Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

stop: c0000135 the program can't start because %hs is missing from your computer.


  • This topic is locked This topic is locked
6 replies to this topic

#1 Dick Dastardly

Dick Dastardly

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 05 May 2012 - 11:01 AM

stop: c0000135 the program can't start because %hs is missing from your computer.

Doing this from my phone so bear w me. I used a combo of rkill superantispyware malwarebytes and eset32. Apparently i was gonna reboot in safe mode and rkill was gonna unhide any virus but when i went 2 shutdown it said a prog was preventing it but the box was empty, i pressed force shutdown button thinking it was a virus reinstalling itself. Then the shutting down process was taking a long time which it usually doesnt so i left the room came back and got the error on the title. Googled it but the solutions had 2 do w avg and consvr which i dotn have heres the kicker: in recovery console cmd i ran notepad and looked @ drives and theres a x: boot drive thar is 28.7 mb free out of 31.1mb and console is running out of x:\windows\system32
Dont have restore dont and dont want 2 reformat. Hete is frst:

Scan result of Farbar Recovery Scan Tool Version: 05-05-2012 01
Ran by SYSTEM at 05-05-2012 09:49:31
Running from E:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7883296 2009-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent [x]
HKLM\...\Run: [egui] "C:\Program Files (x86)\Apps\Eset\egui.exe" /hide /waitservice [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Apps\VirtualCloneDrive\VCDDaemon.exe" /s [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Apps\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [636032 2012-03-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [10752 2012-01-31] ()
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Nando\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-03] (AMD)
HKU\Nando\...\Run: [SUPERAntiSpyware] C:\Program Files (x86)\Apps\SuperAntiSpyWare\SUPERAntiSpyware.exe [4786048 2012-05-02] (SUPERAntiSpyware.com)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\WB: C:\Program Files (x86)\Apps\Stardock\MyColors\fast64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{540783F0-59F6-494D-BB82-FFC54A4967CE}: [NameServer]209.18.47.61,209.18.47.62
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 BCUService; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [219360 2009-08-04] (DeviceVM, Inc.)
2 ekrn; "C:\Program Files (x86)\Apps\Eset\x86\ekrn.exe" [974944 2011-09-22] (ESET)
2 GEST Service; "C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe" [68136 2009-07-30] ()
2 MBAMService; "C:\Program Files (x86)\Apps\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
3 O&O Defrag; "C:\Program Files\OO Software\Defrag\oodag.exe" [2287360 2009-09-11] (O&O Software GmbH)
2 bglivesvc; C:\Windows\System32\ctxhttp.dll [x]

========================== Drivers (Whitelisted) =============

3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10857984 2012-03-08] (Advanced Micro Devices, Inc.)
3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1930240 2011-04-20] (Atheros Communications, Inc.)
3 Bridge; C:\Windows\System32\Drivers\Bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 DFUBTUSB; C:\Windows\System32\Drivers\frmupgr.sys [37552 2007-01-12] (Broadcom Corporation.)
3 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-10-19] (DT Soft Ltd)
2 eamonm; C:\Windows\System32\Drivers\eamonm.sys [202576 2011-08-09] (ESET)
1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [146432 2011-08-04] (ESET)
2 epfw; C:\Windows\System32\Drivers\epfw.sys [187632 2011-08-04] (ESET)
1 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [38288 2011-08-04] (ESET)
0 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [62496 2011-08-04] (ESET)
3 gdrv; \??\C:\Windows\gdrv.sys [25640 2012-05-02] (Windows ® Server 2003 DDK provider)
1 ISODrive; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 netr7364; C:\Windows\System32\Drivers\netr7364.sys [707072 2009-06-10] (Ralink Technology, Corp.)
1 SASDIFSV; \??\C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-03-19] (Duplex Secure Ltd.)
3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [19968 2009-07-13] (Microsoft Corporation)
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: dmboot
NETSVC: inorpc
NETSVC: bglivesvc
NETSVC: AsDsm
NETSVC: issimon

============ One Month Created Files and Folders ==============

2012-05-05 09:49 - 2010-10-04 12:13 - 0000000 ____D C:\FRST
2012-05-04 18:20 - 2011-05-20 11:37 - 0438224 ____A C:\Windows\ntbtlog.txt
2012-05-04 17:17 - 2009-07-13 21:32 - 0000538 ____A C:\Windows\PFRO.log
2012-05-03 09:17 - 2012-05-02 19:05 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Trine2
2012-05-02 19:05 - 2011-11-10 17:57 - 0000000 ____D C:\Users\Nando\AppData\Roaming\SUPERAntiSpyware.com
2012-05-02 19:04 - 2009-07-13 21:08 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-02 19:04 - 2009-07-13 21:08 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-05-02 18:59 - 2012-03-29 06:39 - 12903112 ____A (SUPERAntiSpyware.com) C:\Users\Nando\Downloads\SUPERAntiSpyware.exe
2012-05-02 17:04 - 2011-03-20 07:35 - 0000357 ____A C:\rkill.log
2012-05-02 17:03 - 2010-08-27 11:37 - 1008141 ____A C:\Users\Nando\Downloads\rkill.com
2012-05-02 16:55 - 2012-01-23 11:49 - 0000000 ____D C:\Users\Nando\Downloads\dta
2012-05-02 16:49 - 2012-05-03 16:08 - 0000000 ___HD C:\Users\Nando\dwhelper
2012-05-02 16:35 - 2012-05-02 16:37 - 0000000 ____A C:\Windows\setuperr.log
2012-05-02 16:35 - 2011-03-19 17:39 - 0000168 ____A C:\Windows\setupact.log
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD AVT
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\Users\All Users\AMD
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\ProgramData\AMD
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\Program Files (x86)\AMD APP
2012-04-25 10:02 - 2011-03-19 14:38 - 0000000 ____D C:\Users\All Users\ATI
2012-04-25 10:02 - 2011-03-19 14:38 - 0000000 ____D C:\ProgramData\ATI
2012-04-20 17:27 - 2012-04-20 16:37 - 18880154 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_OriginalSize.zip
2012-04-20 16:38 - 2012-04-20 16:37 - 0949479 ____A C:\Users\Nando\Downloads\WH40kSM_MasterAttr_pcArchive_1.2.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 18927327 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_ModifiedSize.zip
2012-04-20 16:37 - 2012-04-20 16:36 - 1354583 ____A C:\Users\Nando\Downloads\WH40kSM_SergeantCorvus_HeavyBolter_1.0.zip
2012-04-20 16:37 - 2012-04-20 16:36 - 1018839 ____A C:\Users\Nando\Downloads\WH40kSM_LightningClaw_1.0.zip
2012-04-20 16:36 - 2012-04-20 16:38 - 0606483 ____A C:\Users\Nando\Downloads\WH40kSM_PowerFist_Mod_1.1.zip
2012-04-20 16:36 - 2012-04-20 11:57 - 0639739 ____A C:\Users\Nando\Downloads\WH40kSM_Flamer_Mod_1.1.zip
2012-04-20 16:34 - 2012-04-07 23:53 - 5258418 ____A C:\Users\Nando\Downloads\SP_Titus_preview.zip
2012-04-20 15:46 - 2012-04-20 12:12 - 0031228 ____A C:\Users\Nando\Downloads\Majics Portable Heavy Bolter v0.82.zip
2012-04-20 15:46 - 2012-04-20 12:11 - 0010527 ____A C:\Users\Nando\Downloads\Majics Standard Storm Bolter v1.0.zip
2012-04-20 15:22 - 2012-01-23 12:21 - 0000000 ____D C:\Users\Nando\Downloads\SMTools_v0.1.0.0
2012-04-20 15:21 - 2012-01-23 11:53 - 0000000 ____D C:\Users\Nando\Downloads\SM_BAFXML_1.0
2012-04-20 13:40 - 2012-04-20 15:21 - 0116973 ____A C:\Users\Nando\Downloads\SM_BAFXML_1.0.zip
2012-04-20 13:40 - 2012-04-20 12:23 - 5787493 ____A C:\Users\Nando\Downloads\npp.6.1.1.Installer.exe
2012-04-20 13:39 - 2011-08-23 18:31 - 1314917 ____A C:\Users\Nando\Downloads\SMTools_v0.1.0.0.rar
2012-04-20 12:23 - 2012-01-21 18:37 - 0594198 ____A C:\Users\Nando\Downloads\modpack.zip
2012-04-20 12:21 - 2012-04-04 10:22 - 9599428 ____A C:\Users\Nando\Downloads\deathwatch.zip
2012-04-20 12:20 - 2012-04-02 09:29 - 1899992 ____A C:\Users\Nando\Downloads\ultramarinefaceplate.zip
2012-04-20 12:14 - 2012-04-20 15:46 - 0019515 ____A C:\Users\Nando\Downloads\Majics Portable Plasma Cannon v0.3-VL-FS.zip
2012-04-20 12:13 - 2012-04-20 12:14 - 0012050 ____A C:\Users\Nando\Downloads\Majics Sniper Autocannon v1.0.zip
2012-04-20 12:12 - 2012-04-20 15:46 - 0067301 ____A C:\Users\Nando\Downloads\Majics Superior Powersword v1.1.1.zip
2012-04-20 12:12 - 2012-04-20 12:07 - 0014218 ____A C:\Users\Nando\Downloads\Majics Portable Autocannon v0.2-VL-FS.zip
2012-04-20 12:11 - 2012-04-20 12:13 - 0020304 ____A C:\Users\Nando\Downloads\Majics Standard Bolt Pistol v1.0.zip
2012-04-20 12:07 - 2012-04-20 12:06 - 0004145 ____A C:\Users\Nando\Downloads\Majics Infinite Ammo Crates v1.0.zip
2012-04-20 12:06 - 2012-04-20 12:04 - 0012331 ____A C:\Users\Nando\Downloads\Majics Improved Sniper Rifle v1.0.zip
2012-04-20 12:04 - 2012-01-21 13:36 - 0030023 ____A C:\Users\Nando\Downloads\Majics Golden Bolter v1.1.zip
2012-04-20 11:59 - 2012-04-07 23:54 - 0150517 ____A C:\Users\Nando\Downloads\Space Marine SP Minimods v1.zip
2012-04-20 11:58 - 2012-04-17 19:42 - 0094932 ____A C:\Users\Nando\Downloads\War_40k_SM_1061_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-04-20 11:58 - 0094366 ____A C:\Users\Nando\Downloads\War_40k_SM_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-01-23 11:44 - 1320058 ____A C:\Users\Nando\Downloads\w40kv10610skid+3tr.rar
2012-04-18 07:07 - 2009-07-13 17:47 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-18 07:07 - 2009-07-13 17:41 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-04-18 07:07 - 2009-07-13 17:38 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-18 07:07 - 2009-07-13 17:33 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-18 07:07 - 2009-07-13 17:16 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-04-18 07:07 - 2009-07-13 17:14 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-04-18 07:07 - 2009-07-13 17:11 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-04-18 07:03 - 2012-02-27 22:39 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-18 07:03 - 2012-02-27 22:36 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-18 07:03 - 2012-02-27 21:38 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-18 07:03 - 2012-02-27 21:35 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-18 07:03 - 2012-02-27 20:31 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-18 07:03 - 2012-02-27 19:52 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-18 07:03 - 2011-11-16 22:49 - 0152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-04-18 07:03 - 2011-11-16 22:35 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-04-18 07:03 - 2011-11-16 22:35 - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-04-18 07:03 - 2011-04-28 19:06 - 0410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-04-18 07:03 - 2011-04-28 19:05 - 0168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-04-18 07:03 - 2011-03-19 14:39 - 0467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-04-18 07:03 - 2011-03-02 22:24 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2012-04-18 07:03 - 2011-03-02 21:38 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2012-04-18 07:03 - 2011-02-18 02:54 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-18 07:03 - 2011-02-17 21:41 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-18 07:03 - 2010-11-20 19:25 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-18 07:03 - 2010-11-20 19:25 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0224768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-04-18 07:03 - 2010-11-20 19:24 - 0022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 0357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 0028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-04-18 07:03 - 2009-07-13 17:52 - 0459232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-04-18 07:03 - 2009-07-13 17:41 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-18 07:03 - 2009-07-13 17:40 - 0183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2012-04-18 07:03 - 2009-07-13 17:39 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-18 07:03 - 2009-07-13 17:39 - 1447936 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-04-18 07:03 - 2009-07-13 17:16 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-18 07:03 - 2009-07-13 17:15 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-18 07:03 - 2009-07-13 17:15 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-18 07:03 - 2009-07-13 17:14 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-18 07:03 - 2009-07-13 17:14 - 0270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2012-04-18 07:03 - 2009-07-13 12:49 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-18 07:03 - 2009-03-26 17:20 - 0096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-04-18 07:02 - 2012-05-03 17:32 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-04-18 07:02 - 2012-02-16 22:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-18 07:02 - 2011-08-16 21:26 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-04-18 07:02 - 2011-08-16 20:24 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2012-04-18 07:02 - 2011-07-15 21:41 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-04-18 07:02 - 2011-07-15 21:41 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-04-18 07:02 - 2011-07-15 21:37 - 0421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:24 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-04-18 07:02 - 2011-07-08 18:46 - 0128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-04-18 07:02 - 2011-06-15 02:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-04-18 07:02 - 2011-06-15 02:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2012-04-18 07:02 - 2011-04-26 18:40 - 0288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-04-18 07:02 - 2011-03-10 22:34 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2012-04-18 07:02 - 2011-03-10 21:33 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2012-04-18 07:02 - 2011-03-08 16:15 - 1162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-04-18 07:02 - 2011-03-08 16:15 - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-04-18 07:02 - 2011-02-19 01:00 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-04-18 07:02 - 2011-02-18 20:34 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-04-18 07:02 - 2010-11-20 23:06 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-04-18 07:02 - 2010-11-20 19:24 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0613376 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-04-18 07:02 - 2010-11-20 19:24 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 1572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 0366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-04-18 07:02 - 2010-03-18 05:36 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2012-04-18 07:02 - 2010-03-18 05:36 - 0367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-04-18 07:02 - 2010-03-17 12:53 - 1328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-04-18 07:02 - 2009-07-13 19:20 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-04-18 07:02 - 2009-07-13 17:52 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-04-18 07:02 - 2009-07-13 17:45 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-04-18 07:02 - 2009-07-13 17:40 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-04-18 07:02 - 2009-07-13 17:39 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-04-18 07:02 - 2009-07-13 17:39 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-18 07:02 - 2009-07-13 17:39 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-04-18 07:02 - 2009-07-13 17:38 - 0919040 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-18 07:02 - 2009-07-13 17:31 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-04-18 07:02 - 2009-07-13 17:19 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-04-18 07:02 - 2009-07-13 17:16 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-04-18 07:02 - 2009-07-13 17:14 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-04-18 07:02 - 2009-07-13 17:14 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-04-18 07:02 - 2009-07-13 17:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-04-18 07:02 - 2009-07-13 16:01 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-04-18 07:02 - 2009-07-13 15:55 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-04-18 07:02 - 2009-07-13 15:14 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-04-18 07:02 - 2009-07-13 15:06 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2012-04-18 07:02 - 2009-07-11 16:07 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-04-18 07:02 - 1993-05-11 16:00 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-04-18 06:58 - 2012-01-24 22:38 - 1112064 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-04-18 06:58 - 2011-05-24 02:40 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2012-04-18 06:58 - 2010-11-20 19:23 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-04-18 06:58 - 2010-03-18 10:27 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-04-18 06:58 - 2009-07-13 17:41 - 5561216 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-18 06:58 - 2009-07-13 17:41 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-04-18 06:58 - 2009-07-13 17:41 - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-04-18 06:58 - 2009-07-13 17:40 - 0723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-04-18 06:58 - 2009-07-13 17:31 - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-04-18 06:58 - 2009-07-13 17:27 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2012-04-18 06:58 - 2009-07-13 17:16 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-04-18 06:58 - 2009-07-13 17:16 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-18 06:58 - 2009-07-13 17:15 - 0534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2012-04-18 06:58 - 2009-07-13 17:15 - 0252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2012-04-18 06:58 - 2009-07-13 17:15 - 0145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2012-04-18 06:58 - 2009-07-13 17:15 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2012-04-18 06:58 - 2009-07-13 17:09 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2012-04-18 06:58 - 2008-06-01 21:51 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-04-18 06:57 - 2012-01-31 03:02 - 0017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2012-04-18 06:57 - 2011-02-05 09:10 - 0605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2012-04-18 06:57 - 2011-02-05 09:10 - 0020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2012-04-18 06:57 - 2011-02-05 09:06 - 0518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2012-04-18 06:57 - 2010-11-20 19:24 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-04-18 06:57 - 2010-11-20 19:24 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-04-18 06:57 - 2010-11-20 19:24 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-18 06:57 - 2009-07-13 17:41 - 0642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2012-04-18 06:57 - 2009-07-13 17:41 - 0566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2012-04-18 06:57 - 2009-07-13 17:41 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-04-18 06:57 - 2009-07-13 17:28 - 0019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2012-04-18 06:57 - 2009-07-13 17:16 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-04-18 06:57 - 2009-07-13 16:16 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-04-18 06:57 - 2009-07-13 15:35 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-04-17 19:38 - 2012-04-17 19:03 - 24651261 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Space_Marine_Class_Based_Multiplayer.mp4
2012-04-17 19:03 - 2012-01-20 22:41 - 6029534 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Kill_Team_Announcement_Trailer.flv
2012-04-15 19:21 - 2012-03-29 13:23 - 0111169 ____A C:\Users\Nando\Downloads\260_1000.jpg
2012-04-15 19:18 - 2012-04-15 19:21 - 0046062 ____A C:\Users\Nando\Downloads\496_1000.jpg
2012-04-14 13:23 - 2012-01-23 11:36 - 0055274 ____A C:\Users\Nando\Downloads\x01_arrival - Copy.lua
2012-04-13 10:35 - - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-11 10:52 - 2012-04-20 12:12 - 0421052 ____A C:\Users\Nando\Downloads\Miguel's RBF Editor Plugin v1.5.zip
2012-04-11 10:52 - 2012-01-24 17:55 - 0095241 ____A C:\Users\Nando\Downloads\DoW2_RB2Extractor_1.21.zip
2012-04-11 10:52 - 2012-01-23 17:38 - 0085684 ____A C:\Users\Nando\Downloads\rbf_library.txt
2012-04-10 16:45 - 2011-03-19 14:49 - 0000355 ____A C:\Users\Nando\Computer - Shortcut (2).lnk
2012-04-09 17:07 - 2012-04-09 17:06 - 0150352 ____A C:\Users\Nando\Downloads\AlanWind - Summer 1.jpg
2012-04-09 17:07 - 2012-01-26 19:49 - 0841418 ____A C:\Users\Nando\Downloads\AlanWind - Space.jpg
2012-04-09 17:06 - 2012-04-09 17:07 - 0159681 ____A C:\Users\Nando\Downloads\AlanWind - Style test.jpg
2012-04-09 14:43 - 2012-04-07 23:22 - 0511977 ____A C:\Users\Nando\Downloads\1334010833437.gif
2012-04-07 23:58 - 2012-04-09 17:07 - 0152345 ____A C:\Users\Nando\Downloads\Andreauderzo - Bike Squad.jpg
2012-04-07 23:54 - 2012-04-20 13:40 - 0126275 ____A C:\Users\Nando\Downloads\SolidusSupremus - Relentless by Decree.jpg
2012-04-07 23:53 - 2012-04-20 11:59 - 0119091 ____A C:\Users\Nando\Downloads\SpOoKy777 - strike.jpg
2012-04-07 23:41 - 2012-04-02 08:41 - 1092858 ____A C:\Users\Nando\Downloads\1333745646882.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3391540 ____A C:\Users\Nando\Downloads\1333868934563.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3140627 ____A C:\Users\Nando\Downloads\1333868853452.gif
2012-04-07 23:32 - 2012-04-07 23:31 - 2413826 ____A C:\Users\Nando\Downloads\1333868486915.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3828965 ____A C:\Users\Nando\Downloads\1333868428867.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3432545 ____A C:\Users\Nando\Downloads\1333868362640.gif
2012-04-07 23:31 - 2012-04-07 23:30 - 3444389 ____A C:\Users\Nando\Downloads\1333868296335.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 2928246 ____A C:\Users\Nando\Downloads\1333868236531.gif
2012-04-07 23:30 - 2012-04-07 23:23 - 1746924 ____A C:\Users\Nando\Downloads\1333868181214.gif
2012-04-07 23:23 - 2012-04-07 22:30 - 4185092 ____A C:\Users\Nando\Downloads\1333868126260.gif
2012-04-07 23:22 - 2012-04-07 23:32 - 1999181 ____A C:\Users\Nando\Downloads\1333869331126.gif
2012-04-07 23:22 - 2012-04-07 22:29 - 1424855 ____A C:\Users\Nando\Downloads\1333850436803.gif
2012-04-07 22:30 - 2012-04-07 23:22 - 0118245 ____A C:\Users\Nando\Downloads\1333861961842.gif
2012-04-07 22:29 - 2012-04-07 23:41 - 0297382 ____A C:\Users\Nando\Downloads\1333839810641.gif

