Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Frst64 log


  • This topic is locked This topic is locked
17 replies to this topic

#1 bwrighttwo

bwrighttwo

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 25 August 2013 - 05:31 PM

Could someone take a look at this log and let me know if it looks normal, or steer me to the right board? It was run from a flashdrive with a Windows 7 disk that was purchased new. Thanks for your time.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2013 02
Ran by SYSTEM on 25-08-2013 18:07:54
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [x]
 
==================== Services (Whitelisted) =================
 
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S4 BAVSvc; C:\Program Files (x86)\Baidu Security\Cloud Security\BAVSvc.exe [1733992 2013-06-17] (Baidu, Inc.)
S4 UltiDev Web Server Pro; C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [64512 2012-05-09] (UltiDev LLC)
S4 UWS LoPriv Services; C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [44032 2012-05-09] (UltiDev LLC)
 
==================== Drivers (Whitelisted) ====================
 
S1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-08-21] (Emsisoft GmbH)
S1 A2DDA; C:\EEK\RUN\a2ddax64.sys [26176 2013-08-21] (Emsisoft GmbH)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-25] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-25] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-25] ()
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-08-20] (AVG Technologies)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2013-08-21] (Emsisoft GmbH)
S3 cleanhlp; C:\EEK\Run\cleanhlp64.sys [57024 2013-08-21] (Emsisoft GmbH)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-08-20] ()
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\EEK\RUN\a2ddax64.sys D27A8B7BB0E15DFBFC6B4E774EE17AD9
C:\EEK\RUN\a2ddax64.sys D27A8B7BB0E15DFBFC6B4E774EE17AD9
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 3F3CF42B66819B811EFF648289508EF7
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdhub30.sys C17BAFA60F941A1AF5C2B10D8632C409
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 1512CEEDC3657082F396A0818528B5E8
C:\Windows\System32\DRIVERS\atikmpag.sys 3D00276750E2D6F35228E12868CF1A46
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\amdxhc.sys 3DC51308F5E7A4BB8020D16E64E9D882
C:\Windows\System32\DRIVERS\amd_sata.sys 352476C98EF3952563A14F767491BBA9
C:\Windows\System32\DRIVERS\amd_xata.sys F4805C309FE48D6939147FE5CCDB1AD4
C:\Windows\system32\drivers\appid.sys FE1C253B40DF210E1CC29EE5A3DB53E6
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys 0BAEFD3F648C6E7AB52990DD9565E4E2
C:\Windows\system32\drivers\aswMonFlt.sys FA562F34ED6633C66170B09182B4C049
C:\Windows\System32\Drivers\aswrdr2.sys 64E2BAB4096C13D2342BC4661C967E07
C:\Windows\System32\Drivers\aswRvrt.sys 5573AA70993A2BB81525B1C704B88763
C:\Windows\System32\Drivers\aswSnx.sys 8C0800CDB501CFC1164B286A0478DC10
C:\Windows\System32\Drivers\aswSP.sys 3815DB16CDA62190F5C0A65118F3D714
C:\Windows\System32\Drivers\aswTdi.sys 29DD8E458A84171202AA4979364C30C0
C:\Windows\System32\Drivers\aswVmm.sys 22F521108881DC59837F6FC614E0568F
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\avgtpx64.sys 0B2520AA90C20971BDB45AE6F3047E0F
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\EEK\Run\cleanhlp64.sys E264626EEA468F0325C244CB9ECDDEB4
C:\EEK\Run\cleanhlp64.sys E264626EEA468F0325C244CB9ECDDEB4
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\System32\drivers\CpqDfw.sys 2285B31039611D509F6120D691CA661F
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys A61E76AA38582730CEFA51B78B3184B2
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\hitmanpro37.sys F2F56E5EB0E2B38927098AD8E28B9E85
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 426FFAD924B4B338B84D13F6AA5F5C8D
C:\Windows\System32\DRIVERS\mrxsmb.sys 631EC673CD9115AA5A3570E7C092A410
C:\Windows\System32\DRIVERS\mrxsmb10.sys B10A0DF47FB6A1B807617A8EB8CF1045
C:\Windows\System32\DRIVERS\mrxsmb20.sys B7D1933C1835A39B55BB59A2190DC858
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys 662CBFAA835FFF1A935DD01890AAFC62
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28ux.sys F17EB887B80D3B96475F4558F4B0CB84
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A6AE4551BF8EED09FA3B6FCDF472F3E1
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys DB854D79B792CBDD51F3072B44D724F0
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys 9500266AFA2548D2812DC59D8C1D7BD3
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys E50CFB92986DCAB49DE93788FD695813
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 20735E269DF367C76EF02DDE9C3FA477
C:\Windows\System32\DRIVERS\srv2.sys 6D1173EDC0D5C02ACE4BEA18F48E0746
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys B27F13153343BC37A27EAE01634D94E1
C:\Windows\System32\DRIVERS\tcpip.sys B27F13153343BC37A27EAE01634D94E1
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ED08C252A0041F8FC0237BAB585BABDC
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF83AA1C4278E2C0E36C0479C1555A9C
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 274804C8405091526F2AFFDE354D433A
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-08-25 13:31 - 2013-08-25 13:32 - 01576630 _____ (Farbar) C:\Users\jimjim\Downloads\FRST64.exe
2013-08-25 13:15 - 2013-08-25 13:15 - 00000704 _____ C:\DelFix.txt
2013-08-25 12:29 - 2013-08-25 12:29 - 00002710 _____ C:\Users\jimjim\Desktop\Ebay for Lora.odt
2013-08-25 11:21 - 2013-08-25 13:40 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-25 11:21 - 2013-08-25 11:23 - 00002075 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 11:21 - 2013-08-25 11:21 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00189936 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswSP.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-25 11:21 - 2013-08-25 11:21 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-25 11:21 - 2013-05-09 00:59 - 00080816 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-08-25 11:21 - 2013-05-09 00:59 - 00072016 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-08-25 11:21 - 2013-05-09 00:59 - 00065336 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2013-08-25 11:21 - 2013-05-09 00:59 - 00064288 _____ (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-08-25 11:21 - 2013-05-09 00:59 - 00033400 _____ (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-08-25 11:21 - 2013-05-09 00:58 - 00287840 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-08-25 11:21 - 2013-05-09 00:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-25 11:20 - 2013-08-25 11:21 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-25 11:15 - 2013-08-25 11:15 - 00254152 _____ (Secure By Design Inc.) C:\Users\jimjim\Downloads\Ninite Avast Installer.exe
2013-08-25 09:41 - 2013-08-25 09:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 08:39 - 2013-08-25 08:39 - 00029696 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\DCOMbob.exe
2013-08-25 08:38 - 2013-08-25 08:38 - 00029248 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\MouseTrap.exe
2013-08-25 08:36 - 2013-08-25 08:36 - 00022528 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\unpnp.exe
2013-08-25 08:34 - 2013-08-25 08:34 - 00117312 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\securable.exe
2013-08-25 08:31 - 2013-08-25 08:31 - 00025600 ____R (Gibson Research Corp.) C:\Users\jimjim\Downloads\LeakTest.exe
2013-08-25 08:31 - 2013-08-25 08:31 - 00025600 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\leaktest (1).exe
2013-08-22 15:25 - 2013-08-22 15:25 - 07812650 _____ C:\Users\jimjim\Downloads\lan-20110419132524.zip
2013-08-22 15:23 - 2013-08-22 15:24 - 18802253 _____ C:\Users\jimjim\Downloads\realtek_wlan_win7_2000016L_20110523.zip
2013-08-21 19:45 - 2013-08-21 19:45 - 00000546 _____ C:\Users\jimjim\Desktop\Emsisoft Emergency Kit.lnk
2013-08-21 19:44 - 2013-08-21 19:45 - 00000000 ____D C:\EEK
2013-08-21 19:37 - 2013-08-21 19:44 - 190701296 _____ C:\Users\jimjim\Downloads\EmsisoftEmergencyKit.exe
2013-08-21 19:14 - 2013-08-21 19:14 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\VSRevoGroup
2013-08-21 19:04 - 2013-08-21 19:05 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Wise PC 1stAid
2013-08-21 19:04 - 2013-08-21 19:04 - 00001153 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2013-08-21 19:03 - 2013-08-21 19:03 - 02960600 _____ (WiseCleaner.com                                             ) C:\Users\jimjim\Downloads\WPCASetup.exe
2013-08-21 15:31 - 2013-08-21 15:31 - 02168848 _____ (WiseCleaner.com                                             ) C:\Users\jimjim\Downloads\WRCFree (1).exe
2013-08-21 15:27 - 2013-08-25 09:51 - 00241214 _____ C:\Users\jimjim\Downloads\avgremover.log
2013-08-21 15:27 - 2013-08-21 15:27 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jimjim\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-08-21 15:17 - 2013-08-25 13:16 - 00002370 _____ C:\Windows\PFRO.log
2013-08-21 10:24 - 2013-08-21 10:24 - 00058016 _____ C:\Users\jimjim\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-21 10:19 - 2013-08-25 14:04 - 00002700 _____ C:\Windows\setupact.log
2013-08-21 10:19 - 2013-08-21 10:19 - 00275712 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-21 10:19 - 2013-08-21 10:19 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 19:53 - 2013-08-21 14:10 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-08-20 19:46 - 2013-08-20 19:46 - 00000066 _____ C:\Users\jimjim\Downloads\RestoreMountPointManagerWindows7.bat
2013-08-20 19:28 - 2013-08-20 19:28 - 00032000 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2013-08-20 19:25 - 2013-08-20 19:25 - 00001280 _____ C:\Windows\System32\.crusader
2013-08-20 19:08 - 2013-08-20 19:08 - 00663552 _____ (ESET) C:\Users\jimjim\Desktop\ESETUninstaller.exe
2013-08-20 17:06 - 2013-08-20 17:06 - 00000000 ____D C:\Users\jimjim\Downloads\ProcessExplorer
2013-08-20 17:05 - 2013-08-20 17:06 - 01191834 _____ C:\Users\jimjim\Downloads\ProcessExplorer.zip
2013-08-20 16:13 - 2013-08-20 16:13 - 00026493 _____ C:\Users\jimjim\Desktop\cmb1.txt
2013-08-20 15:28 - 2013-08-25 09:50 - 00000000 ____D C:\AdwCleaner
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\ProgramData\UltiDev
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\ProgramData\Caphyon
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\Program Files\UltiDev
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\Program Files (x86)\UltiDev
2013-08-16 20:57 - 2010-09-19 10:49 - 00050200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
2013-08-16 20:55 - 2013-08-16 20:55 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-16 20:54 - 2013-08-21 21:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-08-14 20:19 - 2013-08-14 20:19 - 00120584 _____ (Kaspersky Lab) C:\Users\jimjim\Downloads\pmaxkiller.exe
2013-08-14 20:18 - 2013-08-14 20:18 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\rafr (1).exe
2013-08-14 20:16 - 2013-08-14 20:16 - 00123392 _____ (Kaspersky Lab) C:\Users\jimjim\Downloads\digita_cure.exe
2013-08-14 20:15 - 2013-08-14 20:15 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\rafr.exe
2013-08-14 20:14 - 2013-08-14 20:14 - 00122976 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\zbotkiller.exe
2013-08-14 20:06 - 2013-08-14 20:06 - 00125784 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\fippkiller.exe
2013-08-13 20:03 - 2013-08-13 20:03 - 04429440 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\ccsetup404.exe
2013-08-13 15:56 - 2013-07-25 21:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-13 15:56 - 2013-07-25 21:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-13 15:56 - 2013-07-25 21:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-08-13 15:56 - 2013-07-25 21:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-13 15:56 - 2013-07-25 21:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-08-13 15:56 - 2013-07-25 19:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-13 15:56 - 2013-07-25 19:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-13 15:56 - 2013-07-25 19:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-13 15:56 - 2013-07-25 19:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-13 15:56 - 2013-07-25 19:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-13 15:56 - 2013-07-25 19:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-13 15:56 - 2013-07-25 18:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-13 15:56 - 2013-07-25 18:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-13 15:56 - 2013-07-25 17:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-13 15:50 - 2013-07-25 01:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-13 15:50 - 2013-07-25 00:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 15:50 - 2013-07-18 18:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-13 15:50 - 2013-07-18 17:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 15:50 - 2013-07-08 21:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-13 15:50 - 2013-07-08 21:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-08-13 15:50 - 2013-07-08 21:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-13 15:50 - 2013-07-08 21:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-13 15:50 - 2013-07-08 21:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-13 15:50 - 2013-07-08 21:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-13 15:50 - 2013-07-08 21:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-13 15:50 - 2013-07-08 20:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-13 15:50 - 2013-07-08 20:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-13 15:50 - 2013-07-08 20:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-13 15:50 - 2013-07-08 20:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-13 15:50 - 2013-07-08 20:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-13 15:50 - 2013-07-08 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-13 15:50 - 2013-07-08 20:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-13 15:50 - 2013-07-08 18:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-13 15:50 - 2013-07-08 18:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-13 15:50 - 2013-07-08 18:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-13 15:50 - 2013-07-08 18:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-13 15:50 - 2013-07-07 21:22 - 05554624 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-13 15:50 - 2013-07-07 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-08-13 15:50 - 2013-07-07 21:11 - 00058368 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2013-08-13 15:50 - 2013-07-07 21:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2013-08-13 15:50 - 2013-07-07 21:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-08-13 15:50 - 2013-07-07 21:08 - 03973056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-13 15:50 - 2013-07-07 21:08 - 03918272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-13 15:50 - 2013-07-07 20:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2013-08-13 15:50 - 2013-07-07 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-08-13 15:50 - 2013-07-07 19:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2013-08-13 15:50 - 2013-07-07 19:31 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2013-08-13 15:50 - 2013-07-07 19:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2013-08-13 15:50 - 2013-07-07 18:50 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-08-13 15:50 - 2013-07-05 21:20 - 01900992 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-13 15:50 - 2013-07-05 21:20 - 00376768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-08-13 15:50 - 2013-07-05 21:20 - 00288192 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-08-13 15:50 - 2013-06-14 20:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-09 19:52 - 2013-08-09 19:52 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-08 18:58 - 2013-08-08 18:58 - 00000078 _____ C:\Users\jimjim\Desktop\look1.txt
2013-08-08 18:49 - 2013-08-08 18:49 - 00000078 _____ C:\Users\jimjim\Desktop\comclandserv1.txt
2013-08-08 18:17 - 2013-08-08 18:17 - 00000701 _____ C:\Users\jimjim\Desktop\TS_UXSMS.ps1
2013-08-08 18:12 - 2013-08-08 18:12 - 00000047 _____ C:\Users\jimjim\Desktop\wikivirtualpc.txt
2013-08-08 17:26 - 2013-08-21 19:04 - 00000000 ____D C:\Program Files (x86)\Wise
2013-08-08 17:26 - 2013-08-21 19:02 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Wise Registry Cleaner
2013-08-08 17:26 - 2013-08-21 15:32 - 00001227 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2013-08-08 16:59 - 2013-08-21 18:06 - 00000000 ____D C:\Windows\pss
2013-08-08 15:48 - 2013-08-08 15:51 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\ImgBurn
2013-08-08 15:39 - 2013-08-21 14:10 - 00000000 ____D C:\Users\jimjim\AppData\Local\AVG SafeGuard toolbar
2013-08-08 15:39 - 2013-08-20 19:53 - 00045856 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-08-08 15:38 - 2013-08-08 15:38 - 00001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-08-08 15:38 - 2013-08-08 15:38 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-08-07 17:46 - 2013-08-07 17:46 - 00000374 _____ C:\Users\jimjim\Desktop\loggmr.log
2013-08-07 17:43 - 2013-08-07 17:43 - 00377856 _____ C:\Users\jimjim\Desktop\83t149hk.exe
2013-08-06 19:16 - 2013-08-06 19:16 - 00025002 _____ C:\Users\jimjim\Desktop\cb1.txt
2013-08-06 19:05 - 2013-08-06 19:09 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:02 - 2013-08-06 19:02 - 00048214 _____ C:\Users\jimjim\Desktop\HitmanPro_20130806_2302.log
2013-08-06 18:58 - 2013-08-06 19:04 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-06 18:58 - 2013-08-06 18:58 - 00000000 ____D C:\Program Files\HitmanPro
2013-08-06 18:57 - 2013-08-06 18:58 - 09853928 _____ (SurfRight B.V.) C:\Users\jimjim\Downloads\HitmanPro_x64.exe
2013-08-06 18:18 - 2013-08-10 18:40 - 00001768 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-08-06 18:18 - 2013-08-06 18:18 - 00000000 ____D C:\Program Files\Defraggler
2013-08-06 17:30 - 2013-08-10 18:40 - 00000840 _____ C:\Users\Public\Desktop\Speccy.lnk
2013-08-06 17:30 - 2013-08-06 17:30 - 00000000 ____D C:\Program Files\Speccy
2013-08-06 14:27 - 2013-08-05 19:44 - 00000000 ____D C:\Users\jimjim\Desktop\New folder - Copy
2013-08-06 14:26 - 2013-07-30 18:34 - 00005120 _____ C:\Users\jimjim\Desktop\bootex_1 - Copy.log
2013-08-06 14:26 - 2013-07-30 18:34 - 00003304 _____ C:\Users\jimjim\Desktop\bootsqm - Copy.dat
