Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error: Boot Critical File c:\ci.dll is corrupt


  • This topic is locked This topic is locked
11 replies to this topic

#1 sjohn2776

sjohn2776

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 25 June 2011 - 12:11 AM

I was surfing the net with Firefox just after an update. When suddenly my laptop restarted and started a Startup Repair. I let it run but it still repeated so i tried to do a system restore, but that didn't work either, I even tried to run sfc /scannow which told me to restart my computer. Right now, I'm using my friend's computer looking for solutions when i came upon another thread on this site with the same issue. And feel that I might have the same problem.

I read through the thread and followed it up to the getting a scan with the Farbar Recovery Scan Tool x64, but stopped their.

Here's what I received:

-----------

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.1.1
Ran by SYSTEM at 2011-06-25 00:09:17
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [161304 2010-08-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [386584 2010-08-25] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [415256 2010-08-25] (Intel Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [CinemaNowMediaManagerApp] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe -start [2088296 2009-06-11] (CinemaNow Inc.)
HKLM-x32\...\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [2244096 2009-07-12] (VIA)
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31072 2008-10-25] (Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\real\realplayer\update\realsched.exe" -osboot [273544 2011-05-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-06-07] (Apple Inc.)
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [1475072 2009-07-13] (Microsoft Corporation)
HKU\Steven\...\Run: [VeohPlugin] "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2634048 2010-07-06] (Veoh Networks)
HKU\Steven\...\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" [400760 2011-04-27] (BitTorrent, Inc.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe [30208 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1


==================== Services ====================

3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.)
3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-13] (Microsoft Corporation)
2 AFBAgent; "C:\Windows\system32\FBAgent.exe" [359552 2009-09-15] (ASUSTeK Computer Inc.)
3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-13] (Microsoft Corporation)
2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [37664 2011-02-18] (Apple Inc.)
2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-13] (Microsoft Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-13] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-13] (Microsoft Corporation)
2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [349472 2011-04-06] (Apple Inc.)
3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
2 CinemaNow Service; C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [127352 2009-06-11] (CinemaNow, Inc.)
4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [130384 2010-03-18] (Microsoft Corporation)
2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [138576 2010-03-18] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [175104 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [314368 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [162816 2009-07-13] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation)
3 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696320 2010-08-03] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [402944 2009-07-13] (Microsoft Corporation)
2 FastBootAgent; "C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe" [306232 2009-07-23] (ASUSTeK Computer Inc.)
3 Fax; C:\Windows\System32\fxssvc.exe [689152 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\FntCache.dll [1135104 2011-02-18] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [533344 2008-12-08] (Microsoft Corporation)
2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-13] (Microsoft Corporation)
3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [90624 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [231936 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [187904 2009-07-13] (Microsoft Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [856384 2009-06-10] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [934176 2011-06-07] (Apple Inc.)
3 KeyIso; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [84480 2009-07-13] (Microsoft Corporation)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [824832 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [127488 2009-07-13] (Microsoft Corporation)
2 N360; "C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [475648 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [116560 2009-06-10] (Microsoft Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [25600 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [441712 2008-11-03] (Microsoft Corporation)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [438784 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-13] (Microsoft Corporation)
3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1390080 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [404480 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [327168 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [163840 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\profsvc.dll [208384 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [10240 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [509440 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [1114624 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-13] (Microsoft Corporation)
2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [226640 2008-12-04] (Microsoft Corp.)
3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation)
3 SessionEnv; C:\Windows\System32\sessenv.dll [104960 2009-07-13] (Microsoft Corporation)
4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [558592 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3524608 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1780736 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation)
3 VaultSvc; C:\Windows\System32\lsass.exe [31232 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [532480 2009-07-13] (Microsoft Corporation)
3 VSS; C:\Windows\System32\vssvc.exe [1598976 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [381952 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1255736 2010-08-19] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1503744 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-09-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [90624 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [258048 2010-12-20] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; winhttp.dll [442880 2010-12-20] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [2018816 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-13] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1525248 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [116736 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2010-12-20] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [593408 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [2418176 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-13] (Microsoft Corporation)
2 Akamai; c:\program files (x86)\common files\akamai\netsession_win_8832f4b.dll [x]

==================== Drivers ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [227840 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [334416 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [12288 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [491088 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [339536 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [182864 2009-07-13] (Adaptec, Inc.)
1 AFD; C:\Windows\System32\drivers\afd.sys [500224 2009-07-13] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [61008 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [15440 2009-07-13] (Acer Laboratories Inc.)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [15440 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\drivers\amdsata.sys [107904 2011-03-10] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [194128 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-10] (Advanced Micro Devices)
3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [40448 2009-05-26] (Alcor Micro, Corp.)
3 AppID; C:\Windows\System32\drivers\appid.sys [61440 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [87632 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [97856 2009-07-13] (Adaptec, Inc.)
0 AsDsm; C:\Windows\System32\Drivers\AsDsm.sys [35384 2009-10-05] (ASUSTek Computer Inc)
2 ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [24128 2009-07-13] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1542656 2009-10-05] (Atheros Communications, Inc.)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation)
3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [1127032 2011-04-18] (Symantec Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-13] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [17488 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [460504 2009-07-13] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [24144 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-13] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [982912 2011-01-25] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [481912 2011-05-09] (Symantec Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [530496 2009-07-13] (Emulex)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [136824 2011-05-09] (Symantec Corporation)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [9728 2009-07-13] (Microsoft Corporation)
3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [140800 2009-07-08] (ELAN Microelectronic Corp.)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [290368 2009-07-13] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-13] (Microsoft Corporation)
3 fssfltr; C:\Windows\System32\DRIVERS\fssfltr.sys [61792 2008-12-08] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23104 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223448 2009-09-25] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [65088 2009-07-13] (Microsoft Corporation)
3 GEARAspiWDM; C:\Windows\System32\DRIVERS\GEARAspiWDM.sys [34152 2010-08-20] (GEAR Software Inc.)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-13] (Microsoft Corporation)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [77888 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14416 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation)
0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [408600 2009-06-04] (Intel Corporation)
3 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [410496 2011-03-10] (Intel Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110604.001\IDSvia64.sys [488056 2011-06-02] (Symantec Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10611552 2010-08-25] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [44112 2009-07-13] (Intel Corp./ICP vortex GmbH)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [16960 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [78848 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [20544 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [224832 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2009-07-13] (Microsoft Corporation)
3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95312 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [153160 2009-12-11] (Microsoft Corporation)
3 ksthunk; C:\Windows\System32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation)
3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [55296 2009-06-08] (Atheros Communications, Inc.)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [114752 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [106560 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [65600 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [115776 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [113152 2009-07-13] (Microsoft Corporation)
0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (Windows ® Win 7 DDK provider)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [35392 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [284736 2009-07-13] (LSI Corporation, Inc.)
3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94784 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [155216 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [140800 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157696 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [286720 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [126464 2011-02-22] (Microsoft Corporation)
0 msahci; C:\Windows\System32\DRIVERS\msahci.sys [30272 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [140352 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [15424 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [367168 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation)
3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [15928 2009-05-12] (ASUS)
0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-13] (Microsoft Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110610.002\ENG64.SYS [117880 2011-05-25] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110610.002\EX64.SYS [2011768 2011-05-25] (Symantec Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [947776 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-13] (Microsoft Corporation)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-13] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [51264 2009-07-13] (IBM Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1657216 2011-03-10] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\drivers\nvraid.sys [148352 2011-03-10] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\drivers\nvstor.sys [166272 2011-03-10] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [122960 2009-07-13] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75840 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [183872 2009-07-13] (Microsoft Corporation)
0 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [220752 2009-07-13] (Microsoft Corporation)
0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-13] (Microsoft Corporation)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-13] (Microsoft Corporation)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1524816 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [128592 2009-07-13] (QLogic Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation)
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [214096 2009-07-13] (Microsoft Corporation)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation)
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [104016 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [14336 2009-07-13] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation)
3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Silicon Integrated Systems Corp.)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [43584 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [80464 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation)
3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()
0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-13] (Microsoft Corporation)
3 SRTSP; C:\Windows\System32\Drivers\N360x64\0501000.01D\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\N360x64\0501000.01D\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [461312 2011-02-22] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [401920 2011-02-22] (Microsoft Corporation)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [161792 2011-02-22] (Microsoft Corporation)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [24656 2009-07-13] (Promise Technology)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-13] (Microsoft Corporation)
0 SymDS; C:\Windows\System32\drivers\N360x64\0501000.01D\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-05-25] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\drivers\N360x64\0501000.01D\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\drivers\N360x64\0501000.01D\SYMNETS.SYS [382584 2011-03-21] (Symantec Corporation)
0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1896832 2010-06-13] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [62544 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [64080 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [64592 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation)
3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-02-18] (Apple, Inc.)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2011-03-24] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [100352 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [52224 2011-03-24] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2011-03-24] (Microsoft Corporation)
3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
3 usbohci; C:\Windows\System32\drivers\usbohci.sys [25600 2011-03-24] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91136 2011-03-10] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [30720 2011-03-24] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184832 2010-03-03] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [36432 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [217680 2009-07-13] (Microsoft Corporation)
3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1222144 2009-07-09] (VIA Technologies, Inc.)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [17488 2009-07-13] (VIA Technologies, Inc.)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [71760 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363584 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [294992 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [161872 2009-07-13] (VIA Technologies Inc.,Ltd)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [21056 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [654928 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation)
3 WimFltr; C:\Windows\System32\DRIVERS\wimfltr.sys [154168 2008-05-23] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-13] (Microsoft Corporation)
3 dump_wmimmc; \??\C:\gPotato\Rappelz\GameGuard\dump_wmimmc.sys [x]
3 npggsvc; C:\Windows\system32\GameMon.des -service [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
3 tmlwf; [x]
3 tmwfp; [x]