============ 3 Months Modified Files and Folders =============

2012-05-05 09:49 - 2012-05-05 09:49 - 0000000 ____D C:\FRST
2012-05-05 09:29 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2012-05-05 04:58 - 2011-03-24 18:37 - 3220037632 __ASH C:\hiberfil.sys
2012-05-05 04:58 - 2011-03-19 15:04 - 0283272 ____A C:\Windows\System32\oodbs.lor
2012-05-05 03:38 - 2012-05-04 18:20 - 0438224 ____A C:\Windows\ntbtlog.txt
2012-05-04 17:17 - 2012-05-04 17:17 - 0000538 ____A C:\Windows\PFRO.log
2012-05-04 17:06 - 2011-03-19 16:44 - 1678618 ____A C:\Windows\WindowsUpdate.log
2012-05-04 17:06 - 2010-08-21 02:50 - 1266969 ____A C:\service.log
2012-05-04 17:05 - 2010-03-22 14:13 - 0000000 ____D C:\Users\Nando\Documents\Warhammer
2012-05-04 16:59 - 2012-05-02 17:04 - 0000357 ____A C:\rkill.log
2012-05-04 16:21 - 2012-01-09 16:37 - 0000000 ____D C:\Users\Nando\AppData\Roaming\uTorrent
2012-05-04 16:10 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-05-04 13:20 - 2012-01-09 16:39 - 0000000 ____D C:\Users\Nando\Downloads\Torrent
2012-05-04 10:28 - 2011-03-19 18:39 - 0023552 ____A C:\Users\Nando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-04 09:23 - 2012-05-02 16:49 - 0000000 ___HD C:\Users\Nando\dwhelper
2012-05-04 00:48 - 2012-03-31 16:02 - 0000344 ____A C:\Windows\Tasks\At10.job
2012-05-04 00:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At9.job
2012-05-03 23:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At8.job
2012-05-03 23:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At7.job
2012-05-03 22:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At6.job
2012-05-03 22:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At5.job
2012-05-03 21:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At4.job
2012-05-03 21:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At3.job
2012-05-03 20:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At2.job
2012-05-03 20:48 - 2012-03-31 16:00 - 0000342 ____A C:\Windows\Tasks\At1.job
2012-05-03 16:10 - 2012-01-09 17:15 - 0000000 ____D C:\Users\Nando\Downloads\eMule
2012-05-03 09:36 - 2010-09-12 16:04 - 0000000 ____D C:\Program Files (x86)\Games
2012-05-03 09:17 - 2012-05-03 09:17 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Trine2
2012-05-03 09:17 - 2011-05-13 21:40 - 0000000 ____D C:\Users\Nando\AppData\Local\SKIDROW
2012-05-03 08:33 - 2012-05-02 16:55 - 0000000 ____D C:\Users\Nando\Downloads\dta
2012-05-02 19:05 - 2012-05-02 19:05 - 0000000 ____D C:\Users\Nando\AppData\Roaming\SUPERAntiSpyware.com
2012-05-02 19:04 - 2012-05-02 19:04 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-02 19:04 - 2012-05-02 19:04 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-05-02 18:59 - 2012-05-02 18:59 - 12903112 ____A (SUPERAntiSpyware.com) C:\Users\Nando\Downloads\SUPERAntiSpyware.exe
2012-05-02 17:03 - 2012-05-02 17:03 - 1008141 ____A C:\Users\Nando\Downloads\rkill.com
2012-05-02 16:49 - 2011-03-19 14:49 - 0000000 ____D C:\users\Nando
2012-05-02 16:42 - 2009-07-13 20:45 - 0021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-02 16:42 - 2009-07-13 20:45 - 0021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-02 16:37 - 2012-05-02 16:35 - 0000168 ____A C:\Windows\setupact.log
2012-05-02 16:36 - 2012-02-24 16:56 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-05-02 16:35 - 2012-05-02 16:35 - 0000000 ____A C:\Windows\setuperr.log
2012-05-02 16:35 - 2011-03-20 09:50 - 0025640 ____A (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2012-05-02 16:35 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-02 05:59 - 2009-07-13 21:13 - 0778150 ____A C:\Windows\System32\PerfStringBackup.INI
2012-05-01 05:10 - 2012-01-21 13:32 - 0000000 ____D C:\Program Files (x86)\Steam
2012-05-01 05:10 - 2011-03-19 20:45 - 0000000 ____D C:\Windows\Minidump
2012-05-01 05:10 - 2011-03-19 15:19 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Media Player Classic
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Users\All Users\ATI
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Users\All Users\AMD
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\ProgramData\ATI
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\ProgramData\AMD
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD AVT
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD APP
2012-04-25 10:02 - 2011-11-02 13:26 - 0000000 ____D C:\Program Files\ATI Technologies
2012-04-25 09:51 - 2011-01-22 14:10 - 0000000 ____D C:\AMD
2012-04-20 17:27 - 2012-04-20 17:27 - 18880154 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_OriginalSize.zip
2012-04-20 16:38 - 2012-04-20 16:38 - 0949479 ____A C:\Users\Nando\Downloads\WH40kSM_MasterAttr_pcArchive_1.2.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 18927327 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_ModifiedSize.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 1354583 ____A C:\Users\Nando\Downloads\WH40kSM_SergeantCorvus_HeavyBolter_1.0.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 1018839 ____A C:\Users\Nando\Downloads\WH40kSM_LightningClaw_1.0.zip
2012-04-20 16:36 - 2012-04-20 16:36 - 0639739 ____A C:\Users\Nando\Downloads\WH40kSM_Flamer_Mod_1.1.zip
2012-04-20 16:36 - 2012-04-20 16:36 - 0606483 ____A C:\Users\Nando\Downloads\WH40kSM_PowerFist_Mod_1.1.zip
2012-04-20 16:34 - 2012-04-20 16:34 - 5258418 ____A C:\Users\Nando\Downloads\SP_Titus_preview.zip
2012-04-20 15:46 - 2012-04-20 15:46 - 0031228 ____A C:\Users\Nando\Downloads\Majics Portable Heavy Bolter v0.82.zip
2012-04-20 15:46 - 2012-04-20 15:46 - 0010527 ____A C:\Users\Nando\Downloads\Majics Standard Storm Bolter v1.0.zip
2012-04-20 15:21 - 2012-04-20 15:21 - 0000000 ____D C:\Users\Nando\Downloads\SM_BAFXML_1.0
2012-04-20 13:40 - 2012-04-20 13:40 - 5787493 ____A C:\Users\Nando\Downloads\npp.6.1.1.Installer.exe
2012-04-20 13:40 - 2012-04-20 13:40 - 0116973 ____A C:\Users\Nando\Downloads\SM_BAFXML_1.0.zip
2012-04-20 13:39 - 2012-04-20 13:39 - 1314917 ____A C:\Users\Nando\Downloads\SMTools_v0.1.0.0.rar
2012-04-20 12:23 - 2012-04-20 12:23 - 0594198 ____A C:\Users\Nando\Downloads\modpack.zip
2012-04-20 12:21 - 2012-04-20 12:21 - 9599428 ____A C:\Users\Nando\Downloads\deathwatch.zip
2012-04-20 12:20 - 2012-04-20 12:20 - 1899992 ____A C:\Users\Nando\Downloads\ultramarinefaceplate.zip
2012-04-20 12:14 - 2012-04-20 12:14 - 0019515 ____A C:\Users\Nando\Downloads\Majics Portable Plasma Cannon v0.3-VL-FS.zip
2012-04-20 12:13 - 2012-04-20 12:13 - 0012050 ____A C:\Users\Nando\Downloads\Majics Sniper Autocannon v1.0.zip
2012-04-20 12:12 - 2012-04-20 12:12 - 0067301 ____A C:\Users\Nando\Downloads\Majics Superior Powersword v1.1.1.zip
2012-04-20 12:12 - 2012-04-20 12:12 - 0014218 ____A C:\Users\Nando\Downloads\Majics Portable Autocannon v0.2-VL-FS.zip
2012-04-20 12:11 - 2012-04-20 12:11 - 0020304 ____A C:\Users\Nando\Downloads\Majics Standard Bolt Pistol v1.0.zip
2012-04-20 12:07 - 2012-04-20 12:07 - 0004145 ____A C:\Users\Nando\Downloads\Majics Infinite Ammo Crates v1.0.zip
2012-04-20 12:06 - 2012-04-20 12:06 - 0012331 ____A C:\Users\Nando\Downloads\Majics Improved Sniper Rifle v1.0.zip
2012-04-20 12:04 - 2012-04-20 12:04 - 0030023 ____A C:\Users\Nando\Downloads\Majics Golden Bolter v1.1.zip
2012-04-20 11:59 - 2012-04-20 11:59 - 0150517 ____A C:\Users\Nando\Downloads\Space Marine SP Minimods v1.zip
2012-04-20 11:58 - 2012-04-20 11:58 - 0094932 ____A C:\Users\Nando\Downloads\War_40k_SM_1061_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-04-20 11:57 - 1320058 ____A C:\Users\Nando\Downloads\w40kv10610skid+3tr.rar
2012-04-20 11:57 - 2012-04-20 11:57 - 0094366 ____A C:\Users\Nando\Downloads\War_40k_SM_PLUS_8_TRN-dEViATED.rar
2012-04-18 09:12 - 2009-07-13 20:45 - 0337736 ____A C:\Windows\System32\FNTCACHE.DAT
2012-04-18 07:32 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2012-04-18 07:19 - 2011-05-31 09:42 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-04-18 07:19 - 2011-05-31 09:42 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-04-17 19:42 - 2012-04-17 19:38 - 24651261 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Space_Marine_Class_Based_Multiplayer.mp4
2012-04-17 19:03 - 2012-04-17 19:03 - 6029534 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Kill_Team_Announcement_Trailer.flv
2012-04-15 19:21 - 2012-04-15 19:21 - 0111169 ____A C:\Users\Nando\Downloads\260_1000.jpg
2012-04-15 19:18 - 2012-04-15 19:18 - 0046062 ____A C:\Users\Nando\Downloads\496_1000.jpg
2012-04-13 10:35 - 2012-04-13 10:35 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-13 10:35 - 2011-03-19 14:38 - 0000000 ____D C:\Users\All Users\Adobe
2012-04-13 10:35 - 2011-03-19 14:38 - 0000000 ____D C:\ProgramData\Adobe
2012-04-11 10:52 - 2012-04-11 10:52 - 0421052 ____A C:\Users\Nando\Downloads\Miguel's RBF Editor Plugin v1.5.zip
2012-04-11 10:52 - 2012-04-11 10:52 - 0095241 ____A C:\Users\Nando\Downloads\DoW2_RB2Extractor_1.21.zip
2012-04-11 10:52 - 2012-04-11 10:52 - 0085684 ____A C:\Users\Nando\Downloads\rbf_library.txt
2012-04-11 10:51 - 2012-01-20 10:26 - 3788967 ____A C:\Users\Nando\Downloads\DoW2_ToolBox_1.991.zip
2012-04-10 16:45 - 2012-04-10 16:45 - 0000355 ____A C:\Users\Nando\Computer - Shortcut (2).lnk
2012-04-09 17:07 - 2012-04-09 17:07 - 0841418 ____A C:\Users\Nando\Downloads\AlanWind - Space.jpg
2012-04-09 17:07 - 2012-04-09 17:07 - 0150352 ____A C:\Users\Nando\Downloads\AlanWind - Summer 1.jpg
2012-04-09 17:06 - 2012-04-09 17:06 - 0159681 ____A C:\Users\Nando\Downloads\AlanWind - Style test.jpg
2012-04-09 14:43 - 2012-04-09 14:43 - 0511977 ____A C:\Users\Nando\Downloads\1334010833437.gif
2012-04-07 23:58 - 2012-04-07 23:58 - 0152345 ____A C:\Users\Nando\Downloads\Andreauderzo - Bike Squad.jpg
2012-04-07 23:54 - 2012-04-07 23:54 - 0126275 ____A C:\Users\Nando\Downloads\SolidusSupremus - Relentless by Decree.jpg
2012-04-07 23:53 - 2012-04-07 23:53 - 0119091 ____A C:\Users\Nando\Downloads\SpOoKy777 - strike.jpg
2012-04-07 23:41 - 2012-04-07 23:41 - 1092858 ____A C:\Users\Nando\Downloads\1333745646882.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3391540 ____A C:\Users\Nando\Downloads\1333868934563.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3140627 ____A C:\Users\Nando\Downloads\1333868853452.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 2413826 ____A C:\Users\Nando\Downloads\1333868486915.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3828965 ____A C:\Users\Nando\Downloads\1333868428867.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3444389 ____A C:\Users\Nando\Downloads\1333868296335.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3432545 ____A C:\Users\Nando\Downloads\1333868362640.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 2928246 ____A C:\Users\Nando\Downloads\1333868236531.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 1746924 ____A C:\Users\Nando\Downloads\1333868181214.gif
2012-04-07 23:23 - 2012-04-07 23:23 - 4185092 ____A C:\Users\Nando\Downloads\1333868126260.gif
2012-04-07 23:22 - 2012-04-07 23:22 - 1999181 ____A C:\Users\Nando\Downloads\1333869331126.gif
2012-04-07 23:22 - 2012-04-07 23:22 - 1424855 ____A C:\Users\Nando\Downloads\1333850436803.gif
2012-04-07 22:30 - 2012-04-07 22:30 - 0118245 ____A C:\Users\Nando\Downloads\1333861961842.gif
2012-04-07 22:29 - 2012-04-07 22:29 - 0297382 ____A C:\Users\Nando\Downloads\1333839810641.gif
2012-04-07 08:01 - 2012-01-15 14:34 - 0000000 ____D C:\Users\Nando\Documents\Calibre Library