2013-08-05 19:44 - 2013-08-05 19:44 - 00000000 ____D C:\Users\jimjim\Desktop\New folder
2013-08-05 15:56 - 2013-08-21 20:31 - 00000000 ____D C:\Program Files\Recuva
2013-08-05 15:56 - 2013-08-10 18:40 - 00001702 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-08-05 15:56 - 2013-08-05 15:56 - 00005120 _____ C:\Users\jimjim\Desktop\RecoveryStore.{A5C40151-FE2A-11E2-AC69-386077D9BE42}.dat
2013-08-05 15:53 - 2013-08-05 15:53 - 04100432 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\dfsetup215.exe
2013-08-05 15:52 - 2013-08-05 15:53 - 03723592 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\rcsetup147.exe
2013-08-05 15:51 - 2013-08-05 15:51 - 05126104 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\spsetup122.exe
2013-08-03 16:40 - 2013-08-25 13:37 - 01696982 _____ C:\Windows\WindowsUpdate.log
2013-08-03 16:12 - 2013-08-21 19:28 - 00003426 _____ C:\Windows\System32\Tasks\Baidu Antivirus Update
2013-08-03 16:12 - 2013-08-06 16:50 - 00000055 _____ C:\user_defpage_list
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\ProgramData\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-08-03 15:31 - 2012-10-18 09:51 - 00498176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-08-03 15:30 - 2013-01-04 18:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2013-08-03 15:30 - 2012-10-31 20:33 - 00559616 _____ (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2013-08-03 15:30 - 2012-10-18 14:00 - 00296808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2013-08-03 15:30 - 2012-10-18 14:00 - 00213848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2013-08-03 15:30 - 2012-10-18 14:00 - 00190824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-08-03 15:30 - 2012-10-18 12:34 - 01742848 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2013-08-03 15:30 - 2012-10-18 12:34 - 00262656 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2013-08-03 15:30 - 2012-10-18 12:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\srvsvc.dll
2013-08-03 15:30 - 2012-10-18 12:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\umpo.dll
2013-08-03 15:30 - 2012-10-18 12:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\tcpmonui.dll
2013-08-03 15:30 - 2012-10-18 12:34 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\tcpmib.dll
2013-08-03 15:30 - 2012-10-18 12:33 - 00512000 _____ (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2013-08-03 15:30 - 2012-10-18 12:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2013-08-03 15:30 - 2012-10-18 12:32 - 00832000 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-08-03 15:30 - 2012-10-18 12:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2013-08-03 15:30 - 2012-10-18 12:31 - 00698880 _____ (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2013-08-03 15:30 - 2012-10-18 12:31 - 00303104 _____ (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2013-08-03 15:30 - 2012-10-18 12:31 - 00222208 _____ (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-08-03 15:30 - 2012-10-18 12:31 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2013-08-03 15:30 - 2012-10-18 12:30 - 00965120 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-08-03 15:30 - 2012-10-18 12:30 - 00166400 _____ (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 01065984 _____ (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00855040 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-08-03 15:30 - 2012-10-18 12:29 - 00777216 _____ (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-08-03 15:30 - 2012-10-18 12:29 - 00317952 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00253952 _____ (Microsoft Corporation) C:\Windows\System32\dot3svc.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00103936 _____ (Microsoft Corporation) C:\Windows\System32\dot3msm.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\dot3gpclnt.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-08-03 15:30 - 2012-10-18 12:29 - 00041984 _____ (Microsoft Corporation) C:\Windows\System32\gpprnext.dll
2013-08-03 15:30 - 2012-10-18 12:28 - 00110592 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2013-08-03 15:30 - 2012-10-18 12:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\cscapi.dll
2013-08-03 15:30 - 2012-10-18 12:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\cscdll.dll
2013-08-03 15:30 - 2012-10-18 12:27 - 00876544 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2013-08-03 15:30 - 2012-10-18 12:27 - 00706560 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-08-03 15:30 - 2012-10-18 11:39 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-08-03 15:30 - 2012-10-18 11:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmib.dll
2013-08-03 15:30 - 2012-10-18 11:38 - 00657920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-08-03 15:30 - 2012-10-18 11:38 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2013-08-03 15:30 - 2012-10-18 11:37 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2013-08-03 15:30 - 2012-10-18 11:37 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2013-08-03 15:30 - 2012-10-18 11:37 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 01039872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-08-03 15:30 - 2012-10-18 11:35 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3gpclnt.dll
2013-08-03 15:30 - 2012-10-18 11:35 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-08-03 15:30 - 2012-10-18 11:34 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-08-03 15:30 - 2012-10-18 11:34 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-08-03 15:30 - 2012-10-18 11:34 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2013-08-03 15:30 - 2012-10-18 11:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\wpnpinst.exe
2013-08-03 15:30 - 2012-10-18 11:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\rdpdd.dll
2013-08-03 15:30 - 2012-10-18 10:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndisuio.sys
2013-08-03 15:30 - 2012-10-18 10:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vwififlt.sys
2013-08-03 15:30 - 2012-10-18 10:50 - 00018432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vwifimp.sys
2013-08-03 15:30 - 2012-10-18 10:49 - 00091648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2013-08-03 15:30 - 2012-10-18 10:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-08-03 15:30 - 2012-10-18 10:41 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2013-08-03 15:30 - 2012-10-18 10:41 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprnext.dll
2013-08-03 15:30 - 2012-10-18 10:11 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3dlg.dll
2013-08-03 15:30 - 2012-10-18 10:02 - 00027136 _____ (Microsoft Corporation) C:\Windows\System32\svchost.exe
2013-08-03 15:30 - 2012-10-18 09:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-08-03 15:30 - 2012-10-18 09:55 - 00467456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2013-08-03 15:30 - 2012-10-18 09:55 - 00408576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-08-03 15:30 - 2012-10-18 09:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-08-03 15:30 - 2012-10-18 09:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2013-08-03 15:30 - 2012-10-18 09:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
2013-08-03 15:30 - 2012-10-18 09:54 - 00128000 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-08-03 15:30 - 2012-10-18 09:54 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2013-08-03 15:30 - 2012-10-18 09:40 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-08-03 15:30 - 2012-10-18 09:34 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2013-08-03 13:40 - 2013-08-03 15:26 - 00000000 ____D C:\Users\jimjim\Downloads\usbdeview
2013-08-03 12:03 - 2013-08-03 12:03 - 00000000 ____D C:\Users\jimjim\AppData\Local\AMD
2013-08-03 12:02 - 2013-08-20 20:16 - 00000000 ____D C:\ProgramData\AMD
2013-08-03 12:02 - 2013-08-03 12:02 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\ATI
2013-08-03 12:02 - 2013-08-03 12:02 - 00000000 ____D C:\Users\jimjim\AppData\Local\ATI
2013-08-03 12:01 - 2013-08-03 12:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-08-03 12:01 - 2013-08-03 12:01 - 00000000 ____D C:\Program Files\ATI
2013-08-03 11:57 - 2013-08-03 11:57 - 00000000 ____D C:\AMD
2013-08-01 19:54 - 2013-08-21 19:28 - 00003124 _____ C:\Windows\System32\Tasks\{E3AC17A7-E156-48D0-B212-0A1B59135DFD}
2013-08-01 19:53 - 2013-08-01 19:53 - 01483240 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp55732.exe
2013-08-01 19:52 - 2013-08-01 19:52 - 02672968 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp62027.exe
2013-08-01 19:31 - 2013-08-01 19:31 - 00000000 ____D C:\ProgramData\HP
2013-08-01 19:20 - 2013-08-21 21:07 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForjimjim.job
2013-08-01 19:20 - 2013-08-21 19:28 - 00003194 _____ C:\Windows\System32\Tasks\HPCeeScheduleForjimjim
2013-08-01 19:17 - 2013-08-01 19:17 - 00220288 _____ (Advanced Micro Devices, INC.) C:\Windows\System32\Drivers\amdxhc.sys
2013-08-01 19:17 - 2013-08-01 19:17 - 00103552 _____ (Advanced Micro Devices, INC.) C:\Windows\System32\Drivers\amdhub30.sys
2013-08-01 19:16 - 2013-08-03 11:42 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-01 19:15 - 2013-08-01 19:37 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-01 19:13 - 2013-08-01 19:20 - 00000000 ____D C:\Users\jimjim\AppData\Local\Hewlett-Packard
2013-08-01 19:12 - 2013-08-01 19:12 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Hewlett-Packard
2013-08-01 19:10 - 2013-08-01 19:10 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2013-08-01 19:10 - 2012-05-29 11:53 - 00027456 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\System32\Drivers\cpqdfw.sys
2013-08-01 19:09 - 2013-08-01 19:11 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-08-01 19:09 - 2013-08-01 19:11 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-08-01 19:09 - 2013-08-01 19:09 - 00002185 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2013-08-01 19:08 - 2013-08-01 19:08 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\hpqLog
2013-08-01 19:08 - 2013-08-01 19:08 - 00000000 ____D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-08-01 19:06 - 2013-08-01 19:07 - 41698448 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp58919.exe
2013-08-01 19:01 - 2013-08-01 19:01 - 01527352 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp55754.exe
2013-08-01 17:11 - 2013-08-01 17:11 - 02722400 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp56409.exe
2013-08-01 16:33 - 2013-08-01 16:33 - 594804736 _____ C:\Users\jimjim\Documents\Downloads.iso
2013-08-01 16:33 - 2013-08-01 16:33 - 00004314 _____ C:\Users\jimjim\Documents\Downloads.mds
2013-08-01 06:14 - 2013-08-01 06:14 - 00078739 _____ C:\Users\jimjim\Downloads\usbdeview.zip
2013-07-30 20:45 - 2013-08-01 20:00 - 00000000 ____D C:\swsetup
2013-07-30 20:44 - 2013-07-30 20:44 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\WinBatch
2013-07-30 20:25 - 2013-07-30 20:41 - 594256576 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp56288.exe
2013-07-30 20:17 - 2013-07-30 20:17 - 00025150 _____ C:\Users\jimjim\Desktop\f_00002d
2013-07-30 19:19 - 2013-08-01 14:42 - 00000000 ____D C:\Program Files\Google
2013-07-30 19:17 - 2013-08-21 19:28 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-30 19:17 - 2013-08-13 20:04 - 00000975 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-30 19:17 - 2013-08-13 20:04 - 00000000 ____D C:\Program Files\CCleaner
2013-07-30 19:16 - 2013-04-16 23:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-30 19:16 - 2013-04-16 22:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-07-30 19:16 - 2011-03-24 19:29 - 00343040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-07-30 19:16 - 2011-03-24 19:29 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2013-07-30 19:16 - 2011-03-24 19:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2013-07-30 19:16 - 2011-03-24 19:29 - 00052736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2013-07-30 19:16 - 2011-03-24 19:29 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2013-07-30 19:16 - 2011-03-24 19:29 - 00025600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-07-30 19:16 - 2011-03-24 19:28 - 00007936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2013-07-30 19:16 - 2011-03-10 22:41 - 00410496 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2013-07-30 19:16 - 2011-03-10 22:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2013-07-30 19:16 - 2011-03-10 22:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2013-07-30 19:16 - 2011-03-10 22:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-07-30 19:16 - 2011-03-10 22:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-07-30 19:16 - 2011-03-10 22:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-07-30 19:16 - 2011-03-10 22:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2013-07-30 19:16 - 2011-03-10 21:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-07-30 19:16 - 2011-03-10 21:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2013-07-30 19:14 - 2013-07-30 19:14 - 00660160 _____ (Sysinternals - www.sysinternals.com) C:\Users\jimjim\Downloads\autoruns.exe
2013-07-30 19:10 - 2013-07-30 19:10 - 00003266 _____ C:\Windows\System32\Tasks\{BFC1D27B-3F88-4DB5-8E57-9B1C29F8E57F}
2013-07-30 18:56 - 2013-08-19 13:39 - 00865886 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-07-30 18:47 - 2013-07-30 18:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-JIMJIM-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-07-30 18:46 - 2013-07-30 18:46 - 00000000 ____D C:\RegBackup
2013-07-30 18:34 - 2013-07-30 18:34 - 00005120 _____ C:\Users\jimjim\Desktop\bootex_1.log
2013-07-30 18:34 - 2013-07-30 18:34 - 00005120 _____ C:\Users\jimjim\Desktop\bootex.log
2013-07-30 18:34 - 2013-07-30 18:34 - 00003304 _____ C:\Users\jimjim\Desktop\bootsqm.dat
2013-07-30 18:29 - 2013-07-30 19:03 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 18:26 - 2013-07-30 18:26 - 00002159 _____ C:\Users\jimjim\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-07-30 18:26 - 2013-07-30 18:26 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-07-30 18:21 - 2013-07-30 18:21 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-07-30 18:19 - 2013-07-30 18:19 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Malwarebytes
2013-07-30 18:18 - 2012-07-25 19:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2013-07-30 18:18 - 2012-07-25 19:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2013-07-30 18:18 - 2012-07-25 19:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2013-07-30 18:18 - 2012-07-25 19:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2013-07-30 18:18 - 2012-07-25 19:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2013-07-30 18:18 - 2012-07-25 18:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2013-07-30 18:18 - 2012-07-25 18:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2013-07-30 18:18 - 2012-06-02 06:57 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-07-30 18:15 - 2013-08-25 14:03 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-30 18:15 - 2013-08-25 13:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-30 18:15 - 2013-08-21 10:31 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-30 18:15 - 2013-08-01 20:20 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-30 18:15 - 2013-08-01 20:20 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-30 18:15 - 2013-07-30 18:15 - 00001264 _____ C:\Users\jimjim\Desktop\Revo Uninstaller.lnk
2013-07-30 18:15 - 2013-07-30 18:15 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:15 - 2013-04-04 10:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-07-30 18:14 - 2013-08-01 14:42 - 00000000 ____D C:\Program Files (x86)\Google
2013-07-30 18:14 - 2013-08-01 14:34 - 00000000 ____D C:\Users\jimjim\AppData\Local\Google
2013-07-30 18:06 - 2012-07-25 20:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-07-30 18:06 - 2012-07-25 20:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2013-07-30 18:06 - 2012-07-25 18:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2013-07-30 18:06 - 2012-06-02 06:35 - 00000003 _____ C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-07-30 18:05 - 2013-08-13 15:53 - 00000000 ____D C:\Windows\System32\MRT
2013-07-30 18:04 - 2013-07-30 18:04 - 00254152 _____ (Secure By Design Inc.) C:\Users\jimjim\Desktop\Ninite Chrome Malwarebytes Revo Installer.exe
2013-07-30 18:01 - 2013-03-18 21:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-07-30 18:01 - 2013-03-18 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-07-30 18:01 - 2012-12-07 05:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-07-30 18:01 - 2012-12-07 05:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-07-30 18:01 - 2012-12-07 04:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-07-30 18:01 - 2012-12-07 04:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-07-30 18:01 - 2012-12-07 03:20 - 00045568 _____ (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00044544 _____ (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00043520 _____ (Microsoft) C:\Windows\System32\csrr.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00030720 _____ (Microsoft) C:\Windows\System32\usk.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00023552 _____ (Microsoft) C:\Windows\System32\oflc.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-07-30 18:01 - 2012-12-07 03:20 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00055296 _____ (Microsoft) C:\Windows\System32\cero.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00051712 _____ (Microsoft) C:\Windows\System32\esrb.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00046592 _____ (Microsoft) C:\Windows\System32\fpb.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00040960 _____ (Microsoft) C:\Windows\System32\cob-au.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00021504 _____ (Microsoft) C:\Windows\System32\grb.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00020480 _____ (Microsoft) C:\Windows\System32\pegi.rs
