Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FarBar please save me from the ci.dll error


  • This topic is locked This topic is locked
10 replies to this topic

#1 Shred-Hed

Shred-Hed

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 23 June 2011 - 11:49 PM

Hi I read farbar's awesome posts helping another user on this forum solve his ci.dll boot issue.
I am having the same problem. I ran the tool, here are the logs.

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.1
Ran by SYSTEM at 2011-06-23 23:18:56
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10806816 2010-04-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-03-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-03-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [141624 2010-06-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35760 2011-01-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe [73728 2010-04-21] (ArcSoft, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [480768 2009-06-26] (WDC)
HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1230704 2011-03-21] ()
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-04-19] (Advanced Micro Devices, Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Gustin\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1242448 2010-11-16] (Valve Corporation)
HKU\Gustin\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [357696 2010-04-01] (DT Soft Ltd)
HKU\Gustin\...\Run: [Google Update] "C:\Users\Gustin\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-04-27] (Google Inc.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [GBTUpd] C:\Program Files (x86)\Gigabyte\UpdManager\PreRun.exe [297480 2008-04-03] (PreRun)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30208 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,
HKLM\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2870272 2011-02-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 64.59.176.13 64.59.176.15 64.59.177.226


==================== Services ====================

2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
2 AMD External Events Utility; C:\Windows\System32\atiesrxx.exe [203776 2011-05-10] (AMD)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [144176 2010-06-10] (Apple Inc.)
3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [44376 2010-03-18] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [345376 2010-05-18] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
2 CEEBC40A-FDED-4C59-B354-939132350B01; C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe [440816 2011-01-11] ()
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-03] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1135104 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [136176 2010-05-19] (Google Inc.)
3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [136176 2010-05-19] (Google Inc.)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [653616 2010-06-15] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [441712 2008-11-03] (Microsoft Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
4 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService [403240 2011-06-16] (Valve Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-05-18] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
2 WDBtnMgrSvc.exe; "C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe" [119296 2009-06-26] (WDC)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [442880 2010-12-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
3 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [2286976 2010-09-21] (Microsoft Corp.)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-20] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)
2 Akamai; c:\program files (x86)\common files\akamai\netsession_win_e877e12.dll [x]
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
3 Afc; C:\Windows\SysWow64\drivers\Afc.sys [22784 2006-11-14] (Arcsoft, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [499712 2011-04-24] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319936 2011-05-10] (ATI Technologies Inc.)
3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306176 2011-05-10] (Advanced Micro Devices, Inc.)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [115216 2011-02-09] (Advanced Micro Devices)
3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [125456 2010-05-06] (ATI Technologies, Inc.)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
3 CamDrL64; C:\Windows\System32\DRIVERS\CamDrL64.sys [955680 2007-02-03] (Logitech Inc.)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
3 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2011-04-26] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2011-01-25] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-09-25] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 gdrv; \??\C:\Windows\gdrv.sys [25640 2011-03-05] (Windows ® Server 2003 DDK provider)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2009-05-18] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [2359200 2010-04-30] (Realtek Semiconductor Corp.)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
3 LVUSBS64; C:\Windows\System32\drivers\LVUSBS64.sys [58528 2007-02-03] (Logitech Inc.)
3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-05-03] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [287744 2011-05-03] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-05-03] (Microsoft Corporation)
3 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1657216 2011-03-10] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55856 2010-03-19] (Sonic Solutions)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-01] (Realtek Corporation )
3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-10-09] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-20] (Duplex Secure Ltd.)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-04-28] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [399872 2011-04-28] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-04-28] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2011-04-24] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2011-04-24] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [50688 2010-04-19] (Apple, Inc.)
3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109568 2009-07-13] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-24] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2011-03-24] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-24] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [25600 2011-03-24] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91136 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2011-03-24] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinRing0_1_2_0; \??\C:\Users\Gustin\Downloads\RealTemp_340\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)
2 SBKUPNT; [x]
0 speedfan; SysWOW64\speedfan.sys [x]