2012-04-06 22:45 - 2012-01-18 17:31 - 0006015 ____A C:\Users\Nando\Downloads\dow2retributioncheatmod.7z
2012-04-04 21:08 - 2010-12-12 13:42 - 0009943 ____A C:\Users\Nando\Documents\Wargear.txt
2012-04-04 11:56 - 2012-03-28 19:28 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-04 10:36 - 2012-04-04 10:36 - 0000000 ____D C:\Users\Nando\Downloads\SGA Reader 2 - 150209
2012-04-04 10:35 - 2012-04-04 10:35 - 2230974 ____A C:\Users\Nando\Downloads\SGA Reader 2 - 150209.zip
2012-04-04 10:31 - 2012-04-14 13:23 - 0055274 ____A C:\Users\Nando\Downloads\x01_arrival - Copy.lua
2012-04-04 10:22 - 2012-04-04 10:22 - 0008833 ____A C:\Users\Nando\Downloads\dawnonme2cmod.zip
2012-04-04 10:08 - 2012-04-04 10:08 - 0013436 ____A C:\Users\Nando\Downloads\DOW2+CR_AllWargearMod.zip
2012-04-02 12:28 - 2012-04-02 12:27 - 0000000 ____D C:\Users\Nando\Documents\art
2012-04-02 09:30 - 2012-01-26 19:52 - 0444326 ____A C:\Users\Nando\Downloads\TEHelmet.sga
2012-04-02 09:29 - 2012-01-23 11:52 - 0309398 ____A C:\Users\Nando\Downloads\THVHelmet.sga
2012-04-02 09:29 - 2012-01-23 11:51 - 0349684 ____A C:\Users\Nando\Downloads\TVHelmet.sga
2012-04-02 09:28 - 2012-04-02 09:28 - 1029871 ____A C:\Users\Nando\Downloads\FCVHelmet.sga
2012-04-02 08:41 - 2012-04-02 08:41 - 0357059 ____A C:\Users\Nando\Downloads\1333384630028.jpg
2012-04-02 08:41 - 2012-04-02 08:41 - 0051763 ____A C:\Users\Nando\Downloads\1333384011072.jpg
2012-04-02 07:53 - 2012-04-02 07:53 - 0562839 ____A C:\Users\Nando\Downloads\1333363079971.gif
2012-04-01 21:47 - 2011-04-08 19:18 - 0000000 ____D C:\Users\Nando\AppData\Roaming\vlc
2012-04-01 19:24 - 2012-04-01 19:24 - 0755553 ____A C:\Users\Nando\Downloads\1332912581127.gif
2012-04-01 19:23 - 2012-04-01 19:23 - 1010786 ____A C:\Users\Nando\Downloads\1333329151161.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 2379007 ____A C:\Users\Nando\Downloads\1333331758881.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 1121588 ____A C:\Users\Nando\Downloads\1333331525862.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 0902460 ____A C:\Users\Nando\Downloads\1333331156845.gif
2012-04-01 19:13 - 2012-04-01 19:13 - 2088793 ____A C:\Users\Nando\Downloads\1333329387346.gif
2012-04-01 19:10 - 2012-04-01 19:10 - 0464375 ____A C:\Users\Nando\Downloads\1333332386120.gif
2012-04-01 10:18 - 2012-04-01 10:18 - 0000000 ____D C:\Program Files (x86)\Dawn of War II - Chaos Rising
2012-03-31 16:12 - 2012-02-24 21:35 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-03-31 16:12 - 2012-02-24 21:35 - 0000000 ____D C:\ProgramData\AVAST Software
2012-03-31 16:02 - 2012-03-31 16:02 - 0000000 ____A C:\Users\All Users\uqrasYyj4.dat
2012-03-31 16:02 - 2012-03-31 16:02 - 0000000 ____A C:\ProgramData\uqrasYyj4.dat
2012-03-30 22:38 - 2011-03-19 14:40 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-30 17:19 - 2012-03-30 17:19 - 0040497 ____A C:\Users\Nando\Downloads\Levelup_Sound-321.zip
2012-03-30 17:16 - 2012-03-30 17:16 - 0480802 ____A C:\Users\Nando\Downloads\Cinematic_XP_gain_sound-15620-1-0.7z
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Roaming\ESET
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Roaming\ATI
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Local\ESET
2012-03-29 21:58 - 2012-03-29 21:58 - 0000000 ____D C:\Users\All Users\ESET
2012-03-29 21:58 - 2012-03-29 21:58 - 0000000 ____D C:\ProgramData\ESET
2012-03-29 13:23 - 2012-03-29 13:23 - 1755739 ____A C:\Users\Nando\Downloads\21us0.gif
2012-03-29 06:39 - 2012-01-21 11:30 - 0000000 ____D C:\Users\Nando\Downloads\Steel Storm Burning Retribution (2011) [PCCD][MULTi7][WwW.ZoNaTorrent.CoM]
2012-03-28 23:00 - 2011-03-19 14:26 - 57249312 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-28 20:16 - 2011-03-19 17:25 - 0000156 ____A C:\Windows\desktop.ini
2012-03-28 20:05 - 2012-03-28 20:00 - 0000000 ___SD C:\32788R22FWJFW
2012-03-28 20:00 - 2012-03-28 19:49 - 4448457 ____R (Swearware) C:\Users\Nando\Downloads\ComboFix.exe
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Malwarebytes
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-03-26 18:12 - 2012-03-26 18:12 - 0000355 ____A C:\Users\Nando\Computer - Shortcut.lnk
2012-03-24 14:15 - 2012-01-24 16:54 - 100661181 ____A C:\Users\Nando\Downloads\DoW2_squadmod2.5.rar
2012-03-22 19:49 - 2012-03-22 16:22 - 0000000 ____D C:\Users\Nando\AppData\Roaming\PFStaticIP
2012-03-22 16:20 - 2012-03-22 16:20 - 2677432 ____A C:\Users\Nando\Downloads\Portforward-Setup-Static-IP-Address.exe
2012-03-22 16:13 - 2012-03-22 16:12 - 3371937 ____A C:\Users\Nando\Downloads\Xtreme2.1-sources.rar
2012-03-08 22:28 - 2012-03-08 22:28 - 10857984 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-03-08 21:26 - 2012-03-08 21:26 - 16507392 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0074752 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OpenVideo64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0064512 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0061952 ____A C:\Windows\System32\OVDecode64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0054784 ____A C:\Windows\SysWOW64\OVDecode.dll
2012-03-08 21:25 - 2012-03-08 21:25 - 13238272 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2012-03-08 21:24 - 2012-03-08 21:24 - 0054272 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-03-08 21:24 - 2012-03-08 21:24 - 0048128 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-03-08 21:17 - 2012-03-08 21:17 - 0235184 ____A C:\Windows\SysWOW64\atiapfxx.blb
2012-03-08 21:17 - 2012-03-08 21:17 - 0235184 ____A C:\Windows\System32\atiapfxx.blb
2012-03-08 21:16 - 2012-03-08 21:16 - 0159744 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2012-03-08 21:16 - 2011-10-12 12:14 - 0791552 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2012-03-08 21:14 - 2011-01-26 14:59 - 0958464 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2012-03-08 21:11 - 2012-03-08 21:11 - 0496128 ____A (AMD) C:\Windows\System32\atieclxx.exe
2012-03-08 21:11 - 2012-03-08 21:11 - 0442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2012-03-08 21:10 - 2012-03-08 21:10 - 0235520 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2012-03-08 21:08 - 2012-03-08 21:08 - 0120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2012-03-08 21:08 - 2012-03-08 21:08 - 0021504 ____A (AMD) C:\Windows\System32\atimuixx.dll
2012-03-08 21:07 - 2012-03-08 21:07 - 0059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2012-03-08 21:07 - 2012-03-08 21:07 - 0043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2012-03-08 21:04 - 2012-03-08 21:04 - 6200320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2012-03-08 21:03 - 2012-03-08 21:03 - 26166784 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2012-03-08 20:45 - 2011-01-26 14:40 - 7646208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2012-03-08 20:39 - 2012-03-08 20:39 - 19739136 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2012-03-08 20:36 - 2012-03-08 20:36 - 1828864 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2012-03-08 20:36 - 2012-03-08 20:36 - 1113088 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6v.dll
2012-03-08 20:35 - 2012-03-08 20:35 - 4958208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2012-03-08 20:31 - 2012-03-08 20:31 - 2425664 ____A C:\Windows\System32\atiumd6a.cap
2012-03-08 20:31 - 2012-03-08 20:31 - 0204952 ____A C:\Windows\SysWOW64\ativvsvl.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0204952 ____A C:\Windows\System32\ativvsvl.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0157144 ____A C:\Windows\SysWOW64\ativvsva.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0157144 ____A C:\Windows\System32\ativvsva.dat
2012-03-08 20:23 - 2011-10-12 11:44 - 5954048 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2012-03-08 20:23 - 2011-10-12 11:33 - 5062656 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2012-03-08 20:22 - 2012-03-08 20:22 - 2427392 ____A C:\Windows\SysWOW64\atiumdva.cap
2012-03-08 20:18 - 2012-03-08 20:18 - 0051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2012-03-08 20:17 - 2012-03-08 20:17 - 16069632 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2012-03-08 20:12 - 2012-03-08 20:12 - 13715968 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2012-03-08 20:11 - 2012-03-08 20:11 - 7552000 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0512000 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0356352 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0328704 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2012-03-08 19:58 - 2012-03-08 19:58 - 0039936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0017408 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0014336 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0014336 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2012-03-08 19:57 - 2011-10-12 11:29 - 0043008 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2012-03-08 19:56 - 2012-03-08 19:56 - 0033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2012-03-08 19:56 - 2011-10-12 11:29 - 0039936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2012-03-08 19:56 - 2011-10-12 11:29 - 0030208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2012-03-08 19:55 - 2012-03-08 19:55 - 0053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2012-03-08 19:47 - 2011-01-26 14:20 - 0058880 ____A (AMD) C:\Windows\System32\coinst.dll
2012-02-29 22:46 - 2012-04-18 07:07 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-02-29 22:38 - 2012-04-18 07:07 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-02-29 22:33 - 2012-04-18 07:07 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-02-29 22:28 - 2012-04-18 07:07 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-02-29 21:37 - 2012-04-18 07:07 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-02-29 21:33 - 2012-04-18 07:07 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-02-29 21:29 - 2012-04-18 07:07 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-27 20:31 - 2012-04-18 07:03 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 19:52 - 2012-04-18 07:03 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-24 21:37 - 2012-02-24 21:37 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-02-24 16:38 - 2011-03-20 07:32 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-02-24 16:31 - 2012-02-24 16:20 - 0000000 ____D C:\Users\Nando\Downloads\TL-WN722N
2012-02-24 16:31 - 2012-02-24 16:20 - 0000000 ____D C:\Users\Nando\Downloads\TL-WN721N©_V1_WN722N©_V1
2012-02-24 16:20 - 2012-02-24 15:57 - 0000000 ____D C:\Users\All Users\TP-LINK
2012-02-24 16:20 - 2012-02-24 15:57 - 0000000 ____D C:\ProgramData\TP-LINK
2012-02-17 07:45 - 2012-02-17 07:45 - 0037533 ____A C:\Windows\atiogl.xml
2012-02-16 22:38 - 2012-04-18 06:58 - 1112064 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-02-16 22:38 - 2012-04-18 06:58 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-04-18 06:58 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-04-18 06:57 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-04-18 06:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-13 20:00 - 2012-02-13 20:03 - 0837158 ____A C:\Users\Nando\Documents\hlhfree.pdf
2012-02-09 22:36 - 2012-04-18 07:02 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 21:38 - 2012-04-18 07:02 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-06 12:57 - 2012-02-06 12:57 - 0000000 ____D C:\Users\Nando\Downloads\Data Recovery Wizard Professional 4.3.6