========================= NetSvcs ============================

============ One Month Created Files and folders =============

2011-06-25 00:09 - 2011-06-25 00:09 - 0000000 ____D C:\FRST
2011-06-23 23:32 - 2011-06-23 23:33 - 2819709 ___AH C:\Users\Steven\AppData\Local\IconCache.db
2011-06-23 23:31 - 2011-06-23 23:31 - 0154725 ____A C:\Users\Steven\Desktop\19795039.jpg
2011-06-23 23:26 - 2011-06-24 11:57 - 426238357 ____A C:\Users\Steven\Downloads\[Critter-Subs] Jewel Pet Tinkle - 47 [297A8FAB].mkv
2011-06-23 14:22 - 2011-06-23 14:22 - 4213763 ____A C:\Users\Steven\Desktop\Shake it up - Season 1 - SoundTrack - Song - All The Way Up.wma
2011-06-23 09:34 - 2011-06-23 09:34 - 0000000 ____D C:\Users\Steven\Desktop\ESO_v375
2011-06-22 21:49 - 2011-06-22 23:07 - 2726873889 ____A C:\Users\Steven\Desktop\ESO_v375.rar
2011-06-22 17:56 - 2011-06-22 17:56 - 0017422 ____A C:\Users\Steven\.recently-used.xbel
2011-06-19 12:36 - 2011-06-19 12:54 - 345429627 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_83_[720p][34662957].mp4
2011-06-19 12:32 - 2011-06-19 13:04 - 345434027 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_84_[720p][72F5E081].mp4
2011-06-18 20:07 - 2011-06-18 20:35 - 366871759 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_17_HD[A0AC221D].mp4
2011-06-18 20:02 - 2011-06-18 20:31 - 411840448 ____A C:\Users\Steven\Downloads\[OD]_Digimon_Xros_Wars_40_[720p]_[87FE2880].mkv
2011-06-17 22:33 - 2011-06-17 22:39 - 175068384 ____A C:\Users\Steven\Downloads\[Aesir]Yes!_Precure_5_-_26_[DVD][A54526F5].mkv
2011-06-17 21:48 - 2011-06-17 23:23 - 0000000 ____D C:\Users\Steven\Downloads\Huntik Season 1 [A-T]
2011-06-17 20:34 - 2011-06-17 20:36 - 23868659 ____A C:\Users\Steven\Desktop\an_pounce.mov
2011-06-17 17:46 - 2011-06-17 17:59 - 428860709 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.18.[1280x720].[4C90228B].mkv
2011-06-14 23:52 - 2011-06-16 14:46 - 0000000 ____D C:\Users\Steven\Downloads\Wedding Peach DX (MKV)
2011-06-14 23:26 - 2011-06-24 23:15 - 0000000 ____D C:\Users\Steven\Desktop\xrpg
2011-06-14 22:27 - 2011-06-14 22:40 - 180731904 ____A C:\Users\Steven\Downloads\[Doremi].Motto.Ojamajo.Doremi.47.[54D70887].avi
2011-06-14 22:27 - 2011-06-14 22:35 - 225186177 ____A C:\Users\Steven\Downloads\[PCSS] Yes Pretty Cure 5 - 27 [6BCFDAE2].mkv
2011-06-13 18:40 - 2011-06-13 18:51 - 390614480 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.17.[1280x720].[74702E4C].mkv
2011-06-13 14:17 - 2011-06-13 14:26 - 273078344 ____A C:\Users\Steven\Downloads\[CureCom] Fresh Pretty Cure! - 28 [HD][F6F28A8E].mkv
2011-06-13 14:04 - 2011-06-13 14:14 - 183816326 ____A C:\Users\Steven\Downloads\[CureCom] Fresh Pretty Cure! - 29 [SD][96BCBBFF].avi
2011-06-13 13:57 - 2011-06-13 14:09 - 316243983 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_38_[84347A21].mkv
2011-06-12 17:38 - 2011-06-12 17:59 - 518395180 ____A C:\Users\Steven\Downloads\[Over-Time]_Pirate_Sentai_Gokaiger_-_17_[77EE0564].mkv
2011-06-12 10:27 - 2011-06-12 10:27 - 1908945 ____A C:\Users\Steven\Desktop\318817_Asain_fight.mp3
2011-06-11 19:39 - 2011-06-11 19:52 - 366906320 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_16_HD[36A29B25].mp4
2011-06-09 20:50 - 2011-06-09 21:13 - 244395970 ____A C:\Users\Steven\Downloads\[T-N]Kamen_Rider_OOO_37SD[5BC11C89].avi
2011-06-09 20:31 - 2011-06-09 20:31 - 0000000 ____D C:\Users\Steven\Desktop\Request2388
2011-06-09 12:33 - 2011-06-09 12:33 - 0001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-06-09 12:32 - 2011-06-09 12:33 - 0000000 ____D C:\Program Files\iTunes
2011-06-09 12:32 - 2011-06-09 12:33 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-06-09 12:32 - 2011-06-09 12:32 - 0000000 ____D C:\Program Files\iPod
2011-06-07 17:28 - 2011-06-07 17:28 - 0000000 ____D C:\Program Files\Common Files\INCA Shared
2011-06-07 17:28 - 2010-11-04 02:39 - 3904976 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2011-06-07 17:28 - 2005-01-03 16:43 - 0004682 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2011-06-07 17:28 - 2003-07-20 01:17 - 0005174 ____A C:\Windows\SysWOW64\nppt9x.vxd
2011-06-07 17:06 - 2011-06-07 17:06 - 0000721 ____A C:\Users\Public\Desktop\Rappelz.lnk
2011-06-07 16:55 - 2011-06-07 16:55 - 0000000 ____D C:\gPotato
2011-06-07 15:48 - 2011-06-08 08:30 - 0000000 ____D C:\Users\Steven\AppData\Local\PMB Files
2011-06-07 15:48 - 2011-06-07 15:50 - 0000000 ____D C:\Users\All Users\PMB Files
2011-06-07 15:48 - 2011-06-07 15:50 - 0000000 ____D C:\ProgramData\PMB Files
2011-06-07 15:48 - 2011-06-07 15:48 - 0000000 ____D C:\Program Files (x86)\Pando Networks
2011-06-06 14:30 - 2011-06-06 14:43 - 345570537 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_82_[720p][7E248BDD].mp4
2011-06-05 18:09 - 2011-06-05 18:37 - 362497622 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_37_[6AA85129].mkv
2011-06-04 20:54 - 2011-06-17 15:52 - 0000000 ____D C:\Users\Steven\Downloads\[T-N]Kamen_Rider_OOO
2011-06-03 20:59 - 2011-06-04 09:05 - 366908056 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_15_HD[5D45C78F].mp4
2011-06-03 19:10 - 2011-06-04 17:15 - 0000000 ____D C:\Users\Steven\Downloads\[ILA] Wedding Peach
2011-06-03 17:17 - 2011-06-03 17:37 - 396109495 ____A C:\Users\Steven\Downloads\[OD]_Digimon_Xros_Wars_39_[720p]_[AAC8C1AD].mkv
2011-06-03 13:09 - 2011-06-03 13:17 - 249543246 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_36SD_[DD0C80DB].mp4
2011-06-02 22:05 - 2011-06-02 22:05 - 0000035 ____A C:\Users\Steven\brs.txt
2011-06-02 20:20 - 2011-06-02 20:32 - 369526511 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.16.[1280x720].[D7EC461B].mkv
2011-06-02 14:47 - 2011-06-02 14:59 - 366825650 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_14_HD[89C8F776].mp4
2011-06-01 18:11 - 2011-06-16 22:15 - 0014832 ____A C:\Users\Steven\Documents\Pokemon Ev.xlsx
2011-06-01 15:43 - 2011-06-01 16:16 - 0000000 ____D C:\Users\Steven\Downloads\[Nekomimi] Ookami Kakushi
2011-05-31 18:29 - 2011-05-31 18:38 - 345674919 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_81_[720p][1549265D].mp4
2011-05-31 16:53 - 2011-05-31 16:53 - 0015343 ____A C:\Users\Steven\Documents\Ninim.docx
2011-05-30 23:25 - 2011-05-30 23:38 - 184088576 ____A C:\Users\Steven\Downloads\[Doremi].Motto.Ojamajo.Doremi.46.[16264A23].avi
2011-05-30 13:48 - 2011-05-30 13:48 - 0112632 ____A C:\Users\Steven\1296628913.myrmidon_breeding_issues.rtf
2011-05-29 17:42 - 2011-05-29 17:42 - 0000000 ____D C:\Users\Steven\Downloads\[ASL]_Puella_Magi_Madoka_Magica_Special_CD_2_Original_Soundtrack_I_[MP3]_[w_Scans]
2011-05-29 17:37 - 2011-05-29 17:42 - 82692688 ____A C:\Users\Steven\Downloads\[ASL]_Puella_Magi_Madoka_Magica_Special_CD_2_Original_Soundtrack_I_[MP3]_[w_Scans].rar
2011-05-25 19:26 - 2010-08-20 19:59 - 0034152 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2011-05-25 13:08 - 2011-04-22 12:18 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys

============ 3 Months Modified Files and folders =============

2011-06-25 00:09 - 2011-06-25 00:09 - 0000000 ____D C:\FRST
2011-06-24 23:16 - 2010-09-27 01:50 - 0000000 ____D C:\Users\Steven\AppData\Roaming\gtk-2.0
2011-06-24 23:16 - 2010-09-10 10:10 - 0000000 ____D C:\Users\Steven\AppData\Roaming\vlc
2011-06-24 23:16 - 2010-08-17 13:55 - 0000000 ____D C:\Users\All Users\Real
2011-06-24 23:16 - 2010-08-17 13:55 - 0000000 ____D C:\ProgramData\Real
2011-06-24 23:16 - 2010-08-17 13:51 - 0000000 ____D C:\Users\Steven\AppData\Roaming\BitTorrent
2011-06-24 23:16 - 2010-08-17 13:35 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-06-24 23:16 - 2010-08-17 13:27 - 0000000 ____D C:\Users\All Users\Norton
2011-06-24 23:16 - 2010-08-17 13:27 - 0000000 ____D C:\ProgramData\Norton
2011-06-24 23:16 - 2010-08-17 13:15 - 0000000 ____D C:\users\Steven
2011-06-24 23:16 - 2009-10-05 22:42 - 0000000 ____D C:\Windows\SysWOW64\Fast Boot
2011-06-24 23:16 - 2009-10-05 22:42 - 0000000 ____D C:\Users\All Users\P4G
2011-06-24 23:16 - 2009-10-05 22:42 - 0000000 ____D C:\ProgramData\P4G
2011-06-24 23:16 - 2009-10-05 22:29 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-06-24 23:16 - 2009-10-05 22:25 - 0000000 ____D C:\Users\All Users\CinemaNow
2011-06-24 23:16 - 2009-10-05 22:25 - 0000000 ____D C:\ProgramData\CinemaNow
2011-06-24 23:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\wbem
2011-06-24 23:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wfp
2011-06-24 23:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\wbem
2011-06-24 23:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\DriverStore
2011-06-24 23:16 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-06-24 23:15 - 2011-06-14 23:26 - 0000000 ____D C:\Users\Steven\Desktop\xrpg
2011-06-24 23:15 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-06-24 23:13 - 2010-11-17 14:30 - 0000000 ____D C:\Program Files (x86)\real
2011-06-24 18:33 - 2010-08-17 13:13 - 3193765888 __ASH C:\hiberfil.sys
2011-06-24 17:21 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\LogFiles
2011-06-24 15:53 - 2010-08-20 19:11 - 0000000 ____D C:\Users\Steven\AppData\Local\Deployment
2011-06-24 11:57 - 2011-06-23 23:26 - 426238357 ____A C:\Users\Steven\Downloads\[Critter-Subs] Jewel Pet Tinkle - 47 [297A8FAB].mkv
2011-06-23 23:33 - 2011-06-23 23:32 - 2819709 ___AH C:\Users\Steven\AppData\Local\IconCache.db
2011-06-23 23:31 - 2011-06-23 23:31 - 0154725 ____A C:\Users\Steven\Desktop\19795039.jpg
2011-06-23 14:22 - 2011-06-23 14:22 - 4213763 ____A C:\Users\Steven\Desktop\Shake it up - Season 1 - SoundTrack - Song - All The Way Up.wma
2011-06-23 12:26 - 2010-09-23 15:50 - 0000000 __SHD C:\Config.Msi
2011-06-23 09:34 - 2011-06-23 09:34 - 0000000 ____D C:\Users\Steven\Desktop\ESO_v375
2011-06-22 23:07 - 2011-06-22 21:49 - 2726873889 ____A C:\Users\Steven\Desktop\ESO_v375.rar
2011-06-22 22:38 - 2010-10-22 16:54 - 0000000 ____D C:\Users\Steven\My Works
2011-06-22 17:56 - 2011-06-22 17:56 - 0017422 ____A C:\Users\Steven\.recently-used.xbel
2011-06-22 17:56 - 2010-09-23 12:22 - 0000000 ____D C:\Users\Steven\.gimp-2.6
2011-06-22 16:32 - 2010-08-27 11:14 - 0000000 ____D C:\Users\Steven\dwhelper
2011-06-19 13:04 - 2011-06-19 12:32 - 345434027 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_84_[720p][72F5E081].mp4
2011-06-19 12:54 - 2011-06-19 12:36 - 345429627 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_83_[720p][34662957].mp4
2011-06-18 20:35 - 2011-06-18 20:07 - 366871759 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_17_HD[A0AC221D].mp4
2011-06-18 20:31 - 2011-06-18 20:02 - 411840448 ____A C:\Users\Steven\Downloads\[OD]_Digimon_Xros_Wars_40_[720p]_[87FE2880].mkv
2011-06-17 23:23 - 2011-06-17 21:48 - 0000000 ____D C:\Users\Steven\Downloads\Huntik Season 1 [A-T]
2011-06-17 22:39 - 2011-06-17 22:33 - 175068384 ____A C:\Users\Steven\Downloads\[Aesir]Yes!_Precure_5_-_26_[DVD][A54526F5].mkv
2011-06-17 20:36 - 2011-06-17 20:34 - 23868659 ____A C:\Users\Steven\Desktop\an_pounce.mov
2011-06-17 17:59 - 2011-06-17 17:46 - 428860709 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.18.[1280x720].[4C90228B].mkv
2011-06-17 15:52 - 2011-06-04 20:54 - 0000000 ____D C:\Users\Steven\Downloads\[T-N]Kamen_Rider_OOO
2011-06-16 22:15 - 2011-06-01 18:11 - 0014832 ____A C:\Users\Steven\Documents\Pokemon Ev.xlsx
2011-06-16 14:46 - 2011-06-14 23:52 - 0000000 ____D C:\Users\Steven\Downloads\Wedding Peach DX (MKV)
2011-06-14 22:40 - 2011-06-14 22:27 - 180731904 ____A C:\Users\Steven\Downloads\[Doremi].Motto.Ojamajo.Doremi.47.[54D70887].avi
2011-06-14 22:35 - 2011-06-14 22:27 - 225186177 ____A C:\Users\Steven\Downloads\[PCSS] Yes Pretty Cure 5 - 27 [6BCFDAE2].mkv
2011-06-13 18:51 - 2011-06-13 18:40 - 390614480 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.17.[1280x720].[74702E4C].mkv
2011-06-13 14:26 - 2011-06-13 14:17 - 273078344 ____A C:\Users\Steven\Downloads\[CureCom] Fresh Pretty Cure! - 28 [HD][F6F28A8E].mkv
2011-06-13 14:14 - 2011-06-13 14:04 - 183816326 ____A C:\Users\Steven\Downloads\[CureCom] Fresh Pretty Cure! - 29 [SD][96BCBBFF].avi
2011-06-13 14:09 - 2011-06-13 13:57 - 316243983 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_38_[84347A21].mkv
2011-06-12 17:59 - 2011-06-12 17:38 - 518395180 ____A C:\Users\Steven\Downloads\[Over-Time]_Pirate_Sentai_Gokaiger_-_17_[77EE0564].mkv
2011-06-12 10:27 - 2011-06-12 10:27 - 1908945 ____A C:\Users\Steven\Desktop\318817_Asain_fight.mp3
2011-06-11 19:52 - 2011-06-11 19:39 - 366906320 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_16_HD[36A29B25].mp4