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-22 21:50 - 2011-06-22 21:50 - 0001674 ____A C:\Users\Gustin\Desktop\Torchlight - Shortcut.lnk
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At5.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At4.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At3.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At2.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At1.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000012 ___SH C:\ndf
2011-06-22 20:54 - 2011-06-22 20:54 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\runic games
2011-06-22 17:36 - 2011-06-22 17:36 - 0000000 ____D C:\Users\Public\Documents\Runic
2011-06-22 17:36 - 2011-06-22 17:36 - 0000000 ____D C:\Program Files (x86)\Runic Games
2011-06-22 17:08 - 2011-06-22 17:08 - 0000000 ____D C:\Users\Gustin\Downloads\Torchlight 1.15 Incl. Crack (PC) (FULL GAME)
2011-06-21 16:39 - 2011-06-21 16:59 - 0000000 ____D C:\Program Files (x86)\R.G. NoLimits-Team Games
2011-06-21 14:14 - 2011-06-21 14:23 - 160217136 ____A (Seagate) C:\Users\Gustin\Downloads\DiscWizardSetup.en.exe
2011-06-21 14:09 - 2011-06-21 14:09 - 0000000 ____D C:\SWISNIFE
2011-06-21 14:08 - 2011-06-21 14:09 - 0000543 ____A C:\Windows\SWISV3.INI
2011-06-21 14:08 - 2011-06-21 14:09 - 0000287 ____A C:\Windows\SKNIFE.INI
2011-06-21 14:08 - 2011-06-21 14:08 - 0000000 ____D C:\Program Files (x86)\SWISSKNIFE
2011-06-21 14:08 - 2005-04-18 14:35 - 0000344 ____A C:\Windows\DYNASN.INF
2011-06-21 14:08 - 2001-07-13 10:56 - 0014976 ____A C:\Windows\SysWOW64\Drivers\SBKUPNT.SYS
2011-06-21 14:08 - 1997-02-08 14:11 - 0013312 ____A C:\Windows\SysWOW64\DEVLOAD.EXE
2011-06-21 14:07 - 2011-06-21 14:07 - 5920484 ____A C:\Users\Gustin\Downloads\CompuApps.SwissKnife.Premium.v3.38-Lz0.rar
2011-06-21 14:07 - 2005-11-26 16:45 - 0002799 ____A C:\Windows\SKLANG.INI
2011-06-21 14:06 - 2011-06-21 14:06 - 0073728 ____A ( ) C:\Users\Gustin\Downloads\guiformat.exe
2011-06-21 14:02 - 2011-06-21 14:02 - 4556134 ____A (InstallShield Software Corporation) C:\Users\Gustin\Downloads\swissknife.exe
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\Users\All Users\Uninstall
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\Users\All Users\Sonic
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\ProgramData\Uninstall
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\ProgramData\Sonic
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\Users\All Users\Macrovision
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\ProgramData\Macrovision
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\Program Files (x86)\Roxio
2011-06-21 10:47 - 2010-03-19 00:00 - 0055856 ____N (Sonic Solutions) C:\Windows\System32\Drivers\PxHlpa64.sys
2011-06-21 10:47 - 2009-10-20 00:00 - 0010224 ____N (Sonic Solutions) C:\Windows\System32\Drivers\cdralw2k.sys
2011-06-21 10:47 - 2009-10-20 00:00 - 0010224 ____N (Sonic Solutions) C:\Windows\System32\Drivers\cdr4_xp.sys
2011-06-21 10:46 - 2011-06-21 10:46 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\Roxio Log Files
2011-06-19 16:54 - 2011-06-19 16:54 - 0183768 ____A C:\Users\Gustin\Downloads\Results.pdf
2011-06-15 20:51 - 2011-06-15 20:51 - 0001461 ____A C:\Users\Gustin\Desktop\metro2033 - Shortcut.lnk
2011-06-15 19:42 - 2011-05-27 21:22 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-06-15 19:42 - 2011-05-27 20:38 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-06-15 19:42 - 2011-05-27 19:25 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-06-15 19:42 - 2011-05-27 19:07 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-15 19:42 - 2011-05-27 19:00 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-06-15 19:42 - 2011-05-03 18:51 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-06-15 19:42 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-06-15 19:42 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-06-15 19:42 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-06-15 19:42 - 2011-04-24 21:32 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-06-15 19:42 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-06-15 19:42 - 2011-04-22 12:18 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-06-15 19:42 - 2011-04-22 12:18 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-15 19:42 - 2011-04-22 12:15 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-06-15 19:42 - 2011-04-22 12:14 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-15 19:42 - 2011-04-22 12:14 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-06-15 19:42 - 2011-04-22 12:14 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-06-15 19:42 - 2011-04-22 12:14 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-06-15 19:42 - 2011-04-22 12:13 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-15 19:42 - 2011-04-22 12:09 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-06-15 19:42 - 2011-04-22 11:31 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-15 19:42 - 2011-04-22 11:31 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-06-15 19:42 - 2011-04-22 11:30 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-06-15 19:42 - 2011-04-22 10:49 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-06-15 19:42 - 2011-04-22 10:23 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-06-15 19:41 - 2011-05-02 21:21 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-06-15 19:41 - 2011-05-02 20:50 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-06-15 19:41 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-06-15 19:41 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-06-15 19:41 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-06-15 19:41 - 2011-01-16 22:17 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-06-15 19:41 - 2011-01-16 21:38 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2011-06-15 19:41 - 2010-12-17 22:13 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-06-15 19:41 - 2010-12-17 21:31 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-06-06 17:39 - 2011-06-08 22:05 - 0000000 ____D C:\Users\Gustin\Desktop\car
2011-06-01 20:43 - 2011-06-01 20:44 - 51052264 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws110.exe
2011-06-01 20:36 - 2011-06-01 20:39 - 130585936 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws225_full.exe
2011-06-01 20:36 - 2011-06-01 20:37 - 6952840 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws225.exe
2011-06-01 20:33 - 2011-06-01 20:34 - 38163432 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\qc1110_x64.exe
2011-05-31 15:37 - 2011-05-31 15:37 - 0071417 ____A C:\Users\Gustin\Downloads\school1_fin_.pdf
2011-05-30 16:29 - 2011-05-30 16:29 - 0000000 ____D C:\Users\All Users\ATI
2011-05-30 16:29 - 2011-05-30 16:29 - 0000000 ____D C:\ProgramData\ATI
2011-05-29 12:52 - 2011-06-23 05:15 - 0000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001UA.job
2011-05-29 12:52 - 2011-06-22 11:01 - 0000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001Core.job
2011-05-28 14:56 - 2011-05-28 14:58 - 110007886 ____A C:\Users\Gustin\Downloads\Subaru WRX 2002.zip
2011-05-28 14:45 - 2011-05-28 14:46 - 0000000 ____D C:\Program Files (x86)\zbattle.net
2011-05-28 14:44 - 2011-05-28 14:44 - 0867785 ____A C:\Users\Gustin\Downloads\zsnesw151.zip
2011-05-28 14:44 - 2011-05-28 14:44 - 0373618 ____A C:\Users\Gustin\Downloads\zb.net-1.09-SR-1-beta.exe
2011-05-24 14:16 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-05-24 14:07 - 2011-04-08 22:58 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-05-24 14:07 - 2011-04-08 21:56 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe


============ 3 Months Modified Files and folders =============

2011-06-23 23:19 - 2011-06-23 23:18 - 0000000 ____D C:\FRST
2011-06-23 22:37 - 2011-01-05 20:59 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\ArcSoft
2011-06-23 22:37 - 2010-04-28 05:56 - 0000000 ____D C:\users\Gustin
2011-06-23 22:37 - 2010-03-16 14:54 - 0000000 ____D C:\Program Files (x86)\Steam
2011-06-23 22:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-06-23 22:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-06-23 22:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-06-23 22:36 - 2010-04-29 07:57 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\Mozilla
2011-06-23 22:36 - 2009-07-13 19:20 - 0000000 ___RD C:\Program Files (x86)
2011-06-23 22:36 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-06-23 22:09 - 2009-07-13 23:44 - 0000000 ___RD C:\Users\Public\Recorded TV
2011-06-23 22:06 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-06-23 05:37 - 2010-04-28 00:49 - 2005824 ____A C:\Windows\WindowsUpdate.log
2011-06-23 05:15 - 2011-05-29 12:52 - 0000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001UA.job
2011-06-23 05:01 - 2010-05-19 08:47 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-06-22 21:50 - 2011-06-22 21:50 - 0001674 ____A C:\Users\Gustin\Desktop\Torchlight - Shortcut.lnk
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At5.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At4.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At3.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At2.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At1.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000012 ___SH C:\ndf
2011-06-22 20:54 - 2011-06-22 20:54 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\runic games
2011-06-22 20:54 - 2009-07-13 18:34 - 0002720 ____A C:\Windows\System32\Drivers\etc\hosts
2011-06-22 17:36 - 2011-06-22 17:36 - 0000000 ____D C:\Users\Public\Documents\Runic
2011-06-22 17:36 - 2011-06-22 17:36 - 0000000 ____D C:\Program Files (x86)\Runic Games
2011-06-22 17:35 - 2010-04-29 10:20 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\uTorrent
2011-06-22 17:08 - 2011-06-22 17:08 - 0000000 ____D C:\Users\Gustin\Downloads\Torchlight 1.15 Incl. Crack (PC) (FULL GAME)
2011-06-22 16:37 - 2010-03-15 19:00 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-06-22 15:02 - 2010-06-25 10:33 - 0000000 ____D C:\Users\Gustin\AppData\Local\PMB Files
2011-06-22 15:02 - 2010-06-25 10:33 - 0000000 ____D C:\Users\All Users\PMB Files
2011-06-22 15:02 - 2010-06-25 10:33 - 0000000 ____D C:\ProgramData\PMB Files
2011-06-22 13:41 - 2010-05-19 08:47 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-06-22 11:01 - 2011-05-29 12:52 - 0000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001Core.job
2011-06-21 17:00 - 2011-01-20 22:24 - 0225280 __ASH C:\Users\Gustin\Downloads\Thumbs.db
2011-06-21 17:00 - 2010-11-04 11:00 - 0000000 ____D C:\Users\Gustin\Desktop\Tabs
2011-06-21 16:59 - 2011-06-21 16:39 - 0000000 ____D C:\Program Files (x86)\R.G. NoLimits-Team Games
2011-06-21 16:56 - 2010-04-28 06:18 - 0000000 ___HD C:\Windows\msdownld.tmp
2011-06-21 16:56 - 2010-04-23 08:09 - 0000000 ____D C:\Users\Gustin\Documents\My Games
2011-06-21 16:52 - 2010-04-28 06:18 - 0000000 ____D C:\Windows\SysWOW64\directx
2011-06-21 16:45 - 2009-07-13 21:13 - 0792446 ____A C:\Windows\System32\PerfStringBackup.INI
2011-06-21 16:45 - 2009-07-13 18:36 - 0669002 ____A C:\Windows\System32\perfh009.dat
2011-06-21 16:45 - 2009-07-13 18:36 - 0125188 ____A C:\Windows\System32\perfc009.dat
2011-06-21 14:23 - 2011-06-21 14:14 - 160217136 ____A (Seagate) C:\Users\Gustin\Downloads\DiscWizardSetup.en.exe
2011-06-21 14:09 - 2011-06-21 14:09 - 0000000 ____D C:\SWISNIFE
2011-06-21 14:09 - 2011-06-21 14:08 - 0000543 ____A C:\Windows\SWISV3.INI
2011-06-21 14:09 - 2011-06-21 14:08 - 0000287 ____A C:\Windows\SKNIFE.INI
2011-06-21 14:08 - 2011-06-21 14:08 - 0000000 ____D C:\Program Files (x86)\SWISSKNIFE
2011-06-21 14:07 - 2011-06-21 14:07 - 5920484 ____A C:\Users\Gustin\Downloads\CompuApps.SwissKnife.Premium.v3.38-Lz0.rar
2011-06-21 14:06 - 2011-06-21 14:06 - 0073728 ____A ( ) C:\Users\Gustin\Downloads\guiformat.exe
2011-06-21 14:02 - 2011-06-21 14:02 - 4556134 ____A (InstallShield Software Corporation) C:\Users\Gustin\Downloads\swissknife.exe
2011-06-21 14:00 - 2009-07-13 20:45 - 0014848 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-21 14:00 - 2009-07-13 20:45 - 0014848 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-21 10:53 - 2010-07-05 18:38 - 0000000 ____D C:\Users\Gustin\AppData\Local\ElevatedDiagnostics
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\Users\All Users\Uninstall
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\Users\All Users\Sonic
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\ProgramData\Uninstall
2011-06-21 10:48 - 2011-06-21 10:48 - 0000000 ____D C:\ProgramData\Sonic
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\Users\All Users\Macrovision
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\ProgramData\Macrovision
2011-06-21 10:47 - 2011-06-21 10:47 - 0000000 ____D C:\Program Files (x86)\Roxio
2011-06-21 10:46 - 2011-06-21 10:46 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\Roxio Log Files
2011-06-19 16:54 - 2011-06-19 16:54 - 0183768 ____A C:\Users\Gustin\Downloads\Results.pdf
2011-06-18 22:39 - 2010-03-15 17:18 - 0000000 ____D C:\Warcraft III
2011-06-16 05:01 - 2011-05-22 07:27 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-06-16 00:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-06-16 00:36 - 2010-03-26 06:57 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-16 00:36 - 2010-03-09 09:43 - 3217530880 __ASH C:\hiberfil.sys
2011-06-16 00:36 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-16 00:36 - 2009-07-13 20:51 - 0044859 ____A C:\Windows\setupact.log
2011-06-16 00:36 - 2009-07-13 20:45 - 0379736 ____A C:\Windows\System32\FNTCACHE.DAT
2011-06-16 00:34 - 2010-04-28 06:04 - 4631226 ___AH C:\Users\Gustin\AppData\Local\IconCache.db
2011-06-16 00:17 - 2010-06-08 20:14 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-06-16 00:17 - 2010-06-08 20:14 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-06-16 00:17 - 2010-05-22 11:02 - 49454024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-06-15 20:51 - 2011-06-15 20:51 - 0001461 ____A C:\Users\Gustin\Desktop\metro2033 - Shortcut.lnk
2011-06-15 20:24 - 2010-07-18 11:21 - 0000000 ____D C:\Users\Gustin\Desktop\SNES9x
2011-06-08 22:05 - 2011-06-06 17:39 - 0000000 ____D C:\Users\Gustin\Desktop\car
2011-06-07 15:26 - 2010-05-19 08:47 - 0000000 ____D C:\Program Files (x86)\Google
2011-06-01 20:44 - 2011-06-01 20:43 - 51052264 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws110.exe
2011-06-01 20:39 - 2011-06-01 20:36 - 130585936 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws225_full.exe
2011-06-01 20:37 - 2011-06-01 20:36 - 6952840 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\lws225.exe
2011-06-01 20:34 - 2011-06-01 20:33 - 38163432 ____A (Logitech, Inc.) C:\Users\Gustin\Downloads\qc1110_x64.exe
2011-06-01 20:26 - 2010-05-22 08:21 - 0015214 ____A C:\Windows\System32\lvcoinst.log
2011-05-31 15:37 - 2011-05-31 15:37 - 0071417 ____A C:\Users\Gustin\Downloads\school1_fin_.pdf
2011-05-30 16:29 - 2011-05-30 16:29 - 0000000 ____D C:\Users\All Users\ATI
2011-05-30 16:29 - 2011-05-30 16:29 - 0000000 ____D C:\ProgramData\ATI
2011-05-30 16:28 - 2010-04-28 06:03 - 0000000 ____D C:\Program Files (x86)\ATI Technologies
2011-05-30 16:28 - 2010-04-28 06:02 - 0000000 ____D C:\Program Files\ATI Technologies
2011-05-29 12:52 - 2010-05-19 08:47 - 0000000 ____D C:\Users\Gustin\AppData\Local\Google
2011-05-28 14:58 - 2011-05-28 14:56 - 110007886 ____A C:\Users\Gustin\Downloads\Subaru WRX 2002.zip
2011-05-28 14:46 - 2011-05-28 14:45 - 0000000 ____D C:\Program Files (x86)\zbattle.net
2011-05-28 14:44 - 2011-05-28 14:44 - 0867785 ____A C:\Users\Gustin\Downloads\zsnesw151.zip
2011-05-28 14:44 - 2011-05-28 14:44 - 0373618 ____A C:\Users\Gustin\Downloads\zb.net-1.09-SR-1-beta.exe
