang | ID = 1002
Description = The program ComicRack.exe version 0.0.0.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: bc8 Start
Time: 01cc2c48a2da8265 Termination Time: 32 Application Path: C:\Program Files\ComicRack\ComicRack.exe

Report
Id: 1b9e90c4-983c-11e0-b3a4-00e0b8bae5ed

Error - 6/17/2011 8:07:30 PM | Computer Name = NPM-PC | Source = Application Error | ID = 1000
Description = Faulting application name: install_flash_player.exe, version: 1.1.1.1,
time stamp: 0x4d776bb8 Faulting module name: install_flash_player.exe, version:
1.1.1.1, time stamp: 0x4d776bb8 Exception code: 0xc0000005 Fault offset: 0x00001149
Faulting
process id: 0x124c Faulting application start time: 0x01cc2d4bb38582c8 Faulting application
path: C:\Users\NPM\AppData\Local\Temp\install_flash_player.exe Faulting module path:
C:\Users\NPM\AppData\Local\Temp\install_flash_player.exe Report Id: f497d683-993e-11e0-9675-00e0b8bae5ed

Error - 6/24/2011 11:51:38 AM | Computer Name = NPM-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7600.16800,
time stamp: 0x4db1bf6e Faulting module name: ntdll.dll, version: 6.1.7600.16695,
time stamp: 0x4cc7ab86 Exception code: 0xc0000374 Fault offset: 0x000cea27 Faulting
process id: 0x106c Faulting application start time: 0x01cc32867c57fabc Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: d7d427cb-9e79-11e0-b895-00e0b8bae5ed

[ System Events ]
Error - 6/17/2011 12:40:50 AM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdkCATSCustConnectService
service to connect.

Error - 6/17/2011 12:40:50 AM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7000
Description = The lxdkCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 6/23/2011 7:34:32 PM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdkCATSCustConnectService
service to connect.

Error - 6/23/2011 7:34:32 PM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7000
Description = The lxdkCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 6/23/2011 8:04:34 PM | Computer Name = NPM-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 6/24/2011 7:22:31 AM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdkCATSCustConnectService
service to connect.

Error - 6/24/2011 7:22:31 AM | Computer Name = NPM-PC | Source = Service Control Manager | ID = 7000
Description = The lxdkCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 6/24/2011 9:46:38 AM | Computer Name = NPM-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 6/24/2011 9:46:38 AM | Computer Name = NPM-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 6/24/2011 9:46:39 AM | Computer Name = NPM-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.


< End of report >

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 24 June 2011 - 11:47 AM

  • You have already Malwarebytes and don't need this questionable software: IObit Security 360
    I recommend you to uninstall it.
  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    • Please follow these steps to remove older version Java components and update:[list]
    • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
    • Look for "JDK 6 Update 26 (JDK or JRE)".
    • Click the "Download JRE" button to the right.
    • Select your Platform: "Windows".
    • Select your Language: "Multi-language".
    • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
    • Click Continue and the page will refresh.
    • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
  • Run CCleaner (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked). Then click run cleaner.
  • Also tell me how is the system running.


#11 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2011 - 02:27 PM

Ok, I uninstalled IObit 360,deleted the frst folder, uninstalled the old java, reinstalled the new, and ran ccleaner. Should I not use any IObit product? I use IObit smart defrag as my main defrag program.

My computer seems to be running a little slow, but it isn't that bad. It is slow on loading webpages mostly.

Thanks

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 24 June 2011 - 02:54 PM

No problem with IObit smart defrag.

About the slowness of loading pages you can try another antivirus instead of AVG to see if it has anything to do with it. If you decide to do it download Microsoft Security Essentials but don't uninstall it.
Uninstall AVG from Program and Features.
Download and run the AVG Uninstaller.
Then install Microsoft Security Essentials, update and run a scan.
See if the speed gets better.

We have one more post to round off anyway regardless if you decide to replace AVG or not.

#13 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2011 - 03:20 PM

I don't mind switching from AVG, I have been thinking about doing so anyway. Malwarebytes seems to catch more stuff than AVG. I thought I might give Microsoft a try, but didn't know if it was worth the hassle of Microsoft.

I am not sure what you mean for me to not uninstall, MSE (once it is installed), or AVG (and therefore download the uninstaller), and do not go through the CP Removal?

Thanks so much.

Edited by denclock, 24 June 2011 - 03:28 PM.


#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:23 PM

Posted 24 June 2011 - 03:33 PM

I clarify that.

We want to remove AVG before installing MSE, but we don't want to connect to internet to download MSE without protection.
So you download the MSE installer first and save it.
Then download the avg remover and save it.
To remove AVG first uninstall it normally via Program And Features, to make sure the leftovers are taken run the AVG remover too later on.
Reboot the computer and install MSE.

Hope it is clear now.

#15 denclock

denclock
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2011 - 03:48 PM

Sorry to ask so many questions, but do you recommend MSE over AVG, and should I go ahead and update to SP1? I haven't downloaded SP1 just because of previous problems with service packs?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users