2013-07-30 18:01 - 2012-12-07 03:19 - 00015360 _____ (Microsoft) C:\Windows\System32\djctq.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-07-30 18:01 - 2012-12-07 02:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-07-30 18:01 - 2012-11-29 21:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-07-30 18:01 - 2012-11-29 21:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-07-30 18:01 - 2012-11-29 21:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-07-30 18:01 - 2012-11-29 21:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-07-30 18:01 - 2012-11-29 21:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00006144 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 21:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-30 18:01 - 2012-11-29 20:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 20:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 19:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-07-30 18:01 - 2012-11-29 18:38 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 18:38 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 18:38 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 18:38 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-07-30 18:01 - 2012-11-29 15:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-07-30 18:01 - 2012-11-29 15:15 - 00420064 _____ C:\Windows\System32\locale.nls
2013-07-30 18:01 - 2012-11-21 21:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-07-30 18:01 - 2012-11-21 20:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-07-30 18:01 - 2012-10-03 09:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2013-07-30 18:01 - 2012-10-03 09:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\netevent.dll
2013-07-30 18:01 - 2012-10-03 09:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-07-30 18:01 - 2012-10-03 08:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2013-07-30 18:01 - 2012-10-03 08:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2013-07-30 18:01 - 2012-10-03 08:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2013-07-30 18:01 - 2012-08-21 13:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2013-07-30 18:01 - 2012-04-07 04:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2013-07-30 18:01 - 2012-04-07 03:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-07-30 18:01 - 2012-01-04 02:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2013-07-30 18:01 - 2012-01-04 00:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-07-30 18:01 - 2011-06-15 21:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2013-07-30 18:01 - 2011-06-15 20:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-07-30 18:01 - 2011-05-03 21:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-07-30 18:01 - 2011-05-03 21:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-07-30 18:01 - 2011-05-03 21:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-07-30 18:01 - 2011-05-03 21:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-07-30 18:01 - 2011-05-03 21:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-07-30 18:01 - 2011-05-03 21:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-07-30 18:01 - 2011-05-03 21:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-07-30 18:01 - 2011-05-03 21:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-07-30 18:01 - 2011-05-03 21:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-07-30 18:01 - 2011-05-03 20:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-07-30 18:01 - 2011-05-03 20:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-07-30 18:01 - 2011-05-03 20:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-07-30 18:01 - 2011-05-03 20:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-07-30 18:01 - 2011-05-03 20:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-07-30 18:01 - 2011-05-03 20:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-07-30 18:01 - 2011-05-03 20:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-07-30 18:01 - 2011-05-03 20:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-07-30 18:01 - 2011-05-03 20:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-07-30 18:00 - 2013-05-09 21:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-07-30 18:00 - 2013-05-09 19:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-30 18:00 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-30 18:00 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-30 18:00 - 2011-02-24 22:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-30 18:00 - 2011-02-24 21:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-30 17:59 - 2012-08-22 10:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-07-30 17:59 - 2012-07-04 12:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\RNDISMP.sys
2013-07-30 17:59 - 2011-12-29 22:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2013-07-30 17:59 - 2011-12-29 21:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-07-30 17:59 - 2011-04-22 14:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2013-07-30 17:55 - 2013-07-30 17:55 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Adobe
2013-07-30 17:47 - 2013-07-30 17:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-30 17:47 - 2013-07-30 17:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-30 17:47 - 2013-07-30 17:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-30 17:47 - 2013-07-30 17:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-30 17:47 - 2013-07-30 17:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-30 17:47 - 2013-07-30 17:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-30 17:47 - 2013-07-30 17:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-30 17:47 - 2013-07-30 17:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-30 17:47 - 2013-07-30 17:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-30 17:45 - 2013-07-30 17:45 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00002560 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-30 17:21 - 2013-08-13 15:51 - 78161360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-30 17:09 - 2012-12-16 09:11 - 00046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-07-30 17:09 - 2012-12-16 06:45 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-07-30 17:09 - 2012-12-16 06:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-30 17:09 - 2012-12-16 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-30 17:09 - 2010-09-30 02:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-07-30 17:09 - 2010-09-29 22:47 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-07-30 17:07 - 2012-02-29 22:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2013-07-30 17:07 - 2012-02-29 22:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-07-30 17:07 - 2012-02-29 22:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\System32\wmi.dll
2013-07-30 17:07 - 2012-02-29 21:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-07-30 17:07 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-07-30 17:03 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-07-30 17:03 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-07-30 17:03 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-30 17:03 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-30 17:03 - 2013-02-26 21:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-07-30 17:03 - 2013-02-26 21:25 - 00111976 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-07-30 17:03 - 2013-02-26 21:23 - 14176768 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-07-30 17:03 - 2013-02-26 21:23 - 01931776 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-07-30 17:03 - 2013-02-26 21:23 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-07-30 17:03 - 2013-02-26 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-30 17:03 - 2013-02-26 20:27 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-30 17:03 - 2013-02-26 20:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-30 17:03 - 2013-02-14 22:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-07-30 17:03 - 2013-02-14 22:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-07-30 17:03 - 2013-02-14 22:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-07-30 17:03 - 2013-02-14 20:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-30 17:03 - 2013-02-14 20:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-30 17:03 - 2013-02-14 19:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-30 17:03 - 2013-01-03 21:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-07-30 17:03 - 2012-11-19 21:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-07-30 17:03 - 2012-11-19 20:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-07-30 17:03 - 2012-11-01 21:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-07-30 17:03 - 2012-11-01 21:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-30 17:03 - 2012-06-01 21:50 - 00458704 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-07-30 17:03 - 2012-06-01 21:48 - 00151920 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-07-30 17:03 - 2012-06-01 21:48 - 00095600 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-07-30 17:03 - 2012-06-01 21:45 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-07-30 17:03 - 2012-06-01 20:40 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-07-30 17:03 - 2012-06-01 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-07-30 17:03 - 2012-06-01 20:34 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-07-30 17:03 - 2012-04-27 19:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2013-07-30 17:03 - 2011-11-16 22:35 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-07-30 17:03 - 2011-11-16 22:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll
2013-07-30 17:03 - 2011-11-16 22:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-07-30 17:03 - 2011-11-16 22:35 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-07-30 17:03 - 2011-11-16 22:35 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-07-30 17:03 - 2011-11-16 22:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-07-30 17:03 - 2011-11-16 21:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-07-30 17:03 - 2011-10-25 21:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\System32\quartz.dll
2013-07-30 17:03 - 2011-10-25 21:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-07-30 17:03 - 2011-10-25 20:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-07-30 17:03 - 2011-10-25 20:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-07-30 17:03 - 2011-04-28 19:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-07-30 17:03 - 2011-03-10 22:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2013-07-30 17:03 - 2011-03-10 22:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2013-07-30 17:03 - 2011-03-10 21:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-07-30 17:03 - 2011-03-10 21:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-07-30 17:03 - 2010-12-23 02:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\System32\sbe.dll
2013-07-30 17:03 - 2010-12-23 02:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll
2013-07-30 17:03 - 2010-12-23 02:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\System32\mpg2splt.ax
2013-07-30 17:03 - 2010-12-22 21:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-07-30 17:03 - 2010-12-22 21:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-07-30 17:03 - 2010-12-22 21:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-07-30 17:02 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-30 17:02 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-30 17:02 - 2013-06-03 19:18 - 03156992 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-30 17:02 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-07-30 17:02 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-30 17:02 - 2013-04-12 06:16 - 01686888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-07-30 17:02 - 2013-04-09 22:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-07-30 17:02 - 2013-04-09 22:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-07-30 17:02 - 2013-02-11 20:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-07-30 17:02 - 2012-10-31 21:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-07-30 17:02 - 2012-10-31 21:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-07-30 17:02 - 2012-10-31 20:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-30 17:02 - 2012-10-31 20:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-30 17:02 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-07-30 17:02 - 2012-09-25 14:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-07-30 17:02 - 2012-08-10 16:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-07-30 17:02 - 2012-08-10 15:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-07-30 17:02 - 2012-04-25 21:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2013-07-30 17:02 - 2012-04-25 21:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2013-07-30 17:02 - 2012-04-25 21:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2013-07-30 17:02 - 2012-03-16 23:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-07-30 17:02 - 2011-12-16 00:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2013-07-30 17:02 - 2011-12-15 23:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-07-30 17:02 - 2011-06-15 02:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\System32\odbctrac.dll
2013-07-30 17:02 - 2011-06-15 02:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\System32\odbccp32.dll
2013-07-30 17:02 - 2011-06-15 02:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccu32.dll
2013-07-30 17:02 - 2011-06-15 02:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\System32\odbccr32.dll
2013-07-30 17:02 - 2011-06-15 00:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-07-30 17:02 - 2011-06-15 00:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-07-30 17:02 - 2011-06-15 00:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-07-30 17:02 - 2011-06-15 00:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-07-30 17:02 - 2011-06-15 00:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-07-30 17:02 - 2011-04-08 22:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-07-30 17:02 - 2011-04-08 21:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-07-30 17:02 - 2011-03-02 22:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2013-07-30 17:02 - 2011-03-02 22:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2013-07-30 17:02 - 2011-03-02 22:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2013-07-30 17:02 - 2011-03-02 21:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-07-30 17:02 - 2011-03-02 21:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-07-30 17:02 - 2011-02-03 03:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-07-30 17:02 - 2010-06-25 19:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-07-30 17:02 - 2010-06-25 19:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-07-30 16:59 - 2011-08-16 21:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\System32\psisdecd.dll
2013-07-30 16:59 - 2011-08-16 21:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\psisrndr.ax
2013-07-30 16:59 - 2011-08-16 20:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-07-30 16:59 - 2011-08-16 20:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-07-30 04:26 - 2013-01-23 22:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-07-30 04:26 - 2012-11-22 19:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-07-30 04:26 - 2012-07-04 14:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2013-07-30 04:26 - 2012-07-04 14:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\browser.dll
2013-07-30 04:26 - 2012-07-04 14:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\System32\browcli.dll
2013-07-30 04:26 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-07-30 04:26 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-07-30 04:26 - 2011-05-24 03:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2013-07-30 04:26 - 2011-05-24 02:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-07-30 04:26 - 2011-05-24 02:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-07-30 04:26 - 2011-05-24 02:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-07-30 04:26 - 2011-05-24 02:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-07-30 04:26 - 2011-05-02 21:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2013-07-30 04:26 - 2011-05-02 20:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-07-30 04:26 - 2011-02-18 02:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2013-07-30 04:26 - 2011-02-17 21:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-07-30 04:26 - 2011-02-05 09:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-07-30 04:26 - 2011-02-05 09:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\System32\kdusb.dll
2013-07-30 04:26 - 2011-02-05 09:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\System32\kd1394.dll
2013-07-30 04:26 - 2011-02-05 09:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\System32\kdcom.dll
2013-07-30 04:26 - 2011-02-05 09:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-07-30 04:26 - 2011-02-05 09:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-07-30 04:26 - 2011-02-05 09:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-07-30 04:25 - 2012-06-05 22:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2013-07-30 04:25 - 2012-06-05 21:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2013-07-30 04:25 - 2012-05-05 00:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2013-07-30 04:25 - 2012-05-04 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-07-30 04:19 - 2013-04-25 15:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-30 04:19 - 2013-03-31 14:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-07-30 04:19 - 2011-10-14 22:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\System32\EncDec.dll
2013-07-30 04:19 - 2011-10-14 21:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-07-30 04:19 - 2011-02-22 20:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2013-07-30 04:18 - 2012-02-10 22:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-07-30 04:18 - 2011-11-19 06:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2013-07-30 04:18 - 2011-11-19 06:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-07-30 04:18 - 2011-08-26 21:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2013-07-30 04:18 - 2011-08-26 21:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\oleacc.dll
2013-07-30 04:18 - 2011-08-26 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-07-30 04:18 - 2011-08-26 20:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-07-30 04:16 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2013-07-30 04:16 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-07-30 04:16 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
 