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 4094.49 MB
Available physical RAM: 3524.02 MB
Total Pagefile: 4092.69 MB
Available Pagefile: 3528.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:465.76 GB) (Free:5.14 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
4 Drive e: () (Removable) (Total:0.49 GB) (Free:0.47 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 500 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 1024 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 465 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 500 MB 0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================

==========================================================

Last Boot: 2011-04-05 15:26

======================= End Of Log" ==========================

stop: c0000135 the program can't start because %hs is missing from your computer.

Doing this from my phone so bear w me. I used a combo of rkill superantispyware malwarebytes and eset32. Apparently i was gonna reboot in safe mode and rkill was gonna unhide any virus but when i went 2 shutdown it said a prog was preventing it but the box was empty, i pressed force shutdown button thinking it was a virus reinstalling itself. Then the shutting down process was taking a long time which it usually doesnt so i left the room came back and got the error on the title. Googled it but the solutions had 2 do w avg and consvr which i dotn have heres the kicker: in recovery console cmd i ran notepad and looked @ drives and theres a x: boot drive thar is 28.7 mb free out of 31.1mb and console is running out of x:\windows\system32
Dont have restore dont and dont want 2 reformat. Hete is frst:

Scan result of Farbar Recovery Scan Tool Version: 05-05-2012 01
Ran by SYSTEM at 05-05-2012 09:49:31
Running from E:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7883296 2009-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent [x]
HKLM\...\Run: [egui] "C:\Program Files (x86)\Apps\Eset\egui.exe" /hide /waitservice [4035152 2011-09-22] (ESET)
HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [346320 2009-08-04] (DeviceVM, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Apps\VirtualCloneDrive\VCDDaemon.exe" /s [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Apps\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462408 2012-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [636032 2012-03-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [10752 2012-01-31] ()
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Nando\...\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [393216 2011-10-03] (AMD)
HKU\Nando\...\Run: [SUPERAntiSpyware] C:\Program Files (x86)\Apps\SuperAntiSpyWare\SUPERAntiSpyware.exe [4786048 2012-05-02] (SUPERAntiSpyware.com)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\WB: C:\Program Files (x86)\Apps\Stardock\MyColors\fast64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{540783F0-59F6-494D-BB82-FFC54A4967CE}: [NameServer]209.18.47.61,209.18.47.62
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASCORE64.EXE" [140672 2011-08-11] (SUPERAntiSpyware.com)
2 BCUService; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [219360 2009-08-04] (DeviceVM, Inc.)
2 ekrn; "C:\Program Files (x86)\Apps\Eset\x86\ekrn.exe" [974944 2011-09-22] (ESET)
2 GEST Service; "C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe" [68136 2009-07-30] ()
2 MBAMService; "C:\Program Files (x86)\Apps\Malwarebytes' Anti-Malware\mbamservice.exe" [654408 2012-04-04] (Malwarebytes Corporation)
3 O&O Defrag; "C:\Program Files\OO Software\Defrag\oodag.exe" [2287360 2009-09-11] (O&O Software GmbH)
2 bglivesvc; C:\Windows\System32\ctxhttp.dll [x]

========================== Drivers (Whitelisted) =============

3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10857984 2012-03-08] (Advanced Micro Devices, Inc.)
3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1930240 2011-04-20] (Atheros Communications, Inc.)
3 Bridge; C:\Windows\System32\Drivers\Bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 DFUBTUSB; C:\Windows\System32\Drivers\frmupgr.sys [37552 2007-01-12] (Broadcom Corporation.)
3 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-10-19] (DT Soft Ltd)
2 eamonm; C:\Windows\System32\Drivers\eamonm.sys [202576 2011-08-09] (ESET)
1 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [146432 2011-08-04] (ESET)
2 epfw; C:\Windows\System32\Drivers\epfw.sys [187632 2011-08-04] (ESET)
1 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [38288 2011-08-04] (ESET)
0 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [62496 2011-08-04] (ESET)
3 gdrv; \??\C:\Windows\gdrv.sys [25640 2012-05-02] (Windows ® Server 2003 DDK provider)
1 ISODrive; \??\C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-04-04] (Malwarebytes Corporation)
3 netr7364; C:\Windows\System32\Drivers\netr7364.sys [707072 2009-06-10] (Ralink Technology, Corp.)
1 SASDIFSV; \??\C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files (x86)\Apps\SuperAntiSpyWare\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-03-19] (Duplex Secure Ltd.)
3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [19968 2009-07-13] (Microsoft Corporation)
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: dmboot
NETSVC: inorpc
NETSVC: bglivesvc
NETSVC: AsDsm
NETSVC: issimon