2011-05-27 21:22 - 2011-06-15 19:42 - 9316352 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-05-27 20:38 - 2011-06-15 19:42 - 5984256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-05-27 19:25 - 2011-06-15 19:42 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-05-27 19:07 - 2011-06-15 19:42 - 3133952 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-05-27 19:00 - 2011-06-15 19:42 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-05-26 20:27 - 2010-07-26 22:04 - 0000000 ____D C:\Program Files (x86)\StarCraft II
2011-05-24 16:14 - 2010-04-28 06:24 - 0270720 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-05-22 07:57 - 2010-11-09 20:13 - 0000000 ____D C:\Program Files\DivX
2011-05-22 07:57 - 2010-11-09 20:12 - 0000000 ____D C:\Users\All Users\DivX
2011-05-22 07:57 - 2010-11-09 20:12 - 0000000 ____D C:\ProgramData\DivX
2011-05-22 07:57 - 2010-11-09 20:12 - 0000000 ____D C:\Program Files (x86)\DivX
2011-05-21 23:26 - 2010-08-08 09:02 - 0779102 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-05-21 14:52 - 2010-03-30 14:03 - 0000000 ____D C:\Users\Gustin\Documents\Electronic Arts
2011-05-21 14:29 - 2011-05-21 14:27 - 0000000 ____D C:\321dc064613bebd9c3bf3c
2011-05-21 14:26 - 2011-05-21 14:26 - 0002198 ____A C:\Users\Public\Desktop\The Sims™ Medieval.lnk
2011-05-21 14:20 - 2010-03-30 13:49 - 0000000 ____D C:\Program Files (x86)\Electronic Arts
2011-05-21 14:20 - 2010-03-09 10:04 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-05-21 10:27 - 2011-05-21 08:24 - 0000000 ____D C:\Users\Gustin\Downloads\The.Sims.Medieval-RELOADED
2011-05-21 09:31 - 2011-05-21 09:31 - 0000000 ____D C:\Users\All Users\WorldWinner.com
2011-05-21 09:31 - 2011-05-21 09:31 - 0000000 ____D C:\ProgramData\WorldWinner.com
2011-05-21 09:30 - 2011-05-21 09:30 - 0000000 ____D C:\Users\All Users\WorldWinner
2011-05-21 09:30 - 2011-05-21 09:30 - 0000000 ____D C:\ProgramData\WorldWinner
2011-05-21 09:29 - 2011-05-21 09:29 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\Worldwinner
2011-05-21 09:29 - 2011-05-21 09:29 - 0000000 ____D C:\Program Files (x86)\WorldWinner.com, Inc
2011-05-19 08:32 - 2011-05-19 08:32 - 0071560 __ASH (SenseLog LLC) C:\Windows\xtr.exe
2011-05-19 08:26 - 2011-05-19 08:26 - 0071567 __ASH (SenseLog LLC) C:\Windows\hti.exe
2011-05-19 08:19 - 2011-05-19 08:19 - 0071565 __ASH (SenseLog LLC) C:\Windows\cdi.exe
2011-05-19 08:18 - 2011-05-19 08:18 - 0071562 __ASH (SenseLog LLC) C:\Windows\dss.exe
2011-05-19 08:15 - 2011-05-19 08:15 - 0065932 __ASH (SenseLog LLC) C:\Windows\bch.exe
2011-05-12 17:56 - 2011-05-12 17:56 - 2934201 ____A C:\Users\Public\Documents\OM CDA-105_EN.pdf
2011-05-10 10:40 - 2011-05-10 10:40 - 9319936 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2011-05-10 10:40 - 2011-05-10 10:40 - 4286464 ____A (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 4161536 ____A (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0676864 ____A (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0012800 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2011-05-10 10:40 - 2011-05-10 10:40 - 0012800 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2011-05-10 10:40 - 2011-05-10 10:39 - 7768064 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2011-05-10 10:40 - 2011-05-10 10:39 - 22900736 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2011-05-10 10:40 - 2011-05-10 10:39 - 0203776 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2011-05-10 10:40 - 2011-05-10 10:39 - 0014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2011-05-10 10:40 - 2010-03-02 19:23 - 0058880 ____A (AMD) C:\Windows\System32\coinst.dll
2011-05-10 10:40 - 2010-03-02 19:06 - 0040960 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 4056576 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0480256 ____A (AMD) C:\Windows\System32\atieclxx.exe
2011-05-10 10:39 - 2011-05-10 10:39 - 0423424 ____A (ATI Technologies, Inc.) C:\Windows\System32\atipdl64.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0366080 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0306176 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2011-05-10 10:39 - 2011-05-10 10:39 - 0278528 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0165296 ____A C:\Windows\System32\atiapfxx.blb
2011-05-10 10:39 - 2011-05-10 10:39 - 0059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0052736 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0052736 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0039936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0032768 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2011-05-10 10:39 - 2011-05-10 10:39 - 0032200 ____A C:\Windows\atiogl.xml
2011-05-10 10:39 - 2011-05-10 10:39 - 0031232 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2011-05-10 10:39 - 2011-05-10 10:38 - 6389760 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2011-05-10 10:39 - 2011-05-10 10:38 - 5440000 ____A (ATI Technologies Inc. ) C:\Windows\System32\atiumd64.dll
2011-05-10 10:39 - 2011-05-10 10:38 - 17693184 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2011-05-10 10:39 - 2010-08-03 22:14 - 0029184 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2011-05-10 10:39 - 2010-03-02 19:57 - 4951552 ____A (ATI Technologies Inc. ) C:\Windows\System32\atidxx64.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 3868672 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 1923584 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 1222656 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6v.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0989600 ____A C:\Windows\SysWOW64\atiumdva.cap
2011-05-10 10:38 - 2011-05-10 10:38 - 0989600 ____A C:\Windows\System32\atiumd6a.cap
2011-05-10 10:38 - 2011-05-10 10:38 - 0462848 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0356352 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0262144 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0151552 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2011-05-10 10:38 - 2011-05-10 10:38 - 0053248 ____A (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0016384 ____A (AMD) C:\Windows\System32\atimuixx.dll
2011-05-10 10:38 - 2011-05-10 10:38 - 0003929 ____A C:\Windows\SysWOW64\atipblag.dat
2011-05-10 10:38 - 2011-05-10 10:38 - 0003929 ____A C:\Windows\System32\atipblag.dat
2011-05-10 10:38 - 2011-04-05 17:20 - 0038912 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2011-05-10 10:38 - 2010-03-02 20:15 - 0795648 ____A (ATI Technologies Inc. ) C:\Windows\System32\aticfx64.dll
2011-05-09 20:25 - 2011-03-03 21:26 - 0009996 ____A C:\Users\Public\Documents\Phone Numbers.docx
2011-05-09 20:24 - 2010-03-26 12:45 - 0000000 ____D C:\Users\Public\Documents\kssocasprint.p_printinfo_files
2011-05-05 09:18 - 2011-05-05 09:18 - 0001533 ____A C:\Users\Gustin\Desktop\DA Origins.lnk
2011-05-03 18:51 - 2011-06-15 19:42 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-05-03 18:51 - 2011-06-15 19:42 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-05-03 18:51 - 2011-06-15 19:42 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-05-03 08:34 - 2011-05-03 08:34 - 0019968 ____A C:\Users\Gustin\Downloads\04-06 Subaru Sti Available inputs and Outputs.xls
2011-05-02 21:21 - 2011-06-15 19:41 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-05-02 20:50 - 2011-06-15 19:41 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-05-02 19:04 - 2011-05-02 19:04 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\LolClient
2011-05-02 18:46 - 2011-05-02 18:46 - 0001656 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2011-05-02 18:41 - 2011-05-02 18:41 - 0000000 ____D C:\Riot Games
2011-05-02 17:53 - 2011-05-02 17:53 - 0000000 ____D C:\League of Legends
2011-05-02 08:47 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-04-28 21:00 - 2011-04-28 21:00 - 0002898 ____A C:\Users\Public\Documents\IMG00097-20110422-1219.jpg
2011-04-28 19:13 - 2011-06-15 19:41 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-04-28 19:12 - 2011-06-15 19:41 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-04-28 19:12 - 2011-06-15 19:41 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-04-28 11:23 - 2010-04-06 17:09 - 0000000 ____D C:\Users\Gustin\Desktop\Jarhead