2011-06-10 13:03 - 2009-07-13 20:45 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-06-10 13:03 - 2009-07-13 20:45 - 0010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-06-10 12:58 - 2009-10-05 22:11 - 2027610 ____A C:\Windows\WindowsUpdate.log
2011-06-10 09:56 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-06-10 09:56 - 2009-07-13 20:51 - 0156200 ____A C:\Windows\setupact.log
2011-06-09 21:13 - 2011-06-09 20:50 - 244395970 ____A C:\Users\Steven\Downloads\[T-N]Kamen_Rider_OOO_37SD[5BC11C89].avi
2011-06-09 20:31 - 2011-06-09 20:31 - 0000000 ____D C:\Users\Steven\Desktop\Request2388
2011-06-09 12:33 - 2011-06-09 12:33 - 0001785 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-06-09 12:33 - 2011-06-09 12:32 - 0000000 ____D C:\Program Files\iTunes
2011-06-09 12:33 - 2011-06-09 12:32 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-06-09 12:32 - 2011-06-09 12:32 - 0000000 ____D C:\Program Files\iPod
2011-06-09 12:32 - 2009-07-13 19:20 - 0000000 ___RD C:\Program Files (x86)
2011-06-09 12:16 - 2011-01-23 08:45 - 0045056 ____A C:\Windows\System32\acovcnt.exe
2011-06-08 21:50 - 2011-05-14 10:35 - 0000000 ____D C:\Users\Steven\Games
2011-06-08 12:27 - 2009-10-05 22:33 - 0155898 ____A C:\Windows\PFRO.log
2011-06-08 08:30 - 2011-06-07 15:48 - 0000000 ____D C:\Users\Steven\AppData\Local\PMB Files
2011-06-07 17:28 - 2011-06-07 17:28 - 0000000 ____D C:\Program Files\Common Files\INCA Shared
2011-06-07 17:06 - 2011-06-07 17:06 - 0000721 ____A C:\Users\Public\Desktop\Rappelz.lnk
2011-06-07 16:55 - 2011-06-07 16:55 - 0000000 ____D C:\gPotato
2011-06-07 15:50 - 2011-06-07 15:48 - 0000000 ____D C:\Users\All Users\PMB Files
2011-06-07 15:50 - 2011-06-07 15:48 - 0000000 ____D C:\ProgramData\PMB Files
2011-06-07 15:48 - 2011-06-07 15:48 - 0000000 ____D C:\Program Files (x86)\Pando Networks
2011-06-07 14:51 - 2011-05-16 12:42 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-06-06 14:43 - 2011-06-06 14:30 - 345570537 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_82_[720p][7E248BDD].mp4
2011-06-05 18:37 - 2011-06-05 18:09 - 362497622 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_37_[6AA85129].mkv
2011-06-04 22:03 - 2011-05-14 14:37 - 0054784 __ASH C:\Users\Steven\Thumbs.db
2011-06-04 17:15 - 2011-06-03 19:10 - 0000000 ____D C:\Users\Steven\Downloads\[ILA] Wedding Peach
2011-06-04 09:05 - 2011-06-03 20:59 - 366908056 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_15_HD[5D45C78F].mp4
2011-06-03 17:37 - 2011-06-03 17:17 - 396109495 ____A C:\Users\Steven\Downloads\[OD]_Digimon_Xros_Wars_39_[720p]_[AAC8C1AD].mkv
2011-06-03 13:17 - 2011-06-03 13:09 - 249543246 ____A C:\Users\Steven\Downloads\[Over-Time]_Kamen_Rider_OOO_-_36SD_[DD0C80DB].mp4
2011-06-02 22:05 - 2011-06-02 22:05 - 0000035 ____A C:\Users\Steven\brs.txt
2011-06-02 20:32 - 2011-06-02 20:20 - 369526511 ____A C:\Users\Steven\Downloads\[Doremi-CureCom].Suite.PreCure!.16.[1280x720].[D7EC461B].mkv
2011-06-02 15:29 - 2010-08-20 15:55 - 0001214 ____A C:\Users\Public\Desktop\World of Warcraft.lnk
2011-06-02 14:59 - 2011-06-02 14:47 - 366825650 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_14_HD[89C8F776].mp4
2011-06-01 16:16 - 2011-06-01 15:43 - 0000000 ____D C:\Users\Steven\Downloads\[Nekomimi] Ookami Kakushi
2011-05-31 18:38 - 2011-05-31 18:29 - 345674919 ____A C:\Users\Steven\Downloads\[Kyuubi]_Fairy_Tail_81_[720p][1549265D].mp4
2011-05-31 16:53 - 2011-05-31 16:53 - 0015343 ____A C:\Users\Steven\Documents\Ninim.docx
2011-05-31 08:16 - 2010-09-29 06:06 - 0000000 ___RD C:\Users\Steven\Documents\Scanned Documents
2011-05-30 23:38 - 2011-05-30 23:25 - 184088576 ____A C:\Users\Steven\Downloads\[Doremi].Motto.Ojamajo.Doremi.46.[16264A23].avi
2011-05-30 13:48 - 2011-05-30 13:48 - 0112632 ____A C:\Users\Steven\1296628913.myrmidon_breeding_issues.rtf
2011-05-30 12:00 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-05-29 17:42 - 2011-05-29 17:42 - 0000000 ____D C:\Users\Steven\Downloads\[ASL]_Puella_Magi_Madoka_Magica_Special_CD_2_Original_Soundtrack_I_[MP3]_[w_Scans]
2011-05-29 17:42 - 2011-05-29 17:37 - 82692688 ____A C:\Users\Steven\Downloads\[ASL]_Puella_Magi_Madoka_Magica_Special_CD_2_Original_Soundtrack_I_[MP3]_[w_Scans].rar
2011-05-27 18:09 - 2009-07-13 21:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI
2011-05-27 18:09 - 2009-07-13 18:36 - 0624178 ____A C:\Windows\System32\perfh009.dat
2011-05-27 18:09 - 2009-07-13 18:36 - 0106522 ____A C:\Windows\System32\perfc009.dat
2011-05-26 13:22 - 2010-08-17 13:16 - 0112504 ____A C:\Users\Steven\AppData\Local\GDIPFONTCACHEV1.DAT
2011-05-26 13:16 - 2009-07-13 20:45 - 4989968 ____A C:\Windows\System32\FNTCACHE.DAT
2011-05-25 19:30 - 2010-08-17 13:29 - 0002390 ____A C:\Users\Public\Desktop\Norton 360.lnk
2011-05-25 19:30 - 2010-08-17 13:28 - 0000000 ____D C:\Windows\System32\Drivers\N360x64
2011-05-25 19:26 - 2010-08-17 13:29 - 0174200 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2011-05-25 19:26 - 2010-08-17 13:29 - 0007488 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2011-05-25 19:26 - 2010-08-17 13:29 - 0000855 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.INF
2011-05-25 19:26 - 2010-08-17 13:29 - 0000000 ____D C:\Program Files\Symantec
2011-05-25 13:07 - 2011-05-18 13:16 - 0001940 ____A C:\Users\Steven\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2011-05-21 18:45 - 2011-05-21 17:38 - 366852199 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_13_HD[4355B3DE].mp4