============ One Month Created Files and Folders ==============

2012-05-05 09:49 - 2010-10-04 12:13 - 0000000 ____D C:\FRST
2012-05-04 18:20 - 2011-05-20 11:37 - 0438224 ____A C:\Windows\ntbtlog.txt
2012-05-04 17:17 - 2009-07-13 21:32 - 0000538 ____A C:\Windows\PFRO.log
2012-05-03 09:17 - 2012-05-02 19:05 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Trine2
2012-05-02 19:05 - 2011-11-10 17:57 - 0000000 ____D C:\Users\Nando\AppData\Roaming\SUPERAntiSpyware.com
2012-05-02 19:04 - 2009-07-13 21:08 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-02 19:04 - 2009-07-13 21:08 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-05-02 18:59 - 2012-03-29 06:39 - 12903112 ____A (SUPERAntiSpyware.com) C:\Users\Nando\Downloads\SUPERAntiSpyware.exe
2012-05-02 17:04 - 2011-03-20 07:35 - 0000357 ____A C:\rkill.log
2012-05-02 17:03 - 2010-08-27 11:37 - 1008141 ____A C:\Users\Nando\Downloads\rkill.com
2012-05-02 16:55 - 2012-01-23 11:49 - 0000000 ____D C:\Users\Nando\Downloads\dta
2012-05-02 16:49 - 2012-05-03 16:08 - 0000000 ___HD C:\Users\Nando\dwhelper
2012-05-02 16:35 - 2012-05-02 16:37 - 0000000 ____A C:\Windows\setuperr.log
2012-05-02 16:35 - 2011-03-19 17:39 - 0000168 ____A C:\Windows\setupact.log
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD AVT
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\Users\All Users\AMD
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\ProgramData\AMD
2012-04-25 10:02 - 2012-04-13 10:35 - 0000000 ____D C:\Program Files (x86)\AMD APP
2012-04-25 10:02 - 2011-03-19 14:38 - 0000000 ____D C:\Users\All Users\ATI
2012-04-25 10:02 - 2011-03-19 14:38 - 0000000 ____D C:\ProgramData\ATI
2012-04-20 17:27 - 2012-04-20 16:37 - 18880154 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_OriginalSize.zip
2012-04-20 16:38 - 2012-04-20 16:37 - 0949479 ____A C:\Users\Nando\Downloads\WH40kSM_MasterAttr_pcArchive_1.2.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 18927327 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_ModifiedSize.zip
2012-04-20 16:37 - 2012-04-20 16:36 - 1354583 ____A C:\Users\Nando\Downloads\WH40kSM_SergeantCorvus_HeavyBolter_1.0.zip
2012-04-20 16:37 - 2012-04-20 16:36 - 1018839 ____A C:\Users\Nando\Downloads\WH40kSM_LightningClaw_1.0.zip
2012-04-20 16:36 - 2012-04-20 16:38 - 0606483 ____A C:\Users\Nando\Downloads\WH40kSM_PowerFist_Mod_1.1.zip
2012-04-20 16:36 - 2012-04-20 11:57 - 0639739 ____A C:\Users\Nando\Downloads\WH40kSM_Flamer_Mod_1.1.zip
2012-04-20 16:34 - 2012-04-07 23:53 - 5258418 ____A C:\Users\Nando\Downloads\SP_Titus_preview.zip
2012-04-20 15:46 - 2012-04-20 12:12 - 0031228 ____A C:\Users\Nando\Downloads\Majics Portable Heavy Bolter v0.82.zip
2012-04-20 15:46 - 2012-04-20 12:11 - 0010527 ____A C:\Users\Nando\Downloads\Majics Standard Storm Bolter v1.0.zip
2012-04-20 15:22 - 2012-01-23 12:21 - 0000000 ____D C:\Users\Nando\Downloads\SMTools_v0.1.0.0
2012-04-20 15:21 - 2012-01-23 11:53 - 0000000 ____D C:\Users\Nando\Downloads\SM_BAFXML_1.0
2012-04-20 13:40 - 2012-04-20 15:21 - 0116973 ____A C:\Users\Nando\Downloads\SM_BAFXML_1.0.zip
2012-04-20 13:40 - 2012-04-20 12:23 - 5787493 ____A C:\Users\Nando\Downloads\npp.6.1.1.Installer.exe
2012-04-20 13:39 - 2011-08-23 18:31 - 1314917 ____A C:\Users\Nando\Downloads\SMTools_v0.1.0.0.rar
2012-04-20 12:23 - 2012-01-21 18:37 - 0594198 ____A C:\Users\Nando\Downloads\modpack.zip
2012-04-20 12:21 - 2012-04-04 10:22 - 9599428 ____A C:\Users\Nando\Downloads\deathwatch.zip
2012-04-20 12:20 - 2012-04-02 09:29 - 1899992 ____A C:\Users\Nando\Downloads\ultramarinefaceplate.zip
2012-04-20 12:14 - 2012-04-20 15:46 - 0019515 ____A C:\Users\Nando\Downloads\Majics Portable Plasma Cannon v0.3-VL-FS.zip
2012-04-20 12:13 - 2012-04-20 12:14 - 0012050 ____A C:\Users\Nando\Downloads\Majics Sniper Autocannon v1.0.zip
2012-04-20 12:12 - 2012-04-20 15:46 - 0067301 ____A C:\Users\Nando\Downloads\Majics Superior Powersword v1.1.1.zip
2012-04-20 12:12 - 2012-04-20 12:07 - 0014218 ____A C:\Users\Nando\Downloads\Majics Portable Autocannon v0.2-VL-FS.zip
2012-04-20 12:11 - 2012-04-20 12:13 - 0020304 ____A C:\Users\Nando\Downloads\Majics Standard Bolt Pistol v1.0.zip
2012-04-20 12:07 - 2012-04-20 12:06 - 0004145 ____A C:\Users\Nando\Downloads\Majics Infinite Ammo Crates v1.0.zip
2012-04-20 12:06 - 2012-04-20 12:04 - 0012331 ____A C:\Users\Nando\Downloads\Majics Improved Sniper Rifle v1.0.zip
2012-04-20 12:04 - 2012-01-21 13:36 - 0030023 ____A C:\Users\Nando\Downloads\Majics Golden Bolter v1.1.zip
2012-04-20 11:59 - 2012-04-07 23:54 - 0150517 ____A C:\Users\Nando\Downloads\Space Marine SP Minimods v1.zip
2012-04-20 11:58 - 2012-04-17 19:42 - 0094932 ____A C:\Users\Nando\Downloads\War_40k_SM_1061_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-04-20 11:58 - 0094366 ____A C:\Users\Nando\Downloads\War_40k_SM_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-01-23 11:44 - 1320058 ____A C:\Users\Nando\Downloads\w40kv10610skid+3tr.rar
2012-04-18 07:07 - 2009-07-13 17:47 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-18 07:07 - 2009-07-13 17:41 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-04-18 07:07 - 2009-07-13 17:38 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-18 07:07 - 2009-07-13 17:33 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-18 07:07 - 2009-07-13 17:16 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-04-18 07:07 - 2009-07-13 17:14 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-04-18 07:07 - 2009-07-13 17:11 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-04-18 07:03 - 2012-02-27 22:39 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-18 07:03 - 2012-02-27 22:36 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-18 07:03 - 2012-02-27 21:38 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-18 07:03 - 2012-02-27 21:35 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-18 07:03 - 2012-02-27 20:31 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-18 07:03 - 2012-02-27 19:52 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-18 07:03 - 2011-11-16 22:49 - 0152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-04-18 07:03 - 2011-11-16 22:35 - 0031232 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe
2012-04-18 07:03 - 2011-11-16 22:35 - 0029184 ____A (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2012-04-18 07:03 - 2011-04-28 19:06 - 0410112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2012-04-18 07:03 - 2011-04-28 19:05 - 0168448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2012-04-18 07:03 - 2011-03-19 14:39 - 0467456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2012-04-18 07:03 - 2011-03-02 22:24 - 0030208 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2012-04-18 07:03 - 2011-03-02 21:38 - 0028672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2012-04-18 07:03 - 2011-02-18 02:54 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-18 07:03 - 2011-02-17 21:41 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-18 07:03 - 2010-11-20 19:25 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-18 07:03 - 2010-11-20 19:25 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0395776 ____A (Microsoft Corporation) C:\Windows\System32\webio.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0314880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0224768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-04-18 07:03 - 2010-11-20 19:24 - 0095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-04-18 07:03 - 2010-11-20 19:24 - 0022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 0357888 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2012-04-18 07:03 - 2010-11-20 19:23 - 0028160 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll
2012-04-18 07:03 - 2009-07-13 17:52 - 0459232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-04-18 07:03 - 2009-07-13 17:41 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0136192 ____A (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2012-04-18 07:03 - 2009-07-13 17:41 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-18 07:03 - 2009-07-13 17:40 - 0183296 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2012-04-18 07:03 - 2009-07-13 17:39 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-18 07:03 - 2009-07-13 17:39 - 1447936 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2012-04-18 07:03 - 2009-07-13 17:16 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-18 07:03 - 2009-07-13 17:15 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-18 07:03 - 2009-07-13 17:15 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-04-18 07:03 - 2009-07-13 17:14 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-18 07:03 - 2009-07-13 17:14 - 0270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2012-04-18 07:03 - 2009-07-13 12:49 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-04-18 07:03 - 2009-03-26 17:20 - 0096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-04-18 07:02 - 2012-05-03 17:32 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-04-18 07:02 - 2012-02-16 22:38 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-18 07:02 - 2011-08-16 21:26 - 0108032 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2012-04-18 07:02 - 2011-08-16 20:24 - 0075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2012-04-18 07:02 - 2011-07-15 21:41 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-04-18 07:02 - 2011-07-15 21:41 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-04-18 07:02 - 2011-07-15 21:37 - 0421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 21:21 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:24 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 20:15 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-04-18 07:02 - 2011-07-15 18:17 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-04-18 07:02 - 2011-07-08 18:46 - 0128000 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2012-04-18 07:02 - 2011-06-15 02:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2012-04-18 07:02 - 2011-06-15 02:02 - 0106496 ____A (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0086016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2012-04-18 07:02 - 2011-06-15 00:55 - 0081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2012-04-18 07:02 - 2011-04-26 18:40 - 0288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2012-04-18 07:02 - 2011-03-10 22:34 - 1359872 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2012-04-18 07:02 - 2011-03-10 21:33 - 1164288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2012-04-18 07:02 - 2011-03-08 16:15 - 1162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-04-18 07:02 - 2011-03-08 16:15 - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-04-18 07:02 - 2011-02-19 01:00 - 0046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-04-18 07:02 - 2011-02-18 20:34 - 0034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-04-18 07:02 - 2010-11-20 23:06 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-04-18 07:02 - 2010-11-20 19:24 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 1137664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0613376 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0158208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2012-04-18 07:02 - 2010-11-20 19:24 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-04-18 07:02 - 2010-11-20 19:24 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 1572864 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 0366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2012-04-18 07:02 - 2010-11-20 19:23 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-04-18 07:02 - 2010-03-18 05:36 - 1395712 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2012-04-18 07:02 - 2010-03-18 05:36 - 0367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-04-18 07:02 - 2010-03-17 12:53 - 1328128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2012-04-18 07:02 - 2009-07-13 19:20 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-04-18 07:02 - 2009-07-13 17:52 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-04-18 07:02 - 2009-07-13 17:45 - 0613888 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-04-18 07:02 - 2009-07-13 17:41 - 0142336 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2012-04-18 07:02 - 2009-07-13 17:40 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-04-18 07:02 - 2009-07-13 17:39 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-04-18 07:02 - 2009-07-13 17:39 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-18 07:02 - 2009-07-13 17:39 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-04-18 07:02 - 2009-07-13 17:38 - 0919040 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-18 07:02 - 2009-07-13 17:31 - 0212992 ____A (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2012-04-18 07:02 - 2009-07-13 17:19 - 0465408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0319488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0123904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2012-04-18 07:02 - 2009-07-13 17:16 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-04-18 07:02 - 2009-07-13 17:16 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-04-18 07:02 - 2009-07-13 17:14 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-04-18 07:02 - 2009-07-13 17:14 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-04-18 07:02 - 2009-07-13 17:14 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-04-18 07:02 - 2009-07-13 16:01 - 1923952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-04-18 07:02 - 2009-07-13 15:55 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2012-04-18 07:02 - 2009-07-13 15:14 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2012-04-18 07:02 - 2009-07-13 15:06 - 0122880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2012-04-18 07:02 - 2009-07-11 16:07 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-04-18 07:02 - 1993-05-11 16:00 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-04-18 06:58 - 2012-01-24 22:38 - 1112064 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-04-18 06:58 - 2011-05-24 02:40 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0741376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2012-04-18 06:58 - 2010-11-20 19:24 - 0233472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2012-04-18 06:58 - 2010-11-20 19:23 - 0331776 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2012-04-18 06:58 - 2010-03-18 10:27 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-04-18 06:58 - 2009-07-13 17:41 - 5561216 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-04-18 06:58 - 2009-07-13 17:41 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2012-04-18 06:58 - 2009-07-13 17:41 - 0404480 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2012-04-18 06:58 - 2009-07-13 17:40 - 0723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2012-04-18 06:58 - 2009-07-13 17:31 - 0861696 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2012-04-18 06:58 - 2009-07-13 17:27 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2012-04-18 06:58 - 2009-07-13 17:16 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-04-18 06:58 - 2009-07-13 17:16 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-18 06:58 - 2009-07-13 17:15 - 0534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2012-04-18 06:58 - 2009-07-13 17:15 - 0252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2012-04-18 06:58 - 2009-07-13 17:15 - 0145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2012-04-18 06:58 - 2009-07-13 17:15 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2012-04-18 06:58 - 2009-07-13 17:09 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2012-04-18 06:58 - 2008-06-01 21:51 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-04-18 06:57 - 2012-01-31 03:02 - 0017792 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2012-04-18 06:57 - 2011-02-05 09:10 - 0605552 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2012-04-18 06:57 - 2011-02-05 09:10 - 0020352 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2012-04-18 06:57 - 2011-02-05 09:06 - 0518672 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2012-04-18 06:57 - 2010-11-20 19:24 - 1731920 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2012-04-18 06:57 - 2010-11-20 19:24 - 1292080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-04-18 06:57 - 2010-11-20 19:24 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-18 06:57 - 2009-07-13 17:41 - 0642944 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2012-04-18 06:57 - 2009-07-13 17:41 - 0566208 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2012-04-18 06:57 - 2009-07-13 17:41 - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll
2012-04-18 06:57 - 2009-07-13 17:28 - 0019328 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2012-04-18 06:57 - 2009-07-13 17:16 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2012-04-18 06:57 - 2009-07-13 16:16 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-04-18 06:57 - 2009-07-13 15:35 - 0090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2012-04-17 19:38 - 2012-04-17 19:03 - 24651261 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Space_Marine_Class_Based_Multiplayer.mp4
2012-04-17 19:03 - 2012-01-20 22:41 - 6029534 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Kill_Team_Announcement_Trailer.flv
2012-04-15 19:21 - 2012-03-29 13:23 - 0111169 ____A C:\Users\Nando\Downloads\260_1000.jpg
2012-04-15 19:18 - 2012-04-15 19:21 - 0046062 ____A C:\Users\Nando\Downloads\496_1000.jpg
2012-04-14 13:23 - 2012-01-23 11:36 - 0055274 ____A C:\Users\Nando\Downloads\x01_arrival - Copy.lua
2012-04-13 10:35 - - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-11 10:52 - 2012-04-20 12:12 - 0421052 ____A C:\Users\Nando\Downloads\Miguel's RBF Editor Plugin v1.5.zip
2012-04-11 10:52 - 2012-01-24 17:55 - 0095241 ____A C:\Users\Nando\Downloads\DoW2_RB2Extractor_1.21.zip
2012-04-11 10:52 - 2012-01-23 17:38 - 0085684 ____A C:\Users\Nando\Downloads\rbf_library.txt
2012-04-10 16:45 - 2011-03-19 14:49 - 0000355 ____A C:\Users\Nando\Computer - Shortcut (2).lnk
2012-04-09 17:07 - 2012-04-09 17:06 - 0150352 ____A C:\Users\Nando\Downloads\AlanWind - Summer 1.jpg
2012-04-09 17:07 - 2012-01-26 19:49 - 0841418 ____A C:\Users\Nando\Downloads\AlanWind - Space.jpg
2012-04-09 17:06 - 2012-04-09 17:07 - 0159681 ____A C:\Users\Nando\Downloads\AlanWind - Style test.jpg
2012-04-09 14:43 - 2012-04-07 23:22 - 0511977 ____A C:\Users\Nando\Downloads\1334010833437.gif
2012-04-07 23:58 - 2012-04-09 17:07 - 0152345 ____A C:\Users\Nando\Downloads\Andreauderzo - Bike Squad.jpg
2012-04-07 23:54 - 2012-04-20 13:40 - 0126275 ____A C:\Users\Nando\Downloads\SolidusSupremus - Relentless by Decree.jpg
2012-04-07 23:53 - 2012-04-20 11:59 - 0119091 ____A C:\Users\Nando\Downloads\SpOoKy777 - strike.jpg
2012-04-07 23:41 - 2012-04-02 08:41 - 1092858 ____A C:\Users\Nando\Downloads\1333745646882.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3391540 ____A C:\Users\Nando\Downloads\1333868934563.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3140627 ____A C:\Users\Nando\Downloads\1333868853452.gif
2012-04-07 23:32 - 2012-04-07 23:31 - 2413826 ____A C:\Users\Nando\Downloads\1333868486915.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3828965 ____A C:\Users\Nando\Downloads\1333868428867.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3432545 ____A C:\Users\Nando\Downloads\1333868362640.gif
2012-04-07 23:31 - 2012-04-07 23:30 - 3444389 ____A C:\Users\Nando\Downloads\1333868296335.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 2928246 ____A C:\Users\Nando\Downloads\1333868236531.gif
2012-04-07 23:30 - 2012-04-07 23:23 - 1746924 ____A C:\Users\Nando\Downloads\1333868181214.gif
2012-04-07 23:23 - 2012-04-07 22:30 - 4185092 ____A C:\Users\Nando\Downloads\1333868126260.gif
2012-04-07 23:22 - 2012-04-07 23:32 - 1999181 ____A C:\Users\Nando\Downloads\1333869331126.gif
2012-04-07 23:22 - 2012-04-07 22:29 - 1424855 ____A C:\Users\Nando\Downloads\1333850436803.gif
2012-04-07 22:30 - 2012-04-07 23:22 - 0118245 ____A C:\Users\Nando\Downloads\1333861961842.gif
2012-04-07 22:29 - 2012-04-07 23:41 - 0297382 ____A C:\Users\Nando\Downloads\1333839810641.gif