2011-04-28 06:09 - 2011-04-28 06:09 - 0000000 ____D C:\Program Files (x86)\AMD APP
2011-04-28 06:05 - 2011-04-28 06:04 - 74201920 ____A (Advanced Micro Devices, Inc.) C:\Users\Gustin\Downloads\11-4_vista64_win7_64_dd.exe
2011-04-28 06:05 - 2011-04-28 06:04 - 12032504 ____A (Advanced Micro Devices, Inc.) C:\Users\Gustin\Downloads\11-4_vista_win7_64_ocl.exe
2011-04-28 00:57 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-04-27 20:07 - 2010-07-18 11:20 - 0000000 ____D C:\Users\Gustin\Downloads\Super Nintendo SNES Collection Emulator plus 763 ROMS H33T 1981CamaroZ28
2011-04-26 18:57 - 2011-06-15 19:42 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-04-26 10:03 - 2010-04-20 20:48 - 0000000 ____D C:\World of Warcraft
2011-04-24 21:32 - 2011-06-15 19:42 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-04-24 18:44 - 2011-06-15 19:42 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-04-22 14:18 - 2011-04-22 11:51 - 0009556 ____A C:\Users\Public\Documents\Scooby avatar.jpg
2011-04-22 12:18 - 2011-06-15 19:42 - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-04-22 12:18 - 2011-06-15 19:42 - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-04-22 12:18 - 2011-05-24 14:16 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-04-22 12:15 - 2011-06-15 19:42 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-04-22 12:14 - 2011-06-15 19:42 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-04-22 12:14 - 2011-06-15 19:42 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-04-22 12:14 - 2011-06-15 19:42 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-04-22 12:14 - 2011-06-15 19:42 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 12372480 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-04-22 12:13 - 2011-06-15 19:42 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-04-22 12:09 - 2011-06-15 19:42 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-04-22 11:31 - 2011-06-15 19:42 - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-04-22 11:31 - 2011-06-15 19:42 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-04-22 11:30 - 2011-06-15 19:42 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-04-22 10:49 - 2011-06-15 19:42 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-04-22 10:23 - 2011-06-15 19:42 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-04-16 06:52 - 2011-02-12 18:39 - 0000000 ____D C:\Program Files (x86)\Diablo
2011-04-14 09:12 - 2011-04-14 09:12 - 0011555 ____A C:\Users\Gustin\Downloads\TP001071289.cab
2011-04-13 18:59 - 2011-04-13 18:59 - 0059904 ____A C:\Windows\SysWOW64\OVDecode.dll
2011-04-13 18:59 - 2011-04-13 18:59 - 0051712 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2011-04-13 18:58 - 2011-04-13 18:58 - 12385280 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2011-04-12 07:34 - 2011-04-12 06:32 - 0000000 ____D C:\Program Files (x86)\SpeedFan
2011-04-12 06:56 - 2011-04-12 06:56 - 0000000 ____D C:\Program Files (x86)\Ask.com
2011-04-12 06:55 - 2011-04-12 06:55 - 3765880 ____A ( ) C:\Users\Gustin\Downloads\cpu-z_1.57.1-setup-en.exe
2011-04-12 06:32 - 2011-04-12 06:32 - 2062304 ____A C:\Users\Gustin\Downloads\installspeedfan443.exe
2011-04-12 06:32 - 2011-04-12 06:32 - 0000045 ____A C:\Windows\SysWOW64\initdebug.nfo
2011-04-11 20:23 - 2011-04-11 20:23 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\Malwarebytes
2011-04-11 20:23 - 2011-04-11 20:23 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-04-11 20:23 - 2011-04-11 20:23 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-04-11 20:23 - 2011-04-11 20:23 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-04-11 20:22 - 2011-04-11 20:22 - 7734208 ____A (Malwarebytes Corporation ) C:\Users\Gustin\Downloads\mbam-setup-1.50.1.1100.exe
2011-04-09 15:55 - 2011-04-09 15:55 - 15453336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2011-04-09 15:55 - 2011-04-09 15:55 - 13642904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xlivefnt.dll
2011-04-09 15:55 - 2011-04-09 15:55 - 0179261 ____A C:\Windows\SysWOW64\xlive.dll.cat
2011-04-08 22:58 - 2011-05-24 14:07 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-04-08 22:45 - 2011-05-11 06:13 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-04-08 22:13 - 2011-05-11 06:13 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-04-08 22:13 - 2011-05-11 06:13 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-04-08 21:56 - 2011-05-24 14:07 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-04-05 19:09 - 2011-04-05 19:09 - 16116224 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2011-04-05 19:09 - 2011-04-05 19:09 - 0061952 ____A C:\Windows\System32\OVDecode64.dll
2011-04-05 19:09 - 2011-04-05 19:09 - 0053760 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2011-04-05 13:44 - 2011-04-05 13:44 - 0001410 ____A C:\Users\Gustin\Desktop\DRTLNoCD - Shortcut.lnk
2011-04-05 12:58 - 2010-07-26 22:04 - 0000000 ____D C:\Users\Gustin\Documents\StarCraft II
2011-04-04 16:30 - 2010-10-22 13:36 - 0000000 ____D C:\Program Files (x86)\StarCraft
2011-04-03 19:53 - 2011-04-03 19:53 - 0001555 ____A C:\Users\Gustin\Downloads\2358662.txt
2011-04-01 19:51 - 2010-03-15 19:28 - 0000000 ____D C:\Program Files (x86)\uTorrent
2011-04-01 07:44 - 2011-04-01 07:29 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-04-01 07:44 - 2011-04-01 07:29 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-04-01 07:30 - 2011-04-01 07:29 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2011-04-01 07:27 - 2011-04-01 07:27 - 16409960 ____A (Safer Networking Limited ) C:\Users\Gustin\Downloads\spybotsd162.exe
2011-03-29 22:07 - 2011-03-29 22:07 - 0001765 ____A C:\Users\Public\Desktop\Allods Online.lnk
2011-03-29 22:04 - 2010-06-25 12:36 - 0000000 ____D C:\gPotato.com
2011-03-29 20:47 - 2011-03-29 20:47 - 2066944 ____A C:\Users\Gustin\Downloads\AllodsDownloader20110314.exe
2011-03-28 17:02 - 2011-03-28 17:02 - 0000000 ____D C:\Users\Public\Documents\Diablo Mods
2011-03-28 15:26 - 2011-03-28 15:26 - 0000000 ____D C:\Users\Gustin\Downloads\BoBaiNST
2011-03-28 15:26 - 2011-03-28 15:26 - 0000000 ____D C:\Program Files (x86)\BoBaFeTT Diablo Trainer
2011-03-28 15:25 - 2011-03-28 15:25 - 1667521 ____A C:\Users\Gustin\Downloads\BoBaiNST.zip
2011-03-28 13:50 - 2011-03-28 13:45 - 0007244 ____A C:\Windows\DiabUnin.dat
2011-03-28 13:45 - 2011-03-28 13:45 - 0118784 ____A (Blizzard Entertainment) C:\Windows\DiabUnin.exe
2011-03-28 13:45 - 2011-03-28 13:45 - 0002829 ____A C:\Windows\DiabUnin.pif
2011-03-28 13:32 - 2011-03-28 13:32 - 0000000 ____D C:\Users\Gustin\Downloads\Diablov1.09NoCDPatchEng
2011-03-28 13:31 - 2011-03-28 13:31 - 0015541 ____A C:\Users\Gustin\Downloads\Diablov1.09NoCDPatchEng.ZIP
2011-03-28 13:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\system
2011-03-28 13:07 - 2011-03-28 13:07 - 0014143 ____A C:\Users\Gustin\Downloads\GT5 Ballast and Weight Distribution Calculator.xlsx
2011-03-27 13:52 - 2011-03-27 13:52 - 0000000 ____D C:\Users\Gustin\D2
2011-03-27 13:51 - 2011-03-27 13:51 - 2764854 ____A (Blizzard Entertainment) C:\Users\Gustin\Downloads\Downloader_Diablo2_enUS.exe
2011-03-27 13:51 - 2011-03-27 13:51 - 0000000 ____D C:\Program Files (x86)\Diablo 2
2011-03-27 13:47 - 2011-03-27 13:47 - 0391012 ____A C:\Users\Gustin\Downloads\d2-cdkey.zip
2011-03-27 13:45 - 2010-03-31 06:56 - 0000000 ____D C:\Program Files (x86)\Diablo II
2011-03-25 19:58 - 2011-03-25 19:58 - 0000000 ____D C:\Windows\System32\Macromed
2011-03-24 19:23 - 2011-05-11 06:13 - 0343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2011-03-24 19:23 - 2011-05-11 06:13 - 0324608 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2011-03-24 19:23 - 2011-05-11 06:13 - 0098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2011-03-24 19:22 - 2011-05-11 06:13 - 0052224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2011-03-24 19:22 - 2011-05-11 06:13 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2011-03-24 19:22 - 2011-05-11 06:13 - 0025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2011-03-24 19:22 - 2011-05-11 06:13 - 0007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2011-03-23 20:02 - 2010-10-05 19:06 - 0000000 ____D C:\Users\Gustin\Documents\Politics