2011-05-20 11:05 - 2010-11-17 14:31 - 0272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2011-05-20 11:05 - 2010-11-17 14:31 - 0198848 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2011-05-20 11:05 - 2010-11-17 14:31 - 0006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2011-05-20 11:05 - 2010-11-17 14:31 - 0005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2011-05-20 11:05 - 2010-08-17 13:55 - 0499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2011-05-20 11:05 - 2010-08-17 13:55 - 0348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2011-05-19 09:20 - 2009-10-05 22:46 - 0001758 ____A C:\Windows\System32\AutoRunFilter.ini
2011-05-17 23:43 - 2011-05-17 23:30 - 366797784 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_12_HD[DD560C68].mp4
2011-05-14 10:16 - 2010-08-25 22:31 - 0000000 ____D C:\Users\Steven\AppData\Local\CrashDumps
2011-05-11 21:38 - 2011-05-11 21:21 - 366984746 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_11_HD[0C5D80B2]V2.mp4
2011-05-10 21:08 - 2009-10-05 22:07 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-05-10 21:08 - 2009-10-05 22:07 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-05-09 00:36 - 2011-05-09 00:36 - 0012711 ____A C:\Users\Steven\Documents\Welcome Steven Eric John.docx
2011-05-08 14:16 - 2011-05-08 14:01 - 366969379 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_11_HD[418008B9].mp4
2011-05-05 14:37 - 2011-05-05 14:36 - 0000000 ____D C:\Users\Steven\AppData\Roaming\GARMIN
2011-05-04 19:53 - 2011-05-04 19:27 - 0000000 ____D C:\Users\Steven\.alice2
2011-05-01 11:55 - 2011-05-01 11:34 - 366904642 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_10_HD[7BB72127].mp4
2011-04-29 14:25 - 2011-04-29 14:25 - 0000000 ____D C:\Users\Steven\.fontconfig
2011-04-29 12:14 - 2011-04-29 12:14 - 0051794 ____A C:\Users\Steven\1303985142.myrmidon_umbreoncopy.rtf
2011-04-28 11:06 - 2010-08-17 13:51 - 0000000 ____D C:\Program Files (x86)\BitTorrent
2011-04-27 10:54 - 2009-07-13 21:08 - 0032630 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-04-25 16:51 - 2011-04-25 16:51 - 0000000 ____D C:\Program Files\Bonjour
2011-04-25 16:51 - 2011-04-25 16:51 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-04-23 17:54 - 2011-04-23 17:42 - 366764098 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_09_HD[5CC2D907].mp4
2011-04-22 12:18 - 2011-05-25 13:08 - 0027008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2011-04-20 06:16 - 2011-04-20 06:16 - 0001068 ____A C:\Users\Public\Desktop\VLC media player.lnk
2011-04-18 15:18 - 2011-04-18 15:18 - 0014211 ___SH C:\Users\Steven\Desktop\AlbumArt_{EDE6237B-0E75-4946-98E1-9656104D01EE}_Large.jpg
2011-04-18 15:18 - 2011-04-18 15:18 - 0003364 ___SH C:\Users\Steven\Desktop\AlbumArt_{EDE6237B-0E75-4946-98E1-9656104D01EE}_Small.jpg
2011-04-18 15:18 - 2011-04-18 09:49 - 0014211 ___SH C:\Users\Steven\Desktop\Folder.jpg
2011-04-18 15:18 - 2011-04-18 09:49 - 0003364 ___SH C:\Users\Steven\Desktop\AlbumArtSmall.jpg
2011-04-18 14:54 - 2011-04-18 14:13 - 386436100 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_08_HD[D5087069].mp4
2011-04-15 16:14 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Microsoft.NET
2011-04-12 09:51 - 2011-03-03 14:52 - 0000000 ____D C:\AeriaGames
2011-04-12 09:48 - 2011-02-11 11:22 - 0000000 ____D C:\FeralHeart
2011-04-12 09:47 - 2009-10-05 22:17 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-04-09 17:36 - 2011-04-09 17:36 - 0000000 ____D C:\Users\Steven\AppData\Roaming\Unity
2011-04-09 17:22 - 2011-04-09 17:22 - 0000000 ____D C:\Users\Steven\AppData\Local\Unity
2011-04-09 17:22 - 2010-08-17 13:15 - 0000000 ____D C:\Users\Steven\AppData\LocalLow
2011-04-09 14:35 - 2011-04-09 13:03 - 366769598 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_03_HD[1B119AB1].mp4
2011-04-08 22:58 - 2011-05-24 08:49 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2011-04-08 22:45 - 2011-05-10 13:38 - 5509504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-04-08 22:13 - 2011-05-10 13:38 - 3957632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-04-08 22:13 - 2011-05-10 13:38 - 3901824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-04-08 21:56 - 2011-05-24 08:49 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2011-04-08 14:46 - 2011-04-08 14:15 - 366808669 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_07_HD[BF6A29D8].mp4
2011-04-06 12:26 - 2011-04-06 12:26 - 0237856 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-04-06 12:26 - 2011-04-06 12:26 - 0119584 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-04-06 12:26 - 2011-04-06 12:26 - 0096544 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-04-06 12:26 - 2011-04-06 12:26 - 0069408 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-04-06 12:20 - 2011-04-06 12:20 - 0197920 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-04-06 12:20 - 2011-04-06 12:20 - 0107808 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-04-06 12:20 - 2011-04-06 12:20 - 0091424 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-04-06 12:20 - 2011-04-06 12:20 - 0075040 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-04-04 18:25 - 2011-04-04 18:25 - 0000204 ____A C:\Users\Public\Desktop\MapleStory.url
2011-04-04 18:18 - 2011-04-04 18:18 - 0000000 ____D C:\Nexon
2011-04-04 16:51 - 2011-04-04 16:51 - 0000000 ____D C:\Users\All Users\NexonUS
2011-04-04 16:51 - 2011-04-04 16:51 - 0000000 ____D C:\ProgramData\NexonUS
2011-04-03 11:15 - 2011-04-03 10:59 - 366866542 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_06_HD[0A9BB496].mp4
2011-03-31 08:57 - 2011-03-31 08:57 - 1361681 ____A C:\Users\Steven\Documents\hiragana-practice-sheet.pdf
2011-03-27 08:49 - 2011-03-26 22:00 - 366987577 ____A C:\Users\Steven\Downloads\[T-N]Kaizoku_Sentai_Gokaiger_05_HD[DE7E2248].mp4

