Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Redirect Virus. Hijack This Log. Help please?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 15th, 2011, 8:01 pm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:57:14 PM, on 10/15/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HipServ Agent] "C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
O4 - HKLM\..\Run: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1145810172-3958703631-3042637037-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1145810172-3958703631-3042637037-1001\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1145810172-3958703631-3042637037-1001\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1145810172-3958703631-3042637037-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD RAIDXpert (AMD_RAIDXpert) - AMD - C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\ASUS.SYS\config\DVMExportService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HipServ for Windows (HipServ) - Nick Rozanski (Nick@Rozanski.com) - C:\Program Files\Roxio\Roxio Streamer\srvstart\srvstart.exe
O23 - Service: USB detection service for HipServ (HipServUsbDetection) - Unknown owner - C:\Program Files\Roxio\Roxio Streamer\usb_detection.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13374 bytes
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm
Advertisement
Register to Remove

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby Gary R » October 16th, 2011, 4:49 am

The HJT log you posted is from a 64 bit computer, HJT was not designed to run on 64 bit machines and therefore its findings can not be relied upon.

Download DDS and save it to your Desktop (must be in this location).
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both to your Desktop.
  • Copy/Paste the contents of both into your next reply please.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 11:15 am

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by Cameron at 9:13:43 on 2011-10-16
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4095.1506 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\ASUS.SYS\config\DVMExportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Roxio\Roxio Streamer\srvstart\srvstart.exe
C:\Program Files\Roxio\Roxio Streamer\usb_detection.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files\Roxio\Roxio Streamer\vboxheadless.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Roxio\Roxio Streamer\VBoxSVC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\SysWOW64\WinMsgBalloonServer.exe
C:\Windows\SysWOW64\WinMsgBalloonClient.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\ProgramData\TVersity\Media Server\MediaServer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Spyware Doctor with AntiVirus] C:\Users\Cameron\Desktop\sdasetup_revwire207.exe -min
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [HipServ Agent] "C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Cameron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\Cameron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{EED350E1-56AC-425B-A835-89FA10C83DEC} : DhcpNameServer = 192.168.2.1 192.168.2.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [HipServ Agent] "C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe"
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [Cpu Level Up help] "C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mv61xx;mv61xx;C:\Windows\system32\DRIVERS\mv61xx.sys --> C:\Windows\system32\DRIVERS\mv61xx.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 Sahdad64;HDD Filter Driver;C:\Windows\system32\Drivers\Sahdad64.sys --> C:\Windows\system32\Drivers\Sahdad64.sys [?]
R0 Saibad64;Volume Filter Driver;C:\Windows\system32\Drivers\Saibad64.sys --> C:\Windows\system32\Drivers\Saibad64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\system32\Drivers\SaibVdAd64.sys --> C:\Windows\system32\Drivers\SaibVdAd64.sys [?]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-9-24 328536]
R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-12-15 122880]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-9-25 96896]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-7-14 32240]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\ASUS.SYS\config\DVMExportService.exe [2009-10-16 319488]
R2 HipServ;HipServ for Windows;C:\Program Files\Roxio\Roxio Streamer\srvstart\srvstart.exe [2010-5-25 268288]
R2 HipServUsbDetection;USB detection service for HipServ;C:\Program Files\Roxio\Roxio Streamer\usb_detection.exe [2010-6-22 19968]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-24 2255464]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\system32\DRIVERS\RtNdPt60.sys --> C:\Windows\system32\DRIVERS\RtNdPt60.sys [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-8-3 379496]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-24 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-24 136176]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\system32\DRIVERS\RtTeam60.sys --> C:\Windows\system32\DRIVERS\RtTeam60.sys [?]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);C:\Windows\system32\DRIVERS\RtVlan60.sys --> C:\Windows\system32\DRIVERS\RtVlan60.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-16 05:50:10 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4CD544FA-FD35-4434-8CA1-ED86CECFDBFA}\offreg.dll
2011-10-16 05:50:07 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4CD544FA-FD35-4434-8CA1-ED86CECFDBFA}\mpengine.dll
2011-10-16 05:38:58 111408 ----a-w- C:\Windows\System32\drivers\11955363.sys
2011-10-15 23:51:58 388096 ----a-r- C:\Users\Cameron\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-15 23:51:58 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-10-15 20:19:51 -------- d-----w- C:\Users\Cameron\AppData\Local\NPE
2011-10-15 14:44:01 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Malwarebytes
2011-10-15 14:43:34 -------- d-----w- C:\ProgramData\Malwarebytes
2011-10-15 14:43:31 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-10-15 14:43:31 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-15 03:07:34 -------- d-----w- C:\Users\Cameron\AppData\Roaming\NVIDIA
2011-10-14 20:26:47 -------- d-----w- C:\Program Files\iPod
2011-10-14 20:26:46 -------- d-----w- C:\Program Files\iTunes
2011-10-14 20:26:46 -------- d-----w- C:\Program Files (x86)\iTunes
2011-10-14 20:25:23 -------- d-----w- C:\Program Files\Bonjour
2011-10-14 20:25:23 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-10-14 16:27:54 -------- d-----w- C:\Users\Cameron\AppData\Local\CrashDumps
2011-10-12 11:06:50 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-12 11:06:49 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-12 11:06:49 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-12 11:06:49 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-12 11:06:49 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-12 11:06:42 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-12 11:06:41 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-12 11:06:41 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-12 11:06:41 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-11 20:29:33 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-11 20:29:28 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{566C7C31-8ABC-4351-921E-E224B99248FB}\gapaengine.dll
2011-10-10 20:29:37 -------- d-----w- C:\Users\Cameron\AppData\Local\{12D6AE47-58CF-4E0E-8775-F821A4D7B6EA}
2011-10-10 20:29:26 -------- d-----w- C:\Users\Cameron\AppData\Local\{7E80659B-848A-4537-80D5-23FD929485CA}
2011-10-10 20:29:14 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Windows Live Writer
2011-10-10 20:29:14 -------- d-----w- C:\Users\Cameron\AppData\Local\Windows Live Writer
2011-10-10 20:06:07 -------- d-----w- C:\Windows\en
2011-10-10 20:03:57 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-10-10 20:00:33 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2011-10-10 19:57:49 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-10-10 19:57:19 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cc4c5e541cc878605\bingbarsetup.exe
2011-10-10 19:56:55 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c2e32c4d1cc878604\MeshBetaRemover.exe
2011-10-10 19:56:53 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c02eb0891cc878603\DSETUP.dll
2011-10-10 19:56:53 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c02eb0891cc878603\DXSETUP.exe
2011-10-10 19:56:53 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c02eb0891cc878603\dsetup32.dll
2011-10-10 19:56:46 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc695d071cc878602\DXSETUP.exe
2011-10-10 19:56:46 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc695d071cc878602\dsetup32.dll
2011-10-10 19:56:45 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bc695d071cc878602\DSETUP.dll
2011-10-10 19:56:19 -------- d-----w- C:\Users\Cameron\AppData\Local\Windows Live
2011-10-10 19:56:17 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-10-04 03:56:23 -------- d-----w- C:\Program Files\CCleaner
2011-10-03 23:14:52 -------- d-----w- C:\Users\Cameron\AppData\Local\Evernote
2011-10-03 23:12:55 -------- d-----w- C:\Program Files (x86)\Evernote
2011-09-27 00:10:22 -------- d-----w- C:\Program Files (x86)\Guild Wars
2011-09-26 23:41:24 -------- d-----w- C:\Users\Cameron\AppData\Roaming\OpenOffice.org
2011-09-26 22:58:14 -------- d-----r- C:\Users\Cameron\Podcasts
2011-09-26 22:58:05 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
2011-09-26 22:58:04 -------- d-----w- C:\Windows\System32\drivers\UMDF\ms-MY
2011-09-26 22:58:02 -------- d-----w- C:\Windows\System32\drivers\UMDF\id-ID
2011-09-26 22:58:00 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2011-09-26 20:16:13 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-09-26 15:38:26 -------- d-----w- C:\Users\Cameron\AppData\Local\Adobe
2011-09-26 06:32:30 -------- d-----w- C:\ProgramData\ASUS OC Profiles
2011-09-26 05:59:51 -------- d-----w- C:\Users\Cameron\AppData\Local\Oblivion
2011-09-26 05:56:21 -------- d--h--w- C:\temp
2011-09-26 05:56:21 -------- d--h--w- C:\dvmexp
2011-09-26 05:55:28 -------- d--h--w- C:\ASUS.000
2011-09-26 05:54:40 -------- d--h--w- C:\ASUS.SYS
2011-09-26 05:52:20 -------- d-----w- C:\Program Files\ASUS
2011-09-26 05:49:51 43008 ----a-r- C:\Windows\System32\drivers\RtTeam60.sys
2011-09-26 05:49:41 24064 ----a-r- C:\Windows\System32\drivers\RtVlan60.sys
2011-09-26 05:49:33 26624 ----a-r- C:\Windows\System32\drivers\RtNdPt60.sys
2011-09-26 05:49:22 -------- d-----w- C:\Program Files (x86)\Realtek
2011-09-26 05:48:05 -------- d-----w- C:\Program Files (x86)\AMD
2011-09-26 05:47:36 -------- d-----w- C:\Windows\Downloaded Installations
2011-09-26 05:45:43 962612 ----a-w- C:\Windows\SysWow64\mfc42d.dll
2011-09-26 05:45:43 434252 ----a-w- C:\Windows\SysWow64\MSVCRTD.DLL
2011-09-26 05:43:26 -------- d-----w- C:\Windows\AsDmiHtm
2011-09-26 05:29:40 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Roxio Burn
2011-09-26 05:29:24 -------- d-----w- C:\Users\Cameron\AppData\Local\Fallout3
2011-09-26 05:17:45 -------- d-----w- C:\Program Files (x86)\Bethesda Softworks
2011-09-26 05:12:01 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2011-09-26 05:12:01 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-09-26 05:12:00 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-09-26 05:12:00 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-09-26 05:12:00 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-09-26 05:12:00 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-09-26 05:12:00 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-09-26 05:11:59 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-09-26 05:11:59 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-09-26 05:02:32 -------- d-----w- C:\Program Files (x86)\Interplay
2011-09-26 01:32:49 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-09-26 01:32:31 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-25 20:03:19 -------- d-----w- C:\ProgramData\Uninstall
2011-09-25 20:00:39 -------- d-----w- C:\ProgramData\eSellerate
2011-09-25 20:00:09 27632 ------w- C:\Windows\System32\drivers\SaibVdAd64.sys
2011-09-25 20:00:09 27120 ------w- C:\Windows\System32\drivers\Sahdad64.sys
2011-09-25 20:00:09 19952 ------w- C:\Windows\System32\drivers\Saibad64.sys
2011-09-25 19:58:16 55856 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2011-09-25 19:58:16 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2011-09-25 19:58:16 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2011-09-25 19:56:40 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2011-09-25 19:56:01 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Simple Star
2011-09-25 19:55:57 -------- d-----w- C:\ProgramData\PhotoShow Shared Assets
2011-09-25 19:55:55 -------- d-----w- C:\Program Files (x86)\Roxio
2011-09-25 19:55:38 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2011-09-25 19:55:28 -------- d-----w- C:\Program Files (x86)\SmartSound Software
2011-09-25 19:55:25 -------- d-----w- C:\ProgramData\SmartSound Software Inc
2011-09-25 19:55:05 -------- d-----w- C:\Program Files (x86)\Roxio 2011
2011-09-25 19:55:03 53248 ----a-r- C:\Users\Cameron\AppData\Roaming\Microsoft\Installer\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}\ARPPRODUCTICON.exe
2011-09-25 19:55:03 -------- d-----w- C:\Program Files\Roxio 2011
2011-09-25 19:54:55 -------- d-----w- C:\Program Files (x86)\Roxio Streamer Desktop Applications
2011-09-25 19:54:13 -------- d-----w- C:\ProgramData\Axentra Corporation
2011-09-25 19:54:13 -------- d-----w- C:\Program Files\Roxio
2011-09-25 19:53:57 53248 ----a-r- C:\Users\Cameron\AppData\Roaming\Microsoft\Installer\{3A9527CF-4E91-4683-A03F-F1AD022126E5}\ARPPRODUCTICON.exe
2011-09-25 19:53:56 78680 ----a-w- C:\Windows\System32\XAPOFX1_4.dll
2011-09-25 19:53:56 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_4.dll
2011-09-25 19:53:56 530776 ----a-w- C:\Windows\System32\XAudio2_6.dll
2011-09-25 19:53:56 528216 ----a-w- C:\Windows\SysWow64\XAudio2_6.dll
2011-09-25 19:53:56 238936 ----a-w- C:\Windows\SysWow64\xactengine3_6.dll
2011-09-25 19:53:56 176984 ----a-w- C:\Windows\System32\xactengine3_6.dll
2011-09-25 19:53:55 24920 ----a-w- C:\Windows\System32\X3DAudio1_7.dll
2011-09-25 19:53:55 22360 ----a-w- C:\Windows\SysWow64\X3DAudio1_7.dll
