Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7...Programs will not open/sometimes freeze after startup. HELP


  • This topic is locked This topic is locked
10 replies to this topic

#1 EAmo25

EAmo25

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 03 April 2013 - 02:31 AM

Here is my DDS file:

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16521
Run by Eden at 0:22:39 on 2013-04-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7654.6186 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\ProgramData\Premium\MagniPic\MagniPic.exe
C:\windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\mfevtps.exe
C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Skype\Updater\Updater.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Premium\MagniPic\MagniPic.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://searchou.com/?affil=7&uid=eb752984-92c8-11e2-b3a3-60d819f22806
mStart Page = hxxp://searchou.com/?affil=7&uid=eb752984-92c8-11e2-b3a3-60d819f22806
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120214162018.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Eden\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0DDF44C7-65F5-47C5-94DA-B28B718488B1} : DHCPNameServer = 172.168.125.2
TCP: Interfaces\{FEA805B2-BA23-4FEA-888F-2A667D55F32B} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{FEA805B2-BA23-4FEA-888F-2A667D55F32B}\355727675696C6C616E63656026516E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{FEA805B2-BA23-4FEA-888F-2A667D55F32B}\54D6562716C64635861627B6 : DHCPNameServer = 192.168.2.1 192.168.1.1
TCP: Interfaces\{FEA805B2-BA23-4FEA-888F-2A667D55F32B}\7756374756C6C653235343 : DHCPNameServer = 10.0.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120214162018.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-11-11 57952]
R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2011-11-11 39008]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2010-10-13 647080]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2010-10-13 284648]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-11-11 13408]
R1 mfenlfk;McAfee NDIS Light Filter;C:\windows\System32\drivers\mfenlfk.sys [2010-10-13 75808]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-8-22 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-28 361984]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-2-7 822624]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-14 249936]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2011-11-11 208536]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2011-11-11 161168]
R2 RaMediaServer;Ralink UPnP Media Server;C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [2011-11-11 454656]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2011-11-11 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-8-22 115216]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-11-11 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-11-11 39464]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2010-10-13 65264]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-28 31088]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2010-10-13 229528]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2010-10-13 481768]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\windows\System32\drivers\netr28x.sys [2011-11-11 1360960]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-11-11 307304]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-11-11 333928]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfswin7.sys [2011-10-1 765288]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaywin7.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirwin7.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvolwin7.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2011-11-11 47232]
R3 vm331avs;Digital Camera 1;C:\windows\System32\drivers\vm331avs.sys [2011-11-11 250752]
R3 vmuvcflt;Vimicro USB Camera Filter;C:\windows\System32\drivers\vmuvcflt.sys [2011-11-11 8320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-14 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-14 249936]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-14 249936]
S2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2011-11-11 199272]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe [2012-2-14 25832]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2011-11-11 220528]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2010-10-13 100912]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-4-26 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-2-14 249936]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-04-03 07:20:41 -------- d-sh--w- C:\$RECYCLE.BIN
2013-04-03 03:39:22 98816 ----a-w- C:\windows\sed.exe
2013-04-03 03:39:22 256000 ----a-w- C:\windows\PEV.exe
2013-04-03 03:39:22 208896 ----a-w- C:\windows\MBR.exe
2013-04-02 08:16:26 -------- d-----w- C:\Program Files\Speccy
2013-04-01 23:17:43 -------- d-s---w- C:\windows\SysWow64\Microsoft
2013-04-01 23:13:37 -------- d-----w- C:\Users\Eden\AppData\Roaming\GlarySoft
2013-04-01 23:13:04 -------- d-----w- C:\Program Files (x86)\Glarysoft
2013-04-01 06:50:00 -------- d-----w- C:\ProgramData\AVAST Software
2013-04-01 03:52:41 -------- d-----w- C:\Users\Eden\AppData\Roaming\Malwarebytes
2013-04-01 03:52:27 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-01 03:52:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-01 03:52:16 -------- d-----w- C:\Users\Eden\AppData\Local\Programs
2013-03-31 23:07:47 -------- d-----w- C:\Users\Eden\AppData\Roaming\TuneUp Software
2013-03-31 23:07:37 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-03-31 23:05:52 -------- d-----w- C:\ProgramData\AVG2013
2013-03-31 23:05:52 -------- d-----w- C:\$AVG
2013-03-31 23:05:36 -------- d-----w- C:\Program Files (x86)\AVG
2013-03-31 23:02:58 -------- d-----w- C:\Users\Eden\AppData\Local\MFAData
2013-03-31 23:02:58 -------- d-----w- C:\Users\Eden\AppData\Local\Avg2013
2013-03-31 23:02:58 -------- d-----w- C:\ProgramData\MFAData
2013-03-31 22:29:42 -------- d-----w- C:\Users\Eden\AppData\Local\AVG SafeGuard toolbar
2013-03-31 22:25:06 -------- d-----w- C:\Users\Eden\AppData\Local\ElevatedDiagnostics
2013-03-31 22:18:48 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-03-31 22:18:21 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-03-31 22:17:43 -------- d-----w- C:\Users\Eden\AppData\Roaming\Nico Mak Computing
2013-03-22 08:20:36 -------- d-----w- C:\ProgramData\CLSoft LTD
2013-03-22 08:20:28 -------- d-----w- C:\ProgramData\Premium
2013-03-22 08:20:19 -------- d-----w- C:\Program Files (x86)\MagniPic
2013-03-22 08:19:26 -------- d-----w- C:\ProgramData\InstallMate
2013-03-21 22:01:16 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-03-21 22:00:25 -------- d-----w- C:\Users\Eden\AppData\Local\Microsoft Help
2013-03-19 04:30:51 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys
.
==================== Find3M  ====================
.
2013-02-12 05:45:24 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-01-13 21:17:03 9728 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\windows\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\windows\System32\msmpeg2vdec.dll
2013-01-04 05:46:09 215040 ----a-w- C:\windows\System32\winsrv.dll
2013-01-04 04:51:16 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2013-01-04 04:43:21 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\windows\System32\win32k.sys
2013-01-04 02:47:35 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2013-01-04 02:47:34 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2013-01-04 02:47:34 2048 ----a-w- C:\windows\SysWow64\user.exe
2013-01-04 02:47:33 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
.
============= FINISH:  0:24:54.73 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 03 April 2013 - 08:27 PM