==================== One Month Modified Files and Folders =======
 
2013-08-25 14:05 - 2009-07-13 20:45 - 00022544 _____ C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 14:05 - 2009-07-13 20:45 - 00022544 _____ C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 14:04 - 2013-08-21 10:19 - 00002700 _____ C:\Windows\setupact.log
2013-08-25 14:04 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-25 14:03 - 2013-07-30 18:15 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-25 13:40 - 2013-08-25 11:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-25 13:37 - 2013-08-03 16:40 - 01696982 _____ C:\Windows\WindowsUpdate.log
2013-08-25 13:33 - 2009-07-13 21:13 - 00778834 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-25 13:32 - 2013-08-25 13:31 - 01576630 _____ (Farbar) C:\Users\jimjim\Downloads\FRST64.exe
2013-08-25 13:25 - 2013-07-30 18:15 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-25 13:16 - 2013-08-21 15:17 - 00002370 _____ C:\Windows\PFRO.log
2013-08-25 13:15 - 2013-08-25 13:15 - 00000704 _____ C:\DelFix.txt
2013-08-25 12:29 - 2013-08-25 12:29 - 00002710 _____ C:\Users\jimjim\Desktop\Ebay for Lora.odt
2013-08-25 11:23 - 2013-08-25 11:21 - 00002075 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-25 11:21 - 2013-08-25 11:21 - 01030952 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00378944 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00189936 _____ C:\Windows\System32\Drivers\aswVmm.sys
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswVmm.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswSP.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000175 _____ C:\Windows\System32\Drivers\aswSnx.sys.sum
2013-08-25 11:21 - 2013-08-25 11:21 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-25 11:21 - 2013-08-25 11:21 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-08-25 11:21 - 2013-08-25 11:20 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-25 11:21 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-08-25 11:17 - 2008-01-01 04:38 - 00001945 _____ C:\Windows\epplauncher.mif
2013-08-25 11:15 - 2013-08-25 11:15 - 00254152 _____ (Secure By Design Inc.) C:\Users\jimjim\Downloads\Ninite Avast Installer.exe
2013-08-25 09:51 - 2013-08-21 15:27 - 00241214 _____ C:\Users\jimjim\Downloads\avgremover.log
2013-08-25 09:50 - 2013-08-20 15:28 - 00000000 ____D C:\AdwCleaner
2013-08-25 09:41 - 2013-08-25 09:41 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 08:46 - 2009-07-13 21:08 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 08:39 - 2013-08-25 08:39 - 00029696 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\DCOMbob.exe
2013-08-25 08:38 - 2013-08-25 08:38 - 00029248 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\MouseTrap.exe
2013-08-25 08:36 - 2013-08-25 08:36 - 00022528 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\unpnp.exe
2013-08-25 08:34 - 2013-08-25 08:34 - 00117312 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\securable.exe
2013-08-25 08:31 - 2013-08-25 08:31 - 00025600 ____R (Gibson Research Corp.) C:\Users\jimjim\Downloads\LeakTest.exe
2013-08-25 08:31 - 2013-08-25 08:31 - 00025600 _____ (Gibson Research Corp.) C:\Users\jimjim\Downloads\leaktest (1).exe
2013-08-22 19:14 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-08-22 15:25 - 2013-08-22 15:25 - 07812650 _____ C:\Users\jimjim\Downloads\lan-20110419132524.zip
2013-08-22 15:24 - 2013-08-22 15:23 - 18802253 _____ C:\Users\jimjim\Downloads\realtek_wlan_win7_2000016L_20110523.zip
2013-08-21 21:21 - 2013-08-16 20:54 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-08-21 21:07 - 2013-08-01 19:20 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForjimjim.job
2013-08-21 20:31 - 2013-08-05 15:56 - 00000000 ____D C:\Program Files\Recuva
2013-08-21 19:45 - 2013-08-21 19:45 - 00000546 _____ C:\Users\jimjim\Desktop\Emsisoft Emergency Kit.lnk
2013-08-21 19:45 - 2013-08-21 19:44 - 00000000 ____D C:\EEK
2013-08-21 19:44 - 2013-08-21 19:37 - 190701296 _____ C:\Users\jimjim\Downloads\EmsisoftEmergencyKit.exe
2013-08-21 19:28 - 2013-08-03 16:12 - 00003426 _____ C:\Windows\System32\Tasks\Baidu Antivirus Update
2013-08-21 19:28 - 2013-08-01 19:54 - 00003124 _____ C:\Windows\System32\Tasks\{E3AC17A7-E156-48D0-B212-0A1B59135DFD}
2013-08-21 19:28 - 2013-08-01 19:20 - 00003194 _____ C:\Windows\System32\Tasks\HPCeeScheduleForjimjim
2013-08-21 19:28 - 2013-07-30 19:17 - 00002776 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-08-21 19:14 - 2013-08-21 19:14 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\VSRevoGroup
2013-08-21 19:05 - 2013-08-21 19:04 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Wise PC 1stAid
2013-08-21 19:04 - 2013-08-21 19:04 - 00001153 _____ C:\Users\Public\Desktop\Wise PC 1stAid.lnk
2013-08-21 19:04 - 2013-08-08 17:26 - 00000000 ____D C:\Program Files (x86)\Wise
2013-08-21 19:03 - 2013-08-21 19:03 - 02960600 _____ (WiseCleaner.com                                             ) C:\Users\jimjim\Downloads\WPCASetup.exe
2013-08-21 19:02 - 2013-08-08 17:26 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Wise Registry Cleaner
2013-08-21 18:06 - 2013-08-08 16:59 - 00000000 ____D C:\Windows\pss
2013-08-21 15:32 - 2013-08-08 17:26 - 00001227 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2013-08-21 15:31 - 2013-08-21 15:31 - 02168848 _____ (WiseCleaner.com                                             ) C:\Users\jimjim\Downloads\WRCFree (1).exe
2013-08-21 15:27 - 2013-08-21 15:27 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jimjim\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-08-21 14:10 - 2013-08-20 19:53 - 00000000 ____D C:\ProgramData\AVG SafeGuard toolbar
2013-08-21 14:10 - 2013-08-08 15:39 - 00000000 ____D C:\Users\jimjim\AppData\Local\AVG SafeGuard toolbar
2013-08-21 10:31 - 2013-07-30 18:15 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-21 10:24 - 2013-08-21 10:24 - 00058016 _____ C:\Users\jimjim\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-21 10:19 - 2013-08-21 10:19 - 00275712 _____ C:\Windows\System32\FNTCACHE.DAT
2013-08-21 10:19 - 2013-08-21 10:19 - 00000000 _____ C:\Windows\setuperr.log
2013-08-20 20:16 - 2013-08-03 12:02 - 00000000 ____D C:\ProgramData\AMD
2013-08-20 19:53 - 2013-08-08 15:39 - 00045856 _____ (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys
2013-08-20 19:46 - 2013-08-20 19:46 - 00000066 _____ C:\Users\jimjim\Downloads\RestoreMountPointManagerWindows7.bat
2013-08-20 19:28 - 2013-08-20 19:28 - 00032000 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2013-08-20 19:25 - 2013-08-20 19:25 - 00001280 _____ C:\Windows\System32\.crusader
2013-08-20 19:08 - 2013-08-20 19:08 - 00663552 _____ (ESET) C:\Users\jimjim\Desktop\ESETUninstaller.exe
2013-08-20 17:06 - 2013-08-20 17:06 - 00000000 ____D C:\Users\jimjim\Downloads\ProcessExplorer
2013-08-20 17:06 - 2013-08-20 17:05 - 01191834 _____ C:\Users\jimjim\Downloads\ProcessExplorer.zip
2013-08-20 16:13 - 2013-08-20 16:13 - 00026493 _____ C:\Users\jimjim\Desktop\cmb1.txt
2013-08-20 16:01 - 2009-07-13 18:34 - 00000215 _____ C:\Windows\system.ini
2013-08-19 13:39 - 2013-07-30 18:56 - 00865886 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\ProgramData\UltiDev
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\ProgramData\Caphyon
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\Program Files\UltiDev
2013-08-16 21:00 - 2013-08-16 21:00 - 00000000 ____D C:\Program Files (x86)\UltiDev
2013-08-16 20:55 - 2013-08-16 20:55 - 00000000 ____D C:\Windows\PCHEALTH
2013-08-16 20:36 - 2008-01-01 03:25 - 00000000 ____D C:\users\jimjim
2013-08-15 12:11 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-08-14 20:19 - 2013-08-14 20:19 - 00120584 _____ (Kaspersky Lab) C:\Users\jimjim\Downloads\pmaxkiller.exe
2013-08-14 20:18 - 2013-08-14 20:18 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\rafr (1).exe
2013-08-14 20:16 - 2013-08-14 20:16 - 00123392 _____ (Kaspersky Lab) C:\Users\jimjim\Downloads\digita_cure.exe
2013-08-14 20:15 - 2013-08-14 20:15 - 00184408 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\rafr.exe
2013-08-14 20:14 - 2013-08-14 20:14 - 00122976 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\zbotkiller.exe
2013-08-14 20:06 - 2013-08-14 20:06 - 00125784 _____ (Kaspersky Lab ZAO) C:\Users\jimjim\Downloads\fippkiller.exe
2013-08-13 20:05 - 2008-01-01 05:53 - 00000000 ____D C:\Windows\Panther
2013-08-13 20:04 - 2013-07-30 19:17 - 00000975 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-13 20:04 - 2013-07-30 19:17 - 00000000 ____D C:\Program Files\CCleaner
2013-08-13 20:03 - 2013-08-13 20:03 - 04429440 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\ccsetup404.exe
2013-08-13 15:53 - 2013-07-30 18:05 - 00000000 ____D C:\Windows\System32\MRT
2013-08-13 15:51 - 2013-07-30 17:21 - 78161360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-08-10 18:40 - 2013-08-06 18:18 - 00001768 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-08-10 18:40 - 2013-08-06 17:30 - 00000840 _____ C:\Users\Public\Desktop\Speccy.lnk
2013-08-10 18:40 - 2013-08-05 15:56 - 00001702 _____ C:\Users\Public\Desktop\Recuva.lnk
2013-08-09 19:52 - 2013-08-09 19:52 - 00000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-08-08 18:58 - 2013-08-08 18:58 - 00000078 _____ C:\Users\jimjim\Desktop\look1.txt
2013-08-08 18:49 - 2013-08-08 18:49 - 00000078 _____ C:\Users\jimjim\Desktop\comclandserv1.txt
2013-08-08 18:17 - 2013-08-08 18:17 - 00000701 _____ C:\Users\jimjim\Desktop\TS_UXSMS.ps1
2013-08-08 18:12 - 2013-08-08 18:12 - 00000047 _____ C:\Users\jimjim\Desktop\wikivirtualpc.txt
2013-08-08 15:51 - 2013-08-08 15:48 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\ImgBurn
2013-08-08 15:38 - 2013-08-08 15:38 - 00001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2013-08-08 15:38 - 2013-08-08 15:38 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2013-08-07 17:46 - 2013-08-07 17:46 - 00000374 _____ C:\Users\jimjim\Desktop\loggmr.log
2013-08-07 17:43 - 2013-08-07 17:43 - 00377856 _____ C:\Users\jimjim\Desktop\83t149hk.exe
2013-08-06 19:16 - 2013-08-06 19:16 - 00025002 _____ C:\Users\jimjim\Desktop\cb1.txt
2013-08-06 19:09 - 2013-08-06 19:05 - 00000000 ____D C:\Windows\erdnt
2013-08-06 19:04 - 2013-08-06 18:58 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-06 19:02 - 2013-08-06 19:02 - 00048214 _____ C:\Users\jimjim\Desktop\HitmanPro_20130806_2302.log
2013-08-06 18:58 - 2013-08-06 18:58 - 00000000 ____D C:\Program Files\HitmanPro
2013-08-06 18:58 - 2013-08-06 18:57 - 09853928 _____ (SurfRight B.V.) C:\Users\jimjim\Downloads\HitmanPro_x64.exe
2013-08-06 18:18 - 2013-08-06 18:18 - 00000000 ____D C:\Program Files\Defraggler
2013-08-06 17:30 - 2013-08-06 17:30 - 00000000 ____D C:\Program Files\Speccy
2013-08-06 16:50 - 2013-08-03 16:12 - 00000055 _____ C:\user_defpage_list
2013-08-05 19:44 - 2013-08-06 14:27 - 00000000 ____D C:\Users\jimjim\Desktop\New folder - Copy
2013-08-05 19:44 - 2013-08-05 19:44 - 00000000 ____D C:\Users\jimjim\Desktop\New folder
2013-08-05 17:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-08-05 15:56 - 2013-08-05 15:56 - 00005120 _____ C:\Users\jimjim\Desktop\RecoveryStore.{A5C40151-FE2A-11E2-AC69-386077D9BE42}.dat
2013-08-05 15:53 - 2013-08-05 15:53 - 04100432 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\dfsetup215.exe
2013-08-05 15:53 - 2013-08-05 15:52 - 03723592 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\rcsetup147.exe
2013-08-05 15:51 - 2013-08-05 15:51 - 05126104 _____ (Piriform Ltd) C:\Users\jimjim\Desktop\spsetup122.exe
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Users\Public\Documents\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\ProgramData\Baidu Security
2013-08-03 16:12 - 2013-08-03 16:12 - 00000000 ____D C:\Program Files (x86)\Baidu Security
2013-08-03 15:26 - 2013-08-03 13:40 - 00000000 ____D C:\Users\jimjim\Downloads\usbdeview
2013-08-03 12:03 - 2013-08-03 12:03 - 00000000 ____D C:\Users\jimjim\AppData\Local\AMD
2013-08-03 12:02 - 2013-08-03 12:02 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\ATI
2013-08-03 12:02 - 2013-08-03 12:02 - 00000000 ____D C:\Users\jimjim\AppData\Local\ATI
2013-08-03 12:01 - 2013-08-03 12:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2013-08-03 12:01 - 2013-08-03 12:01 - 00000000 ____D C:\Program Files\ATI
2013-08-03 12:01 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-08-03 11:57 - 2013-08-03 11:57 - 00000000 ____D C:\AMD
2013-08-03 11:42 - 2013-08-01 19:16 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-08-01 20:20 - 2013-07-30 18:15 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-08-01 20:20 - 2013-07-30 18:15 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-08-01 20:00 - 2013-07-30 20:45 - 00000000 ____D C:\swsetup
2013-08-01 19:53 - 2013-08-01 19:53 - 01483240 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp55732.exe
2013-08-01 19:52 - 2013-08-01 19:52 - 02672968 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp62027.exe
2013-08-01 19:37 - 2013-08-01 19:15 - 00000000 _____ C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-08-01 19:31 - 2013-08-01 19:31 - 00000000 ____D C:\ProgramData\HP
2013-08-01 19:20 - 2013-08-01 19:13 - 00000000 ____D C:\Users\jimjim\AppData\Local\Hewlett-Packard
2013-08-01 19:17 - 2013-08-01 19:17 - 00220288 _____ (Advanced Micro Devices, INC.) C:\Windows\System32\Drivers\amdxhc.sys
2013-08-01 19:17 - 2013-08-01 19:17 - 00103552 _____ (Advanced Micro Devices, INC.) C:\Windows\System32\Drivers\amdhub30.sys
2013-08-01 19:12 - 2013-08-01 19:12 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Hewlett-Packard
2013-08-01 19:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2013-08-01 19:11 - 2013-08-01 19:09 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-08-01 19:11 - 2013-08-01 19:09 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-08-01 19:10 - 2013-08-01 19:10 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2013-08-01 19:10 - 2008-01-01 03:27 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2013-08-01 19:09 - 2013-08-01 19:09 - 00002185 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2013-08-01 19:08 - 2013-08-01 19:08 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\hpqLog
2013-08-01 19:08 - 2013-08-01 19:08 - 00000000 ____D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-08-01 19:07 - 2013-08-01 19:06 - 41698448 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp58919.exe
2013-08-01 19:01 - 2013-08-01 19:01 - 01527352 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Desktop\sp55754.exe
2013-08-01 17:11 - 2013-08-01 17:11 - 02722400 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp56409.exe
2013-08-01 16:33 - 2013-08-01 16:33 - 594804736 _____ C:\Users\jimjim\Documents\Downloads.iso
2013-08-01 16:33 - 2013-08-01 16:33 - 00004314 _____ C:\Users\jimjim\Documents\Downloads.mds
2013-08-01 14:42 - 2013-07-30 19:19 - 00000000 ____D C:\Program Files\Google
2013-08-01 14:42 - 2013-07-30 18:14 - 00000000 ____D C:\Program Files (x86)\Google
2013-08-01 14:34 - 2013-07-30 18:14 - 00000000 ____D C:\Users\jimjim\AppData\Local\Google
2013-08-01 06:14 - 2013-08-01 06:14 - 00078739 _____ C:\Users\jimjim\Downloads\usbdeview.zip
2013-07-30 20:44 - 2013-07-30 20:44 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\WinBatch
2013-07-30 20:41 - 2013-07-30 20:25 - 594256576 _____ (Hewlett-Packard Development Company, L.P.                   ) C:\Users\jimjim\Downloads\sp56288.exe
2013-07-30 20:17 - 2013-07-30 20:17 - 00025150 _____ C:\Users\jimjim\Desktop\f_00002d
2013-07-30 19:14 - 2013-07-30 19:14 - 00660160 _____ (Sysinternals - www.sysinternals.com) C:\Users\jimjim\Downloads\autoruns.exe
2013-07-30 19:10 - 2013-07-30 19:10 - 00003266 _____ C:\Windows\System32\Tasks\{BFC1D27B-3F88-4DB5-8E57-9B1C29F8E57F}
2013-07-30 19:05 - 2011-04-12 00:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-30 19:03 - 2013-07-30 18:29 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 18:59 - 2009-07-13 18:34 - 00000439 _____ C:\Windows\win.ini
2013-07-30 18:47 - 2013-07-30 18:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-JIMJIM-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2013-07-30 18:46 - 2013-07-30 18:46 - 00000000 ____D C:\RegBackup
2013-07-30 18:34 - 2013-08-06 14:26 - 00005120 _____ C:\Users\jimjim\Desktop\bootex_1 - Copy.log
2013-07-30 18:34 - 2013-08-06 14:26 - 00003304 _____ C:\Users\jimjim\Desktop\bootsqm - Copy.dat
2013-07-30 18:34 - 2013-07-30 18:34 - 00005120 _____ C:\Users\jimjim\Desktop\bootex_1.log
2013-07-30 18:34 - 2013-07-30 18:34 - 00005120 _____ C:\Users\jimjim\Desktop\bootex.log
2013-07-30 18:34 - 2013-07-30 18:34 - 00003304 _____ C:\Users\jimjim\Desktop\bootsqm.dat
2013-07-30 18:26 - 2013-07-30 18:26 - 00002159 _____ C:\Users\jimjim\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2013-07-30 18:26 - 2013-07-30 18:26 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-07-30 18:21 - 2013-07-30 18:21 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-07-30 18:19 - 2013-07-30 18:19 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Malwarebytes
2013-07-30 18:15 - 2013-07-30 18:15 - 00001264 _____ C:\Users\jimjim\Desktop\Revo Uninstaller.lnk
2013-07-30 18:15 - 2013-07-30 18:15 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-30 18:15 - 2013-07-30 18:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 18:04 - 2013-07-30 18:04 - 00254152 _____ (Secure By Design Inc.) C:\Users\jimjim\Desktop\Ninite Chrome Malwarebytes Revo Installer.exe
2013-07-30 17:55 - 2013-07-30 17:55 - 00000000 ____D C:\Users\jimjim\AppData\Roaming\Adobe
2013-07-30 17:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-30 17:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-30 17:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-07-30 17:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-07-30 17:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-30 17:47 - 2013-07-30 17:47 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-30 17:47 - 2013-07-30 17:47 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-30 17:47 - 2013-07-30 17:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-30 17:47 - 2013-07-30 17:47 - 01400416 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-30 17:47 - 2013-07-30 17:47 - 01054720 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00905728 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00762368 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00599552 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00452096 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-30 17:47 - 2013-07-30 17:47 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-30 17:47 - 2013-07-30 17:47 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00270848 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00247296 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00216064 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00173568 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00149504 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00144896 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-30 17:47 - 2013-07-30 17:47 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-30 17:47 - 2013-07-30 17:47 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00027648 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-30 17:47 - 2013-07-30 17:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-30 17:47 - 2013-07-30 17:47 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-30 17:45 - 2013-07-30 17:45 - 03928064 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02776576 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01682432 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01238528 _____ (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01175552 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00648192 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00522752 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00363008 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00333312 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00010752 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00009728 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00005632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003584 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00003072 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-30 17:45 - 2013-07-30 17:45 - 00002560 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-30 17:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-30 17:33 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-30 17:33 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-30 17:32 - 2011-04-12 00:28 - 00000000 ____D C:\Program Files\Windows Journal
 