2011-09-25 19:50:22 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Roxio Log Files
2011-09-25 19:37:01 -------- d-----w- C:\ProgramData\Norton
2011-09-25 19:36:35 -------- d-----w- C:\ProgramData\NortonInstaller
2011-09-25 19:36:23 24576 ----a-r- C:\Windows\SysWow64\AsIO.dll
2011-09-25 19:36:23 13440 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
2011-09-25 19:36:20 11832 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2011-09-25 19:36:20 10216 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2011-09-25 19:36:19 -------- d-----w- C:\Program Files (x86)\ASUS
2011-09-25 19:36:10 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-09-25 19:36:10 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-09-25 19:36:10 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-09-25 19:36:10 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-09-25 19:33:04 -------- d-----w- C:\Program Files (x86)\Marvell
2011-09-25 19:32:07 985504 ----a-w- C:\Windows\System32\VIAPropPageExt.dll
2011-09-25 19:32:07 89504 ----a-w- C:\Windows\System32\Dts2PropPageExt.dll
2011-09-25 19:32:07 86016 ----a-w- C:\Windows\System32\nQPropPageExt.dll
2011-09-25 19:32:07 82432 ----a-w- C:\Windows\System32\nQAPO.dll
2011-09-25 19:32:07 80800 ----a-w- C:\Windows\System32\ViaMicArrayPropPageExt.dll
2011-09-25 19:32:07 541088 ----a-w- C:\Windows\System32\VIASysFx.dll
2011-09-25 19:32:07 246688 ----a-w- C:\Windows\System32\Dts2APO.dll
2011-09-25 19:32:07 197024 ----a-w- C:\Windows\System32\ViaMicArrayAPO.dll
2011-09-25 19:32:07 1327520 ----a-w- C:\Windows\System32\drivers\viahduaa.sys
2011-09-25 19:31:56 414632 ------w- C:\Windows\difxapi.dll
2011-09-25 19:31:54 -------- d-----w- C:\Program Files (x86)\VIA
2011-09-25 19:31:26 16440 ----a-w- C:\Windows\System32\drivers\AtiPcie.sys
2011-09-25 19:31:23 -------- d-----w- C:\Program Files\ATI
2011-09-25 10:18:12 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-09-25 10:11:43 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
2011-09-25 10:11:02 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-09-25 10:06:52 -------- d-----w- C:\Users\Cameron\AppData\Roaming\Origin
2011-09-25 10:06:51 -------- d-----w- C:\Users\Cameron\AppData\Local\Origin
2011-09-25 10:06:44 -------- d-----w- C:\ProgramData\Origin
2011-09-25 10:06:43 -------- d-----w- C:\ProgramData\Electronic Arts
2011-09-25 10:06:43 -------- d-----w- C:\Program Files (x86)\Origin Games
2011-09-25 10:05:39 -------- d-----w- C:\Program Files (x86)\Origin
2011-09-25 09:11:22 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-09-25 09:11:15 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-09-25 09:11:15 2434856 ----a-w- C:\Windows\SysWow64\pbsvc_bc2.exe
2011-09-25 08:57:59 403304 ----a-w- C:\Windows\System32\xactengine2_7.dll
2011-09-25 06:06:20 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-09-25 06:06:19 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-09-25 06:06:19 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-09-25 06:06:19 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-09-25 06:06:19 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-09-25 06:06:18 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-09-25 06:06:18 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-09-25 06:06:18 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-09-25 06:06:18 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-09-25 06:06:17 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-09-25 06:06:17 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-09-25 05:42:29 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll
2011-09-25 05:42:29 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll
2011-09-25 05:42:29 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2011-09-25 05:42:29 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2011-09-25 05:42:27 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2011-09-25 05:24:54 -------- d-----w- C:\Riot Games
2011-09-25 05:18:59 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-09-25 05:18:59 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-09-25 05:18:59 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-09-25 05:18:59 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-09-25 05:18:59 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-09-25 05:18:59 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-09-25 05:18:59 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-09-25 04:22:22 -------- d-----w- C:\Program Files (x86)\Diablo II
2011-09-25 04:20:51 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
2011-09-25 04:20:51 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2011-09-25 04:20:50 81768 ----a-w- C:\Windows\SysWow64\xinput1_3.dll
2011-09-25 04:19:51 -------- d-----w- C:\Windows\SysWow64\xlive
2011-09-25 04:19:41 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-09-25 04:16:12 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-09-25 04:15:46 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-09-25 04:12:41 -------- d-----w- C:\Program Files (x86)\Xiph.Org
2011-09-25 04:12:40 -------- d-----w- C:\Program Files (x86)\TVersity Codec Pack
2011-09-25 04:12:37 -------- d-----w- C:\ProgramData\TVersity
2011-09-25 04:09:04 1240 ----a-w- C:\Windows\SysWow64\ealregsnapshot1.reg
2011-09-25 04:08:43 -------- d-----w- C:\Users\Cameron\AppData\Local\Downloaded Installations
2011-09-25 03:59:42 -------- d-----w- C:\Program Files (x86)\LeagueOfLegends
2011-09-25 03:57:51 -------- d-----r- C:\Program Files (x86)\Skype
2011-09-25 03:56:43 -------- d-----w- C:\Users\Cameron\AppData\Local\PMB Files
2011-09-25 03:56:36 -------- d-----w- C:\ProgramData\PMB Files
2011-09-25 03:55:50 -------- d-----w- C:\Program Files (x86)\Pando Networks
2011-09-25 03:50:31 -------- d-----w- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2011-09-25 03:24:39 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2011-09-25 03:04:54 -------- d-----w- C:\Program Files (x86)\RocketDock
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-09-25 02:27:41 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-09-25 02:18:17 -------- d-----w- C:\Users\Cameron\AppData\Local\Apple Computer
2011-09-25 02:18:10 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-09-25 02:18:10 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-09-25 02:18:10 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-09-25 02:17:59 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-09-25 02:17:13 -------- d-----w- C:\Users\Cameron\AppData\Local\Apple
2011-09-25 02:17:03 -------- d-----w- C:\Users\Cameron\AppData\Roaming\IObit
2011-09-25 02:17:02 -------- d-----w- C:\Program Files (x86)\IObit
2011-09-25 02:05:41 -------- d-----w- C:\Program Files (x86)\Steam
2011-09-25 02:05:41 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-09-25 01:57:26 -------- d-----w- C:\NVIDIA
2011-09-25 01:48:21 -------- d-----w- C:\Windows\SysWow64\Wat
2011-09-25 01:48:21 -------- d-----w- C:\Windows\System32\Wat
2011-09-24 20:36:37 -------- d-----w- C:\Users\Cameron\AppData\Local\Google
2011-09-24 20:36:32 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-24 20:27:38 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-09-24 20:27:31 980072 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-09-24 20:27:31 836200 ----a-w- C:\Windows\System32\easyupdatusapiu64.dll
2011-09-24 20:27:31 61544 ----a-w- C:\Windows\System32\nvshext.dll
2011-09-24 20:27:31 6136936 ----a-w- C:\Windows\System32\nvcpl.dll
2011-09-24 20:27:31 3021416 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-09-24 20:27:31 2560616 ----a-w- C:\Windows\System32\nvsvcr.dll
2011-09-24 20:27:31 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-09-24 20:27:03 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-09-24 20:26:59 -------- d-----w- C:\Program Files\NVIDIA Corporation
2011-09-24 20:25:08 -------- d-----w- C:\Users\Cameron\AppData\Local\Mozilla
2011-09-24 20:24:45 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-24 20:24:43 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{04154D2C-B45F-413A-BF81-43E2979E4B7B}\mpengine.dll
2011-09-24 20:22:24 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-09-24 20:20:00 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro
2011-09-24 20:19:51 -------- d-----w- C:\Windows\PCHEALTH
2011-09-24 20:19:45 -------- d-sh--w- C:\Windows\Installer
2011-09-24 18:02:11 -------- d-----w- C:\Windows\Panther
2011-09-24 16:20:54 715776 ----a-w- C:\Windows\System32\kerberos.dll
2011-09-24 16:18:02 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-09-24 16:16:06 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-09-24 16:16:06 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-09-24 16:16:05 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-09-24 16:12:56 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 05:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-08-31 05:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-08-31 05:05:32 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-08-31 05:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-08-31 05:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-08-31 05:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-08-31 05:05:04 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-08-31 05:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-08-06 01:46:24 354304 ----a-w- C:\Windows\System32\ZuneCoInst.dll
2011-08-06 01:46:14 405504 ----a-w- C:\Windows\System32\ZuneNetProxy.dll
2011-08-06 01:46:10 67072 ----a-w- C:\Windows\System32\ZuneTcp2Udp.dll
2011-08-06 01:46:10 45568 ----a-w- C:\Windows\System32\ZunePTDNS.dll
2011-08-06 01:46:08 60928 ----a-w- C:\Windows\System32\ZuneRegUtil.dll
2011-08-06 01:46:06 249344 ----a-w- C:\Windows\System32\ZuneMTPZ.dll
2011-08-06 01:46:06 149504 ----a-w- C:\Windows\System32\ZuneUsbTransport.dll
2011-08-06 01:46:06 1093632 ----a-w- C:\Windows\System32\drivers\UMDF\ZuneDriver.dll
2011-08-03 09:31:54 311912 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2011-08-01 21:59:06 45416 ----a-w- C:\Windows\System32\drivers\point64.sys
.
============= FINISH: 9:14:25.10 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/24/2011 10:12:58 AM
System Uptime: 10/15/2011 11:32:44 PM (10 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A79XTD EVO
Processor: AMD Phenom(tm) II X3 700e Processor | AM3 | 2400/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 282.259 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 433.756 GiB free.
H: is FIXED (FAT32) - 298 GiB total, 192.819 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_05AC&PID_1209\000A270015E2E1D6
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_05AC&PID_1209\000A270015E2E1D6
Service: USBSTOR
.
==== System Restore Points ===================
.
RP56: 10/4/2011 12:14:13 AM - Windows Backup
RP57: 10/4/2011 12:16:13 AM - Windows Backup
RP58: 10/5/2011 6:58:29 PM - Windows Update
RP59: 10/9/2011 6:57:46 PM - Windows Update
RP60: 10/9/2011 7:00:07 PM - Windows Backup
RP61: 10/10/2011 1:55:46 PM - CheckIfInstallerIsBusy
RP62: 10/10/2011 1:56:33 PM - Windows Live Essentials
RP63: 10/10/2011 1:56:58 PM - Installed DirectX
RP64: 10/10/2011 1:57:29 PM - Installed DirectX
RP65: 10/10/2011 1:59:37 PM - WLSetup
RP66: 10/13/2011 3:00:21 AM - Windows Update
RP67: 10/15/2011 5:51:14 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Advanced SystemCare 4
AI Suite
Apple Application Support
Apple Software Update
ASUSUpdate
Battlefield: Bad Company™ 2
Bing Bar
Borderlands
Cool & Quiet
Counter-Strike
Counter-Strike: Condition Zero
Counter-Strike: Condition Zero Deleted Scenes
D3DX10
Diablo II
Diagnostic Utility
DirectX 9 Runtime
EPU-4 Engine
Evernote v. 4.5.1
Express Gate
Fallout 3
Fallout Collection
Google Chrome
Google Update Helper
Guild Wars
HiJackThis
Java Auto Updater
Java(TM) 6 Update 22
Junk Mail filter update
League of Legends
Magicka
Malwarebytes' Anti-Malware version 1.51.2.1300
marvell 61xx
Mesh Runtime
Messenger Companion
Metro 2033
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Monday Night Combat
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA 3D Vision Controller Driver
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oblivion
OpenOffice.org 3.3
Origin
Pando Media Booster
PC Probe II
Platform
Portal
PunkBuster Services
QuickTime
RAIDXpert
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
RocketDock 1.3.5
Roxio BackOnTrack
Roxio Burn
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2011
Roxio Creator 2011 Content
Roxio PhotoShow
Roxio Streamer Desktop Applications
Roxio Video Capture USB
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Skype™ 5.5
SmartSound Common Data
SmartSound Quicktracks 5
SPORE™
Steam
Team Fortress 2
Turbo Key
TurboV
TVersity Codec Pack 1.7
TVersity Media Server 1.9.7
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
VIA Platform Device Manager
VLC media player 1.1.11
Warcraft III
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Xiph.Org Open Codecs 0.85.17777
.
==== Event Viewer Messages From Past Week ========
.
10/15/2011 7:46:31 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000080, 0x0000000000000002, 0x0000000000000001, 0xfffff80002ad2c1f). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 101511-43118-01.
10/15/2011 11:48:05 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
10/15/2011 11:47:10 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 3000 milliseconds: Restart the service.
10/15/2011 11:47:01 PM, Error: Service Control Manager [7031] - The TVersity Media Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
10/15/2011 11:39:49 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/15/2011 11:33:51 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect.
10/14/2011 2:25:53 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/13/2011 6:54:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
10/13/2011 6:54:48 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/12/2011 2:29:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.113.1508.0).
10/12/2011 2:29:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.113.1445.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7702.0 Error code: 0x80070643 Error description: Fatal error during installation.
.
==== End Of File ===========================