============ 3 Months Modified Files and Folders =============

2012-05-05 09:49 - 2012-05-05 09:49 - 0000000 ____D C:\FRST
2012-05-05 09:29 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2012-05-05 04:58 - 2011-03-24 18:37 - 3220037632 __ASH C:\hiberfil.sys
2012-05-05 04:58 - 2011-03-19 15:04 - 0283272 ____A C:\Windows\System32\oodbs.lor
2012-05-05 03:38 - 2012-05-04 18:20 - 0438224 ____A C:\Windows\ntbtlog.txt
2012-05-04 17:17 - 2012-05-04 17:17 - 0000538 ____A C:\Windows\PFRO.log
2012-05-04 17:06 - 2011-03-19 16:44 - 1678618 ____A C:\Windows\WindowsUpdate.log
2012-05-04 17:06 - 2010-08-21 02:50 - 1266969 ____A C:\service.log
2012-05-04 17:05 - 2010-03-22 14:13 - 0000000 ____D C:\Users\Nando\Documents\Warhammer
2012-05-04 16:59 - 2012-05-02 17:04 - 0000357 ____A C:\rkill.log
2012-05-04 16:21 - 2012-01-09 16:37 - 0000000 ____D C:\Users\Nando\AppData\Roaming\uTorrent
2012-05-04 16:10 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-05-04 13:20 - 2012-01-09 16:39 - 0000000 ____D C:\Users\Nando\Downloads\Torrent
2012-05-04 10:28 - 2011-03-19 18:39 - 0023552 ____A C:\Users\Nando\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-05-04 09:23 - 2012-05-02 16:49 - 0000000 ___HD C:\Users\Nando\dwhelper
2012-05-04 00:48 - 2012-03-31 16:02 - 0000344 ____A C:\Windows\Tasks\At10.job
2012-05-04 00:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At9.job
2012-05-03 23:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At8.job
2012-05-03 23:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At7.job
2012-05-03 22:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At6.job
2012-05-03 22:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At5.job
2012-05-03 21:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At4.job
2012-05-03 21:48 - 2012-03-31 16:01 - 0000342 ____A C:\Windows\Tasks\At3.job
2012-05-03 20:48 - 2012-03-31 16:01 - 0000344 ____A C:\Windows\Tasks\At2.job
2012-05-03 20:48 - 2012-03-31 16:00 - 0000342 ____A C:\Windows\Tasks\At1.job
2012-05-03 16:10 - 2012-01-09 17:15 - 0000000 ____D C:\Users\Nando\Downloads\eMule
2012-05-03 09:36 - 2010-09-12 16:04 - 0000000 ____D C:\Program Files (x86)\Games
2012-05-03 09:17 - 2012-05-03 09:17 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Trine2
2012-05-03 09:17 - 2011-05-13 21:40 - 0000000 ____D C:\Users\Nando\AppData\Local\SKIDROW
2012-05-03 08:33 - 2012-05-02 16:55 - 0000000 ____D C:\Users\Nando\Downloads\dta
2012-05-02 19:05 - 2012-05-02 19:05 - 0000000 ____D C:\Users\Nando\AppData\Roaming\SUPERAntiSpyware.com
2012-05-02 19:04 - 2012-05-02 19:04 - 0000000 ____D C:\Users\All Users\SUPERAntiSpyware.com
2012-05-02 19:04 - 2012-05-02 19:04 - 0000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2012-05-02 18:59 - 2012-05-02 18:59 - 12903112 ____A (SUPERAntiSpyware.com) C:\Users\Nando\Downloads\SUPERAntiSpyware.exe
2012-05-02 17:03 - 2012-05-02 17:03 - 1008141 ____A C:\Users\Nando\Downloads\rkill.com
2012-05-02 16:49 - 2011-03-19 14:49 - 0000000 ____D C:\users\Nando
2012-05-02 16:42 - 2009-07-13 20:45 - 0021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-02 16:42 - 2009-07-13 20:45 - 0021072 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-02 16:37 - 2012-05-02 16:35 - 0000168 ____A C:\Windows\setupact.log
2012-05-02 16:36 - 2012-02-24 16:56 - 0000000 __ASH C:\Windows\System32\dds_trash_log.cmd
2012-05-02 16:35 - 2012-05-02 16:35 - 0000000 ____A C:\Windows\setuperr.log
2012-05-02 16:35 - 2011-03-20 09:50 - 0025640 ____A (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2012-05-02 16:35 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-02 05:59 - 2009-07-13 21:13 - 0778150 ____A C:\Windows\System32\PerfStringBackup.INI
2012-05-01 05:10 - 2012-01-21 13:32 - 0000000 ____D C:\Program Files (x86)\Steam
2012-05-01 05:10 - 2011-03-19 20:45 - 0000000 ____D C:\Windows\Minidump
2012-05-01 05:10 - 2011-03-19 15:19 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Media Player Classic
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Users\All Users\ATI
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Users\All Users\AMD
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\ProgramData\ATI
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\ProgramData\AMD
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD AVT
2012-04-25 10:02 - 2012-04-25 10:02 - 0000000 ____D C:\Program Files (x86)\AMD APP
2012-04-25 10:02 - 2011-11-02 13:26 - 0000000 ____D C:\Program Files\ATI Technologies
2012-04-25 09:51 - 2011-01-22 14:10 - 0000000 ____D C:\AMD
2012-04-20 17:27 - 2012-04-20 17:27 - 18880154 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_OriginalSize.zip
2012-04-20 16:38 - 2012-04-20 16:38 - 0949479 ____A C:\Users\Nando\Downloads\WH40kSM_MasterAttr_pcArchive_1.2.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 18927327 ____A C:\Users\Nando\Downloads\WH40kSM_UltramarinesGoldArmor_1.0_ModifiedSize.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 1354583 ____A C:\Users\Nando\Downloads\WH40kSM_SergeantCorvus_HeavyBolter_1.0.zip
2012-04-20 16:37 - 2012-04-20 16:37 - 1018839 ____A C:\Users\Nando\Downloads\WH40kSM_LightningClaw_1.0.zip
2012-04-20 16:36 - 2012-04-20 16:36 - 0639739 ____A C:\Users\Nando\Downloads\WH40kSM_Flamer_Mod_1.1.zip
2012-04-20 16:36 - 2012-04-20 16:36 - 0606483 ____A C:\Users\Nando\Downloads\WH40kSM_PowerFist_Mod_1.1.zip
2012-04-20 16:34 - 2012-04-20 16:34 - 5258418 ____A C:\Users\Nando\Downloads\SP_Titus_preview.zip
2012-04-20 15:46 - 2012-04-20 15:46 - 0031228 ____A C:\Users\Nando\Downloads\Majics Portable Heavy Bolter v0.82.zip
2012-04-20 15:46 - 2012-04-20 15:46 - 0010527 ____A C:\Users\Nando\Downloads\Majics Standard Storm Bolter v1.0.zip
2012-04-20 15:21 - 2012-04-20 15:21 - 0000000 ____D C:\Users\Nando\Downloads\SM_BAFXML_1.0
2012-04-20 13:40 - 2012-04-20 13:40 - 5787493 ____A C:\Users\Nando\Downloads\npp.6.1.1.Installer.exe
2012-04-20 13:40 - 2012-04-20 13:40 - 0116973 ____A C:\Users\Nando\Downloads\SM_BAFXML_1.0.zip
2012-04-20 13:39 - 2012-04-20 13:39 - 1314917 ____A C:\Users\Nando\Downloads\SMTools_v0.1.0.0.rar
2012-04-20 12:23 - 2012-04-20 12:23 - 0594198 ____A C:\Users\Nando\Downloads\modpack.zip
2012-04-20 12:21 - 2012-04-20 12:21 - 9599428 ____A C:\Users\Nando\Downloads\deathwatch.zip
2012-04-20 12:20 - 2012-04-20 12:20 - 1899992 ____A C:\Users\Nando\Downloads\ultramarinefaceplate.zip
2012-04-20 12:14 - 2012-04-20 12:14 - 0019515 ____A C:\Users\Nando\Downloads\Majics Portable Plasma Cannon v0.3-VL-FS.zip
2012-04-20 12:13 - 2012-04-20 12:13 - 0012050 ____A C:\Users\Nando\Downloads\Majics Sniper Autocannon v1.0.zip
2012-04-20 12:12 - 2012-04-20 12:12 - 0067301 ____A C:\Users\Nando\Downloads\Majics Superior Powersword v1.1.1.zip
2012-04-20 12:12 - 2012-04-20 12:12 - 0014218 ____A C:\Users\Nando\Downloads\Majics Portable Autocannon v0.2-VL-FS.zip
2012-04-20 12:11 - 2012-04-20 12:11 - 0020304 ____A C:\Users\Nando\Downloads\Majics Standard Bolt Pistol v1.0.zip
2012-04-20 12:07 - 2012-04-20 12:07 - 0004145 ____A C:\Users\Nando\Downloads\Majics Infinite Ammo Crates v1.0.zip
2012-04-20 12:06 - 2012-04-20 12:06 - 0012331 ____A C:\Users\Nando\Downloads\Majics Improved Sniper Rifle v1.0.zip
2012-04-20 12:04 - 2012-04-20 12:04 - 0030023 ____A C:\Users\Nando\Downloads\Majics Golden Bolter v1.1.zip
2012-04-20 11:59 - 2012-04-20 11:59 - 0150517 ____A C:\Users\Nando\Downloads\Space Marine SP Minimods v1.zip
2012-04-20 11:58 - 2012-04-20 11:58 - 0094932 ____A C:\Users\Nando\Downloads\War_40k_SM_1061_PLUS_8_TRN-dEViATED.rar
2012-04-20 11:57 - 2012-04-20 11:57 - 1320058 ____A C:\Users\Nando\Downloads\w40kv10610skid+3tr.rar
2012-04-20 11:57 - 2012-04-20 11:57 - 0094366 ____A C:\Users\Nando\Downloads\War_40k_SM_PLUS_8_TRN-dEViATED.rar
2012-04-18 09:12 - 2009-07-13 20:45 - 0337736 ____A C:\Windows\System32\FNTCACHE.DAT
2012-04-18 07:32 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2012-04-18 07:19 - 2011-05-31 09:42 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-04-18 07:19 - 2011-05-31 09:42 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-04-17 19:42 - 2012-04-17 19:38 - 24651261 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Space_Marine_Class_Based_Multiplayer.mp4
2012-04-17 19:03 - 2012-04-17 19:03 - 6029534 ____A C:\Users\Nando\Downloads\Warhammer_40_000_Kill_Team_Announcement_Trailer.flv
2012-04-15 19:21 - 2012-04-15 19:21 - 0111169 ____A C:\Users\Nando\Downloads\260_1000.jpg
2012-04-15 19:18 - 2012-04-15 19:18 - 0046062 ____A C:\Users\Nando\Downloads\496_1000.jpg
2012-04-13 10:35 - 2012-04-13 10:35 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-13 10:35 - 2011-03-19 14:38 - 0000000 ____D C:\Users\All Users\Adobe
2012-04-13 10:35 - 2011-03-19 14:38 - 0000000 ____D C:\ProgramData\Adobe
2012-04-11 10:52 - 2012-04-11 10:52 - 0421052 ____A C:\Users\Nando\Downloads\Miguel's RBF Editor Plugin v1.5.zip
2012-04-11 10:52 - 2012-04-11 10:52 - 0095241 ____A C:\Users\Nando\Downloads\DoW2_RB2Extractor_1.21.zip
2012-04-11 10:52 - 2012-04-11 10:52 - 0085684 ____A C:\Users\Nando\Downloads\rbf_library.txt
2012-04-11 10:51 - 2012-01-20 10:26 - 3788967 ____A C:\Users\Nando\Downloads\DoW2_ToolBox_1.991.zip
2012-04-10 16:45 - 2012-04-10 16:45 - 0000355 ____A C:\Users\Nando\Computer - Shortcut (2).lnk
2012-04-09 17:07 - 2012-04-09 17:07 - 0841418 ____A C:\Users\Nando\Downloads\AlanWind - Space.jpg
2012-04-09 17:07 - 2012-04-09 17:07 - 0150352 ____A C:\Users\Nando\Downloads\AlanWind - Summer 1.jpg
2012-04-09 17:06 - 2012-04-09 17:06 - 0159681 ____A C:\Users\Nando\Downloads\AlanWind - Style test.jpg
2012-04-09 14:43 - 2012-04-09 14:43 - 0511977 ____A C:\Users\Nando\Downloads\1334010833437.gif
2012-04-07 23:58 - 2012-04-07 23:58 - 0152345 ____A C:\Users\Nando\Downloads\Andreauderzo - Bike Squad.jpg
2012-04-07 23:54 - 2012-04-07 23:54 - 0126275 ____A C:\Users\Nando\Downloads\SolidusSupremus - Relentless by Decree.jpg
2012-04-07 23:53 - 2012-04-07 23:53 - 0119091 ____A C:\Users\Nando\Downloads\SpOoKy777 - strike.jpg
2012-04-07 23:41 - 2012-04-07 23:41 - 1092858 ____A C:\Users\Nando\Downloads\1333745646882.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3391540 ____A C:\Users\Nando\Downloads\1333868934563.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 3140627 ____A C:\Users\Nando\Downloads\1333868853452.gif
2012-04-07 23:32 - 2012-04-07 23:32 - 2413826 ____A C:\Users\Nando\Downloads\1333868486915.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3828965 ____A C:\Users\Nando\Downloads\1333868428867.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3444389 ____A C:\Users\Nando\Downloads\1333868296335.gif
2012-04-07 23:31 - 2012-04-07 23:31 - 3432545 ____A C:\Users\Nando\Downloads\1333868362640.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 2928246 ____A C:\Users\Nando\Downloads\1333868236531.gif
2012-04-07 23:30 - 2012-04-07 23:30 - 1746924 ____A C:\Users\Nando\Downloads\1333868181214.gif
2012-04-07 23:23 - 2012-04-07 23:23 - 4185092 ____A C:\Users\Nando\Downloads\1333868126260.gif
2012-04-07 23:22 - 2012-04-07 23:22 - 1999181 ____A C:\Users\Nando\Downloads\1333869331126.gif
2012-04-07 23:22 - 2012-04-07 23:22 - 1424855 ____A C:\Users\Nando\Downloads\1333850436803.gif
2012-04-07 22:30 - 2012-04-07 22:30 - 0118245 ____A C:\Users\Nando\Downloads\1333861961842.gif
2012-04-07 22:29 - 2012-04-07 22:29 - 0297382 ____A C:\Users\Nando\Downloads\1333839810641.gif
2012-04-07 08:01 - 2012-01-15 14:34 - 0000000 ____D C:\Users\Nando\Documents\Calibre Library
2012-04-06 22:45 - 2012-01-18 17:31 - 0006015 ____A C:\Users\Nando\Downloads\dow2retributioncheatmod.7z
2012-04-04 21:08 - 2010-12-12 13:42 - 0009943 ____A C:\Users\Nando\Documents\Wargear.txt
2012-04-04 11:56 - 2012-03-28 19:28 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-04 10:36 - 2012-04-04 10:36 - 0000000 ____D C:\Users\Nando\Downloads\SGA Reader 2 - 150209
2012-04-04 10:35 - 2012-04-04 10:35 - 2230974 ____A C:\Users\Nando\Downloads\SGA Reader 2 - 150209.zip
2012-04-04 10:31 - 2012-04-14 13:23 - 0055274 ____A C:\Users\Nando\Downloads\x01_arrival - Copy.lua
2012-04-04 10:22 - 2012-04-04 10:22 - 0008833 ____A C:\Users\Nando\Downloads\dawnonme2cmod.zip