Greetings and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 03 April 2013 - 08:50 PM

Greetings,

One of the files deleted by Combofix may indicate your computer was/is infected. I would like to gather more information and hopefully doing it the way I will detail below will help us sidestep the difficulties in launching programs.

Please do this for me.

===================================================

Farbar's Recovery Scan Tool

--------------------

For this step you will need a USB flash drive and start on a clean computer.
  • Please download Farbar Recovery Scan Tool and save it to a flash drive. You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Plug the flashdrive into the infected PC and follow the 2 step process below to enter the System Recovery Options using one of the three options listed, then running Farbar's Recover Scan Tool
----------

Entering into the System Recovery Options

Option #1

To enter System Recovery Options in Windows 8:Option #2

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
Option #3

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next
----------

Running Farbar's Recovery Scan Tool in System Recovery
  • Once you are in the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in Notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    • Note: Replace letter e with the drive letter of your flash drive.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • FRST log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 EAmo25

EAmo25
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 03 April 2013 - 08:55 PM

Thanks! I will definitely do this the moment I come home from work tonight! I will post the results as soon as I am able! *thank you*



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 03 April 2013 - 08:56 PM

You are most welcome. Chances are I will be closing shop soon but I will be looking forward to seeing what the report says.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 EAmo25

EAmo25
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 03 April 2013 - 08:57 PM

Ok, no problem. I will post this tomorrow sometime and you can just answer at your leisure. Much appreciated



#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 06 April 2013 - 10:35 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 EAmo25

EAmo25
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 07 April 2013 - 04:12 AM

Sorry it had been a while! Was out of town!....I did the FRST scan as requested....Here ya go! THank you in advance.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 25 days old)
Ran by Corsair300 at 07-04-2013 02:09:41
Running from I:\
   (X64) OS Language: English(US) 
Attention: Could not load system hive.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
 