Thank you so much for your help.
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby Gary R » October 16th, 2011, 12:59 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the "malware removal" forum and wait for help.


Unless informed of in advance, failure to post replies within 3 days will result in this thread being closed.


Hi hXcBoomstick88

I'm Gary R, I'll be glad to help you with your computer problems.

Before we start: Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

I'd also recommend that you create a System Restore Point that we can restore to if necessary.

  • Click Start, and type Create a restore point into the Search programs and files box.
  • Now click on the Create a restore point icon at the top of the find list.
  • This will open a System Properties box, with the System Protection tab open ...
    • Click on the Create button in the lower part of the window.
    • Type Pre Malware Cleanup into the description box, then click Create.
    • Windows will now create a Restore Point and notify you when finished.
    • Exit any open windows.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to install any new software (other than those I ask you to) until we've got your computer clean.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process. If your defensive programmes warn you about any of those tools, be assured that they are not infected, and are safe to use.
If you can do these things, everything should go smoothly.
  • As you're using Vista or Windows7, it will be necessary to right click all tools we use and select ----> Run as Administrator

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.


Nothing of any real consequence showing in your DDS logs. There's a few things we need to take care of, but we'll deal with them once we've established what is causing your re-directs.

I'm afraid I need you to run some more scans for me ......

First

Download OTL by OldTimer to your Desktop.

Alternative Download

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Under Custom Scans/Fixes copy/paste the contents of the code box below.
Code: Select all
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90
CREATERESTOREPOINT
%PROGRAMFILES%\*.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents

  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Next

Download TDSSKiller.zip and extract it to your Desktop.
  • Double click on TDSSKiller.exe to launch it.
    • If using Vista or Windows7, when prompted by UAC allow the prompt.
  • Click on Start Scan
  • The scan will run.
  • When the scan has finished, if it finds anything please click on the drop down arrow next to Cure and select Skip
  • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • Post the contents in your next reply please.
  • DO NOT TRY TO FIX ANYTHING AT THIS POINT

Summary of the logs I need from you in your next post:
  • OTL.txt
  • Extras.txt
  • TDSSKiller log