========================= Known DLLs =========================

[2009-07-13 16:41] - [2009-07-13 17:40] - 0877056 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
[2009-07-13 16:00] - [2009-07-13 17:40] - 0607744 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\clbcatq.dll
[2009-07-13 15:55] - [2009-07-13 17:40] - 0595456 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.dll
[2009-07-13 15:39] - [2009-07-13 17:40] - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0310784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
[2011-04-14 10:53] - [2011-02-23 22:24] - 2447872 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2011-04-14 10:53] - [2011-02-23 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IERTUTIL.dll
[2009-07-13 16:13] - [2009-07-13 17:41] - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMAGEHLP.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0167424 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0119808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IMM32.dll
[2009-07-13 15:28] - [2009-07-13 17:41] - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:16] - [2009-07-13 17:11] - 0836608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0041984 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:25] - [2009-07-13 17:11] - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\LPK.dll
[2009-07-13 15:40] - [2009-07-13 17:41] - 1067008 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCTF.dll
[2009-07-13 15:19] - [2009-07-13 17:41] - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSVCRT.dll
[2009-07-13 15:26] - [2009-07-13 17:31] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NORMALIZ.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0013824 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\NSI.dll
[2010-10-12 01:18] - [2010-06-28 21:39] - 2085376 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2010-10-12 01:18] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
[2010-08-26 13:57] - [2010-04-06 23:37] - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2010-08-26 13:57] - [2010-04-06 23:10] - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
[2009-07-13 15:26] - [2009-07-13 17:41] - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\PSAPI.dll
[2009-07-13 15:15] - [2009-07-13 17:16] - 0006144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PSAPI.dll
[2009-07-13 15:23] - [2009-07-13 17:41] - 1221632 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:12] - [2009-07-13 17:11] - 0662528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
[2009-07-13 15:20] - [2009-07-13 17:41] - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\sechost.dll
[2009-07-13 15:11] - [2009-07-13 17:16] - 0092160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
[2009-07-13 15:27] - [2009-07-13 17:41] - 1899520 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Setupapi.dll
[2010-08-18 11:15] - [2010-07-27 06:59] - 14162944 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2010-08-18 11:15] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
[2009-07-13 15:55] - [2009-07-13 17:41] - 0449536 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHLWAPI.dll
[2011-04-14 10:53] - [2011-02-23 22:28] - 1499136 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2011-04-14 10:53] - [2011-02-23 21:32] - 1228800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 1008640 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:24] - [2009-07-13 17:11] - 0833024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
[2009-07-13 15:38] - [2009-07-13 17:41] - 0801280 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\USP10.dll
[2009-07-13 15:57] - [2009-07-13 17:41] - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\version.dll
[2011-04-14 10:53] - [2011-02-23 22:29] - 1197056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2011-04-14 10:53] - [2011-02-23 21:32] - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
[2009-07-13 15:54] - [2009-07-13 17:41] - 0311808 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wldap32.dll
[2009-07-13 15:21] - [2009-07-13 17:41] - 0296448 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WS2_32.dll

================== Bamital & volsnap Check ===================

C:\Windows\System32\winlogon.exe
[2010-08-18 11:14] - [2009-10-27 22:24] - 0389632 ____A (Microsoft Corporation) DA3E2A6FA9660CC75B471530CE88453A

C:\Windows\System32\wininit.exe
[2009-07-13 15:52] - [2009-07-13 17:39] - 0129024 ____A (Microsoft Corporation) 94355C28C1970635A31B3FE52EB7CEBA

C:\Windows\explorer.exe
[2011-04-26 15:07] - [2011-02-25 22:23] - 2870272 ____A (Microsoft Corporation) 0862495E0C825893DB75EF44FAEA8E93

C:\Windows\System32\Drivers\volsnap.sys
[2009-07-13 15:20] - [2009-07-13 17:45] - 0294992 ____A (Microsoft Corporation) 58F82EED8CA24B461441F9C3E4F0BF5C


========================= Memory info ========================

Percentage of memory in use: 15%
Total physical RAM: 4061.09 MB
Available physical RAM: 3442.31 MB
Total Pagefile: 4059.23 MB
Available Pagefile: 3430.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions ===========================

1 Drive c: (OS) (Fixed) (Total:283.44 GB) (Free:144.81 GB) NTFS
4 Drive g: (STORE N GO) (Removable) (Total:3.78 GB) (Free:3.77 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (RECOVERY) (Fixed) (Total:14.63 GB) (Free:9.37 GB) FAT32



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 25 June 2011 - 12:39 AM

Hi,

Welcome to this forum.:)

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."


Removal Instructions

Open notepad. Please copy the contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

2011-06-23 09:34 - 2011-06-23 09:34 - 0000000 ____D C:\Users\Steven\Desktop\ESO_v375
2011-06-22 21:49 - 2011-06-22 23:07 - 2726873889 ____A C:\Users\Steven\Desktop\ESO_v375.rar
cmd: bootrec /FixMbr
cmd: bcdedit /set {default} winpe no

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also restart and let the computer boot normally and tell me how it went.

#3 sjohn2776

sjohn2776
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 25 June 2011 - 12:57 AM

Okay I did what you said and now it's running again. Thank you so much.

Anyway here's what i got after:

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.1.1)
Ran by SYSTEM at 2011-06-25 01:47:44 R:1
Running from G:\

==============================================

C:\Users\Steven\Desktop\ESO_v375 moved successfully.
C:\Users\Steven\Desktop\ESO_v375.rar moved successfully.

========= bootrec /FixMbr =========

˙ūT h e o p e r a t i o n c o m p l e t e d s u c c e s s f u l l y .

========= End of CMD: =========


========= bcdedit /set {default} winpe no =========

The operation completed successfully.

========= End of CMD: =========


What do i have to do next?

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 25 June 2011 - 01:01 AM

Great. :thumbup2:

Please download Malwarebytes' Anti-Malware from one of these locations:
malwarebytes.org
majorgeeks.com
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the MBAM log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


#5 sjohn2776

sjohn2776
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 25 June 2011 - 01:23 AM

Okay here's what i got.

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6943

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6/25/2011 2:17:59 AM
mbam-log-2011-06-25 (02-17-59).txt

Scan type: Quick scan
Objects scanned: 175536
Time elapsed: 8 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 25 June 2011 - 05:25 AM

Looks good. :thumbup2:

Let's take a look at vulnerabilities.