 
==================== One Month Created Files and Folders ========
 
2013-04-07 02:09 - 2013-04-07 02:09 - 00000000 ____D C:\FRST
2013-04-07 02:08 - 2013-04-07 02:08 - 00293024 ____A C:\Windows\Minidump\040713-6988-01.dmp
2013-04-06 19:55 - 2013-04-06 19:56 - 00014031 ____A C:\Users\Corsair300\Documents\Install STAR WARS The Old Republic.log
2013-04-06 19:47 - 2013-04-06 19:53 - 39777624 ____A C:\Users\Corsair300\Downloads\SWTOR_setup (1).exe
2013-04-04 23:31 - 2013-04-04 23:31 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SWTORPerf
2013-04-03 18:59 - 2013-04-03 19:01 - 01466241 ____A (Farbar) C:\Users\Corsair300\Downloads\FRST64.exe
2013-04-01 17:28 - 2013-04-01 17:28 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-04-01 14:48 - 2013-04-01 14:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-04-01 14:47 - 1999-12-31 17:00 - 26956576 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 25256736 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 20542752 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 17990800 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 17560352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 13088000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 11048736 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-04-01 14:47 - 1999-12-31 17:00 - 09414456 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 07959000 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 07573816 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 06271872 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 02913056 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 02728736 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 02355488 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 01995552 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 01807136 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco6431422.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 01510176 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6431422.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00968408 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00420128 ____A (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00364832 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00250504 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00205184 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-04-01 14:47 - 1999-12-31 17:00 - 00194488 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2013-04-01 14:47 - 1999-12-31 17:00 - 00031672 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2013-04-01 14:08 - 2013-04-01 14:08 - 07145408 ____A C:\431470_intl_i386_zip.exe
2013-04-01 14:05 - 2013-04-07 02:08 - 00000420 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-04-01 14:04 - 2013-04-01 14:04 - 00002467 ____A C:\Users\Public\Desktop\SlimDrivers.lnk
2013-04-01 14:04 - 2013-04-01 14:04 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-04-01 14:01 - 2013-04-07 02:08 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-04-01 14:01 - 2013-04-01 14:01 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SlimWare Utilities Inc
2013-04-01 13:46 - 2013-02-12 07:02 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-04-01 13:46 - 2013-02-12 07:02 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-04-01 07:26 - 2013-04-01 07:26 - 00000000 ____D C:\Program Files (x86)\NirSoft
2013-04-01 07:24 - 2013-04-01 07:24 - 00140800 ____A C:\Users\Corsair300\Downloads\bluescreenview_setup.exe
2013-04-01 00:21 - 2013-02-02 00:31 - 17815040 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-01 00:21 - 2013-02-01 23:58 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-01 00:21 - 2013-02-01 23:57 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-01 00:21 - 2013-02-01 23:48 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-01 00:21 - 2013-02-01 23:47 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-01 00:21 - 2013-02-01 23:47 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-01 00:21 - 2013-02-01 23:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-01 00:21 - 2013-02-01 23:43 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-01 00:21 - 2013-02-01 23:42 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-01 00:21 - 2013-02-01 23:42 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-01 00:21 - 2013-02-01 23:41 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-01 00:21 - 2013-02-01 23:40 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-01 00:21 - 2013-02-01 23:39 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-01 00:21 - 2013-02-01 23:38 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-01 00:21 - 2013-02-01 23:38 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-01 00:21 - 2013-02-01 23:34 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-01 00:21 - 2013-02-01 21:09 - 12321792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-01 00:21 - 2013-02-01 20:42 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-01 00:21 - 2013-02-01 20:38 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-04-01 00:21 - 2013-02-01 20:31 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-04-01 00:21 - 2013-02-01 20:30 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-01 00:21 - 2013-02-01 20:30 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-04-01 00:21 - 2013-02-01 20:29 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-01 00:21 - 2013-02-01 20:27 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-04-01 00:21 - 2013-02-01 20:26 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-04-01 00:21 - 2013-02-01 20:26 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-01 00:21 - 2013-02-01 20:26 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-01 00:21 - 2013-02-01 20:25 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-04-01 00:21 - 2013-02-01 20:23 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-04-01 00:21 - 2013-02-01 20:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-04-01 00:21 - 2013-02-01 20:23 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-01 00:21 - 2013-02-01 20:20 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-31 23:59 - 2013-03-31 23:59 - 00066155 ____A C:\Users\Corsair300\Downloads\bluescreenview.zip