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 4:38 pm

14:35:35.0170 5572 TDSS rootkit removing tool 2.6.9.0 Oct 14 2011 11:33:24
14:35:35.0562 5572 ============================================================
14:35:35.0562 5572 Current date / time: 2011/10/16 14:35:35.0562
14:35:35.0562 5572 SystemInfo:
14:35:35.0562 5572
14:35:35.0562 5572 OS Version: 6.1.7601 ServicePack: 1.0
14:35:35.0562 5572 Product type: Workstation
14:35:35.0563 5572 ComputerName: HXCBOOMSTICK-PC
14:35:35.0563 5572 UserName: Cameron
14:35:35.0563 5572 Windows directory: C:\Windows
14:35:35.0563 5572 System windows directory: C:\Windows
14:35:35.0563 5572 Running under WOW64
14:35:35.0563 5572 Processor architecture: Intel x64
14:35:35.0563 5572 Number of processors: 3
14:35:35.0563 5572 Page size: 0x1000
14:35:35.0563 5572 Boot type: Normal boot
14:35:35.0563 5572 ============================================================
14:35:43.0336 5572 Initialize success
14:35:45.0526 2944 ============================================================
14:35:45.0526 2944 Scan started
14:35:45.0526 2944 Mode: Manual;
14:35:45.0526 2944 ============================================================
14:35:46.0009 2944 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
14:35:46.0012 2944 1394ohci - ok
14:35:46.0030 2944 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:35:46.0034 2944 ACPI - ok
14:35:46.0058 2944 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:35:46.0059 2944 AcpiPmi - ok
14:35:46.0071 2944 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:35:46.0076 2944 adp94xx - ok
14:35:46.0092 2944 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:35:46.0096 2944 adpahci - ok
14:35:46.0105 2944 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:35:46.0108 2944 adpu320 - ok
14:35:46.0139 2944 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
14:35:46.0143 2944 AFD - ok
14:35:46.0156 2944 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:35:46.0157 2944 agp440 - ok
14:35:46.0170 2944 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:35:46.0171 2944 aliide - ok
14:35:46.0184 2944 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:35:46.0185 2944 amdide - ok
14:35:46.0199 2944 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:35:46.0200 2944 AmdK8 - ok
14:35:46.0222 2944 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:35:46.0223 2944 AmdPPM - ok
14:35:46.0252 2944 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:35:46.0254 2944 amdsata - ok
14:35:46.0283 2944 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:35:46.0285 2944 amdsbs - ok
14:35:46.0293 2944 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:35:46.0293 2944 amdxata - ok
14:35:46.0329 2944 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:35:46.0330 2944 AppID - ok
14:35:46.0355 2944 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:35:46.0357 2944 arc - ok
14:35:46.0365 2944 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:35:46.0366 2944 arcsas - ok
14:35:46.0368 2944 AsIO - ok
14:35:46.0393 2944 AsUpIO - ok
14:35:46.0411 2944 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:35:46.0412 2944 AsyncMac - ok
14:35:46.0419 2944 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:35:46.0420 2944 atapi - ok
14:35:46.0505 2944 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
14:35:46.0506 2944 AtiPcie - ok
14:35:46.0556 2944 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:35:46.0561 2944 b06bdrv - ok
14:35:46.0597 2944 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:35:46.0601 2944 b57nd60a - ok
14:35:46.0634 2944 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:35:46.0635 2944 Beep - ok
14:35:46.0661 2944 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:35:46.0662 2944 blbdrive - ok
14:35:46.0694 2944 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:35:46.0696 2944 bowser - ok
14:35:46.0724 2944 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:35:46.0725 2944 BrFiltLo - ok
14:35:46.0733 2944 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:35:46.0733 2944 BrFiltUp - ok
14:35:46.0747 2944 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:35:46.0750 2944 Brserid - ok
14:35:46.0766 2944 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:35:46.0767 2944 BrSerWdm - ok
14:35:46.0775 2944 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:35:46.0775 2944 BrUsbMdm - ok
14:35:46.0783 2944 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:35:46.0784 2944 BrUsbSer - ok
14:35:46.0794 2944 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
14:35:46.0795 2944 BTHMODEM - ok
14:35:46.0814 2944 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:35:46.0816 2944 cdfs - ok
14:35:46.0838 2944 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
14:35:46.0840 2944 cdrom - ok
14:35:46.0858 2944 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:35:46.0860 2944 circlass - ok
14:35:46.0886 2944 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:35:46.0890 2944 CLFS - ok
14:35:46.0927 2944 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:35:46.0928 2944 CmBatt - ok
14:35:46.0944 2944 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:35:46.0946 2944 cmdide - ok
14:35:46.0957 2944 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
14:35:46.0962 2944 CNG - ok
14:35:46.0970 2944 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:35:46.0971 2944 Compbatt - ok
14:35:46.0986 2944 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:35:46.0987 2944 CompositeBus - ok
14:35:47.0009 2944 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:35:47.0011 2944 crcdisk - ok
14:35:47.0050 2944 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
14:35:47.0051 2944 dc3d - ok
14:35:47.0076 2944 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:35:47.0078 2944 DfsC - ok
14:35:47.0088 2944 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:35:47.0088 2944 discache - ok
14:35:47.0111 2944 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:35:47.0112 2944 Disk - ok
14:35:47.0180 2944 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:35:47.0182 2944 drmkaud - ok
14:35:47.0215 2944 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:35:47.0225 2944 DXGKrnl - ok
14:35:47.0282 2944 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:35:47.0325 2944 ebdrv - ok
14:35:47.0366 2944 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:35:47.0372 2944 elxstor - ok
14:35:47.0389 2944 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:35:47.0390 2944 ErrDev - ok
14:35:47.0413 2944 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:35:47.0415 2944 exfat - ok
14:35:47.0426 2944 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:35:47.0428 2944 fastfat - ok
14:35:47.0438 2944 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:35:47.0439 2944 fdc - ok
14:35:47.0458 2944 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:35:47.0460 2944 FileInfo - ok
14:35:47.0468 2944 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:35:47.0469 2944 Filetrace - ok
14:35:47.0476 2944 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:35:47.0477 2944 flpydisk - ok
14:35:47.0488 2944 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:35:47.0491 2944 FltMgr - ok
14:35:47.0512 2944 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:35:47.0513 2944 FsDepends - ok
14:35:47.0569 2944 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
14:35:47.0571 2944 fssfltr - ok
14:35:47.0580 2944 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:35:47.0581 2944 Fs_Rec - ok
14:35:47.0618 2944 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:35:47.0620 2944 fvevol - ok
14:35:47.0652 2944 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:35:47.0654 2944 gagp30kx - ok
14:35:47.0715 2944 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:35:47.0716 2944 GEARAspiWDM - ok
14:35:47.0767 2944 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:35:47.0768 2944 hcw85cir - ok
14:35:48.0095 2944 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:35:48.0353 2944 HdAudAddService - ok
14:35:48.0464 2944 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:35:48.0487 2944 HDAudBus - ok
14:35:48.0509 2944 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:35:48.0510 2944 HidBatt - ok
14:35:48.0527 2944 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
14:35:48.0536 2944 HidBth - ok
14:35:48.0543 2944 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:35:48.0544 2944 HidIr - ok
14:35:48.0578 2944 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
14:35:48.0581 2944 HidUsb - ok
14:35:48.0608 2944 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:35:48.0610 2944 HpSAMD - ok
14:35:48.0640 2944 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:35:48.0647 2944 HTTP - ok
14:35:48.0661 2944 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:35:48.0662 2944 hwpolicy - ok
14:35:48.0689 2944 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:35:48.0691 2944 i8042prt - ok
14:35:48.0717 2944 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:35:48.0722 2944 iaStorV - ok
14:35:48.0733 2944 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:35:48.0735 2944 iirsp - ok
14:35:48.0764 2944 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:35:48.0765 2944 intelide - ok
14:35:48.0779 2944 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
14:35:48.0780 2944 intelppm - ok
14:35:48.0791 2944 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:35:48.0792 2944 IpFilterDriver - ok
14:35:48.0807 2944 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:35:48.0807 2944 IPMIDRV - ok
14:35:48.0816 2944 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:35:48.0818 2944 IPNAT - ok
14:35:48.0857 2944 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:35:48.0858 2944 IRENUM - ok
14:35:48.0873 2944 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:35:48.0874 2944 isapnp - ok
14:35:48.0891 2944 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:35:48.0895 2944 iScsiPrt - ok
14:35:48.0910 2944 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:35:48.0911 2944 kbdclass - ok
14:35:48.0930 2944 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
14:35:48.0931 2944 kbdhid - ok
14:35:48.0951 2944 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
14:35:48.0953 2944 KSecDD - ok
14:35:48.0969 2944 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
14:35:48.0971 2944 KSecPkg - ok
14:35:48.0983 2944 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:35:48.0985 2944 ksthunk - ok
14:35:49.0019 2944 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:35:49.0020 2944 lltdio - ok
14:35:49.0038 2944 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:35:49.0040 2944 LSI_FC - ok
14:35:49.0048 2944 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:35:49.0050 2944 LSI_SAS - ok
14:35:49.0066 2944 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:35:49.0074 2944 LSI_SAS2 - ok
14:35:49.0099 2944 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:35:49.0101 2944 LSI_SCSI - ok
14:35:49.0110 2944 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:35:49.0111 2944 luafv - ok
14:35:49.0128 2944 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:35:49.0129 2944 megasas - ok
14:35:49.0139 2944 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:35:49.0142 2944 MegaSR - ok
14:35:49.0162 2944 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:35:49.0163 2944 Modem - ok
14:35:49.0206 2944 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:35:49.0208 2944 monitor - ok
14:35:49.0215 2944 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:35:49.0217 2944 mouclass - ok
14:35:49.0238 2944 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:35:49.0239 2944 mouhid - ok
14:35:49.0248 2944 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:35:49.0249 2944 mountmgr - ok
14:35:49.0299 2944 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:35:49.0301 2944 MpFilter - ok
14:35:49.0310 2944 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:35:49.0312 2944 mpio - ok
14:35:49.0333 2944 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:35:49.0334 2944 MpNWMon - ok
14:35:49.0354 2944 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:35:49.0356 2944 mpsdrv - ok
14:35:49.0370 2944 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:35:49.0372 2944 MRxDAV - ok
14:35:49.0396 2944 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:35:49.0398 2944 mrxsmb - ok
14:35:49.0412 2944 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:35:49.0415 2944 mrxsmb10 - ok
14:35:49.0424 2944 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:35:49.0426 2944 mrxsmb20 - ok
14:35:49.0436 2944 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:35:49.0438 2944 msahci - ok
14:35:49.0451 2944 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:35:49.0453 2944 msdsm - ok
14:35:49.0475 2944 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:35:49.0476 2944 Msfs - ok
14:35:49.0503 2944 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:35:49.0504 2944 mshidkmdf - ok
14:35:49.0518 2944 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:35:49.0523 2944 msisadrv - ok
14:35:49.0548 2944 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:35:49.0549 2944 MSKSSRV - ok
14:35:49.0559 2944 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:35:49.0559 2944 MSPCLOCK - ok
14:35:49.0568 2944 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:35:49.0569 2944 MSPQM - ok
14:35:49.0580 2944 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:35:49.0585 2944 MsRPC - ok
14:35:49.0601 2944 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:35:49.0603 2944 mssmbios - ok
14:35:49.0619 2944 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:35:49.0620 2944 MSTEE - ok
14:35:49.0630 2944 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:35:49.0631 2944 MTConfig - ok
14:35:49.0671 2944 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
14:35:49.0673 2944 MTsensor - ok
14:35:49.0687 2944 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:35:49.0688 2944 Mup - ok
14:35:49.0728 2944 mv61xx (42ab117ab98ac93f487b2913ee4fbdd8) C:\Windows\system32\DRIVERS\mv61xx.sys
14:35:49.0730 2944 mv61xx - ok
14:35:49.0765 2944 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:35:49.0769 2944 NativeWifiP - ok
14:35:49.0798 2944 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:35:49.0808 2944 NDIS - ok
14:35:49.0827 2944 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:35:49.0828 2944 NdisCap - ok
14:35:49.0836 2944 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:35:49.0837 2944 NdisTapi - ok
14:35:49.0852 2944 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:35:49.0854 2944 Ndisuio - ok
14:35:49.0870 2944 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:35:49.0873 2944 NdisWan - ok
14:35:49.0881 2944 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:35:49.0882 2944 NDProxy - ok
14:35:49.0890 2944 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:35:49.0891 2944 NetBIOS - ok
14:35:49.0900 2944 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:35:49.0903 2944 NetBT - ok
14:35:49.0926 2944 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:35:49.0927 2944 nfrd960 - ok
14:35:49.0956 2944 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:35:49.0958 2944 NisDrv - ok
14:35:49.0969 2944 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:35:49.0971 2944 Npfs - ok
14:35:49.0980 2944 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:35:49.0980 2944 nsiproxy - ok
14:35:50.0027 2944 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:35:50.0053 2944 Ntfs - ok
14:35:50.0097 2944 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:35:50.0098 2944 Null - ok
14:35:50.0303 2944 nvlddmkm (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:35:50.0468 2944 nvlddmkm - ok
14:35:50.0512 2944 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:35:50.0514 2944 nvraid - ok
14:35:50.0526 2944 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:35:50.0528 2944 nvstor - ok
14:35:50.0544 2944 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:35:50.0546 2944 nv_agp - ok
14:35:50.0556 2944 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:35:50.0558 2944 ohci1394 - ok
14:35:50.0576 2944 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:35:50.0578 2944 Parport - ok
14:35:50.0595 2944 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:35:50.0596 2944 partmgr - ok
14:35:50.0613 2944 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:35:50.0616 2944 pci - ok
14:35:50.0631 2944 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:35:50.0632 2944 pciide - ok
14:35:50.0652 2944 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:35:50.0655 2944 pcmcia - ok
14:35:50.0663 2944 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:35:50.0664 2944 pcw - ok
14:35:50.0677 2944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:35:50.0684 2944 PEAUTH - ok
14:35:50.0747 2944 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
14:35:50.0747 2944 Point64 - ok
14:35:50.0775 2944 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:35:50.0777 2944 PptpMiniport - ok
14:35:50.0785 2944 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:35:50.0787 2944 Processor - ok
14:35:50.0801 2944 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:35:50.0803 2944 Psched - ok
14:35:50.0837 2944 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
14:35:50.0838 2944 PxHlpa64 - ok
14:35:50.0878 2944 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:35:50.0904 2944 ql2300 - ok
14:35:50.0917 2944 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:35:50.0920 2944 ql40xx - ok
14:35:50.0934 2944 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:35:50.0936 2944 QWAVEdrv - ok
14:35:50.0952 2944 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:35:50.0953 2944 RasAcd - ok
14:35:50.0975 2944 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:35:50.0976 2944 RasAgileVpn - ok
14:35:50.0991 2944 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:35:50.0993 2944 Rasl2tp - ok
14:35:51.0003 2944 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:35:51.0005 2944 RasPppoe - ok
14:35:51.0023 2944 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:35:51.0024 2944 RasSstp - ok
14:35:51.0036 2944 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:35:51.0039 2944 rdbss - ok
14:35:51.0055 2944 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
14:35:51.0057 2944 rdpbus - ok
14:35:51.0073 2944 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:35:51.0073 2944 RDPCDD - ok
14:35:51.0097 2944 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:35:51.0097 2944 RDPENCDD - ok
14:35:51.0107 2944 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:35:51.0107 2944 RDPREFMP - ok
14:35:51.0124 2944 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
14:35:51.0127 2944 RDPWD - ok
14:35:51.0146 2944 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:35:51.0149 2944 rdyboost - ok
14:35:51.0206 2944 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
14:35:51.0207 2944 RivaTuner64 - ok
14:35:51.0226 2944 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:35:51.0227 2944 rspndr - ok
14:35:51.0279 2944 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:35:51.0284 2944 RTL8167 - ok
14:35:51.0334 2944 RtNdPt60 (5532c4bf15173270757a75b46baeb960) C:\Windows\system32\DRIVERS\RtNdPt60.sys
14:35:51.0335 2944 RtNdPt60 - ok
14:35:51.0369 2944 RTTEAMPT (bc85bdc1c30066c78b8c67af1241d0b7) C:\Windows\system32\DRIVERS\RtTeam60.sys
14:35:51.0370 2944 RTTEAMPT - ok
14:35:51.0388 2944 RTVLANPT (8b6b42d782202363a562f82b0e13b1c0) C:\Windows\system32\DRIVERS\RtVlan60.sys
14:35:51.0389 2944 RTVLANPT - ok
14:35:51.0427 2944 Sahdad64 (27db9153d259d632d15483deeab799ed) C:\Windows\system32\Drivers\Sahdad64.sys
14:35:51.0428 2944 Sahdad64 - ok
14:35:51.0456 2944 Saibad64 (f77849d909b90bcacfcf7295aecf299b) C:\Windows\system32\Drivers\Saibad64.sys
14:35:51.0457 2944 Saibad64 - ok
14:35:51.0472 2944 SaibVdAd64 (704d415290a568f68de20942dac23f7e) C:\Windows\system32\Drivers\SaibVdAd64.sys
14:35:51.0473 2944 SaibVdAd64 - ok
14:35:51.0499 2944 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:35:51.0501 2944 sbp2port - ok
14:35:51.0514 2944 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:35:51.0515 2944 scfilter - ok
14:35:51.0548 2944 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:35:51.0549 2944 secdrv - ok
14:35:51.0585 2944 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:35:51.0586 2944 Serenum - ok
14:35:51.0599 2944 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:35:51.0601 2944 Serial - ok
14:35:51.0608 2944 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:35:51.0609 2944 sermouse - ok
14:35:51.0624 2944 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:35:51.0625 2944 sffdisk - ok
14:35:51.0633 2944 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:35:51.0634 2944 sffp_mmc - ok
14:35:51.0642 2944 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:35:51.0643 2944 sffp_sd - ok
14:35:51.0651 2944 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:35:51.0652 2944 sfloppy - ok
14:35:51.0664 2944 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:35:51.0665 2944 SiSRaid2 - ok
14:35:51.0673 2944 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:35:51.0674 2944 SiSRaid4 - ok
14:35:51.0708 2944 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:35:51.0710 2944 Smb - ok
14:35:51.0743 2944 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:35:51.0744 2944 spldr - ok
14:35:51.0779 2944 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:35:51.0784 2944 srv - ok
14:35:51.0800 2944 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:35:51.0804 2944 srv2 - ok
14:35:51.0815 2944 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:35:51.0817 2944 srvnet - ok
14:35:51.0861 2944 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:35:51.0862 2944 stexstor - ok
14:35:51.0880 2944 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:35:51.0881 2944 swenum - ok
14:35:51.0936 2944 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
14:35:51.0962 2944 Tcpip - ok
14:35:52.0003 2944 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
14:35:52.0013 2944 TCPIP6 - ok
14:35:52.0028 2944 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:35:52.0029 2944 tcpipreg - ok
14:35:52.0049 2944 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:35:52.0050 2944 TDPIPE - ok
14:35:52.0058 2944 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:35:52.0059 2944 TDTCP - ok
14:35:52.0076 2944 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:35:52.0083 2944 tdx - ok
14:35:52.0100 2944 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
14:35:52.0101 2944 TermDD - ok
14:35:52.0127 2944 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:35:52.0129 2944 tssecsrv - ok
14:35:52.0137 2944 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:35:52.0138 2944 TsUsbFlt - ok
14:35:52.0153 2944 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
14:35:52.0155 2944 TsUsbGD - ok
14:35:52.0173 2944 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:35:52.0175 2944 tunnel - ok
14:35:52.0195 2944 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:35:52.0196 2944 uagp35 - ok
14:35:52.0216 2944 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:35:52.0220 2944 udfs - ok
14:35:52.0238 2944 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:35:52.0240 2944 uliagpkx - ok
14:35:52.0251 2944 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
14:35:52.0253 2944 umbus - ok
14:35:52.0264 2944 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:35:52.0265 2944 UmPass - ok
14:35:52.0302 2944 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:35:52.0304 2944 USBAAPL64 - ok
14:35:52.0329 2944 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:35:52.0331 2944 usbccgp - ok
14:35:52.0351 2944 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:35:52.0354 2944 usbcir - ok
14:35:52.0381 2944 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
14:35:52.0382 2944 usbehci - ok
14:35:52.0399 2944 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:35:52.0403 2944 usbhub - ok
14:35:52.0411 2944 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
14:35:52.0412 2944 usbohci - ok
14:35:52.0425 2944 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
14:35:52.0426 2944 usbprint - ok
14:35:52.0440 2944 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
14:35:52.0442 2944 USBSTOR - ok
14:35:52.0466 2944 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:35:52.0467 2944 usbuhci - ok
14:35:52.0510 2944 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
14:35:52.0513 2944 usbvideo - ok
14:35:52.0569 2944 VBoxDrv (4005a5a8fd14e80d7713cfe912c91cde) C:\Program Files\Roxio\Roxio Streamer\VBoxDrv.sys
14:35:52.0571 2944 VBoxDrv - ok
14:35:52.0644 2944 VBoxNetFlt (5ce93712103bc02f7237977257d1e7aa) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
14:35:52.0647 2944 VBoxNetFlt - ok
14:35:52.0687 2944 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:35:52.0688 2944 vdrvroot - ok
14:35:52.0703 2944 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:35:52.0705 2944 vga - ok
14:35:52.0724 2944 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:35:52.0725 2944 VgaSave - ok
14:35:52.0740 2944 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:35:52.0743 2944 vhdmp - ok
14:35:52.0802 2944 VIAHdAudAddService (ba1da5cd689e9473d99731a2e1ff2fb5) C:\Windows\system32\drivers\viahduaa.sys
14:35:52.0828 2944 VIAHdAudAddService - ok
14:35:52.0847 2944 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:35:52.0848 2944 viaide - ok
14:35:52.0865 2944 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:35:52.0867 2944 volmgr - ok
14:35:52.0887 2944 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:35:52.0891 2944 volmgrx - ok
14:35:52.0902 2944 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:35:52.0905 2944 volsnap - ok
14:35:52.0924 2944 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:35:52.0927 2944 vsmraid - ok
14:35:52.0940 2944 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:35:52.0941 2944 vwifibus - ok
14:35:52.0982 2944 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:35:52.0991 2944 WacomPen - ok
14:35:53.0018 2944 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:35:53.0020 2944 WANARP - ok
14:35:53.0024 2944 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:35:53.0025 2944 Wanarpv6 - ok
14:35:53.0063 2944 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:35:53.0065 2944 Wd - ok
14:35:53.0083 2944 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:35:53.0095 2944 Wdf01000 - ok
14:35:53.0129 2944 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:35:53.0130 2944 WfpLwf - ok
14:35:53.0149 2944 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:35:53.0150 2944 WIMMount - ok
14:35:53.0212 2944 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
14:35:53.0214 2944 WinUsb - ok
14:35:53.0242 2944 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:35:53.0243 2944 WmiAcpi - ok
14:35:53.0262 2944 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:35:53.0263 2944 ws2ifsl - ok
14:35:53.0290 2944 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:35:53.0292 2944 WudfPf - ok
14:35:53.0301 2944 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:35:53.0303 2944 WUDFRd - ok
14:35:53.0339 2944 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:35:53.0346 2944 \Device\Harddisk0\DR0 - ok
14:35:53.0351 2944 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
14:35:53.0357 2944 \Device\Harddisk1\DR1 - ok
14:35:53.0361 2944 MBR (0x1B8) (31cfc50fbd443daeec9a5c7ae8da8f6d) \Device\Harddisk2\DR2
14:36:06.0596 2944 \Device\Harddisk2\DR2 - ok
14:36:06.0608 2944 Boot (0x1200) (6c6403f4bff6eaff7ccb9d3d928050be) \Device\Harddisk0\DR0\Partition0
14:36:06.0609 2944 \Device\Harddisk0\DR0\Partition0 - ok
14:36:06.0621 2944 Boot (0x1200) (09cb11eab0117ba2b90c82977dca4cc8) \Device\Harddisk0\DR0\Partition1
14:36:06.0622 2944 \Device\Harddisk0\DR0\Partition1 - ok
14:36:06.0626 2944 Boot (0x1200) (aa9e884552db383e4fa1ae6aa4125e0e) \Device\Harddisk1\DR1\Partition0
14:36:06.0628 2944 \Device\Harddisk1\DR1\Partition0 - ok
14:36:06.0632 2944 Boot (0x1200) (8ffe867224877270f7d59703cf8c8c95) \Device\Harddisk2\DR2\Partition0
14:36:06.0633 2944 \Device\Harddisk2\DR2\Partition0 - ok
14:36:06.0633 2944 ============================================================
14:36:06.0633 2944 Scan finished
14:36:06.0633 2944 ============================================================
14:36:06.0644 2180 Detected object count: 0
14:36:06.0645 2180 Actual detected object count: 0
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 4:49 pm