Files to move or delete:
====================
C:\Users\jimjim\AppData\Local\Temp\6lvrazdz.dll
C:\Users\jimjim\AppData\Local\Temp\oi_{150FDB6E-6CDF-4861-AEB6-A91D908E9AE0}.exe
C:\Users\jimjim\AppData\Local\Temp\oi_{1DB4AD6A-AA3B-4C82-B4F5-1843BCBC379E}.exe
C:\Users\jimjim\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\jimjim\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
C:\Users\jimjim\AppData\Local\Temp\HP Support Framework\HPSF_Config1.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\avg-secure-search-installer.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ProgFiles\AVG SafeGuard toolbar\lip.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ProgFiles\AVG SafeGuard toolbar\vprot.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ProgFiles\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ConfigFiles\avguidx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\ConfigFiles\MachineIdCreator.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\helper.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\log4cplusU.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\loggingserver.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a04344\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\avg-secure-search-installer.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ProgFiles\AVG SafeGuard toolbar\lip.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ProgFiles\AVG SafeGuard toolbar\vprot.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ProgFiles\AVG SafeGuard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ConfigFiles\avguidx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\ConfigFiles\MachineIdCreator.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03988\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\avg-secure-search-installer.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ProgFiles\AVG SafeGuard toolbar\lip.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ProgFiles\AVG SafeGuard toolbar\vprot.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ProgFiles\AVG SafeGuard toolbar\14.0.0.12\AVG SafeGuard toolbar_toolbar.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ConfigFiles\avguidx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\ConfigFiles\MachineIdCreator.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03776\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\avg-secure-search-installer.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ProgFiles\AVG SafeGuard toolbar\lip.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ProgFiles\AVG SafeGuard toolbar\PostInstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ProgFiles\AVG SafeGuard toolbar\Uninstall.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ProgFiles\AVG SafeGuard toolbar\vprot.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ProgFiles\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ConfigFiles\avguidx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\ConfigFiles\MachineIdCreator.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\avgdttbx.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\AVGRewardsWorker.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\DriverInstaller.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\DriverInstaller_64.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\helper.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\log4cplusU.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\loggingserver.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\npsitesafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\ScriptHelper.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\SiteSafety.dll
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\ToolbarUpdater.exe
C:\Users\jimjim\AppData\Local\Temp\avg_a03264\CommonFiles\AVG SafeGuard toolbar\ViProtocol.dll
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe
[2013-08-03 15:30] - [2012-10-18 09:40] - 0021504 ____A (Microsoft Corporation) FFB38D8AFD6F4FCA1D46D64F1EDE0B9F
 
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-08-03 15:30] - [2012-10-18 14:00] - 0296808 ____A (Microsoft Corporation) DF83AA1C4278E2C0E36C0479C1555A9C
 
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
Restore point made on: 2013-08-16 20:51:47
Restore point made on: 2013-08-16 21:00:05
Restore point made on: 2013-08-16 21:57:30
Restore point made on: 2013-08-19 13:02:59
Restore point made on: 2013-08-19 13:25:56
Restore point made on: 2013-08-21 14:09:41
Restore point made on: 2013-08-21 14:11:00
Restore point made on: 2013-08-21 14:16:31
Restore point made on: 2013-08-21 19:15:22
Restore point made on: 2013-08-21 19:23:21
Restore point made on: 2013-08-21 21:21:46
Restore point made on: 2013-08-22 17:08:59
Restore point made on: 2013-08-25 11:21:01
 
==================== BCD ================================
 
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {e04bd0d7-b86f-11dc-acf3-817c4198481a}
                        {e04bd0d6-b86f-11dc-acf3-817c4198481a}
                        {bootmgr}
                        {e04bd0d5-b86f-11dc-acf3-817c4198481a}
                        {a8b22c9c-0dce-11e3-95b6-806e6f6e6963}
                        {e04bd0d8-b86f-11dc-acf3-817c4198481a}
                        {e04bd0d9-b86f-11dc-acf3-817c4198481a}
                        {e04bd0db-b86f-11dc-acf3-817c4198481a}
timeout                 0
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {e04bd0dd-b86f-11dc-acf3-817c4198481a}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Firmware Application (101fffff)
-------------------------------
identifier              {a8b22c9c-0dce-11e3-95b6-806e6f6e6963}
description             hp       CDDVDW TS-H653TN
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0d5-b86f-11dc-acf3-817c4198481a}
description             USB Floppy/CD
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0d6-b86f-11dc-acf3-817c4198481a}
description             USB Hard Drive
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0d7-b86f-11dc-acf3-817c4198481a}
description             ATAPI CD-ROM Drive
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0d8-b86f-11dc-acf3-817c4198481a}
description             CD/DVD Drive 
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0d9-b86f-11dc-acf3-817c4198481a}
description             USB Floppy/CD
 