2013-03-31 23:43 - 2013-03-31 23:43 - 00293056 ____A C:\Windows\Minidump\033113-6957-01.dmp
2013-03-31 23:40 - 2013-03-31 23:40 - 00000000 ____D C:\Users\Corsair300\Documents\Meeting
2013-03-31 23:32 - 2013-04-07 02:08 - 00002570 ____A C:\Windows\setupact.log
2013-03-31 23:32 - 2013-03-31 23:32 - 00272408 ____A C:\Windows\Minidump\033113-7269-01.dmp
2013-03-31 23:32 - 2013-03-31 23:32 - 00000000 ____A C:\Windows\setuperr.log
2013-03-31 23:10 - 2013-04-07 02:08 - 1771954764 ____A C:\Windows\MEMORY.DMP
2013-03-31 23:10 - 2013-04-07 02:08 - 00004580 ____A C:\Windows\PFRO.log
2013-03-31 23:10 - 2013-03-31 23:10 - 00293040 ____A C:\Windows\Minidump\033113-3853-01.dmp
2013-03-31 22:59 - 2011-03-24 20:23 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-03-31 22:59 - 2011-03-24 20:23 - 00324608 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-03-31 22:59 - 2011-03-24 20:23 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-03-31 22:59 - 2011-03-24 20:22 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-03-31 22:59 - 2011-03-24 20:22 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-03-31 22:59 - 2011-03-24 20:22 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-03-31 22:59 - 2011-03-24 20:22 - 00007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-03-31 22:59 - 2011-03-10 23:23 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-03-31 22:59 - 2011-03-10 23:23 - 00187264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-03-31 22:59 - 2011-03-10 23:23 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2013-03-31 22:59 - 2011-03-10 23:23 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-03-31 22:59 - 2011-03-10 23:22 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-03-31 22:59 - 2011-03-10 23:22 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-03-31 22:59 - 2011-03-10 23:18 - 02566144 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-03-31 22:59 - 2011-03-10 23:15 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2013-03-31 22:59 - 2011-03-10 22:39 - 01686016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-03-31 22:59 - 2011-03-10 22:37 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-03-31 22:59 - 2011-03-10 21:31 - 00091136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-03-31 22:57 - 2013-03-31 22:57 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes.lnk
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Malwarebytes
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-31 22:57 - 2012-12-14 16:49 - 00024176 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-03-30 22:57 - 2013-03-30 22:57 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Watchtower
2013-03-30 22:56 - 2013-04-07 01:40 - 00835701 ____A C:\Windows\WindowsUpdate.log
2013-03-30 22:53 - 2013-03-30 22:54 - 00000177 ____A C:\Windows\System32\avgrep.txt
2013-03-30 22:31 - 2013-04-04 23:23 - 00000000 ____D C:\Users\Corsair300\Desktop\SCHOOL
2013-03-30 22:26 - 2013-03-30 22:26 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\TuneUp Software
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Users\Corsair300\AppData\Local\AVG SafeGuard toolbar
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-03-30 21:40 - 2013-03-31 22:54 - 00000000 ____D C:\ProgramData\MFAData
2013-03-30 21:40 - 2013-03-30 21:40 - 00000000 ____D C:\Users\Corsair300\AppData\Local\MFAData
2013-03-30 15:01 - 2013-03-30 15:01 - 00000000 ____D C:\ProgramData\Battle.net
2013-03-30 14:36 - 2013-03-30 18:28 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-03-30 14:36 - 2013-03-30 15:09 - 00001097 ____A C:\Users\Public\Desktop\StarCraft II.lnk
2013-03-30 14:36 - 2013-03-30 15:09 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-03-30 14:36 - 2013-03-30 14:36 - 00000000 ____D C:\Users\Corsair300\Documents\StarCraft II
2013-03-30 11:01 - 2013-03-30 11:01 - 00001340 ____A C:\Users\Corsair300\Desktop\Watchtower Library 2012.lnk
2013-03-30 11:01 - 2013-03-30 11:01 - 00000000 ____D C:\Program Files (x86)\Watchtower
2013-03-30 10:30 - 2013-03-30 10:30 - 00000000 ____D C:\users\hedev
2013-03-30 10:25 - 2013-03-30 10:30 - 39777624 ____A C:\Users\Corsair300\Downloads\SWTOR_setup.exe
2013-03-27 00:36 - 2013-03-27 00:37 - 00000000 ____D C:\Users\Corsair300\Desktop\INSANITY
2013-03-25 07:52 - 2011-02-18 23:37 - 01135104 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-03-24 20:55 - 2013-03-24 21:28 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Conduit
2013-03-24 20:55 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Somoto
2013-03-24 20:55 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-24 20:55 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-24 20:54 - 2013-03-24 21:28 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\SearchProtect
2013-03-24 20:54 - 2013-03-24 20:54 - 00000000 ____D C:\Users\Corsair300\AppData\Local\CRE
2013-03-24 20:37 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-03-24 16:54 - 2013-03-24 21:28 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-03-24 16:53 - 2013-03-24 16:53 - 00000322 ____A C:\Users\Corsair300\Desktop\Dragon Age Origins.lnk
2013-03-24 16:42 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Dragon Age
2013-03-24 16:32 - 2013-03-24 16:32 - 00001453 ____A C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2013-03-24 15:57 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-03-24 02:04 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\ProgramData\Apple Computer
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\ProgramData\Apple
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files\iTunes
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files\iPod