2012-04-04 10:08 - 2012-04-04 10:08 - 0013436 ____A C:\Users\Nando\Downloads\DOW2+CR_AllWargearMod.zip
2012-04-02 12:28 - 2012-04-02 12:27 - 0000000 ____D C:\Users\Nando\Documents\art
2012-04-02 09:30 - 2012-01-26 19:52 - 0444326 ____A C:\Users\Nando\Downloads\TEHelmet.sga
2012-04-02 09:29 - 2012-01-23 11:52 - 0309398 ____A C:\Users\Nando\Downloads\THVHelmet.sga
2012-04-02 09:29 - 2012-01-23 11:51 - 0349684 ____A C:\Users\Nando\Downloads\TVHelmet.sga
2012-04-02 09:28 - 2012-04-02 09:28 - 1029871 ____A C:\Users\Nando\Downloads\FCVHelmet.sga
2012-04-02 08:41 - 2012-04-02 08:41 - 0357059 ____A C:\Users\Nando\Downloads\1333384630028.jpg
2012-04-02 08:41 - 2012-04-02 08:41 - 0051763 ____A C:\Users\Nando\Downloads\1333384011072.jpg
2012-04-02 07:53 - 2012-04-02 07:53 - 0562839 ____A C:\Users\Nando\Downloads\1333363079971.gif
2012-04-01 21:47 - 2011-04-08 19:18 - 0000000 ____D C:\Users\Nando\AppData\Roaming\vlc
2012-04-01 19:24 - 2012-04-01 19:24 - 0755553 ____A C:\Users\Nando\Downloads\1332912581127.gif
2012-04-01 19:23 - 2012-04-01 19:23 - 1010786 ____A C:\Users\Nando\Downloads\1333329151161.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 2379007 ____A C:\Users\Nando\Downloads\1333331758881.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 1121588 ____A C:\Users\Nando\Downloads\1333331525862.gif
2012-04-01 19:20 - 2012-04-01 19:20 - 0902460 ____A C:\Users\Nando\Downloads\1333331156845.gif
2012-04-01 19:13 - 2012-04-01 19:13 - 2088793 ____A C:\Users\Nando\Downloads\1333329387346.gif
2012-04-01 19:10 - 2012-04-01 19:10 - 0464375 ____A C:\Users\Nando\Downloads\1333332386120.gif
2012-04-01 10:18 - 2012-04-01 10:18 - 0000000 ____D C:\Program Files (x86)\Dawn of War II - Chaos Rising
2012-03-31 16:12 - 2012-02-24 21:35 - 0000000 ____D C:\Users\All Users\AVAST Software
2012-03-31 16:12 - 2012-02-24 21:35 - 0000000 ____D C:\ProgramData\AVAST Software
2012-03-31 16:02 - 2012-03-31 16:02 - 0000000 ____A C:\Users\All Users\uqrasYyj4.dat
2012-03-31 16:02 - 2012-03-31 16:02 - 0000000 ____A C:\ProgramData\uqrasYyj4.dat
2012-03-30 22:38 - 2011-03-19 14:40 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-03-30 17:19 - 2012-03-30 17:19 - 0040497 ____A C:\Users\Nando\Downloads\Levelup_Sound-321.zip
2012-03-30 17:16 - 2012-03-30 17:16 - 0480802 ____A C:\Users\Nando\Downloads\Cinematic_XP_gain_sound-15620-1-0.7z
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Roaming\ESET
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Roaming\ATI
2012-03-30 09:34 - 2012-03-30 09:34 - 0000000 ____D C:\Users\Nando\AppData\Local\ESET
2012-03-29 21:58 - 2012-03-29 21:58 - 0000000 ____D C:\Users\All Users\ESET
2012-03-29 21:58 - 2012-03-29 21:58 - 0000000 ____D C:\ProgramData\ESET
2012-03-29 13:23 - 2012-03-29 13:23 - 1755739 ____A C:\Users\Nando\Downloads\21us0.gif
2012-03-29 06:39 - 2012-01-21 11:30 - 0000000 ____D C:\Users\Nando\Downloads\Steel Storm Burning Retribution (2011) [PCCD][MULTi7][WwW.ZoNaTorrent.CoM]
2012-03-28 23:00 - 2011-03-19 14:26 - 57249312 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-28 20:16 - 2011-03-19 17:25 - 0000156 ____A C:\Windows\desktop.ini
2012-03-28 20:05 - 2012-03-28 20:00 - 0000000 ___SD C:\32788R22FWJFW
2012-03-28 20:00 - 2012-03-28 19:49 - 4448457 ____R (Swearware) C:\Users\Nando\Downloads\ComboFix.exe
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\Users\Nando\AppData\Roaming\Malwarebytes
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-03-28 19:28 - 2012-03-28 19:28 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-03-26 18:12 - 2012-03-26 18:12 - 0000355 ____A C:\Users\Nando\Computer - Shortcut.lnk
2012-03-24 14:15 - 2012-01-24 16:54 - 100661181 ____A C:\Users\Nando\Downloads\DoW2_squadmod2.5.rar
2012-03-22 19:49 - 2012-03-22 16:22 - 0000000 ____D C:\Users\Nando\AppData\Roaming\PFStaticIP
2012-03-22 16:20 - 2012-03-22 16:20 - 2677432 ____A C:\Users\Nando\Downloads\Portforward-Setup-Static-IP-Address.exe
2012-03-22 16:13 - 2012-03-22 16:12 - 3371937 ____A C:\Users\Nando\Downloads\Xtreme2.1-sources.rar
2012-03-08 22:28 - 2012-03-08 22:28 - 10857984 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-03-08 21:26 - 2012-03-08 21:26 - 16507392 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0074752 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OpenVideo64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0064512 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0061952 ____A C:\Windows\System32\OVDecode64.dll
2012-03-08 21:26 - 2012-03-08 21:26 - 0054784 ____A C:\Windows\SysWOW64\OVDecode.dll
2012-03-08 21:25 - 2012-03-08 21:25 - 13238272 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2012-03-08 21:24 - 2012-03-08 21:24 - 0054272 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-03-08 21:24 - 2012-03-08 21:24 - 0048128 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-03-08 21:17 - 2012-03-08 21:17 - 0235184 ____A C:\Windows\SysWOW64\atiapfxx.blb
2012-03-08 21:17 - 2012-03-08 21:17 - 0235184 ____A C:\Windows\System32\atiapfxx.blb
2012-03-08 21:16 - 2012-03-08 21:16 - 0159744 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2012-03-08 21:16 - 2011-10-12 12:14 - 0791552 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2012-03-08 21:14 - 2011-01-26 14:59 - 0958464 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2012-03-08 21:11 - 2012-03-08 21:11 - 0496128 ____A (AMD) C:\Windows\System32\atieclxx.exe
2012-03-08 21:11 - 2012-03-08 21:11 - 0442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2012-03-08 21:10 - 2012-03-08 21:10 - 0235520 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2012-03-08 21:08 - 2012-03-08 21:08 - 0120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2012-03-08 21:08 - 2012-03-08 21:08 - 0021504 ____A (AMD) C:\Windows\System32\atimuixx.dll
2012-03-08 21:07 - 2012-03-08 21:07 - 0059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2012-03-08 21:07 - 2012-03-08 21:07 - 0043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2012-03-08 21:04 - 2012-03-08 21:04 - 6200320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2012-03-08 21:03 - 2012-03-08 21:03 - 26166784 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2012-03-08 20:45 - 2011-01-26 14:40 - 7646208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2012-03-08 20:39 - 2012-03-08 20:39 - 19739136 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2012-03-08 20:36 - 2012-03-08 20:36 - 1828864 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2012-03-08 20:36 - 2012-03-08 20:36 - 1113088 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6v.dll
2012-03-08 20:35 - 2012-03-08 20:35 - 4958208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2012-03-08 20:31 - 2012-03-08 20:31 - 2425664 ____A C:\Windows\System32\atiumd6a.cap
2012-03-08 20:31 - 2012-03-08 20:31 - 0204952 ____A C:\Windows\SysWOW64\ativvsvl.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0204952 ____A C:\Windows\System32\ativvsvl.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0157144 ____A C:\Windows\SysWOW64\ativvsva.dat
2012-03-08 20:31 - 2012-03-08 20:31 - 0157144 ____A C:\Windows\System32\ativvsva.dat
2012-03-08 20:23 - 2011-10-12 11:44 - 5954048 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2012-03-08 20:23 - 2011-10-12 11:33 - 5062656 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2012-03-08 20:22 - 2012-03-08 20:22 - 2427392 ____A C:\Windows\SysWOW64\atiumdva.cap
2012-03-08 20:18 - 2012-03-08 20:18 - 0051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2012-03-08 20:18 - 2012-03-08 20:18 - 0044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2012-03-08 20:17 - 2012-03-08 20:17 - 16069632 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2012-03-08 20:12 - 2012-03-08 20:12 - 13715968 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2012-03-08 20:11 - 2012-03-08 20:11 - 7552000 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2012-03-08 20:05 - 2012-03-08 20:05 - 0053760 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0512000 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0356352 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0328704 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2012-03-08 19:58 - 2012-03-08 19:58 - 0039936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0017408 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0014336 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2012-03-08 19:58 - 2012-03-08 19:58 - 0014336 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2012-03-08 19:57 - 2011-10-12 11:29 - 0043008 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2012-03-08 19:56 - 2012-03-08 19:56 - 0033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2012-03-08 19:56 - 2011-10-12 11:29 - 0039936 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2012-03-08 19:56 - 2011-10-12 11:29 - 0030208 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2012-03-08 19:55 - 2012-03-08 19:55 - 0053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2012-03-08 19:47 - 2011-01-26 14:20 - 0058880 ____A (AMD) C:\Windows\System32\coinst.dll
2012-02-29 22:46 - 2012-04-18 07:07 - 0023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-02-29 22:38 - 2012-04-18 07:07 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-02-29 22:33 - 2012-04-18 07:07 - 0081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-02-29 22:28 - 2012-04-18 07:07 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-02-29 21:37 - 2012-04-18 07:07 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-02-29 21:33 - 2012-04-18 07:07 - 0159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-02-29 21:29 - 2012-04-18 07:07 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 22:39 - 2012-04-18 07:03 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 9020928 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-27 22:36 - 2012-04-18 07:03 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 2453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 12264448 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 22:35 - 2012-04-18 07:03 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-27 21:38 - 2012-04-18 07:03 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 5998080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-27 21:35 - 2012-04-18 07:03 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 10992640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-27 21:34 - 2012-04-18 07:03 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-27 20:31 - 2012-04-18 07:03 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 19:52 - 2012-04-18 07:03 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-24 21:37 - 2012-02-24 21:37 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2012-02-24 16:38 - 2011-03-20 07:32 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-02-24 16:31 - 2012-02-24 16:20 - 0000000 ____D C:\Users\Nando\Downloads\TL-WN722N
2012-02-24 16:31 - 2012-02-24 16:20 - 0000000 ____D C:\Users\Nando\Downloads\TL-WN721N©_V1_WN722N©_V1
2012-02-24 16:20 - 2012-02-24 15:57 - 0000000 ____D C:\Users\All Users\TP-LINK
2012-02-24 16:20 - 2012-02-24 15:57 - 0000000 ____D C:\ProgramData\TP-LINK
2012-02-17 07:45 - 2012-02-17 07:45 - 0037533 ____A C:\Windows\atiogl.xml
2012-02-16 22:38 - 2012-04-18 06:58 - 1112064 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-02-16 22:38 - 2012-04-18 06:58 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-16 21:34 - 2012-04-18 06:58 - 0826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-16 20:58 - 2012-04-18 06:57 - 0210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-16 20:57 - 2012-04-18 06:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-13 20:00 - 2012-02-13 20:03 - 0837158 ____A C:\Users\Nando\Documents\hlhfree.pdf
2012-02-09 22:36 - 2012-04-18 07:02 - 1544192 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 21:38 - 2012-04-18 07:02 - 1077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-06 12:57 - 2012-02-06 12:57 - 0000000 ____D C:\Users\Nando\Downloads\Data Recovery Wizard Professional 4.3.6