Please download OTL by OldTimer.
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Check the "Scan All Users" checkbox.
  • Check the "Standard Output".
  • Click Run Scan button.
  • Two reports will open, copy and paste OTL.txt and attacht Extra.txt to your reply:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized


#7 sjohn2776

sjohn2776
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 25 June 2011 - 12:14 PM

Okay here's the OTL.txt

OTL logfile created on: 6/25/2011 1:04:08 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 51.13% Memory free
7.93 Gb Paging File | 5.89 Gb Available in Paging File | 74.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.44 Gb Total Space | 144.56 Gb Free Space | 51.00% Space Free | Partition Type: NTFS
Drive F: | 14.63 Gb Total Space | 9.37 Gb Free Space | 64.05% Space Free | Partition Type: FAT32

Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 13:02:30 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
PRC - [2011/06/16 00:17:34 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/05/20 15:05:29 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\real\realplayer\Update\realsched.exe
PRC - [2011/04/27 18:29:02 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\BitTorrent\BitTorrent.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
PRC - [2010/07/06 10:01:16 | 002,634,048 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009/10/06 02:42:09 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/07/24 13:32:50 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
PRC - [2009/07/22 20:58:46 | 000,017,976 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/07/16 13:07:54 | 000,178,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/07/07 14:20:56 | 008,493,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 15:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 13:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 13:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/06/11 18:13:40 | 000,158,584 | ---- | M] () -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CNRpc.exe
PRC - [2009/06/11 18:13:40 | 000,127,352 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2009/06/11 18:13:30 | 002,088,296 | ---- | M] (CinemaNow Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
PRC - [2009/05/18 18:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 14:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/22 20:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 00:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/13 23:59:56 | 000,301,624 | ---- | M] () -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
PRC - [2008/07/18 22:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 14:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe


========== Modules (SafeList) ==========

MOD - [2011/06/25 13:02:30 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/15 16:21:58 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/06/25 01:49:57 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
SRV - [2010/11/04 06:39:24 | 003,904,976 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/23 20:13:38 | 000,306,232 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe -- (FastBootAgent)
SRV - [2009/06/15 20:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 18:13:40 | 000,127,352 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/25 23:26:37 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/21 20:39:49 | 000,382,584 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SymDS64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/08/20 23:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/10/05 19:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/20 05:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 04:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/07/08 23:11:41 | 000,140,800 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/18 15:18:10 | 000,015,928 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/09 00:38:23 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/04 06:54:35 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 09:32:37 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/05/20 04:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/12 21:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008/12/08 20:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/23 20:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007/02/08 10:48:04 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dsiarhwprog_x64.sys -- (usbio)
DRV - [2011/06/24 01:00:00 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110624.002\ex64.sys -- (NAVEX15)
DRV - [2011/06/24 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110624.002\eng64.sys -- (NAVENG)
DRV - [2011/06/16 01:56:18 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110616.003_738\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011/06/02 21:08:18 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110604.001\IDSviA64.sys -- (IDSVia64)
DRV - [2011/05/09 20:34:55 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/05/09 20:34:54 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2005/01/03 20:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBit1.dll (Conduit Ltd.)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392
IE - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: " "
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2790392&SearchSource=13"
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://www.gisly.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=VfbA0o7v&q="

FF - user.js..browser.search.selectedEngine: "Search"
FF - user.js..keyword.URL: "http://www.gisly.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=VfbA0o7v&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2011/06/25 03:16:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn\ [2011/06/25 03:16:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/25 03:16:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/25 02:02:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/25 03:16:07 | 000,000,000 | ---D | M]

[2010/08/17 17:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steven\AppData\Roaming\Mozilla\Extensions
[2011/06/25 02:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\extensions
[2011/06/25 02:47:35 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011/06/25 03:16:10 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/03/12 15:40:34 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\extensions\personas@christopher.beard
[2010/11/20 00:45:48 | 000,000,863 | ---- | M] () -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\searchplugins\conduit.xml
[2011/03/04 15:40:17 | 000,002,197 | ---- | M] () -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\searchplugins\google-search.xml
[2011/05/26 02:55:49 | 000,002,469 | ---- | M] () -- C:\Users\Steven\AppData\Roaming\Mozilla\Firefox\Profiles\4c5ns6a9.default\searchplugins\safesearch.xml
[2011/06/25 02:02:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/01/31 20:18:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
[2011/06/25 03:16:09 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\COFFPLGN
[2011/06/25 03:16:09 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPLGN
[2011/06/16 00:17:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/01/31 20:17:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/09 21:30:56 | 000,189,592 | ---- | M] (MGame) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPMFireLauncher.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2011/03/04 15:40:17 | 000,002,197 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google-search.xml

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CinemaNowMediaManagerApp] C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (CinemaNow Inc.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2061997185-862170242-4064282783-1000\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f18b3b8-120d-11e0-85b9-90e6ba682005}\Shell - "" = AutoRun
O33 - MountPoints2\{5f18b3b8-120d-11e0-85b9-90e6ba682005}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{5f18b3b8-120d-11e0-85b9-90e6ba682005}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{5f18b3b8-120d-11e0-85b9-90e6ba682005}\Shell\install\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{983df925-27de-11e0-bea6-90e6ba682005}\Shell - "" = AutoRun
O33 - MountPoints2\{983df925-27de-11e0-bea6-90e6ba682005}\Shell\AutoRun\command - "" = D:\autorun\Autorun.exe SamMax101.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun\Autorun.exe SamMax101.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 13:02:30 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2011/06/25 04:09:13 | 000,000,000 | ---D | C] -- C:\FRST
[2011/06/25 02:55:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/06/25 02:08:42 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Malwarebytes
[2011/06/25 02:08:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/25 02:08:15 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/25 02:07:34 | 009,435,312 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Steven\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/25 02:01:25 | 013,683,064 | ---- | C] (Mozilla) -- C:\Users\Steven\Desktop\Firefox Setup 5.0.exe
[2011/06/25 01:58:45 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/25 01:58:45 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/25 01:58:44 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/25 01:58:44 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/25 01:58:44 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/25 01:58:44 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/25 01:58:44 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/25 01:58:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/25 01:58:44 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/25 01:58:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/25 01:58:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/25 01:58:44 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/25 01:58:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/25 01:58:44 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/25 01:58:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/06/25 01:58:37 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011/06/25 01:56:47 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/25 01:49:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/23 13:54:40 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ether Saga Odyssey
[2011/06/15 03:26:41 | 000,000,000 | ---D | C] -- C:\Users\Steven\Desktop\xrpg
[2011/06/10 00:31:54 | 000,000,000 | ---D | C] -- C:\Users\Steven\Desktop\Request2388
[2011/06/09 16:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/06/09 16:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/06/09 16:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/06/09 16:32:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/06/07 21:28:49 | 003,904,976 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011/06/07 21:28:26 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011/06/07 21:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011/06/07 21:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gPotato
[2011/06/07 20:55:40 | 000,000,000 | ---D | C] -- C:\gPotato
[2011/06/07 19:48:51 | 000,000,000 | ---D | C] -- C:\Users\Steven\AppData\Local\PMB Files
[2011/06/07 19:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/06/07 19:48:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2008/08/12 00:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Steven\Desktop\*.tmp files -> C:\Users\Steven\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 13:06:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 13:06:48 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 13:02:30 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Steven\Desktop\OTL.exe
[2011/06/25 12:57:35 | 004,989,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/25 12:57:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/25 12:57:09 | 3193,765,888 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/25 02:55:20 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/25 02:53:19 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/25 02:53:19 | 000,624,178 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/25 02:53:19 | 000,106,522 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/25 02:52:27 | 021,022,914 | ---- | M] () -- C:\Users\Steven\Desktop\vlc-1.1.10-win32.exe
[2011/06/25 02:46:20 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011/06/25 02:10:07 | 000,002,050 | ---- | M] () -- C:\Users\Steven\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/25 02:07:49 | 009,435,312 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Steven\Desktop\mbam-setup-1.51.0.1200.exe
[2011/06/25 02:02:35 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/25 02:01:25 | 013,683,064 | ---- | M] (Mozilla) -- C:\Users\Steven\Desktop\Firefox Setup 5.0.exe
[2011/06/25 01:49:18 | 410,586,103 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/24 03:31:34 | 000,154,725 | ---- | M] () -- C:\Users\Steven\Desktop\19795039.jpg
[2011/06/23 18:22:13 | 004,213,763 | ---- | M] () -- C:\Users\Steven\Desktop\Shake it up - Season 1 - SoundTrack - Song - All The Way Up.wma
[2011/06/22 21:56:16 | 000,017,422 | ---- | M] () -- C:\Users\Steven\.recently-used.xbel
[2011/06/18 00:36:42 | 023,868,659 | ---- | M] () -- C:\Users\Steven\Desktop\an_pounce.mov
[2011/06/12 14:27:33 | 001,908,945 | ---- | M] () -- C:\Users\Steven\Desktop\318817_Asain_fight.mp3
[2011/06/09 16:33:08 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/07 21:06:28 | 000,000,721 | ---- | M] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2011/06/07 18:51:40 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/02 19:29:13 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011/05/30 17:48:52 | 000,112,632 | ---- | M] () -- C:\Users\Steven\1296628913.myrmidon_breeding_issues.rtf
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Steven\Desktop\*.tmp files -> C:\Users\Steven\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/25 02:55:20 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/25 02:50:58 | 021,022,914 | ---- | C] () -- C:\Users\Steven\Desktop\vlc-1.1.10-win32.exe
[2011/06/25 01:49:18 | 410,586,103 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/24 03:31:30 | 000,154,725 | ---- | C] () -- C:\Users\Steven\Desktop\19795039.jpg
[2011/06/23 18:22:12 | 004,213,763 | ---- | C] () -- C:\Users\Steven\Desktop\Shake it up - Season 1 - SoundTrack - Song - All The Way Up.wma
[2011/06/22 21:56:16 | 000,017,422 | ---- | C] () -- C:\Users\Steven\.recently-used.xbel
[2011/06/18 00:34:30 | 023,868,659 | ---- | C] () -- C:\Users\Steven\Desktop\an_pounce.mov
[2011/06/12 14:27:33 | 001,908,945 | ---- | C] () -- C:\Users\Steven\Desktop\318817_Asain_fight.mp3
[2011/06/09 16:33:08 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/07 21:28:26 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011/06/07 21:06:26 | 000,000,721 | ---- | C] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2011/05/30 17:48:51 | 000,112,632 | ---- | C] () -- C:\Users\Steven\1296628913.myrmidon_breeding_issues.rtf
[2011/05/18 17:16:19 | 000,001,940 | ---- | C] () -- C:\Users\Steven\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/03/21 19:05:58 | 000,007,680 | ---- | C] () -- C:\Users\Steven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/31 20:07:59 | 000,000,738 | ---- | C] () -- C:\Windows\gmud32.INI
[2010/09/01 08:40:32 | 000,000,024 | ---- | C] () -- C:\ProgramData\CinemaNowSvc.ini
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/08/21 03:22:41 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2009/10/06 02:42:07 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 04:33:09 | 000,018,432 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 04:33:09 | 000,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 01:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/28 03:34:11 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/10/07 12:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 12:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 12:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/18 23:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 96 bytes -> C:\ProgramData\Temp:5EFB4536