OTL logfile created on: 10/16/2011 2:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Cameron\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 36.65% Memory free
8.00 Gb Paging File | 5.16 Gb Available in Paging File | 64.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 282.23 Gb Free Space | 60.61% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 433.76 Gb Free Space | 46.56% Space Free | Partition Type: NTFS
Drive H: | 298.01 Gb Total Space | 192.82 Gb Free Space | 64.70% Space Free | Partition Type: FAT32

Computer Name: HXCBOOMSTICK-PC | User Name: Cameron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/16 14:33:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Cameron\Desktop\OTL.exe
PRC - [2011/10/13 06:54:34 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011/09/29 00:53:40 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/09/25 03:11:29 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011/09/25 03:11:16 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/09/24 20:06:11 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2011/09/19 14:50:22 | 000,993,280 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011/08/09 16:56:40 | 000,417,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/08/03 05:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/07/29 13:31:40 | 001,249,064 | ---- | M] () -- C:\ProgramData\TVersity\Media Server\MediaServer.exe
PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/07/14 04:00:00 | 000,032,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
PRC - [2010/07/13 21:23:50 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
PRC - [2010/06/30 12:43:10 | 002,201,000 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe
PRC - [2010/06/30 09:10:14 | 000,477,680 | ---- | M] () -- C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010/02/03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/12/28 07:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/12/15 17:41:00 | 000,139,264 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonClient.exe
PRC - [2009/12/15 17:40:00 | 000,122,880 | ---- | M] (AMD) -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
PRC - [2009/12/15 17:40:00 | 000,122,880 | ---- | M] () -- C:\Windows\SysWOW64\WinMsgBalloonServer.exe
PRC - [2009/12/15 17:40:00 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
PRC - [2009/10/16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/13 06:54:33 | 014,410,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2011/10/13 06:54:25 | 000,914,216 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-52.dll
MOD - [2011/10/13 06:54:25 | 000,194,344 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2011/10/13 06:54:25 | 000,155,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-52.dll
MOD - [2011/10/13 06:54:25 | 000,091,432 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-50.dll
MOD - [2011/09/29 00:53:40 | 001,833,944 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/25 04:13:06 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/09/24 14:36:32 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/31 16:44:40 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2011/08/31 16:44:38 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2011/08/03 03:31:28 | 000,255,592 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/07/13 21:23:50 | 000,084,464 | ---- | M] () -- C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
MOD - [2010/06/30 12:43:26 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\libupnp.dll
MOD - [2010/06/30 09:10:14 | 000,477,680 | ---- | M] () -- C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/09/29 21:33:08 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/03/25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009/03/19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009/03/19 22:35:50 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\vvc.dll
MOD - [2009/01/15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/05 12:53:12 | 000,467,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2011/08/05 12:53:12 | 000,306,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2011/08/05 12:53:06 | 008,277,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/22 11:27:10 | 000,019,968 | ---- | M] () [Auto | Running] -- C:\Program Files\Roxio\Roxio Streamer\usb_detection.exe -- (HipServUsbDetection)
SRV:64bit: - [2010/05/25 14:09:50 | 000,268,288 | ---- | M] (Nick Rozanski (Nick@Rozanski.com)) [Auto | Running] -- C:\Program Files\Roxio\Roxio Streamer\srvstart\srvstart.exe -- (HipServ)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011/10/13 06:54:34 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/09/25 03:11:29 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011/09/25 03:11:16 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/08/03 05:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/08/03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/07/29 13:31:40 | 001,249,064 | ---- | M] () [Auto | Running] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/07/16 06:48:26 | 000,354,288 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2010/07/16 06:48:04 | 001,099,248 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2010/07/14 04:00:00 | 000,032,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/28 07:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/12/15 17:40:00 | 000,122,880 | ---- | M] (AMD) [Auto | Running] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/10/16 10:42:48 | 000,319,488 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/02 19:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011/05/13 15:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/06/17 12:00:04 | 000,193,928 | ---- | M] (Sun Microsystems, Inc.) [Kernel | Auto | Running] -- C:\Program Files\Roxio\Roxio Streamer\VBoxDrv.sys -- (VBoxDrv)
DRV:64bit: - [2010/05/15 05:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/08/23 16:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/15 21:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2009/06/02 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2009/06/02 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/11 16:49:10 | 000,178,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2008/10/23 20:55:28 | 000,043,008 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2007/12/10 20:49:54 | 000,026,624 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2007/12/02 20:20:54 | 000,024,064 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV - [2011/09/24 21:52:12 | 000,019,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys -- (RivaTuner64)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 C6 F8 0F 80 73 C8 49 AF 0F 4D 08 38 43 FA E9 [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 C6 F8 0F 80 73 C8 49 AF 0F 4D 08 38 43 FA E9 [binary data]

IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 9D 05 88 56 86 CC 01 [binary data]
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 C6 F8 0F 80 73 C8 49 AF 0F 4D 08 38 43 FA E9 [binary data]
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 85 33 95 E2 F7 7A CC 01 [binary data]
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D3 C6 F8 0F 80 73 C8 49 AF 0F 4D 08 38 43 FA E9 [binary data]
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/16 00:02:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/09/24 14:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Extensions
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}
[2011/10/16 00:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/09/25 04:11:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/29 00:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/28 18:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011/10/15 23:54:36 | 000,000,795 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CPMonitor] C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe ()
O4 - HKLM..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [HipServ Agent] C:\Program Files (x86)\Roxio Streamer Desktop Applications\HipServAgent\HipServAgent.exe (Axentra Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe (Sonic Solutions)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000..\Run: [Spyware Doctor with AntiVirus] C:\Users\Cameron\Desktop\sdasetup_revwire207.exe -min File not found
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent File not found
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EED350E1-56AC-425B-A835-89FA10C83DEC}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/01 03:02:38 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 20:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/04/01 13:53:24 | 000,000,071 | -H-- | M] () - H:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/07/12 16:24:46 | 000,000,000 | ---D | M] - H:\autorun -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - StartUpReg: Pando Media Booster - hkey= - key= - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MsConfig:64bit - StartUpReg: Turbo Key - hkey= - key= - C:\Program Files\ASUS\Turbo Key\TurboKey.exe (ASUSTeK Computer Inc.)
MsConfig:64bit - StartUpReg: TurboV - hkey= - key= - C:\Program Files\ASUS\TurboV\TurboV.exe (ASUSTeK Computer Inc.)

SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 4:50 pm

========== Files/Folders - Created Within 30 Days ==========

[2011/10/16 14:34:13 | 001,559,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Cameron\Desktop\TDSSKiller.exe
[2011/10/16 14:33:36 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Cameron\Desktop\OTL.exe
[2011/10/16 09:13:19 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Cameron\Desktop\dds.scr
[2011/10/16 00:06:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/10/16 00:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/10/15 23:38:58 | 000,111,408 | ---- | C] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\11955363.sys
[2011/10/15 19:46:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/10/15 17:51:59 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/10/15 17:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/10/15 14:19:51 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\NPE
[2011/10/15 08:44:01 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Malwarebytes
[2011/10/15 08:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/15 08:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/10/15 08:43:31 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/10/15 08:43:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/10/14 23:43:56 | 048,324,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/10/14 21:07:34 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\NVIDIA
[2011/10/14 14:27:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/14 14:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/14 14:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/14 14:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/10/14 14:25:23 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/14 14:25:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/10/14 10:27:54 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\CrashDumps
[2011/10/13 03:01:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 03:01:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 03:01:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 03:01:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 03:01:04 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/10/13 03:01:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/13 03:01:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 03:01:03 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/10/13 03:01:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/12 05:06:49 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/12 05:06:49 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/12 05:06:49 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/12 05:06:49 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/12 05:06:42 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/12 05:06:41 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/10 14:29:37 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\{12D6AE47-58CF-4E0E-8775-F821A4D7B6EA}
[2011/10/10 14:29:26 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\{7E80659B-848A-4537-80D5-23FD929485CA}
[2011/10/10 14:29:14 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Windows Live Writer
[2011/10/10 14:29:14 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Windows Live Writer
[2011/10/10 14:06:07 | 000,000,000 | ---D | C] -- C:\Windows\en
[2011/10/10 14:03:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/10/10 14:00:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/10/10 14:00:33 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011/10/10 14:00:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011/10/10 13:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/10/10 13:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2011/10/10 13:56:19 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Windows Live
[2011/10/10 13:56:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011/10/07 23:31:29 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\vlc
[2011/10/07 23:30:30 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Desktop\Dark Souls Collector's Edition Content
[2011/10/07 23:30:10 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\WinRAR
[2011/10/07 23:30:10 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/07 23:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/10/07 23:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/10/03 21:57:33 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Documents\CCleaner
[2011/10/03 21:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/10/03 17:14:52 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Evernote
[2011/10/03 17:13:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2011/10/03 17:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2011/09/28 23:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011/09/26 18:11:01 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Documents\Guild Wars
[2011/09/26 18:10:24 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011/09/26 18:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars
[2011/09/26 18:10:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars
[2011/09/26 17:41:24 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\OpenOffice.org
[2011/09/26 16:58:14 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Podcasts
[2011/09/26 16:58:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/09/26 16:56:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2011/09/26 16:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2011/09/26 14:16:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/09/26 09:38:26 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Adobe
[2011/09/26 00:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2011/09/26 00:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
[2011/09/25 23:59:51 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Oblivion
[2011/09/25 23:56:21 | 000,000,000 | -H-D | C] -- C:\temp
[2011/09/25 23:56:21 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2011/09/25 23:55:28 | 000,000,000 | -H-D | C] -- C:\ASUS.000
[2011/09/25 23:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Gate
[2011/09/25 23:54:40 | 000,000,000 | -H-D | C] -- C:\ASUS.SYS
[2011/09/25 23:52:20 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011/09/25 23:51:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011/09/25 23:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011/09/25 23:51:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011/09/25 23:49:51 | 000,043,008 | R--- | C] (Realtek Corporation) -- C:\Windows\SysNative\drivers\RtTeam60.sys
[2011/09/25 23:49:41 | 000,024,064 | R--- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\RtVlan60.sys
[2011/09/25 23:49:33 | 000,026,624 | R--- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\drivers\RtNdPt60.sys
[2011/09/25 23:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
[2011/09/25 23:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011/09/25 23:48:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2011/09/25 23:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011/09/25 23:47:36 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2011/09/25 23:45:43 | 000,962,612 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42d.dll
[2011/09/25 23:45:43 | 000,434,252 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCRTD.DLL
[2011/09/25 23:43:26 | 000,000,000 | ---D | C] -- C:\Windows\AsDmiHtm
[2011/09/25 23:29:40 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Roxio Burn
[2011/09/25 23:29:24 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Documents\My Games
[2011/09/25 23:29:24 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Fallout3
[2011/09/25 23:17:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011/09/25 23:03:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interplay
[2011/09/25 23:02:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Interplay
[2011/09/25 19:32:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011/09/25 17:37:13 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Roxio
[2011/09/25 14:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/09/25 14:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2011/09/25 14:00:09 | 000,027,632 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\SaibVdAd64.sys
[2011/09/25 14:00:09 | 000,027,120 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Sahdad64.sys
[2011/09/25 14:00:09 | 000,019,952 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\Saibad64.sys
[2011/09/25 13:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/09/25 13:58:16 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2011/09/25 13:58:16 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2011/09/25 13:58:16 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2011/09/25 13:56:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2011/09/25 13:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/09/25 13:56:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2011/09/25 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Simple Star
[2011/09/25 13:56:01 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Documents\My PhotoShows
[2011/09/25 13:55:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PhotoShow Shared Assets
[2011/09/25 13:55:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio
[2011/09/25 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio 2011
[2011/09/25 13:55:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2011/09/25 13:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/09/25 13:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2011/09/25 13:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2011/09/25 13:55:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio 2011
[2011/09/25 13:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio 2011
[2011/09/25 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roxio
[2011/09/25 13:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roxio Streamer Desktop Applications
[2011/09/25 13:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
[2011/09/25 13:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/09/25 13:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Axentra Corporation
[2011/09/25 13:53:56 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011/09/25 13:53:56 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011/09/25 13:53:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011/09/25 13:53:56 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011/09/25 13:53:56 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011/09/25 13:53:56 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011/09/25 13:53:55 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011/09/25 13:53:55 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011/09/25 13:50:22 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Roxio Log Files
[2011/09/25 13:37:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/09/25 13:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/09/25 13:36:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2011/09/25 13:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011/09/25 13:33:17 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2011/09/25 13:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marvell
[2011/09/25 13:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2011/09/25 13:32:07 | 001,327,520 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys
[2011/09/25 13:32:07 | 000,985,504 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIAPropPageExt.dll
[2011/09/25 13:32:07 | 000,541,088 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\VIASysFx.dll
[2011/09/25 13:32:07 | 000,246,688 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\Dts2APO.dll
[2011/09/25 13:32:07 | 000,197,024 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\ViaMicArrayAPO.dll
[2011/09/25 13:32:07 | 000,089,504 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\Dts2PropPageExt.dll
[2011/09/25 13:32:07 | 000,086,016 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQPropPageExt.dll
[2011/09/25 13:32:07 | 000,082,432 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\SysNative\nQAPO.dll
[2011/09/25 13:32:07 | 000,080,800 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\SysNative\ViaMicArrayPropPageExt.dll
[2011/09/25 13:31:56 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2011/09/25 13:31:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2011/09/25 13:31:26 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2011/09/25 13:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011/09/25 04:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/09/25 04:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/09/25 04:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/09/25 04:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011/09/25 04:12:49 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011/09/25 04:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/09/25 04:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/09/25 04:11:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/09/25 04:11:02 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/09/25 04:11:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/09/25 04:11:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/09/25 04:11:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/09/25 04:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/09/25 04:06:52 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Origin
[2011/09/25 04:06:51 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Origin
[2011/09/25 04:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011/09/25 04:06:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011/09/25 04:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011/09/25 04:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011/09/25 04:05:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2011/09/25 02:58:29 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011/09/25 02:58:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011/09/25 02:58:27 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011/09/25 02:58:27 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011/09/25 02:58:27 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011/09/25 02:58:27 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011/09/25 02:58:26 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011/09/25 02:58:26 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011/09/25 02:58:26 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011/09/25 02:58:26 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011/09/25 02:58:25 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011/09/25 02:58:25 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011/09/25 02:58:24 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011/09/25 02:58:24 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011/09/25 02:58:24 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011/09/25 02:58:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011/09/25 02:58:23 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011/09/25 02:58:23 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011/09/25 02:58:23 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011/09/25 02:58:23 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011/09/25 02:58:23 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011/09/25 02:58:23 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011/09/25 02:58:21 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011/09/25 02:58:21 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011/09/25 02:58:21 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011/09/25 02:58:21 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011/09/25 02:58:20 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011/09/25 02:58:20 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011/09/25 02:58:20 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011/09/25 02:58:20 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011/09/25 02:58:20 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011/09/25 02:58:20 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011/09/25 02:58:19 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011/09/25 02:58:19 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011/09/25 02:58:19 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011/09/25 02:58:19 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011/09/25 02:58:19 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011/09/25 02:58:19 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011/09/25 02:58:18 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011/09/25 02:58:18 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011/09/25 02:58:17 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011/09/25 02:58:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011/09/25 02:58:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011/09/25 02:58:17 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011/09/25 02:58:15 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011/09/25 02:58:15 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011/09/25 02:58:13 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011/09/25 02:58:12 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2011/09/25 02:58:12 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2011/09/25 02:58:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2011/09/25 02:58:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2011/09/25 02:58:12 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2011/09/25 02:58:12 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2011/09/25 02:58:11 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2011/09/25 02:58:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2011/09/25 02:58:11 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2011/09/25 02:58:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2011/09/25 02:58:11 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2011/09/25 02:58:11 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2011/09/25 02:58:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2011/09/25 02:58:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2011/09/25 02:58:09 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011/09/25 02:58:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011/09/25 02:58:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011/09/25 02:58:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011/09/25 02:58:08 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011/09/25 02:58:08 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011/09/25 02:58:08 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011/09/25 02:58:08 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011/09/25 02:58:08 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011/09/25 02:58:08 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011/09/25 02:58:07 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011/09/25 02:58:07 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011/09/25 02:58:06 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011/09/25 02:58:06 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011/09/25 02:58:05 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011/09/25 02:58:05 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011/09/25 02:58:05 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011/09/25 02:58:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011/09/25 02:58:04 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011/09/25 02:58:04 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011/09/25 02:58:03 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011/09/25 02:58:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011/09/25 02:58:03 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011/09/25 02:58:03 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011/09/25 02:58:02 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011/09/25 02:58:02 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011/09/25 02:58:02 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011/09/25 02:58:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011/09/25 02:58:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011/09/25 02:58:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011/09/25 02:58:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011/09/25 02:58:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011/09/25 02:58:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011/09/25 02:58:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011/09/25 02:58:00 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011/09/25 02:58:00 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011/09/25 02:58:00 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011/09/25 02:58:00 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011/09/25 02:57:59 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011/09/25 02:57:59 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011/09/25 02:57:59 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011/09/25 02:57:58 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011/09/25 02:57:58 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2011/09/25 02:57:58 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011/09/25 02:57:58 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011/09/25 02:57:58 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011/09/25 02:57:58 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011/09/25 02:57:57 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011/09/25 02:57:57 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011/09/25 02:57:55 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011/09/25 02:57:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011/09/25 02:57:55 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011/09/25 02:57:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011/09/25 02:57:54 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011/09/25 02:57:54 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011/09/25 02:57:54 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011/09/25 02:57:54 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011/09/25 02:57:54 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011/09/25 02:57:54 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011/09/25 02:57:53 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011/09/25 02:57:53 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011/09/25 02:57:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011/09/25 02:57:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011/09/25 02:57:52 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011/09/25 02:57:52 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011/09/25 02:57:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011/09/25 02:57:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011/09/25 02:57:50 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011/09/25 02:57:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011/09/25 02:57:49 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011/09/25 02:57:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011/09/25 02:57:37 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011/09/25 02:57:37 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011/09/25 02:57:35 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011/09/25 02:57:35 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011/09/25 02:57:35 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011/09/25 02:57:35 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011/09/25 02:57:35 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011/09/25 02:57:35 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011/09/25 02:57:34 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011/09/25 02:57:34 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011/09/25 02:57:28 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011/09/25 02:57:28 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011/09/25 02:57:27 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011/09/25 02:57:27 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011/09/25 02:57:25 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011/09/25 02:57:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011/09/25 00:06:20 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/09/25 00:06:19 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011/09/25 00:06:19 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/09/25 00:06:19 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/09/25 00:06:18 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/09/25 00:06:18 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011/09/25 00:06:17 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/09/24 23:42:29 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011/09/24 23:42:29 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011/09/24 23:42:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011/09/24 23:42:29 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011/09/24 23:42:27 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011/09/24 23:24:54 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/09/24 23:24:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/09/24 23:18:59 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011/09/24 23:18:59 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011/09/24 22:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2011/09/24 22:27:49 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Documents\Games for Windows - LIVE Demos
[2011/09/24 22:22:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2011/09/24 22:20:51 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011/09/24 22:20:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011/09/24 22:20:50 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011/09/24 22:19:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011/09/24 22:19:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011/09/24 22:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/09/24 22:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011/09/24 22:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/09/24 22:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
[2011/09/24 22:12:45 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server
[2011/09/24 22:12:45 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack
[2011/09/24 22:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xiph.Org
[2011/09/24 22:12:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TVersity Codec Pack
[2011/09/24 22:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TVersity
[2011/09/24 22:09:52 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011/09/24 22:09:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011/09/24 22:08:43 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Downloaded Installations
[2011/09/24 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011/09/24 21:59:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LeagueOfLegends
[2011/09/24 21:59:18 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Skype
[2011/09/24 21:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/09/24 21:57:51 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/09/24 21:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/09/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\PMB Files
[2011/09/24 21:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/09/24 21:55:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011/09/24 21:50:50 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2011/09/24 21:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2011/09/24 21:47:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011/09/24 21:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2011/09/24 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Warcraft III
[2011/09/24 21:24:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/09/24 21:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2011/09/24 21:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2011/09/24 20:27:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/09/24 20:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/09/24 20:18:17 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Apple Computer
[2011/09/24 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Apple Computer
[2011/09/24 20:18:10 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011/09/24 20:18:10 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011/09/24 20:18:10 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011/09/24 20:18:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011/09/24 20:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/09/24 20:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/09/24 20:17:13 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Apple
[2011/09/24 20:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/09/24 20:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011/09/24 20:17:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011/09/24 20:17:03 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\IObit
[2011/09/24 20:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011/09/24 20:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011/09/24 20:16:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011/09/24 20:05:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/09/24 20:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011/09/24 20:05:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011/09/24 20:00:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/09/24 20:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011/09/24 19:59:11 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/09/24 19:59:11 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/09/24 19:59:11 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/09/24 19:59:11 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/09/24 19:59:11 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/09/24 19:59:11 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/09/24 19:59:11 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/09/24 19:59:11 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/09/24 19:59:11 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/09/24 19:59:11 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/09/24 19:59:11 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2011/09/24 19:59:11 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2011/09/24 19:59:11 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/09/24 19:59:11 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/09/24 19:57:26 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/09/24 19:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011/09/24 19:48:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011/09/24 19:48:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011/09/24 14:37:30 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Macromedia
[2011/09/24 14:37:30 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Adobe
[2011/09/24 14:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/09/24 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Google
[2011/09/24 14:36:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/09/24 14:36:32 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/24 14:36:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011/09/24 14:31:34 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/09/24 14:31:34 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/09/24 14:31:34 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/09/24 14:31:34 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/09/24 14:31:34 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/09/24 14:31:34 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/09/24 14:31:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/09/24 14:31:34 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/09/24 14:31:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/09/24 14:31:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/09/24 14:31:34 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/09/24 14:31:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/09/24 14:31:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/09/24 14:31:33 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/09/24 14:31:33 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/09/24 14:31:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/09/24 14:31:33 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/09/24 14:31:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/09/24 14:31:33 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/09/24 14:31:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/09/24 14:31:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/09/24 14:31:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/09/24 14:31:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/09/24 14:31:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/09/24 14:31:32 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/09/24 14:31:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/09/24 14:31:31 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/09/24 14:31:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/09/24 14:31:30 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/09/24 14:31:30 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/09/24 14:31:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/09/24 14:31:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/09/24 14:31:30 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/09/24 14:31:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/09/24 14:31:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/09/24 14:31:30 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/09/24 14:31:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/09/24 14:31:30 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/09/24 14:31:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/09/24 14:31:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/09/24 14:31:30 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/09/24 14:31:30 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/09/24 14:31:30 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/09/24 14:31:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/09/24 14:31:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/09/24 14:31:30 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/09/24 14:31:29 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/09/24 14:31:29 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/09/24 14:31:29 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/09/24 14:31:29 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/09/24 14:31:29 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/09/24 14:31:29 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/09/24 14:31:29 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/09/24 14:31:29 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/09/24 14:31:29 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/09/24 14:31:29 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/09/24 14:31:29 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/09/24 14:31:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/09/24 14:31:29 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/09/24 14:31:29 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/09/24 14:31:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/09/24 14:31:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/09/24 14:31:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/09/24 14:27:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/24 14:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/09/24 14:27:31 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011/09/24 14:27:31 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011/09/24 14:27:31 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011/09/24 14:27:31 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011/09/24 14:27:31 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011/09/24 14:27:31 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011/09/24 14:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011/09/24 14:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011/09/24 14:25:08 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Mozilla
[2011/09/24 14:25:08 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Mozilla
[2011/09/24 14:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/09/24 14:22:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2011/09/24 14:22:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2011/09/24 14:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard
[2011/09/24 14:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011/09/24 14:19:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/09/24 14:19:45 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011/09/24 12:02:11 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011/09/24 11:08:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/09/24 11:03:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011/09/24 11:03:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/09/24 10:21:36 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011/09/24 10:21:36 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011/09/24 10:21:36 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011/09/24 10:21:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011/09/24 10:21:36 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011/09/24 10:21:36 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/09/24 10:21:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011/09/24 10:21:36 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011/09/24 10:21:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011/09/24 10:21:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011/09/24 10:21:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011/09/24 10:21:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011/09/24 10:21:36 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011/09/24 10:21:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011/09/24 10:21:36 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011/09/24 10:21:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011/09/24 10:21:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011/09/24 10:21:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011/09/24 10:21:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011/09/24 10:21:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011/09/24 10:21:34 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011/09/24 10:21:34 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011/09/24 10:21:34 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011/09/24 10:21:34 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011/09/24 10:21:34 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011/09/24 10:21:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011/09/24 10:21:34 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011/09/24 10:21:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011/09/24 10:21:34 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011/09/24 10:21:34 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011/09/24 10:21:34 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011/09/24 10:21:34 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011/09/24 10:21:34 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011/09/24 10:21:07 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011/09/24 10:21:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011/09/24 10:21:05 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/09/24 10:21:05 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/09/24 10:21:01 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011/09/24 10:21:01 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/09/24 10:21:00 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011/09/24 10:21:00 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011/09/24 10:21:00 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011/09/24 10:21:00 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/09/24 10:21:00 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011/09/24 10:21:00 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011/09/24 10:20:52 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/09/24 10:20:52 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/09/24 10:20:52 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/09/24 10:20:52 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/09/24 10:20:49 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011/09/24 10:20:49 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011/09/24 10:20:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011/09/24 10:20:49 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011/09/24 10:20:48 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011/09/24 10:20:48 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011/09/24 10:20:48 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011/09/24 10:20:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011/09/24 10:20:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011/09/24 10:20:41 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/09/24 10:20:41 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/09/24 10:20:41 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/09/24 10:20:41 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/09/24 10:20:41 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/09/24 10:20:41 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/09/24 10:20:41 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/09/24 10:20:37 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011/09/24 10:20:37 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011/09/24 10:20:37 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/09/24 10:20:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/09/24 10:20:32 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/09/24 10:20:32 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011/09/24 10:20:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011/09/24 10:20:30 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/09/24 10:20:30 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/09/24 10:20:30 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011/09/24 10:20:30 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011/09/24 10:20:30 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/09/24 10:20:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/09/24 10:20:19 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/09/24 10:20:19 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011/09/24 10:20:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011/09/24 10:20:19 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/09/24 10:20:19 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/09/24 10:20:18 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/09/24 10:20:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011/09/24 10:20:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011/09/24 10:20:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/09/24 10:20:15 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011/09/24 10:16:06 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/09/24 10:16:06 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/09/24 10:16:05 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/09/24 10:13:28 | 000,000,000 | R--D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/09/24 10:13:28 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Searches
[2011/09/24 10:13:28 | 000,000,000 | R--D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/09/24 10:13:28 | 000,000,000 | -H-D | C] -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2011/09/24 10:13:20 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Identities
[2011/09/24 10:13:18 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Contacts
[2011/09/24 10:13:16 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\VirtualStore
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\AppData\Local\Temporary Internet Files
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Templates
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Start Menu
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\SendTo
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Recent
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\PrintHood
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\NetHood
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Documents\My Videos
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Documents\My Pictures
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Documents\My Music
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\My Documents
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Local Settings
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\AppData\Local\History
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Cookies
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\Application Data
[2011/09/24 10:13:07 | 000,000,000 | -HSD | C] -- C:\Users\Cameron\AppData\Local\Application Data
[2011/09/24 10:13:06 | 000,000,000 | --SD | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Videos
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Saved Games
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Pictures
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Music
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Links
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Favorites
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Downloads
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Documents
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\Desktop
[2011/09/24 10:13:06 | 000,000,000 | R--D | C] -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/09/24 10:13:06 | 000,000,000 | -H-D | C] -- C:\Users\Cameron\AppData
[2011/09/24 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Temp
[2011/09/24 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Local\Microsoft
[2011/09/24 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\Media Center Programs
[2011/09/24 10:12:56 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011/09/21 20:51:40 | 000,000,000 | ---D | C] -- C:\Users\Cameron\Desktop\Books