Firmware Application (101fffff)
-------------------------------
identifier              {e04bd0db-b86f-11dc-acf3-817c4198481a}
description             Hard Drive
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.efi
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {e04bd0df-b86f-11dc-acf3-817c4198481a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {e04bd0dd-b86f-11dc-acf3-817c4198481a}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {e04bd0df-b86f-11dc-acf3-817c4198481a}
device                  ramdisk=[C:]\Recovery\e04bd0df-b86f-11dc-acf3-817c4198481a\Winre.wim,{e04bd0e0-b86f-11dc-acf3-817c4198481a}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\e04bd0df-b86f-11dc-acf3-817c4198481a\Winre.wim,{e04bd0e0-b86f-11dc-acf3-817c4198481a}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {e04bd0dd-b86f-11dc-acf3-817c4198481a}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {e04bd0e0-b86f-11dc-acf3-817c4198481a}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\e04bd0df-b86f-11dc-acf3-817c4198481a\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 7648.66 MB
Available physical RAM: 6881.17 MB
Total Pagefile: 7646.86 MB
Available Pagefile: 6864.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.29 GB) (Free:890.87 GB) NTFS
Drive d: (GSP1RMCHPXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:14.93 GB) (Free:14.92 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 92F1D1F3)
 
Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 0015A11F)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
 
 
LastRegBack: 2013-08-22 15:59
 
==================== End Of Log ============================
 
Mod Edit: Moved from Windows 7 to MRL forum due to FRST log. ~bloopie

Edited by bloopie, 25 August 2013 - 05:52 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 AM

Posted 30 August 2013 - 05:35 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/505603 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 31 August 2013 - 01:30 PM

Hi. I have run some things since my first post. I have not deleted anything. The machine has gotten much slower. If you want the dds attach log let me know. Thank you for your time.
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660
Run by jimjim at 14:26:13 on 2013-08-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7649.5575 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uProxyServer = localhost:21320
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:189
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1375568960883
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{BA1B5510-7349-41B6-96A7-3A1D3A39A979} : DHCPNameServer = 192.168.1.1
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-3-31 82600]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-3-31 42664]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-25 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-25 189936]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\EEK\Run\a2ddax64.sys [2013-8-21 26176]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-25 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-25 378944]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-25 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-25 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-25 46808]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-8-28 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-8-28 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-8-28 171928]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2013-8-1 103552]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2013-8-1 220288]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-16 533096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2013-8-21 57024]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-7-30 1255736]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-28 204288]
S4 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-8-8 45856]
S4 BAVSvc;Baidu Antivirus Service;C:\Program Files (x86)\Baidu Security\Cloud Security\BAVSvc.exe [2013-6-18 1733992]
S4 UltiDev Web Server Pro;UltiDev Web Server Pro;C:\Program Files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [2012-5-9 64512]
S4 UWS LoPriv Services;UWS LoPriv Services;C:\Program Files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [2012-5-9 44032]
.
=============== Created Last 30 ================
.
2013-08-31 09:34:33 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{966093AF-CB2B-4164-ABF1-7F62AF95329B}\offreg.dll
2013-08-29 02:45:43 -------- d-----w- C:\Program Files (x86)\Windows Kits
2013-08-29 02:31:43 -------- d-----w- C:\ProgramData\Package Cache
2013-08-28 23:29:23 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-08-28 23:29:15 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
2013-08-28 23:29:10 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-08-27 21:07:20 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{966093AF-CB2B-4164-ABF1-7F62AF95329B}\mpengine.dll
2013-08-26 03:12:59 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-08-26 02:07:37 -------- d-----w- C:\FRST
2013-08-25 19:21:32 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-08-25 19:21:32 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-08-25 19:21:32 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-25 19:21:32 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-25 19:21:31 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-08-25 19:21:15 41664 ----a-w- C:\Windows\avastSS.scr
2013-08-25 19:21:03 -------- d-----w- C:\Program Files\AVAST Software
2013-08-25 19:20:46 -------- d-----w- C:\ProgramData\AVAST Software
2013-08-25 17:41:02 -------- d-----w- C:\Windows\ERUNT
2013-08-22 04:25:46 -------- d-----w- C:\Users\jimjim\AppData\Local\Diagnostics
2013-08-22 03:44:55 -------- d-----w- C:\EEK
2013-08-22 03:14:23 -------- d-----w- C:\Users\jimjim\AppData\Roaming\VSRevoGroup
2013-08-22 03:04:21 -------- d-----w- C:\Users\jimjim\AppData\Roaming\Wise PC 1stAid
2013-08-21 00:02:56 -------- d-sh--w- C:\$RECYCLE.BIN
2013-08-20 23:28:04 -------- d-----w- C:\AdwCleaner
2013-08-17 05:00:18 -------- d-----w- C:\ProgramData\UltiDev
2013-08-17 05:00:18 -------- d-----w- C:\Program Files\UltiDev
2013-08-17 05:00:10 -------- d-----w- C:\Program Files (x86)\UltiDev
2013-08-17 04:57:38 50200 ----a-w- C:\Windows\SysWow64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
2013-08-17 04:55:08 -------- d-----w- C:\Windows\PCHEALTH
2013-08-17 04:54:33 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-08-17 04:48:45 -------- d-----w- C:\Temp
2013-08-13 23:50:34 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-09 01:26:47 -------- d-----w- C:\Users\jimjim\AppData\Roaming\Wise Registry Cleaner
2013-08-09 01:26:29 -------- d-----w- C:\Program Files (x86)\Wise
2013-08-09 00:59:46 -------- d-----w- C:\Windows\pss
2013-08-08 23:39:03 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-08-08 23:38:43 -------- d--h--w- C:\ProgramData\Common Files
2013-08-07 02:58:53 -------- d-----w- C:\Program Files\HitmanPro
2013-08-07 02:58:27 -------- d-----w- C:\ProgramData\HitmanPro
2013-08-07 02:18:27 -------- d-----w- C:\Program Files\Defraggler
2013-08-07 01:30:08 -------- d-----w- C:\Program Files\Speccy
2013-08-04 00:12:48 -------- d-----w- C:\ProgramData\Baidu Security
2013-08-04 00:12:07 -------- d-----w- C:\Program Files (x86)\Baidu Security
2013-08-04 00:12:00 -------- d-----w- C:\Users\jimjim\AppData\Roaming\Baidu Security
2013-08-03 23:31:02 498176 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-08-03 20:03:08 -------- d-----w- C:\Users\jimjim\AppData\Local\AMD
2013-08-03 20:02:58 -------- d-----w- C:\Users\jimjim\AppData\Local\ATI
2013-08-03 20:02:17 -------- d-----w- C:\ProgramData\AMD
2013-08-03 20:01:25 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2013-08-03 20:01:18 -------- d-----w- C:\Program Files\ATI
2013-08-03 19:57:36 -------- d-----w- C:\AMD
2013-08-02 03:17:20 220288 ----a-w- C:\Windows\System32\drivers\amdxhc.sys
2013-08-02 03:17:20 103552 ----a-w- C:\Windows\System32\drivers\amdhub30.sys
2013-08-02 03:13:04 -------- d-----w- C:\Users\jimjim\AppData\Local\Hewlett-Packard
2013-08-02 03:10:40 27456 ----a-w- C:\Windows\System32\drivers\cpqdfw.sys
2013-08-02 03:08:41 -------- d-----w- C:\Users\jimjim\AppData\Roaming\hpqLog
.
==================== Find3M  ====================
.
2013-07-31 02:21:01 0 ----a-w- C:\Windows\ativpsrm.bin
2013-07-31 01:45:55 9728 ----a-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 02:09:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:42:59 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-08 05:22:06 5554624 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-08 05:12:34 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-07-08 05:11:21 34304 ----a-w- C:\Windows\System32\appidsvc.dll
2013-07-08 05:11:20 6656 ----a-w- C:\Windows\System32\apisetschema.dll
2013-07-08 05:11:20 58368 ----a-w- C:\Windows\System32\appidapi.dll
2013-07-08 05:08:20 3973056 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-08 05:08:20 3918272 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-08 04:59:25 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-07-08 04:59:25 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2013-07-08 03:31:13 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2013-07-08 03:31:10 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2013-07-08 03:31:06 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2013-07-08 02:50:41 112640 ----a-w- C:\Windows\System32\smss.exe
2013-07-06 05:20:38 1900992 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-07-06 05:20:34 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-07-06 05:20:30 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-06-04 03:18:01 3156992 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 14:26:32.18 ===============


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:31 AM

Posted 01 September 2013 - 09:58 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please run these tools in normal mode the post the logs for my review.
Let me know what issues you are having with this computer.


Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.

#5 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 01 September 2013 - 02:49 PM

After I ran cmbfx I kept getting a cannot connect to proxy server. JRT was clean(no deletions). TO be honest I am not sure I have a malware issue. This machine was formatted and re-installed on 7-30-13. I keep getting unexplained usb devices that are portable even though I have not plugged outside device into the machine. I mean right after the re-install. It almost seems as if I get windows updates that would be for a developer or something. I am not sure if you ever use Spybot but I would like you to see an autostart log from them if it may help.  Thanks so much for your time.

 

# AdwCleaner v3.002 - Report created 01/09/2013 at 17:05:45
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : jimjim - JIMJIM-PC
# Running from : C:\Users\jimjim\Downloads\adwcleaner (3).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16660
 
 
-\\ Google Chrome v29.0.1547.62
 
[ File : C:\Users\jimjim\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [4468 octets] - [20/08/2013 19:28:12]
AdwCleaner[R1].txt - [2132 octets] - [20/08/2013 20:23:45]
AdwCleaner[R2].txt - [6067 octets] - [21/08/2013 00:17:31]
AdwCleaner[R3].txt - [2457 octets] - [21/08/2013 20:09:45]
AdwCleaner[R4].txt - [2496 octets] - [24/08/2013 00:53:09]
AdwCleaner[R5].txt - [1246 octets] - [25/08/2013 13:50:36]
AdwCleaner[S0].txt - [4598 octets] - [20/08/2013 19:29:10]
AdwCleaner[S1].txt - [5865 octets] - [21/08/2013 00:18:38]
AdwCleaner[S2].txt - [2708 octets] - [21/08/2013 20:10:35]
AdwCleaner[S3].txt - [1313 octets] - [01/09/2013 14:33:50]
AdwCleaner[S4].txt - [1233 octets] - [01/09/2013 17:05:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1293 octets] ##########
 