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 13%
Total physical RAM: 4094.49 MB
Available physical RAM: 3524.02 MB
Total Pagefile: 4092.69 MB
Available Pagefile: 3528.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:465.76 GB) (Free:5.14 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
4 Drive e: () (Removable) (Total:0.49 GB) (Free:0.47 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 500 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 465 GB 1024 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 465 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 500 MB 0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================

==========================================================

Last Boot: 2011-04-05 15:26

======================= End Of Log" ==========================

Edited by hamluis, 05 May 2012 - 12:10 PM.
Merged topics, moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 Dick Dastardly

Dick Dastardly
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 05 May 2012 - 11:14 AM

Took me forever and several tries. Sorry if I created several topics by mistake post taxed cell memory

#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:11 PM

Posted 05 May 2012 - 02:20 PM

Good evening. :)

Copy and paste the following into Notepad (Start > All Programs > Accessories > Notepad):

CMD: Del /q C:\Windows\Tasks\At*.job
SubSystems: [Windows] ==> ZeroAccess

Save the file to your flashdrive as fixlist.txt
Enter the System Recovery Options as before, run FRST64 and click the Fix button just once and wait.
Once the tool has completed it will save a log on the flashdrive called Fixlog.txt - i'd like you to post the contents in your next reply.

If you cannot connect to the internet afterwards, do the following:

Click Start.
Enter cmd in the Search programs and files box.
Right click cmd.exe at the top and select Run as administrator from the context menu that appears.
When the Command Window appears enter the following and hit <ENTER:

netsh winsock reset
Repeat for the following:

ipconfig /flushdns (note the space between the "g" and the "/")

Close the Command Window and reboot the PC - all being well that should resolve your connection issue.

So long, and thanks for all the fish.

 

 


#4 Dick Dastardly

Dick Dastardly
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 05 May 2012 - 05:14 PM

Ill do that but I want to clarify that my problem isn't that I can't connect to the internet it is that I can't boot up. Not even in safe mode. Only way to get to notepad is by recovery console command prompt. If you can please show me how to delete the x: boot partition that shoulnt be there. Delete x: override doesn't work becus I'm using it as boot partition and I shouldn't be. Its a virus related. I think if I could boot from c: it would fix my prob but don't know how. Running google I know others have reported a 30-something mb x: boot drive but no fix for it.

#5 Dick Dastardly

Dick Dastardly
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:11 PM

Posted 05 May 2012 - 05:21 PM

Fix result of Farbar Recovery Tool (FRST written by farbar) Version: 05-05-2012 01
Ran by SYSTEM at 2012-05-05 19:18:13 Run:1
Running from E:\

==============================================


========= Del /q C:\Windows\Tasks\At*.job =========


========= End of CMD: =========

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.

==== End of Fixlog ====

also as i was typing this on my computer on a laptop i borrowed i see that my computer just booted up, thanks alot. dont close this thread yet as i want to find out why that happened in the first place, and if i still have random popups and ping.exe and conhost.exe processes, this is a nasty virus and it has people stumped. but thank god the x: boot drive is gone.

Edited by Dick Dastardly, 05 May 2012 - 06:45 PM.


#6 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:11 PM

Posted 07 May 2012 - 02:33 PM

Good evening. :)

my problem isn't that I can't connect to the internet it is that I can't boot up.

Sometimes removing the nasty breaks the internet connectivity you were expecting - better to know in advance what to do.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pay a visit to the ESET Online Scanner.

  • Click the ESET Online Scanner button and a new window will open - you may need to maximise it.
  • Click the Run ESET Online Scanner button in the new window.
  • If you are using any other browser than IE, you will be prompted to download and run esetsmartinstaller_enu.exe and the scan will run from within the window that the executable opens.
  • Regardless of which browser you are using, you will be shown some terms and conditions and you will need to accept these to continue.
  • If you are running IE for this scan you will then be prompted to allow an ActiveX component to be downloaded, unless you already have it installed, and the scan will run inside IE.
  • When you see the Computer Scan Settings window, you will need to make the following changes:

    • UNCHECK Remove found threats - this is important.
    • Check Scan archives
    • Click on Advanced settings
    • Check Scan for potentially unsafe applications
  • Once ready, click Start to begin - not a surprise really!
  • The anti-virus definitions will now be downloaded, so don't forget to allow them through your firewall if prompted.
  • The above will take a little time, so now is a good time to fire up the kettle and open the biccies.
  • Once the scan has completed you will be shown the results - assuming that the scanner has found anything.
  • Click List of found threats and then Export to text file... and save the log somewhere convenient.
  • You can then close out the scanner - don't bother uninstalling it as you may need to use it again.
  • Please post the contents of this file in your next reply, or let me know that nothing was identified.
  • Include a brief description of the PC's behaviour.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download OTL by OldTimer from here and save it to your Desktop.

  • Double click the tool to run it.
  • Check the Scan All User box at the top.
  • Copy and paste the following into the Custom Scans/Fixes box at the bottom:

    • netsvcs
      %SYSTEMDRIVE%\*.exe
      /md5start
      consrv.dll
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      /md5stop
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      >C:\commands.txt echo list vol /raw /hide /c
      /wait
      >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
      /wait
      type c:\diskreport.txt /c
      /wait
      erase c:\commands.txt /hide /c
      /wait
      erase c:\diskreport.txt /hide /c
      CREATERESTOREPOINT
  • Click the Run Scan button and allow it to do it's thing.
  • Once the scan has completed two notepad windows, OTL.Txt and Extras.Txt, will open - these text files will be saved in the same location as OTL.
  • Please post the contents of both in your next reply - you may need to post each seperately if they are overly long.

So long, and thanks for all the fish.

 

 


#7 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:11 PM

Posted 12 May 2012 - 02:20 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users