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files\Bonjour
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-03-23 21:16 - 2013-03-24 21:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-03-23 21:16 - 2013-03-24 12:51 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Apple Computer
2013-03-23 21:16 - 2013-03-23 21:16 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-03-23 21:16 - 2013-03-23 21:16 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apple Computer
2013-03-23 21:16 - 2013-03-23 21:16 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apple
2013-03-23 21:16 - 2012-08-21 13:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2013-03-23 21:08 - 2013-03-27 09:58 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Spotify
2013-03-23 21:08 - 2013-03-23 21:08 - 00001835 ____A C:\Users\Corsair300\Desktop\Spotify.lnk
2013-03-23 20:51 - 2013-04-01 15:01 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Spotify
2013-03-23 20:51 - 2013-03-23 21:14 - 90130256 ____A (Apple Inc.) C:\Users\Corsair300\Downloads\iTunes64Setup.exe
2013-03-23 14:03 - 2013-03-24 12:51 - 00000000 ____D C:\Program Files (x86)\BrowseToSave
2013-03-23 14:03 - 2013-03-23 14:03 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\NCdownloader
2013-03-23 14:03 - 2013-03-23 14:03 - 00000000 ____D C:\ProgramData\SoftSafe
2013-03-23 14:02 - 2013-03-24 21:28 - 00000000 ____D C:\ProgramData\BBrowosE22ssAve
2013-03-23 14:01 - 2013-03-24 21:28 - 00000000 ____D C:\ProgramData\InstallMate
2013-03-23 12:12 - 2013-03-27 10:09 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-03-22 11:28 - 2013-03-24 21:25 - 00000000 __RHD C:\MSOCache
2013-03-22 11:23 - 2013-03-22 11:23 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SoftGrid Client
2013-03-22 11:22 - 2013-04-01 00:22 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\SoftGrid Client
2013-03-22 11:19 - 2013-03-24 21:28 - 00000000 ____D C:\Users\Corsair300\Desktop\Microsoft Office Starter
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Windows\PCHEALTH
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files\Microsoft Office
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-03-22 11:14 - 2013-03-22 11:20 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\TP
2013-03-22 10:44 - 2013-03-22 10:44 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\LolClient
2013-03-22 07:52 - 2013-03-22 07:52 - 00001720 ____A C:\Users\Public\Desktop\League of Legends.lnk
2013-03-22 07:52 - 2008-07-12 08:18 - 03851784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2013-03-22 07:52 - 2008-07-12 08:18 - 01493528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-03-22 07:52 - 2008-07-12 08:18 - 00467984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2013-03-22 07:51 - 2013-03-22 07:51 - 00000000 ____D C:\Riot Games
2013-03-22 00:12 - 2013-03-22 00:12 - 00000000 ____D C:\Windows\pss
2013-03-21 18:57 - 2013-03-21 18:57 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-03-21 18:57 - 2013-03-21 18:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-03-21 18:57 - 2013-03-21 18:57 - 00000000 ____D C:\ProgramData\Skype
2013-03-21 18:48 - 2013-03-23 01:10 - 00000979 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-03-21 18:48 - 2013-03-21 18:48 - 00000000 ____D C:\Program Files\CCleaner
2013-03-21 18:41 - 2013-03-21 18:43 - 00000000 ____D C:\ProgramData\HP
2013-03-21 18:41 - 2013-03-21 18:41 - 00002236 ____A C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2013-03-21 18:41 - 2013-03-21 18:41 - 00001231 ____A C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2013-03-21 18:40 - 2013-03-21 18:40 - 00000000 ____D C:\Program Files\HP
2013-03-21 18:40 - 2013-03-21 18:40 - 00000000 ____D C:\Program Files (x86)\HP
2013-03-21 18:39 - 2013-03-21 18:39 - 00000000 ____D C:\Users\Corsair300\AppData\Local\HP
2013-03-21 18:34 - 2013-03-21 18:34 - 00000000 ____D C:\Users\Corsair300\Documents\Updater
2013-03-21 18:33 - 2013-03-30 10:45 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Adobe
2013-03-21 18:33 - 2013-03-21 18:33 - 00000000 ____D C:\ProgramData\Adobe Systems
2013-03-21 18:32 - 2013-03-21 18:32 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-03-21 18:31 - 2013-03-21 18:31 - 00002045 ____A C:\Users\Corsair300\Desktop\Adobe Photoshop.lnk
2013-03-21 18:30 - 2013-03-30 14:22 - 00000000 ____D C:\ProgramData\Adobe
2013-03-21 18:26 - 2013-04-07 00:02 - 00000000 ____D C:\Users\Corsair300\AppData\Local\PMB Files
2013-03-21 18:26 - 2013-04-07 00:02 - 00000000 ____D C:\ProgramData\PMB Files
2013-03-21 18:26 - 2013-03-22 04:07 - 00000000 ____D C:\Users\Corsair300\Documents\League of Legends
2013-03-21 18:24 - 2013-03-21 18:24 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-03-21 18:17 - 2013-03-21 18:17 - 00001066 ____A C:\Users\Corsair300\Desktop\Documents.lnk
2013-03-21 18:16 - 2013-03-21 18:16 - 00000894 ____A C:\Users\Public\Desktop\NETGEAR WNA1100 Smart Wizard.lnk
2013-03-21 18:16 - 2013-03-21 18:16 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\InstallShield
2013-03-21 18:16 - 2013-03-21 18:16 - 00000000 ____D C:\Program Files (x86)\NETGEAR
2013-03-21 18:16 - 2009-11-10 03:04 - 01827328 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\athurx.sys
2013-03-21 18:16 - 2008-05-15 02:28 - 00026624 ____A (Atheros Communications, Inc.) C:\Windows\System32\Drivers\jswpslwfx.sys
2013-03-21 18:16 - 2007-01-19 18:24 - 00025312 ____A (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\Drivers\SCMNdisP.sys
2013-03-21 15:54 - 2013-03-21 15:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-03-21 15:23 - 2013-03-21 15:24 - 00014323 ____A C:\Users\Corsair300\Desktop\Google Chrome.lnk
2013-03-21 15:20 - 2013-03-21 15:20 - 00000000 ____D C:\ProgramData\WinZip
2013-03-21 15:05 - 2013-03-31 22:52 - 00000000 ____D C:\Windows\System32\appmgmt
2013-03-20 12:55 - 2013-03-20 12:55 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Awesomium
2013-03-20 03:29 - 2013-03-20 03:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
 