< End of report >


and here's the extras.txt

OTL Extras logfile created on: 6/25/2011 1:04:08 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Steven\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.97 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 51.13% Memory free
7.93 Gb Paging File | 5.89 Gb Available in Paging File | 74.29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.44 Gb Total Space | 144.56 Gb Free Space | 51.00% Space Free | Partition Type: NTFS
Drive F: | 14.63 Gb Total Space | 9.37 Gb Free Space | 64.05% Space Free | Partition Type: FAT32

Computer Name: STEVEN-PC | User Name: Steven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2061997185-862170242-4064282783-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48B0F24F-B828-4B1A-A22E-C65454B32A7A}" = Windows Live Family Safety
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCF07271-A853-4D3A-B668-4B752174CAA8}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Elantech" = ETDWare PS/2-x64 7.0.5.7_WHQL
"HDMI" = Intel® Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}" = Windows Live Toolbar
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{318104DC-937D-4DF8-8E15-123B5C21D7A2}" = HERO108
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112596253}" = Galapago
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EAD475E8-14E5-4854-8AF5-CE6B4024237C}_is1" = Rappelz_US
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Action Replay DSi Code Manager_is1" = Action Replay DSi Code Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CDisplay_is1" = CDisplay 1.8
"Champions Online" = Champions Online
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"conduitEngine" = Conduit Engine
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GMud32" = Uninstal GMud32
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Manga Studio Debut 4.0" = Manga Studio Debut 4.0
"MapleStory" = MapleStory
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"N360" = Norton 360
"RealPlayer 12.0" = RealPlayer
"Veoh Web Player Beta" = Veoh Web Player
"VLC media player" = VLC media player 1.1.10
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Windows Live Essentials
"World of Warcraft" = World of Warcraft

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2061997185-862170242-4064282783-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/11/2011 11:17:11 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.

Error - 6/12/2011 12:05:20 AM | Computer Name = Steven-PC | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7600.16667 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: f30 Start
Time: 01cc28b599100cfe Termination Time: 20 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: 15babfe4-94a9-11e0-b6bf-90e6ba682005

Error - 6/15/2011 2:50:54 PM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\real\realplayer\plugins\rmxrend.dll".
Dependent
Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/15/2011 3:00:58 PM | Computer Name = Steven-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\real\realplayer\plugins\rmxrend.dll".
Dependent
Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 6/16/2011 3:48:21 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

Error - 6/16/2011 3:48:26 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

Error - 6/16/2011 3:48:33 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

Error - 6/16/2011 3:48:37 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

Error - 6/16/2011 3:48:44 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

Error - 6/16/2011 3:48:49 PM | Computer Name = Steven-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: The data is invalid. .

[ System Events ]
Error - 1/20/2011 9:28:49 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 2 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 1/20/2011 9:34:02 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.

Error - 1/20/2011 9:38:01 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 1/20/2011 11:25:43 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.

Error - 1/21/2011 1:50:35 AM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 1/21/2011 1:15:30 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.

Error - 1/21/2011 1:16:37 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the eventlog service.

Error - 1/21/2011 1:18:56 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 1/21/2011 10:40:10 PM | Computer Name = Steven-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 1/22/2011 2:47:08 PM | Computer Name = Steven-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.


< End of report >



#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 25 June 2011 - 05:45 PM

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • I recommend you to uninstall Conduit Engine as it is often related to adware stuff.
  • Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    • Please follow these steps to remove older version Java components and update:[list]
    • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
    • Look for "JDK 6 Update 26 (JDK or JRE)".
    • Click the "Download JRE" button to the right.
    • Select your Platform: "Windows".
    • Select your Language: "Multi-language".
    • Read the License Agreement, and then check the box that says: "I agree to the Java SE...License Agreement".
    • Click Continue and the page will refresh.
    • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
    • Close any programs you may have running - especially your web browser.
    Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
    • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
    • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
    • Repeat as many times as necessary to remove each Java versions.
    • Reboot your computer once all Java components are removed.
    • Then from your desktop double-click on jre-6u26-windows-i586.exe to install the newest version.
    • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the Java Setup - Welcome window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
    -- Starting with Java 6u10, the uninstaller incorporated in each new release uses Enhanced Auto update to automatically remove the previous version when updating to a later update release. It will not remove older versions, so they will need to be removed manually.
    -- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.


    Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
    To disable the JQS service if you don't want to use it:
    • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
    • Click Ok and reboot your computer.
  • This small application you may want to keep and use to keep the computer clean.
    Download CCleaner from here http://www.ccleaner.com/

    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
  • Tell me also how is your computer running.


#9 sjohn2776

sjohn2776
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 26 June 2011 - 01:29 PM

Okay I've done just as you said and am no longer experiencing any problems.
Would it be okay to set up a restore point at this point.

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 26 June 2011 - 03:25 PM

Yes, everything looks good. :thumbup2:

  • You may delete any tool or log we used from your computer.
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
  • Go to Start => Right-click "Computer" and select "Properties".
  • In the left pane select "System Protection".
  • Press "Configure".
  • Select "Delete". Then press "Continue" close and "OK".
  • Select your drive (drive C) and press "Create".
    Fill in a name for the restore point and press "Create".
    After finished press "Close".
Happy Surfing sjohn2776.:)

#11 sjohn2776

sjohn2776
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:10 AM

Posted 27 June 2011 - 01:21 AM

Thanks so much for your help I'm truly grateful.

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,719 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:04:10 PM

Posted 27 June 2011 - 10:28 AM

You are most welcome. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users