========================= Known DLLs =========================

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-06-15 19:42] - [2011-04-22 12:13] - 2448896 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-06-15 19:42] - [2011-04-22 11:31] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-14 09:04] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-14 09:04] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2011-06-15 19:41] - [2010-12-17 22:13] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2011-06-15 19:41] - [2010-12-17 21:31] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-02 14:23] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-02 14:23] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-06-15 19:42] - [2011-04-22 12:18] - 1500160 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-06-15 19:42] - [2011-04-22 11:31] - 1229824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-06-15 19:42] - [2011-04-22 12:18] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-06-15 19:42] - [2011-04-22 11:31] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

================== Bamital & volsnap Check ===================

C:\Windows\System32\winlogon.exe
[2010-04-29 06:24] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-04-27 17:32] - [2011-02-25 22:23] - 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-13 15:20] - [2009-07-13 17:45] - 0294992 ____A (Microsoft Corporation) 58F82EED8CA24B461441F9C3E4F0BF5C


========================= Memory info ========================

Percentage of memory in use: 15%
Total physical RAM: 4091.3 MB
Available physical RAM: 3476.2 MB
Total Pagefile: 4089.45 MB
Available Pagefile: 3458.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions ===========================

2 Drive c: () (Fixed) (Total:596.07 GB) (Free:155.53 GB) NTFS
3 Drive e: (GRMCHPXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
4 Drive f: (USB20FD) (Removable) (Total:3.76 GB) (Free:2.12 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

If someone could give me further instruction, that would be wonderful. I do not want to re-install windows again...

Edited by Blade Zephon, 23 June 2011 - 11:59 PM.
Moved to log forum. ~BZ


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 24 June 2011 - 01:24 AM

Hi Shred-Hed,

Welcome to our forum.

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

Removal Instructions

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At5.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At4.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At3.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At2.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000322 ____A C:\Windows\Tasks\At1.job
2011-06-22 20:54 - 2011-06-22 20:54 - 0000012 ___SH C:\ndf
2011-06-22 20:54 - 2011-06-22 20:54 - 0000000 ____D C:\Users\Gustin\AppData\Roaming\runic games
2011-05-19 08:32 - 2011-05-19 08:32 - 0071560 __ASH (SenseLog LLC) C:\Windows\xtr.exe
2011-05-19 08:26 - 2011-05-19 08:26 - 0071567 __ASH (SenseLog LLC) C:\Windows\hti.exe
2011-05-19 08:19 - 2011-05-19 08:19 - 0071565 __ASH (SenseLog LLC) C:\Windows\cdi.exe
2011-05-19 08:18 - 2011-05-19 08:18 - 0071562 __ASH (SenseLog LLC) C:\Windows\dss.exe
2011-05-19 08:15 - 2011-05-19 08:15 - 0065932 __ASH (SenseLog LLC) C:\Windows\bch.exe
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart and let the system boot normally and tell me how it went.