==================== One Month Modified Files and Folders =======
 
2013-04-07 02:09 - 2013-04-07 02:09 - 00000000 ____D C:\FRST
2013-04-07 02:08 - 2013-04-07 02:08 - 00293024 ____A C:\Windows\Minidump\040713-6988-01.dmp
2013-04-07 02:08 - 2013-04-01 14:05 - 00000420 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-04-07 02:08 - 2013-04-01 14:01 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-04-07 02:08 - 2013-03-31 23:32 - 00002570 ____A C:\Windows\setupact.log
2013-04-07 02:08 - 2013-03-31 23:10 - 1771954764 ____A C:\Windows\MEMORY.DMP
2013-04-07 02:08 - 2013-03-31 23:10 - 00004580 ____A C:\Windows\PFRO.log
2013-04-07 02:08 - 2013-02-19 02:22 - 00000902 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-04-07 02:08 - 2013-01-09 15:05 - 00000000 ____D C:\Windows\Minidump
2013-04-07 02:08 - 2009-07-13 22:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-07 01:40 - 2013-03-30 22:56 - 00835701 ____A C:\Windows\WindowsUpdate.log
2013-04-07 01:32 - 2013-02-19 02:22 - 00000906 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-04-07 00:19 - 2013-02-15 11:28 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Skype
2013-04-07 00:02 - 2013-03-21 18:26 - 00000000 ____D C:\Users\Corsair300\AppData\Local\PMB Files
2013-04-07 00:02 - 2013-03-21 18:26 - 00000000 ____D C:\ProgramData\PMB Files
2013-04-06 19:56 - 2013-04-06 19:55 - 00014031 ____A C:\Users\Corsair300\Documents\Install STAR WARS The Old Republic.log
2013-04-06 19:53 - 2013-04-06 19:47 - 39777624 ____A C:\Users\Corsair300\Downloads\SWTOR_setup (1).exe
2013-04-04 23:31 - 2013-04-04 23:31 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SWTORPerf
2013-04-04 23:23 - 2013-03-30 22:31 - 00000000 ____D C:\Users\Corsair300\Desktop\SCHOOL
2013-04-04 21:08 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\System32\NDF
2013-04-04 20:07 - 2009-07-13 21:45 - 00017168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:07 - 2009-07-13 21:45 - 00017168 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-04 20:04 - 2009-07-13 22:13 - 00782164 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-03 19:01 - 2013-04-03 18:59 - 01466241 ____A (Farbar) C:\Users\Corsair300\Downloads\FRST64.exe
2013-04-01 22:46 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2013-04-01 17:28 - 2013-04-01 17:28 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2013-04-01 15:01 - 2013-03-23 20:51 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Spotify
2013-04-01 14:53 - 2013-01-09 14:19 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-04-01 14:53 - 2013-01-09 14:19 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-04-01 14:48 - 2013-04-01 14:48 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-04-01 14:48 - 2013-01-09 14:43 - 00000000 ____D C:\ProgramData\NVIDIA
2013-04-01 14:48 - 2013-01-09 14:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-04-01 14:47 - 2013-01-09 14:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-04-01 14:08 - 2013-04-01 14:08 - 07145408 ____A C:\431470_intl_i386_zip.exe
2013-04-01 14:04 - 2013-04-01 14:04 - 00002467 ____A C:\Users\Public\Desktop\SlimDrivers.lnk
2013-04-01 14:04 - 2013-04-01 14:04 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-04-01 14:01 - 2013-04-01 14:01 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SlimWare Utilities Inc
2013-04-01 07:26 - 2013-04-01 07:26 - 00000000 ____D C:\Program Files (x86)\NirSoft
2013-04-01 07:24 - 2013-04-01 07:24 - 00140800 ____A C:\Users\Corsair300\Downloads\bluescreenview_setup.exe
2013-04-01 00:22 - 2013-03-22 11:22 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\SoftGrid Client
2013-03-31 23:59 - 2013-03-31 23:59 - 00066155 ____A C:\Users\Corsair300\Downloads\bluescreenview.zip
2013-03-31 23:43 - 2013-03-31 23:43 - 00293056 ____A C:\Windows\Minidump\033113-6957-01.dmp
2013-03-31 23:40 - 2013-03-31 23:40 - 00000000 ____D C:\Users\Corsair300\Documents\Meeting
2013-03-31 23:32 - 2013-03-31 23:32 - 00272408 ____A C:\Windows\Minidump\033113-7269-01.dmp
2013-03-31 23:32 - 2013-03-31 23:32 - 00000000 ____A C:\Windows\setuperr.log
2013-03-31 23:10 - 2013-03-31 23:10 - 00293040 ____A C:\Windows\Minidump\033113-3853-01.dmp
2013-03-31 22:57 - 2013-03-31 22:57 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes.lnk
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Malwarebytes
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-03-31 22:57 - 2013-03-31 22:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-31 22:54 - 2013-03-30 21:40 - 00000000 ____D C:\ProgramData\MFAData
2013-03-31 22:52 - 2013-03-21 15:05 - 00000000 ____D C:\Windows\System32\appmgmt
2013-03-30 22:57 - 2013-03-30 22:57 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Watchtower
2013-03-30 22:54 - 2013-03-30 22:53 - 00000177 ____A C:\Windows\System32\avgrep.txt
2013-03-30 22:26 - 2013-03-30 22:26 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\TuneUp Software
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Users\Corsair300\AppData\Local\AVG SafeGuard toolbar
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-03-30 22:26 - 2013-03-30 22:26 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2013-03-30 21:40 - 2013-03-30 21:40 - 00000000 ____D C:\Users\Corsair300\AppData\Local\MFAData
2013-03-30 18:28 - 2013-03-30 14:36 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2013-03-30 15:09 - 2013-03-30 14:36 - 00001097 ____A C:\Users\Public\Desktop\StarCraft II.lnk
2013-03-30 15:09 - 2013-03-30 14:36 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2013-03-30 15:01 - 2013-03-30 15:01 - 00000000 ____D C:\ProgramData\Battle.net
2013-03-30 14:36 - 2013-03-30 14:36 - 00000000 ____D C:\Users\Corsair300\Documents\StarCraft II
2013-03-30 14:22 - 2013-03-21 18:30 - 00000000 ____D C:\ProgramData\Adobe
2013-03-30 11:01 - 2013-03-30 11:01 - 00001340 ____A C:\Users\Corsair300\Desktop\Watchtower Library 2012.lnk
2013-03-30 11:01 - 2013-03-30 11:01 - 00000000 ____D C:\Program Files (x86)\Watchtower
2013-03-30 10:45 - 2013-03-21 18:33 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Adobe
2013-03-30 10:45 - 2013-01-09 17:40 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Adobe
2013-03-30 10:30 - 2013-03-30 10:30 - 00000000 ____D C:\users\hedev
2013-03-30 10:30 - 2013-03-30 10:25 - 39777624 ____A C:\Users\Corsair300\Downloads\SWTOR_setup.exe
2013-03-27 10:09 - 2013-03-23 12:12 - 00000000 ____D C:\ProgramData\VirtualizedApplications
2013-03-27 09:58 - 2013-03-23 21:08 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Spotify
2013-03-27 00:37 - 2013-03-27 00:36 - 00000000 ____D C:\Users\Corsair300\Desktop\INSANITY
2013-03-24 21:47 - 2013-01-09 14:08 - 00000000 ____D C:\users\Corsair300
2013-03-24 21:28 - 2013-03-24 20:55 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Conduit
2013-03-24 21:28 - 2013-03-24 20:55 - 00000000 ____D C:\Program Files (x86)\Somoto
2013-03-24 21:28 - 2013-03-24 20:55 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-03-24 21:28 - 2013-03-24 20:55 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-03-24 21:28 - 2013-03-24 20:54 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\SearchProtect
2013-03-24 21:28 - 2013-03-24 20:37 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-03-24 21:28 - 2013-03-24 16:54 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-03-24 21:28 - 2013-03-24 16:42 - 00000000 ____D C:\Program Files (x86)\Dragon Age
2013-03-24 21:28 - 2013-03-24 15:57 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-03-24 21:28 - 2013-03-24 02:04 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\ProgramData\Apple Computer