ComboFix 13-09-01.02 - jimjim 09/01/2013  16:49:01.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7649.6187 [GMT -4:00]
Running from: c:\users\jimjim\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-01 to 2013-09-01  )))))))))))))))))))))))))))))))
.
.
2013-09-01 20:52 . 2013-09-01 20:52 -------- d-----w- c:\users\jimjim\AppData\Local\temp
2013-09-01 20:52 . 2013-09-01 20:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-31 18:40 . 2013-08-20 04:46 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4A4F82B5-3E22-46BC-BE8B-F798F4E14A47}\mpengine.dll
2013-08-29 02:45 . 2013-08-29 02:45 -------- d-----w- c:\program files (x86)\Windows Kits
2013-08-29 02:31 . 2013-08-29 02:45 -------- d-----w- c:\programdata\Package Cache
2013-08-28 23:29 . 2013-08-29 01:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-08-28 23:29 . 2009-01-25 17:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-08-28 23:29 . 2013-08-28 23:31 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-08-26 02:07 . 2013-08-26 02:07 -------- d-----w- C:\FRST
2013-08-25 19:21 . 2013-08-25 19:21 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-25 19:21 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-25 19:21 . 2013-08-25 19:21 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-25 19:21 . 2013-08-25 19:21 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-25 19:21 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-25 19:21 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-25 19:21 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-25 19:21 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-25 19:21 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-25 19:21 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-25 19:21 . 2013-08-25 19:21 -------- d-----w- c:\program files\AVAST Software
2013-08-25 19:20 . 2013-08-25 19:21 -------- d-----w- c:\programdata\AVAST Software
2013-08-25 17:41 . 2013-08-25 17:41 -------- d-----w- c:\windows\ERUNT
2013-08-22 04:25 . 2013-08-23 03:13 -------- d-----w- c:\users\jimjim\AppData\Local\Diagnostics
2013-08-22 03:44 . 2013-08-29 04:29 -------- d-----w- C:\EEK
2013-08-22 03:14 . 2013-08-22 03:14 -------- d-----w- c:\users\jimjim\AppData\Roaming\VSRevoGroup
2013-08-22 03:04 . 2013-08-22 03:05 -------- d-----w- c:\users\jimjim\AppData\Roaming\Wise PC 1stAid
2013-08-20 23:28 . 2013-09-01 18:33 -------- d-----w- C:\AdwCleaner
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\programdata\UltiDev
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\program files\UltiDev
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\program files (x86)\UltiDev
2013-08-17 04:57 . 2010-09-19 18:49 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
2013-08-17 04:55 . 2013-08-17 04:55 -------- d-----w- c:\windows\PCHEALTH
2013-08-17 04:54 . 2013-08-22 05:21 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-08-17 04:48 . 2013-08-17 04:58 -------- d-----w- C:\Temp
2013-08-13 23:50 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-09 01:26 . 2013-08-22 03:02 -------- d-----w- c:\users\jimjim\AppData\Roaming\Wise Registry Cleaner
2013-08-09 01:26 . 2013-08-22 03:04 -------- d-----w- c:\program files (x86)\Wise
2013-08-08 23:48 . 2013-08-08 23:51 -------- d-----w- c:\users\jimjim\AppData\Roaming\ImgBurn
2013-08-08 23:39 . 2013-08-21 03:53 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-08 23:38 . 2013-08-08 23:38 -------- d--h--w- c:\programdata\Common Files
2013-08-08 23:38 . 2013-08-08 23:38 -------- d-----w- c:\program files (x86)\ImgBurn
2013-08-07 02:58 . 2013-08-07 02:58 -------- d-----w- c:\program files\HitmanPro
2013-08-07 02:58 . 2013-08-07 03:04 -------- d-----w- c:\programdata\HitmanPro
2013-08-07 02:18 . 2013-08-07 02:18 -------- d-----w- c:\program files\Defraggler
2013-08-07 01:30 . 2013-08-07 01:30 -------- d-----w- c:\program files\Speccy
2013-08-05 23:56 . 2013-08-22 04:31 -------- d-----w- c:\program files\Recuva
2013-08-04 00:12 . 2013-08-04 00:12 -------- d-----w- c:\programdata\Baidu Security
2013-08-04 00:12 . 2013-08-04 00:12 -------- d-----w- c:\program files (x86)\Baidu Security
2013-08-04 00:12 . 2013-08-04 00:12 -------- d-----w- c:\users\jimjim\AppData\Roaming\Baidu Security
2013-08-03 23:31 . 2012-10-18 17:51 498176 ----a-w- c:\windows\system32\drivers\afd.sys
2013-08-03 20:03 . 2013-08-03 20:03 -------- d-----w- c:\users\jimjim\AppData\Local\AMD
2013-08-03 20:02 . 2013-08-03 20:02 -------- d-----w- c:\users\jimjim\AppData\Roaming\ATI
2013-08-03 20:02 . 2013-08-03 20:02 -------- d-----w- c:\users\jimjim\AppData\Local\ATI
2013-08-03 20:02 . 2013-08-21 04:16 -------- d-----w- c:\programdata\AMD
2013-08-03 20:01 . 2013-08-03 20:01 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-08-03 20:01 . 2013-08-03 20:01 -------- d-----w- c:\program files\ATI
2013-08-03 19:57 . 2013-08-03 19:57 -------- d-----w- C:\AMD
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 23:51 . 2013-07-31 01:21 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 03:17 . 2013-08-02 03:17 220288 ----a-w- c:\windows\system32\drivers\amdxhc.sys
2013-08-02 03:17 . 2013-08-02 03:17 103552 ----a-w- c:\windows\system32\drivers\amdhub30.sys
2013-07-31 03:03 . 2013-07-31 02:29 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-07-31 01:47 . 2013-07-31 01:47 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-07-31 01:47 . 2013-07-31 01:47 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-07-31 01:47 . 2013-07-31 01:47 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-07-31 01:47 . 2013-07-31 01:47 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-31 01:47 . 2013-07-31 01:47 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-07-31 01:47 . 2013-07-31 01:47 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-07-31 01:47 . 2013-07-31 01:47 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-07-31 01:47 . 2013-07-31 01:47 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-07-31 01:47 . 2013-07-31 01:47 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-07-31 01:47 . 2013-07-31 01:47 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-07-31 01:47 . 2013-07-31 01:47 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-07-31 01:47 . 2013-07-31 01:47 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-07-31 01:47 . 2013-07-31 01:47 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-31 01:47 . 2013-07-31 01:47 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-07-31 01:47 . 2013-07-31 01:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-07-31 01:47 . 2013-07-31 01:47 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-07-31 01:47 . 2013-07-31 01:47 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-07-31 01:47 . 2013-07-31 01:47 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-07-31 01:47 . 2013-07-31 01:47 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-31 01:47 . 2013-07-31 01:47 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-31 01:47 . 2013-07-31 01:47 81408 ----a-w- c:\windows\system32\icardie.dll
2013-07-31 01:47 . 2013-07-31 01:47 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-07-31 01:47 . 2013-07-31 01:47 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-07-31 01:47 . 2013-07-31 01:47 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-07-31 01:47 . 2013-07-31 01:47 441856 ----a-w- c:\windows\system32\html.iec
2013-07-31 01:47 . 2013-07-31 01:47 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-07-31 01:47 . 2013-07-31 01:47 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-31 01:47 . 2013-07-31 01:47 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-07-31 01:47 . 2013-07-31 01:47 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-07-31 01:47 . 2013-07-31 01:47 235008 ----a-w- c:\windows\system32\url.dll
2013-07-31 01:47 . 2013-07-31 01:47 216064 ----a-w- c:\windows\system32\msls31.dll
2013-07-31 01:47 . 2013-07-31 01:47 197120 ----a-w- c:\windows\system32\msrating.dll
2013-07-31 01:47 . 2013-07-31 01:47 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-07-31 01:47 . 2013-07-31 01:47 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-31 01:47 . 2013-07-31 01:47 144896 ----a-w- c:\windows\system32\wextract.exe
2013-07-31 01:47 . 2013-07-31 01:47 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-07-31 01:47 . 2013-07-31 01:47 102912 ----a-w- c:\windows\system32\inseng.dll
2013-07-31 01:47 . 2013-07-31 01:47 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-31 01:47 . 2013-07-31 01:47 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-07-31 01:47 . 2013-07-31 01:47 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-07-31 01:47 . 2013-07-31 01:47 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-07-31 01:47 . 2013-07-31 01:47 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-07-31 01:47 . 2013-07-31 01:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-31 01:47 . 2013-07-31 01:47 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-31 01:47 . 2013-07-31 01:47 149504 ----a-w- c:\windows\system32\occache.dll
2013-07-31 01:47 . 2013-07-31 01:47 13824 ----a-w- c:\windows\system32\mshta.exe
2013-07-31 01:47 . 2013-07-31 01:47 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-07-31 01:47 . 2013-07-31 01:47 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-31 01:47 . 2013-07-31 01:47 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-07-31 01:45 . 2013-07-31 01:45 9728 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 9728 ----a-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 4096 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 4096 ----a-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3584 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3584 ----a-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 2560 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 2560 ----a-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-07-31 01:45 . 2013-07-31 01:45 10752 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 10752 ----a-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-31 01:45 . 2013-07-31 01:45 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-07-31 01:45 . 2013-07-31 01:45 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-31 01:45 . 2013-07-31 01:45 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-07-31 01:45 . 2013-07-31 01:45 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-07-31 01:45 . 2013-07-31 01:45 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-07-31 01:45 . 2013-07-31 01:45 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-07-31 01:45 . 2013-07-31 01:45 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-31 01:45 . 2013-07-31 01:45 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-31 01:45 . 2013-07-31 01:45 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-07-31 01:45 . 2013-07-31 01:45 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-31 01:45 . 2013-07-31 01:45 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-07-31 01:45 . 2013-07-31 01:45 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-07-31 01:45 . 2013-07-31 01:45 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-31 01:45 . 2013-07-31 01:45 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-07-31 01:45 . 2013-07-31 01:45 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-31 01:45 . 2013-07-31 01:45 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-31 01:45 . 2013-07-31 01:45 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-07-31 01:45 . 2013-07-31 01:45 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-07-31 01:45 . 2013-07-31 01:45 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-07-31 01:45 . 2013-07-31 01:45 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-07-31 01:45 . 2013-07-31 01:45 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-07-31 01:45 . 2013-07-31 01:45 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-07-31 01:45 . 2013-07-31 01:45 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-31 01:45 . 2013-07-31 01:45 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-07-31 01:45 . 2013-07-31 01:45 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-07-31 01:45 . 2013-07-31 01:45 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-07-31 01:45 . 2013-07-31 01:45 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
R4 BAVSvc;Baidu Antivirus Service;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe [x]
R4 UltiDev Web Server Pro;UltiDev Web Server Pro;c:\program files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe;c:\program files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [x]
R4 UWS LoPriv Services;UWS LoPriv Services;c:\program files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe;c:\program files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 22:25 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31 02:14]
.
2013-09-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31 02:14]
.
2013-08-22 c:\windows\Tasks\HPCeeScheduleForjimjim.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 02:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = localhost:21320
Trusted Zone: JIMJIM-PC
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1923206676-3518921465-298547559-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]
@Denied: (Full) (Everyone)
@Allowed: (A B C D E 1 2 3 4 5 6 0x0001c0) (Administrators)
.
[HKEY_USERS\S-1-5-21-1923206676-3518921465-298547559-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##JIMJIM-PC#Users#jimjim#AppData#Local#Hewlett-Packard#HPCEE.exe_Url_pzhsl5v0i1efivcm1patkorkz2ji0v0q]
"_CommentFromDesktopINI"=""
"_LabelFromDesktopINI"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power]
@Denied: (Full) (Owner)
"DisplayName"="@%SystemRoot%\\system32\\umpo.dll,-100"
"Group"="Plugplay"
"ImagePath"=expand:"%SystemRoot%\\system32\\svchost.exe -k DcomLaunch"
"Description"="@%SystemRoot%\\system32\\umpo.dll,-101"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=multi:"SeTcbPrivilege\00SeSecurityPrivilege\00SeAssignPrimaryTokenPrivilege\00SeTakeOwnershipPrivilege\00SeLoadDriverPrivilege\00SeBackupPrivilege\00SeRestorePrivilege\00SeImpersonatePrivilege\00SeAuditPrivilege\00SeChangeNotifyPrivilege\00SeUndockPrivilege\00SeDebugPrivilege\00\00"
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,
   00,02,00,00,00,60,ea,00,00,02,00,00,00,60,ea,00,00,02,00,00,00,60,ea,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power\Parameters]
"ServiceDll"=expand:"%SystemRoot%\\system32\\umpo.dll"
"ServiceMain"="UmpoMain"
.
[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]
@Denied: (Full) (Administrators)
@Denied: (Full) (Owner)
"\\DosDevices\\C:"=hex:44,4d,49,4f,3a,49,44,3a,ff,75,0b,6c,d3,89,11,49,b0,0c,
   d8,cf,e1,9b,9c,fc
"\\??\\Volume{ecebda46-b870-11dc-b4d3-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
   00,49,00,44,00,45,00,23,00,43,00,64,00,52,00,6f,00,6d,00,68,00,70,00,5f,00,\
"\\DosDevices\\D:"=hex:5c,00,3f,00,3f,00,5c,00,53,00,43,00,53,00,49,00,23,00,
   43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,65,00,6e,00,5f,00,68,00,70,00,26,\
"\\??\\Volume{ecebda4f-b870-11dc-b4d3-806e6f6e6963}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\E:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,4d,\
"\\??\\Volume{c78601f4-fb11-11e2-889c-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\F:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,50,\
"\\??\\Volume{0458f44c-fb20-11e2-868b-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
   00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{2e121c30-fb20-11e2-8733-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{a8dc367b-fb22-11e2-bed7-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{21f19fa3-fc81-11e2-b94f-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{4e7fcf6f-06f5-11e3-b029-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\G:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,53,\
.
Completion time: 2013-09-01  16:54:46
ComboFix-quarantined-files.txt  2013-09-01 20:54
ComboFix2.txt  2013-09-01 19:08
.
Pre-Run: 964,756,549,632 bytes free
Post-Run: 964,693,159,936 bytes free
.
- - End Of File - - 78A4442FF28F513A64A6927BE7AC7241
A36C5E4F47E84449FF07ED3517B43A31
 

 

 