#3 Shred-Hed

Shred-Hed
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 24 June 2011 - 08:27 AM

Wow, you're a genius. Much respect and thanks from Canada!
I guess that Torchlight torrent had some malware/trojans in it. Is it safe to play again? The game is very fun :P
I've been using spybot s&d, but you seem to suggest malwarebytes to people so I will try that.
Here is the fix log

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.1)
Ran by SYSTEM at 2011-06-24 08:22:47 R:1
Running from F:\

==============================================

C:\Windows\Tasks\At5.job moved successfully.
C:\Windows\Tasks\At4.job moved successfully.
C:\Windows\Tasks\At3.job moved successfully.
C:\Windows\Tasks\At2.job moved successfully.
C:\Windows\Tasks\At1.job moved successfully.
C:\ndf moved successfully.
C:\Users\Gustin\AppData\Roaming\runic games moved successfully.
C:\Windows\xtr.exe moved successfully.
C:\Windows\hti.exe moved successfully.
C:\Windows\cdi.exe moved successfully.
C:\Windows\dss.exe moved successfully.
C:\Windows\bch.exe moved successfully.

========= bootrec /FixMbr =========

’žT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========

Thanks again.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 24 June 2011 - 09:49 AM

Great. :thumbsup:

A part of the game and the bad files were at the same time arrived at the computer. So the torrent was probably carrying the infection. I would not use that particular software.

Please download Malwarebytes' Anti-Malware from one of these locations:
malwarebytes.org
majorgeeks.com
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the MBAM log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


#5 Shred-Hed

Shred-Hed
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 24 June 2011 - 05:30 PM

RootKit Found!

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6942

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/24/2011 5:29:28 PM
mbam-log-2011-06-24 (17-29-28).txt

Scan type: Quick scan
Objects scanned: 167946
Time elapsed: 3 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\Temp\6A7.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.

Thanks for all your help!

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 24 June 2011 - 11:54 PM

Yes, this is a harmless leftover from the infection we removed.

To make sure of vulnerabilities I would like to take a look at all programs:

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste OTL.txt and attacht Extra.txt to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized


#7 Shred-Hed

Shred-Hed
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 June 2011 - 05:38 PM

OTL logfile created on: 6/25/2011 5:32:23 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Gustin\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.75 Gb Available Physical Memory | 68.76% Memory free
7.99 Gb Paging File | 5.98 Gb Available in Paging File | 74.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596.07 Gb Total Space | 154.14 Gb Free Space | 25.86% Space Free | Partition Type: NTFS

Computer Name: INDOMITABLE | User Name: Gustin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 17:31:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Gustin\Desktop\OTL.exe
PRC - [2011/06/22 19:37:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/06/16 03:37:50 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/06/09 14:32:52 | 000,161,336 | ---- | M] (Google) -- C:\Users\Gustin\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2011/03/21 13:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/01/11 19:42:20 | 000,440,816 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe
PRC - [2010/11/17 00:47:47 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/04/21 15:00:54 | 000,073,728 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe
PRC - [2010/04/01 04:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (SafeList) ==========

MOD - [2011/06/25 17:31:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Gustin\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/24 22:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/26 16:56:50 | 000,119,296 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe -- (WDBtnMgrSvc.exe)
SRV - [2011/06/16 03:37:50 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/06/15 21:18:53 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/01/11 19:42:20 | 000,440,816 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\File Backup\FileBackupSVC.exe -- (CEEBC40A-FDED-4C59-B354-939132350B01)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/24 23:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/24 21:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 13:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/05/20 20:30:36 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/05/06 04:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008/01/21 09:20:50 | 000,129,024 | ---- | M] (Saitek) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SaiK0728.sys -- (SaiK0728)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007/02/03 10:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 10:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64) Logitech QuickCam Pro 3000(PID_08B0)
DRV:64bit: - [2005/09/23 23:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2011/03/05 17:44:23 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010/12/18 06:03:58 | 000,025,280 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2008/07/26 22:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- C:\Users\Gustin\Downloads\RealTemp_340\WinRing0x64.sys -- (WinRing0_1_2_0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/iat/us_ca.aspx
IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 69 6E 6E DB DA E6 CA 01 [binary data]
IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3101789750-3439817775-896563234-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Web Search (powered by Google)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca/ig?hl=en&source=iglk"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.3
FF - prefs.js..extensions.enabledItems: bnetsquelcher@ylleksazeroth:2.1.6.4
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:0.4.5.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: toolbar@alexa.com:1.5.0
FF - prefs.js..keyword.URL: "http://search.toolbars.alexa.com/?ver=spkyf-1.5.0&src=ab&aid=W8nxd1oYkN00or&q="

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/22 19:37:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/24 17:35:15 | 000,000,000 | ---D | M]