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\ProgramData\Apple
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files\iTunes
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files\iPod
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files\Bonjour
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-03-24 21:28 - 2013-03-23 21:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-03-24 21:28 - 2013-03-23 14:02 - 00000000 ____D C:\ProgramData\BBrowosE22ssAve
2013-03-24 21:28 - 2013-03-23 14:01 - 00000000 ____D C:\ProgramData\InstallMate
2013-03-24 21:28 - 2013-03-22 11:19 - 00000000 ____D C:\Users\Corsair300\Desktop\Microsoft Office Starter
2013-03-24 21:28 - 2013-02-01 23:23 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Winamp
2013-03-24 21:28 - 2013-01-09 17:40 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Macromedia
2013-03-24 21:28 - 2009-07-13 20:20 - 00000000 __RSD C:\Windows\Media
2013-03-24 21:28 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\servicing
2013-03-24 21:28 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2013-03-24 21:28 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\AppCompat
2013-03-24 21:25 - 2013-03-22 11:28 - 00000000 __RHD C:\MSOCache
2013-03-24 21:10 - 2009-07-13 16:50 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2013-03-24 20:59 - 2013-01-09 14:38 - 00058016 ____A C:\Users\Corsair300\AppData\Local\GDIPFONTCACHEV1.DAT
2013-03-24 20:54 - 2013-03-24 20:54 - 00000000 ____D C:\Users\Corsair300\AppData\Local\CRE
2013-03-24 16:53 - 2013-03-24 16:53 - 00000322 ____A C:\Users\Corsair300\Desktop\Dragon Age Origins.lnk
2013-03-24 16:32 - 2013-03-24 16:32 - 00001453 ____A C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2013-03-24 12:51 - 2013-03-23 21:16 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Apple Computer
2013-03-24 12:51 - 2013-03-23 14:03 - 00000000 ____D C:\Program Files (x86)\BrowseToSave
2013-03-24 12:51 - 2009-07-13 21:45 - 00268944 ____A C:\Windows\System32\FNTCACHE.DAT
2013-03-23 21:16 - 2013-03-23 21:16 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-03-23 21:16 - 2013-03-23 21:16 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apple Computer
2013-03-23 21:16 - 2013-03-23 21:16 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Apple
2013-03-23 21:14 - 2013-03-23 20:51 - 90130256 ____A (Apple Inc.) C:\Users\Corsair300\Downloads\iTunes64Setup.exe
2013-03-23 21:08 - 2013-03-23 21:08 - 00001835 ____A C:\Users\Corsair300\Desktop\Spotify.lnk
2013-03-23 14:03 - 2013-03-23 14:03 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\NCdownloader
2013-03-23 14:03 - 2013-03-23 14:03 - 00000000 ____D C:\ProgramData\SoftSafe
2013-03-23 01:10 - 2013-03-21 18:48 - 00000979 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-03-22 11:54 - 2009-10-14 05:51 - 72013344 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-03-22 11:23 - 2013-03-22 11:23 - 00000000 ____D C:\Users\Corsair300\AppData\Local\SoftGrid Client
2013-03-22 11:20 - 2013-03-22 11:14 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\TP
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Windows\PCHEALTH
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files\Microsoft Office
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-03-22 11:18 - 2013-03-22 11:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-03-22 11:18 - 2013-01-09 15:51 - 00798048 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-03-22 11:18 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-03-22 10:44 - 2013-03-22 10:44 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\LolClient
2013-03-22 07:52 - 2013-03-22 07:52 - 00001720 ____A C:\Users\Public\Desktop\League of Legends.lnk
2013-03-22 07:51 - 2013-03-22 07:51 - 00000000 ____D C:\Riot Games
2013-03-22 04:07 - 2013-03-21 18:26 - 00000000 ____D C:\Users\Corsair300\Documents\League of Legends
2013-03-22 00:12 - 2013-03-22 00:12 - 00000000 ____D C:\Windows\pss
2013-03-22 00:11 - 2013-01-09 14:38 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Deployment
2013-03-21 18:57 - 2013-03-21 18:57 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-03-21 18:57 - 2013-03-21 18:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-03-21 18:57 - 2013-03-21 18:57 - 00000000 ____D C:\ProgramData\Skype
2013-03-21 18:48 - 2013-03-21 18:48 - 00000000 ____D C:\Program Files\CCleaner
2013-03-21 18:43 - 2013-03-21 18:41 - 00000000 ____D C:\ProgramData\HP
2013-03-21 18:41 - 2013-03-21 18:41 - 00002236 ____A C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2013-03-21 18:41 - 2013-03-21 18:41 - 00001231 ____A C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2013-03-21 18:40 - 2013-03-21 18:40 - 00000000 ____D C:\Program Files\HP
2013-03-21 18:40 - 2013-03-21 18:40 - 00000000 ____D C:\Program Files (x86)\HP
2013-03-21 18:39 - 2013-03-21 18:39 - 00000000 ____D C:\Users\Corsair300\AppData\Local\HP
2013-03-21 18:34 - 2013-03-21 18:34 - 00000000 ____D C:\Users\Corsair300\Documents\Updater
2013-03-21 18:33 - 2013-03-21 18:33 - 00000000 ____D C:\ProgramData\Adobe Systems
2013-03-21 18:32 - 2013-03-21 18:32 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2013-03-21 18:32 - 2013-01-09 15:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-03-21 18:31 - 2013-03-21 18:31 - 00002045 ____A C:\Users\Corsair300\Desktop\Adobe Photoshop.lnk
2013-03-21 18:24 - 2013-03-21 18:24 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-03-21 18:22 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-03-21 18:17 - 2013-03-21 18:17 - 00001066 ____A C:\Users\Corsair300\Desktop\Documents.lnk
2013-03-21 18:16 - 2013-03-21 18:16 - 00000894 ____A C:\Users\Public\Desktop\NETGEAR WNA1100 Smart Wizard.lnk
2013-03-21 18:16 - 2013-03-21 18:16 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\InstallShield
2013-03-21 18:16 - 2013-03-21 18:16 - 00000000 ____D C:\Program Files (x86)\NETGEAR
2013-03-21 15:54 - 2013-03-21 15:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-03-21 15:24 - 2013-03-21 15:23 - 00014323 ____A C:\Users\Corsair300\Desktop\Google Chrome.lnk
2013-03-21 15:20 - 2013-03-21 15:20 - 00000000 ____D C:\ProgramData\WinZip
2013-03-21 15:07 - 2013-01-17 18:01 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\NCH Software
2013-03-21 15:07 - 2013-01-10 22:28 - 00000000 ____D C:\Users\Corsair300\AppData\Local\Ubisoft Game Launcher
2013-03-20 12:55 - 2013-03-20 12:55 - 00000000 ____D C:\Users\Corsair300\AppData\Roaming\Awesomium
2013-03-20 03:29 - 2013-03-20 03:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 21:16 - 2013-01-09 14:43 - 06398240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-03-14 21:16 - 2013-01-09 14:43 - 03477280 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-03-14 21:16 - 2013-01-09 14:43 - 00877856 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-03-14 21:16 - 2013-01-09 14:43 - 00237856 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-03-14 21:16 - 2013-01-09 14:43 - 00063776 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-03-13 09:24 - 2013-01-09 14:43 - 03065455 ____A C:\Windows\System32\nvcoproc.bin
2013-03-12 01:10 - 2009-10-14 05:52 - 00282744 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 12%
Total physical RAM: 15833.59 MB
Available physical RAM: 13805.71 MB
Total Pagefile: 31665.32 MB
Available Pagefile: 29452.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Partitions =============================
 