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Wise Registry Cleaner 7.83  
 Google Chrome 29.0.1547.57  
 Google Chrome 29.0.1547.62  
````````Process Check: objlist.exe by Laurent````````
 Spybot Teatimer.exe is disabled!
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log``````````````````````

Edited by bwrighttwo, 01 September 2013 - 04:12 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:31 AM

Posted 02 September 2013 - 07:11 AM

Please download MiniToolBox to Desktop and run it.

Check mark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • Click Go and copy/paste the log (Result.txt) into your next post.
  • [b]Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
===

I keep getting unexplained usb devices that are portable even though I have not plugged outside device into the machine.

Can you plug a USB device, then right click on the device and make sure it's ejected by the operating system then unplug it.

Restart the computer normally.

Any improvement?

===

I am not sure if you ever use Spybot but I would like you to see an autostart log from them if it may help. Thanks so much for your time.

No not recently. I know that it protects again registry changes.
My recommendation is to remove it completely with the Add/Remove Programs.
Restart the Computer normally.
Reinstall the application is you still want it.

#7 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 02 September 2013 - 12:55 PM

I uninstalled Spybot and undid all immunizations and quarantines. That was what was causing the slowdowns.  I will now run mini and plug a device and eject.



#8 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 02 September 2013 - 01:04 PM

MiniToolBox by Farbar  Version: 13-07-2013
Ran by jimjim (administrator) on 02-09-2013 at 13:57:09
Running from "C:\Users\jimjim\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: localhost:8080
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
**** End of log ****
 

When I plug in a device it shows as G.     

 

 

What is the best way to post a screen shot here? Using something like Photobucket or is there an easier way?



#9 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 02 September 2013 - 02:57 PM

I just noticed something that may be helpful.   If you look at my original post with the frst64 log you will see it says it is running from E:/    I would have plugged in the flash drive the same way I just did when it said G



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:31 AM

Posted 03 September 2013 - 07:20 AM

I just noticed something that may be helpful. If you look at my original post with the frst64 log you will see it says it is running from E:/ I would have plugged in the flash drive the same way I just did when it said G


The operating system manages this.

Please post a fresh ComboFix log and let me know what problem persists.

#11 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 03 September 2013 - 08:28 AM

I figured out the E drive at the moment is the multi card reader. When I plug in a sd card and eject it it still says something is there even after I removed sd card. When I try to eject again without sd card in it says the device is still in use and needs all programs closed before ejection. I will not have access to the machine until tonight so any instructions will be followed up then.



#12 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 03 September 2013 - 06:43 PM

I have another question I will ask after you check out the log. Thanks

 

ComboFix 13-09-02.02 - jimjim 09/03/2013  19:23:21.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7649.6170 [GMT -4:00]
Running from: c:\users\jimjim\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-03 to 2013-09-03  )))))))))))))))))))))))))))))))
.
.
2013-09-03 23:30 . 2013-09-03 23:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-03 19:14 . 2013-08-20 04:46 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{79752514-D315-4B7A-BF48-F6BE8BF326BC}\mpengine.dll
2013-09-02 00:22 . 2013-09-02 00:22 -------- d-----w- c:\users\jimjim\AppData\Local\Microsoft_Corporation
2013-09-01 23:45 . 2013-09-02 00:44 -------- d-----w- c:\programdata\Acunetix WVS 9
2013-09-01 20:54 . 2013-09-03 23:30 -------- d-----w- c:\users\jimjim\AppData\Local\temp
2013-08-29 02:45 . 2013-08-29 02:45 -------- d-----w- c:\program files (x86)\Windows Kits
2013-08-29 02:31 . 2013-08-29 02:45 -------- d-----w- c:\programdata\Package Cache
2013-08-28 23:29 . 2013-08-29 01:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-08-28 23:29 . 2013-09-02 17:51 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-08-26 02:07 . 2013-08-26 02:07 -------- d-----w- C:\FRST
2013-08-25 19:21 . 2013-08-25 19:21 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-25 19:21 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-25 19:21 . 2013-08-25 19:21 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-25 19:21 . 2013-08-25 19:21 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-25 19:21 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-25 19:21 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-25 19:21 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-25 19:21 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-25 19:21 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-25 19:21 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-25 19:21 . 2013-08-25 19:21 -------- d-----w- c:\program files\AVAST Software
2013-08-25 19:20 . 2013-08-25 19:21 -------- d-----w- c:\programdata\AVAST Software
2013-08-25 17:41 . 2013-08-25 17:41 -------- d-----w- c:\windows\ERUNT
2013-08-22 04:25 . 2013-09-01 23:35 -------- d-----w- c:\users\jimjim\AppData\Local\Diagnostics
2013-08-22 03:44 . 2013-08-29 04:29 -------- d-----w- C:\EEK
2013-08-22 03:14 . 2013-08-22 03:14 -------- d-----w- c:\users\jimjim\AppData\Roaming\VSRevoGroup
2013-08-22 03:04 . 2013-08-22 03:05 -------- d-----w- c:\users\jimjim\AppData\Roaming\Wise PC 1stAid
2013-08-20 23:28 . 2013-09-01 21:05 -------- d-----w- C:\AdwCleaner
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\programdata\UltiDev
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\program files\UltiDev
2013-08-17 05:00 . 2013-08-17 05:00 -------- d-----w- c:\program files (x86)\UltiDev
2013-08-17 04:57 . 2010-09-19 18:49 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SQLLANSWEEPER2K8-sqlagtctr10.2.4000.0.dll
2013-08-17 04:55 . 2013-08-17 04:55 -------- d-----w- c:\windows\PCHEALTH
2013-08-17 04:54 . 2013-08-22 05:21 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2013-08-17 04:48 . 2013-08-17 04:58 -------- d-----w- C:\Temp
2013-08-13 23:50 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-09 01:26 . 2013-08-22 03:02 -------- d-----w- c:\users\jimjim\AppData\Roaming\Wise Registry Cleaner
2013-08-09 01:26 . 2013-08-22 03:04 -------- d-----w- c:\program files (x86)\Wise
2013-08-08 23:48 . 2013-08-08 23:51 -------- d-----w- c:\users\jimjim\AppData\Roaming\ImgBurn
2013-08-08 23:39 . 2013-08-21 03:53 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-08 23:38 . 2013-08-08 23:38 -------- d--h--w- c:\programdata\Common Files
2013-08-08 23:38 . 2013-08-08 23:38 -------- d-----w- c:\program files (x86)\ImgBurn
2013-08-07 02:58 . 2013-08-07 02:58 -------- d-----w- c:\program files\HitmanPro
2013-08-07 02:58 . 2013-08-07 03:04 -------- d-----w- c:\programdata\HitmanPro
2013-08-07 02:18 . 2013-08-07 02:18 -------- d-----w- c:\program files\Defraggler
2013-08-07 01:30 . 2013-08-07 01:30 -------- d-----w- c:\program files\Speccy
2013-08-05 23:56 . 2013-09-03 01:36 -------- d-----w- c:\program files\Recuva
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 23:51 . 2013-07-31 01:21 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 03:17 . 2013-08-02 03:17 220288 ----a-w- c:\windows\system32\drivers\amdxhc.sys
2013-08-02 03:17 . 2013-08-02 03:17 103552 ----a-w- c:\windows\system32\drivers\amdhub30.sys
2013-07-31 03:03 . 2013-07-31 02:29 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-07-31 01:47 . 2013-07-31 01:47 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-07-31 01:47 . 2013-07-31 01:47 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-07-31 01:47 . 2013-07-31 01:47 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-07-31 01:47 . 2013-07-31 01:47 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-31 01:47 . 2013-07-31 01:47 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-07-31 01:47 . 2013-07-31 01:47 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-07-31 01:47 . 2013-07-31 01:47 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-07-31 01:47 . 2013-07-31 01:47 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-07-31 01:47 . 2013-07-31 01:47 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-07-31 01:47 . 2013-07-31 01:47 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-07-31 01:47 . 2013-07-31 01:47 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-07-31 01:47 . 2013-07-31 01:47 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-07-31 01:47 . 2013-07-31 01:47 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-31 01:47 . 2013-07-31 01:47 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-07-31 01:47 . 2013-07-31 01:47 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-07-31 01:47 . 2013-07-31 01:47 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-07-31 01:47 . 2013-07-31 01:47 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-07-31 01:47 . 2013-07-31 01:47 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-07-31 01:47 . 2013-07-31 01:47 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-07-31 01:47 . 2013-07-31 01:47 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-07-31 01:47 . 2013-07-31 01:47 81408 ----a-w- c:\windows\system32\icardie.dll
2013-07-31 01:47 . 2013-07-31 01:47 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-07-31 01:47 . 2013-07-31 01:47 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-07-31 01:47 . 2013-07-31 01:47 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-07-31 01:47 . 2013-07-31 01:47 441856 ----a-w- c:\windows\system32\html.iec
2013-07-31 01:47 . 2013-07-31 01:47 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-07-31 01:47 . 2013-07-31 01:47 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-31 01:47 . 2013-07-31 01:47 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-07-31 01:47 . 2013-07-31 01:47 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-07-31 01:47 . 2013-07-31 01:47 235008 ----a-w- c:\windows\system32\url.dll
2013-07-31 01:47 . 2013-07-31 01:47 216064 ----a-w- c:\windows\system32\msls31.dll
2013-07-31 01:47 . 2013-07-31 01:47 197120 ----a-w- c:\windows\system32\msrating.dll
2013-07-31 01:47 . 2013-07-31 01:47 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-07-31 01:47 . 2013-07-31 01:47 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-07-31 01:47 . 2013-07-31 01:47 144896 ----a-w- c:\windows\system32\wextract.exe
2013-07-31 01:47 . 2013-07-31 01:47 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-07-31 01:47 . 2013-07-31 01:47 102912 ----a-w- c:\windows\system32\inseng.dll
2013-07-31 01:47 . 2013-07-31 01:47 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-07-31 01:47 . 2013-07-31 01:47 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-07-31 01:47 . 2013-07-31 01:47 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-07-31 01:47 . 2013-07-31 01:47 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-07-31 01:47 . 2013-07-31 01:47 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-07-31 01:47 . 2013-07-31 01:47 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-07-31 01:47 . 2013-07-31 01:47 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-07-31 01:47 . 2013-07-31 01:47 149504 ----a-w- c:\windows\system32\occache.dll
2013-07-31 01:47 . 2013-07-31 01:47 13824 ----a-w- c:\windows\system32\mshta.exe
2013-07-31 01:47 . 2013-07-31 01:47 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-07-31 01:47 . 2013-07-31 01:47 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-07-31 01:47 . 2013-07-31 01:47 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-07-31 01:45 . 2013-07-31 01:45 9728 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 9728 ----a-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 5632 ----a-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 4096 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 4096 ----a-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3584 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3584 ----a-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 3072 ----a-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 2560 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 2560 ----a-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-07-31 01:45 . 2013-07-31 01:45 10752 ----a-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 10752 ----a-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-31 01:45 . 2013-07-31 01:45 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-31 01:45 . 2013-07-31 01:45 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-07-31 01:45 . 2013-07-31 01:45 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-31 01:45 . 2013-07-31 01:45 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-07-31 01:45 . 2013-07-31 01:45 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-07-31 01:45 . 2013-07-31 01:45 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-07-31 01:45 . 2013-07-31 01:45 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-07-31 01:45 . 2013-07-31 01:45 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-07-31 01:45 . 2013-07-31 01:45 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-07-31 01:45 . 2013-07-31 01:45 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-07-31 01:45 . 2013-07-31 01:45 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-07-31 01:45 . 2013-07-31 01:45 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-07-31 01:45 . 2013-07-31 01:45 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-07-31 01:45 . 2013-07-31 01:45 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-31 01:45 . 2013-07-31 01:45 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-07-31 01:45 . 2013-07-31 01:45 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-31 01:45 . 2013-07-31 01:45 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-07-31 01:45 . 2013-07-31 01:45 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-07-31 01:45 . 2013-07-31 01:45 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-07-31 01:45 . 2013-07-31 01:45 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-07-31 01:45 . 2013-07-31 01:45 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-07-31 01:45 . 2013-07-31 01:45 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-07-31 01:45 . 2013-07-31 01:45 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-07-31 01:45 . 2013-07-31 01:45 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-07-31 01:45 . 2013-07-31 01:45 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-07-31 01:45 . 2013-07-31 01:45 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-07-31 01:45 . 2013-07-31 01:45 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-07-31 01:45 . 2013-07-31 01:45 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cleanhlp;cleanhlp;c:\eek\Run\cleanhlp64.sys;c:\eek\Run\cleanhlp64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
R4 BAVSvc;Baidu Antivirus Service;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe;c:\program files (x86)\Baidu Security\Cloud Security\BAVSvc.exe [x]
R4 UltiDev Web Server Pro;UltiDev Web Server Pro;c:\program files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe;c:\program files (x86)\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe [x]
R4 UWS LoPriv Services;UWS LoPriv Services;c:\program files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe;c:\program files (x86)\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\RUN\a2ddax64.sys;c:\eek\RUN\a2ddax64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys;c:\windows\SYSNATIVE\DRIVERS\amdhub30.sys [x]
S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys;c:\windows\SYSNATIVE\DRIVERS\amdxhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 22:25 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31 02:14]
.
2013-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31 02:14]
.
2013-08-22 c:\windows\Tasks\HPCeeScheduleForjimjim.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 02:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: JIMJIM-PC
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-56110792.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1923206676-3518921465-298547559-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]
@Denied: (Full) (Everyone)
@Allowed: (A B C D E 1 2 3 4 5 6 0x0001c0) (Administrators)
.
[HKEY_USERS\S-1-5-21-1923206676-3518921465-298547559-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\##JIMJIM-PC#Users#jimjim#AppData#Local#Hewlett-Packard#HPCEE.exe_Url_pzhsl5v0i1efivcm1patkorkz2ji0v0q]
"_CommentFromDesktopINI"=""
"_LabelFromDesktopINI"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power]
@Denied: (Full) (Owner)
"DisplayName"="@%SystemRoot%\\system32\\umpo.dll,-100"
"Group"="Plugplay"
"ImagePath"=expand:"%SystemRoot%\\system32\\svchost.exe -k DcomLaunch"
"Description"="@%SystemRoot%\\system32\\umpo.dll,-101"
"ObjectName"="LocalSystem"
"ErrorControl"=dword:00000001
"Start"=dword:00000002
"Type"=dword:00000020
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=multi:"SeTcbPrivilege\00SeSecurityPrivilege\00SeAssignPrimaryTokenPrivilege\00SeTakeOwnershipPrivilege\00SeLoadDriverPrivilege\00SeBackupPrivilege\00SeRestorePrivilege\00SeImpersonatePrivilege\00SeAuditPrivilege\00SeChangeNotifyPrivilege\00SeUndockPrivilege\00SeDebugPrivilege\00\00"
"FailureActions"=hex:00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,
   00,02,00,00,00,60,ea,00,00,02,00,00,00,60,ea,00,00,02,00,00,00,60,ea,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power\Parameters]
"ServiceDll"=expand:"%SystemRoot%\\system32\\umpo.dll"
"ServiceMain"="UmpoMain"
.
[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]
@Denied: (Full) (Administrators)
@Denied: (Full) (Owner)
"\\DosDevices\\C:"=hex:44,4d,49,4f,3a,49,44,3a,ff,75,0b,6c,d3,89,11,49,b0,0c,
   d8,cf,e1,9b,9c,fc
"\\??\\Volume{ecebda46-b870-11dc-b4d3-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
   00,49,00,44,00,45,00,23,00,43,00,64,00,52,00,6f,00,6d,00,68,00,70,00,5f,00,\
"\\DosDevices\\D:"=hex:5c,00,3f,00,3f,00,5c,00,53,00,43,00,53,00,49,00,23,00,
   43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,65,00,6e,00,5f,00,68,00,70,00,26,\
"\\??\\Volume{ecebda4f-b870-11dc-b4d3-806e6f6e6963}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\E:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,4d,\
"\\??\\Volume{c78601f4-fb11-11e2-889c-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\F:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,50,\
"\\??\\Volume{0458f44c-fb20-11e2-868b-806e6f6e6963}"=hex:5c,00,3f,00,3f,00,5c,
   00,53,00,43,00,53,00,49,00,23,00,43,00,64,00,52,00,6f,00,6d,00,26,00,56,00,\
"\\??\\Volume{2e121c30-fb20-11e2-8733-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{a8dc367b-fb22-11e2-bed7-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{21f19fa3-fc81-11e2-b94f-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\??\\Volume{4e7fcf6f-06f5-11e3-b029-386077d9be42}"=hex:5f,00,3f,00,3f,00,5f,
   00,55,00,53,00,42,00,53,00,54,00,4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,\
"\\DosDevices\\G:"=hex:5f,00,3f,00,3f,00,5f,00,55,00,53,00,42,00,53,00,54,00,
   4f,00,52,00,23,00,44,00,69,00,73,00,6b,00,26,00,56,00,65,00,6e,00,5f,00,53,\
.
Completion time: 2013-09-03  19:38:38
ComboFix-quarantined-files.txt  2013-09-03 23:38
ComboFix2.txt  2013-09-01 20:54
ComboFix3.txt  2013-09-01 19:08
.
Pre-Run: 964,035,645,440 bytes free
Post-Run: 963,851,550,720 bytes free
.
- - End Of File - - 8CB327F7E3D8050FE7F02CDEAFBBCF76
A36C5E4F47E84449FF07ED3517B43A31


#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:31 AM

Posted 04 September 2013 - 09:06 AM

Your log is clean.

What do you have in mind?

#14 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 AM

Posted 04 September 2013 - 09:31 AM

While I had a SD card in I did  a "defraggle" on it and one  of the fragments of a file was "_disk_id.pod"  I then tried another SD card and the same thing was there. I then tried the card on another computer someone else owns and this did not show. Do you know anything about this?

 

Another thing I just noticed is that the cmbfx scan shows win defend is enabled while I have disabled it in services.


Edited by bwrighttwo, 04 September 2013 - 09:34 AM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:31 AM

Posted 04 September 2013 - 10:17 AM


one of the fragments of a file was "_disk_id.pod"


This is what I have found on this.

http://translate.google.ca/translate?hl=en&sl=de&u=http://www.kameraforum.camera-info.de/index.php%3Fthreads/pod-datei.49928/&prev=/search%3Fq%3D%2522_disk_id.pod%2522%26start%3D10%26sa%3DN%26biw%3D1517%26bih%3D714
===

As for Windefender trust what you have on the computer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users