[2010/04/29 10:57:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gustin\AppData\Roaming\Mozilla\Extensions
[2011/06/16 23:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gustin\AppData\Roaming\Mozilla\Firefox\Profiles\fh0uatsc.default\extensions
[2011/04/26 22:32:31 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Gustin\AppData\Roaming\Mozilla\Firefox\Profiles\fh0uatsc.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2011/03/27 08:57:43 | 000,000,000 | ---D | M] (BNet Squelcher) -- C:\Users\Gustin\AppData\Roaming\Mozilla\Firefox\Profiles\fh0uatsc.default\extensions\bnetsquelcher@ylleksazeroth
[2011/03/19 22:19:20 | 000,000,000 | ---D | M] ("Alexa Sparky") -- C:\Users\Gustin\AppData\Roaming\Mozilla\Firefox\Profiles\fh0uatsc.default\extensions\toolbar@alexa.com
[2011/03/19 22:22:20 | 000,001,492 | ---- | M] () -- C:\Users\Gustin\AppData\Roaming\Mozilla\Firefox\Profiles\fh0uatsc.default\searchplugins\web-search-powered-by-google.xml
[2011/06/25 11:58:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/10/05 22:10:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/14 20:57:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/07 11:20:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/24 13:19:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/25 11:58:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\GUSTIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FH0UATSC.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/06/22 19:37:46 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/07 01:19:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/22 23:54:47 | 000,002,636 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 67.221.174.30 tagged.com
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.32.120.222 metacafe.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 39 more lines...
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files (x86)\Kodak\MediaImpression SE\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (WDC)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3101789750-3439817775-896563234-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3101789750-3439817775-896563234-1001..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [GBTUpd] C:\Program Files (x86)\Gigabyte\UpdManager\PreRun.exe (PreRun)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.176.13 64.59.176.15 64.59.177.226
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 17:31:09 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Gustin\Desktop\OTL.exe
[2011/06/25 11:58:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/25 11:58:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/25 11:58:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/24 08:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/06/24 08:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/06/24 08:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/06/24 02:18:11 | 000,000,000 | ---D | C] -- C:\FRST
[2011/06/22 20:36:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Runic Games
[2011/06/22 20:36:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Runic
[2011/06/21 19:39:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. NoLimits-Team Games
[2011/06/21 17:09:43 | 000,000,000 | ---D | C] -- C:\SWISNIFE
[2011/06/21 17:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuApps SwissKnife V3
[2011/06/21 17:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SWISSKNIFE
[2011/06/21 13:48:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/06/21 13:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/06/21 13:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2011/06/21 13:47:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2011/06/21 13:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2011/06/21 13:47:19 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2011/06/21 13:47:19 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2011/06/21 13:47:19 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2011/06/21 13:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/06/21 13:47:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2011/06/21 13:46:56 | 000,000,000 | ---D | C] -- C:\Users\Gustin\AppData\Roaming\Roxio Log Files
[2011/06/15 22:42:03 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 22:42:03 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 22:42:03 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 22:42:03 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 22:42:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 22:42:03 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 22:42:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 22:42:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 22:42:03 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 22:42:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 22:42:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 22:42:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 22:42:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 22:42:02 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 22:41:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/15 22:41:40 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/15 22:41:35 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/06 20:39:53 | 000,000,000 | ---D | C] -- C:\Users\Gustin\Desktop\car
[2011/05/28 17:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zbattle.net
[2011/05/28 17:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\zbattle.net
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 17:31:10 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Gustin\Desktop\OTL.exe
[2011/06/25 17:22:46 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001UA.job
[2011/06/25 17:22:41 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/25 17:22:41 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 17:22:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/25 11:52:02 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 11:52:02 | 000,014,848 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 11:44:29 | 3217,530,880 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/24 17:35:17 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/24 10:15:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001Core.job
[2011/06/22 23:54:47 | 000,002,636 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/06/21 19:45:10 | 000,792,446 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/21 19:45:10 | 000,669,002 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/21 19:45:10 | 000,125,188 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/21 17:09:43 | 000,000,543 | ---- | M] () -- C:\Windows\SWISV3.INI
[2011/06/21 17:09:43 | 000,000,287 | ---- | M] () -- C:\Windows\SKNIFE.INI
[2011/06/16 08:01:39 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/16 03:36:42 | 000,379,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/15 23:51:04 | 000,001,461 | ---- | M] () -- C:\Users\Gustin\Desktop\metro2033 - Shortcut.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/24 17:35:16 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/21 17:08:06 | 000,014,976 | ---- | C] () -- C:\Windows\SysWow64\drivers\SBKUPNT.SYS
[2011/06/21 17:08:06 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\DEVLOAD.EXE
[2011/06/21 17:08:06 | 000,000,543 | ---- | C] () -- C:\Windows\SWISV3.INI
[2011/06/21 17:08:06 | 000,000,344 | ---- | C] () -- C:\Windows\DYNASN.INF
[2011/06/21 17:08:06 | 000,000,287 | ---- | C] () -- C:\Windows\SKNIFE.INI
[2011/06/21 17:07:50 | 000,002,799 | ---- | C] () -- C:\Windows\SKLANG.INI
[2011/06/15 23:51:04 | 000,001,461 | ---- | C] () -- C:\Users\Gustin\Desktop\metro2033 - Shortcut.lnk
[2011/05/29 15:52:08 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001UA.job
[2011/05/29 15:52:07 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3101789750-3439817775-896563234-1001Core.job
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/10 13:38:41 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/28 16:45:17 | 000,007,244 | ---- | C] () -- C:\Windows\DiabUnin.dat
[2011/03/05 14:34:26 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/01/07 23:25:21 | 000,004,608 | ---- | C] () -- C:\Users\Gustin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/21 01:47:46 | 000,000,557 | ---- | C] () -- C:\Users\Gustin\AppData\Roaming\AutoGK.ini
[2010/09/30 16:33:23 | 000,237,568 | R--- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2010/09/30 16:33:23 | 000,000,000 | ---- | C] () -- C:\Windows\Graffiti5.2Pin.ini
[2010/08/08 12:08:17 | 000,000,094 | ---- | C] () -- C:\Users\Gustin\AppData\Local\fusioncache.dat
[2010/08/08 12:02:04 | 000,779,102 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/10 09:58:54 | 000,007,619 | ---- | C] () -- C:\Users\Gustin\AppData\Local\Resmon.ResmonCfg
[2010/04/29 11:35:18 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2010/04/28 09:05:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/26 17:02:42 | 001,093,632 | ---- | C] () -- C:\Windows\SysWow64\op20pt32.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/01/25 16:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/01/08 18:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008/02/08 17:13:44 | 000,319,488 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
[2002/10/15 17:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 166 bytes -> C:\Users\Public\Documents\kssocasprint.p_printinfo.htm:FS_dl_url

< End of report >

Attached Files



#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 25 June 2011 - 06:15 PM

It looks good. :thumbup2:

  • This small application you may want to keep and use to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/

    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
  • Tell me also how is your computer running.


#9 Shred-Hed

Shred-Hed
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:34 PM

Posted 25 June 2011 - 06:35 PM

CCleaner removed 21mb of data, I decided to leave my saved passwords unchecked, do you think that's ok?
The computer seems to be running fine.
Thank you soo much for helping me out, your FRST program and guidance really saved my butt!

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 25 June 2011 - 06:42 PM

It is safe to leave passwords unchecked.

Everything looks good and you are good to go and you are very welcome. :thumbup2:

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • You may delete any tool or log we used from your computer.
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
  • Go to Start => Right-click "Computer" and select "Properties".
  • In the left pane select "System Protection".
  • Press "Configure".
  • Select "Delete". Then press "Continue" close and "OK".
  • Select your drive (drive C) and press "Create".
    Fill in a name for the restore point and press "Create".
    After finished press "Close".
Recommendations:
  • I recommend using Site Advisor for safe surfing. It is a free extension both for Internet Explorer and Firefox. When you search a site it gives you an indication of how safe a site is.
  • I recommend installing this small application for safe surfing: Javacools© SpywareBlaster
    SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
  • Download and install it.
  • Update it manually by clicking on Updates in the left pane and then Check for Updates.
  • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
  • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.
[/list]
Happy Surfing Shred-Hed.:)

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:34 AM

Posted 02 July 2011 - 10:10 AM

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users