1 Drive c: () (Fixed) (Total:167.58 GB) (Free:41.17 GB) NTFS
3 Drive e: (Backup Hard Drive (Data)) (Fixed) (Total:931.51 GB) (Free:826.86 GB) NTFS
5 Drive g: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
6 Drive h: (Eden's Old Hard Drive) (Fixed) (Total:698.54 GB) (Free:648.99 GB) NTFS
7 Drive i: (USB DISK) (Removable) (Total:14.43 GB) (Free:6.49 GB) FAT32
 
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          931 GB      0 B         
  Disk 1    Online          167 GB      0 B         
  Disk 2    Online          698 GB      0 B         
  Disk 3    Online           14 GB      0 B         
 
Partitions of Disk 0:
===============
 
Disk ID: 00000080
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            931 GB  1024 KB
 
==================================================================================
 
Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     E   Backup Hard  NTFS   Partition    931 GB  Healthy            
 
=========================================================
 
Partitions of Disk 1:
===============
 
Disk ID: 7D78644D
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            100 MB  1024 KB
  Partition 2    Primary            167 GB   101 MB
 
==================================================================================
 
Disk: 1
Partition 1
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3         System Rese  NTFS   Partition    100 MB  Healthy    System (partition with boot components)  
 
=========================================================
 
Disk: 1
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4     C                NTFS   Partition    167 GB  Healthy    Boot    
 
=========================================================
 
Partitions of Disk 2:
===============
 
Disk ID: A8C3B606
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            100 MB  1024 KB
  Partition 2    Primary            698 GB   101 MB
 
==================================================================================
 
Disk: 2
Partition 1
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 5     G   System Rese  NTFS   Partition    100 MB  Healthy            
 
=========================================================
 
Disk: 2
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 6     H   Eden's Old   NTFS   Partition    698 GB  Healthy            
 
=========================================================
 
Partitions of Disk 3:
===============
 
Disk ID: C3072E18
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             14 GB  4032 KB
 
==================================================================================
 
Disk: 3
Partition 1
Type  : 0C
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 7     I   USB DISK     FAT32  Removable     14 GB  Healthy            
 
=========================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: 00000080
 
Partition 1:
=========
Hex: 0020210007FEFFFF0008000000587074
Active: NO
Type: 07 (NTFS)
Size: 932 GB
 
==============================
Partitions of Disk 1:
===============
Disk ID: 7D78644D
 
Partition 1:
=========
Hex: 8020210007DF130C0008000000200300
Active: YES
Type: 07 (NTFS)
Size: 100 MB
 
Partition 2:
=========
Hex: 00DF140C07FEFFFF002803000098F214
Active: NO
Type: 07 (NTFS)
Size: 168 GB
 
==============================
Partitions of Disk 2:
===============
Disk ID: A8C3B606
 
Partition 1:
=========
Hex: 8020210007DF130C0008000000200300
Active: YES
Type: 07 (NTFS)
Size: 100 MB
 
Partition 2:
=========
Hex: 00DF140C07FEFFFF0028030000305157
Active: NO
Type: 07 (NTFS)
Size: 699 GB
 
==============================
Partitions of Disk 3:
===============
Disk ID: C3072E18
 
Partition 1:
=========
Hex: 000001010C2AABAA801F000080F5CD01
Active: NO
Type: 0C
Size: 14 GB
 
 
Last Boot: 2013-04-04 00:43
 
==================== End Of Log =============================


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 07 April 2013 - 01:49 PM

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.

 

 

Can you tell me if you were able to boot into the Recovery Environment as detailed in Post #3 before running the tool?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 11 April 2013 - 05:38 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,033 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:56 AM

Posted 14 April 2013 - 01:19 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users