========== Files - Modified Within 30 Days ==========

[2011/10/16 14:33:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Cameron\Desktop\OTL.exe
[2011/10/16 14:13:25 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/10/16 14:03:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/16 09:13:22 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Cameron\Desktop\dds.scr
[2011/10/15 23:54:54 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/15 23:54:54 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/15 23:39:50 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/15 23:39:50 | 000,626,040 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/15 23:39:50 | 000,107,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/15 23:38:58 | 000,111,408 | ---- | M] (Kaspersky Lab, GERT) -- C:\Windows\SysNative\drivers\11955363.sys
[2011/10/15 23:33:30 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/15 23:33:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/15 23:32:58 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/15 17:51:59 | 000,002,985 | ---- | M] () -- C:\Users\Cameron\Desktop\HiJackThis.lnk
[2011/10/14 12:04:02 | 001,559,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Cameron\Desktop\TDSSKiller.exe
[2011/10/14 09:48:11 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/13 03:24:04 | 000,348,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/10 14:03:59 | 000,000,020 | ---- | M] () -- C:\Windows\°ô¼
[2011/10/05 10:09:48 | 048,324,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/10/03 17:15:37 | 000,001,131 | ---- | M] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/03 10:53:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/10/03 10:53:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2011/09/28 21:24:07 | 000,009,816 | ---- | M] () -- C:\bootsqm.dat
[2011/09/26 17:41:46 | 000,001,239 | ---- | M] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/09/26 16:41:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/25 23:58:11 | 000,047,544 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2011/09/25 23:57:40 | 000,000,668 | ---- | M] () -- C:\Windows\setup.iss
[2011/09/25 23:55:31 | 000,000,068 | -H-- | M] () -- C:\splash.idx
[2011/09/25 23:44:44 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2011/09/25 23:43:22 | 000,033,630 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2011/09/25 04:10:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/09/25 04:10:51 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/09/25 04:10:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/09/25 04:10:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/09/25 03:11:29 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/25 03:11:16 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/25 03:11:15 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/24 22:16:37 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/09/24 22:16:19 | 000,743,066 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/24 22:09:04 | 000,001,240 | ---- | M] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2011/09/24 19:52:38 | 000,001,441 | ---- | M] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/24 14:36:55 | 000,002,243 | ---- | M] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/24 14:31:34 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/09/24 14:31:34 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/09/24 14:31:34 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/09/24 14:31:34 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/09/24 14:31:34 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/09/24 14:31:34 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/09/24 14:31:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/09/24 14:31:34 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/09/24 14:31:34 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/09/24 14:31:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/09/24 14:31:34 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/09/24 14:31:34 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/09/24 14:31:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/09/24 14:31:34 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/09/24 14:31:33 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/09/24 14:31:33 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/09/24 14:31:33 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/09/24 14:31:33 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/09/24 14:31:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/09/24 14:31:33 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/09/24 14:31:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/09/24 14:31:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/09/24 14:31:33 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/09/24 14:31:33 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/09/24 14:31:32 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/09/24 14:31:32 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/09/24 14:31:32 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/09/24 14:31:32 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/09/24 14:31:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/09/24 14:31:31 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/09/24 14:31:30 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/09/24 14:31:30 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/09/24 14:31:30 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/09/24 14:31:30 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/09/24 14:31:30 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/09/24 14:31:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/09/24 14:31:30 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/09/24 14:31:30 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/09/24 14:31:30 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/09/24 14:31:30 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/09/24 14:31:30 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/09/24 14:31:30 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/09/24 14:31:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011/09/24 14:31:30 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/09/24 14:31:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/09/24 14:31:30 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/09/24 14:31:30 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/09/24 14:31:29 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/09/24 14:31:29 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/09/24 14:31:29 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/09/24 14:31:29 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/09/24 14:31:29 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/09/24 14:31:29 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/09/24 14:31:29 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/09/24 14:31:29 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/09/24 14:31:29 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/09/24 14:31:29 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/09/24 14:31:29 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/09/24 14:31:29 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/09/24 14:31:29 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/09/24 14:31:29 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/09/24 14:31:29 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/09/24 14:31:29 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/09/24 14:31:29 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/09/24 14:31:29 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/09/24 14:22:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/09/24 11:08:14 | 000,108,227 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011/09/24 11:08:14 | 000,108,227 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011/09/24 11:04:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/09/24 10:23:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf

========== Files Created - No Company Name ==========

[2011/10/16 00:02:50 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/15 17:51:59 | 000,002,985 | ---- | C] () -- C:\Users\Cameron\Desktop\HiJackThis.lnk
[2011/10/10 14:04:48 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011/10/10 14:04:24 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011/10/10 14:03:57 | 000,000,020 | ---- | C] () -- C:\Windows\°ô¼
[2011/10/10 14:03:09 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011/10/10 14:02:41 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011/10/03 17:15:37 | 000,001,131 | ---- | C] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2011/10/03 10:53:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2011/10/03 10:53:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2011/09/28 23:01:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/09/28 21:24:07 | 000,009,816 | ---- | C] () -- C:\bootsqm.dat
[2011/09/26 17:41:46 | 000,001,239 | ---- | C] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/09/26 16:41:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011/09/26 00:06:26 | 000,000,177 | -H-- | C] () -- C:\dvmexp.idx
[2011/09/25 23:51:58 | 000,001,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
[2011/09/25 13:36:23 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011/09/25 13:36:23 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011/09/25 13:36:20 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011/09/25 13:36:20 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011/09/25 13:36:07 | 000,000,668 | ---- | C] () -- C:\Windows\setup.iss
[2011/09/25 13:32:47 | 000,001,218 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
[2011/09/25 13:30:25 | 000,047,544 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011/09/25 13:23:19 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/09/25 13:23:16 | 000,033,630 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/09/25 03:11:22 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/09/25 03:11:15 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011/09/25 03:11:15 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/09/24 22:16:37 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/09/24 22:16:19 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/24 22:15:51 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/09/24 22:09:04 | 000,001,240 | ---- | C] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2011/09/24 20:17:12 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/09/24 14:36:55 | 000,002,243 | ---- | C] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/09/24 14:36:42 | 000,000,900 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/24 14:36:40 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/24 14:31:33 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/09/24 14:31:29 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/09/24 14:23:54 | 000,001,441 | ---- | C] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/09/24 14:22:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2011/09/24 11:08:06 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/09/24 11:08:03 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/09/24 11:04:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011/09/24 11:03:22 | 3220,574,208 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/24 10:23:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2011/09/24 10:13:34 | 000,001,413 | ---- | C] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011/09/24 10:13:29 | 000,001,447 | ---- | C] () -- C:\Users\Cameron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/09/24 10:13:06 | 000,000,290 | ---- | C] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/09/24 10:13:06 | 000,000,272 | ---- | C] () -- C:\Users\Cameron\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/08/03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/12/15 17:41:00 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/12/15 17:40:00 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/07/13 23:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 20:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 20:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 18:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/05 20:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/06/10 15:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 06:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/02/18 21:35:10 | 000,049,152 | R--- | C] () -- C:\Windows\DAOD.exe
[2008/12/01 18:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll

========== LOP Check ==========

[2011/09/24 20:17:03 | 000,000,000 | ---D | M] -- C:\Users\Cameron\AppData\Roaming\IObit
[2011/09/26 17:41:24 | 000,000,000 | ---D | M] -- C:\Users\Cameron\AppData\Roaming\OpenOffice.org
[2011/09/25 04:06:52 | 000,000,000 | ---D | M] -- C:\Users\Cameron\AppData\Roaming\Origin
[2011/09/25 13:56:01 | 000,000,000 | ---D | M] -- C:\Users\Cameron\AppData\Roaming\Simple Star
[2011/10/10 14:29:14 | 000,000,000 | ---D | M] -- C:\Users\Cameron\AppData\Roaming\Windows Live Writer
[2009/07/13 23:08:49 | 000,005,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011/09/28 21:24:07 | 000,009,816 | ---- | M] () -- C:\bootsqm.dat
[2011/10/16 14:13:25 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2011/10/15 23:32:58 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/15 23:33:18 | 4294,103,040 | -HS- | M] () -- C:\pagefile.sys
[2011/10/15 23:48:55 | 000,000,456 | ---- | M] () -- C:\rkill.log
[2011/09/25 23:55:31 | 000,000,068 | -H-- | M] () -- C:\splash.idx
[2011/10/15 18:08:51 | 000,154,344 | ---- | M] () -- C:\TDSSKiller.2.6.9.0_15.10.2011_18.06.31_log.txt
[2011/10/15 23:45:39 | 000,077,878 | ---- | M] () -- C:\TDSSKiller.2.6.9.0_15.10.2011_23.38.58_log.txt
[2011/10/15 23:47:53 | 000,077,762 | ---- | M] () -- C:\TDSSKiller.2.6.9.0_15.10.2011_23.47.25_log.txt
[2011/10/15 23:50:40 | 000,077,844 | ---- | M] () -- C:\TDSSKiller.2.6.9.0_15.10.2011_23.49.27_log.txt
[2011/10/16 14:38:30 | 000,077,844 | ---- | M] () -- C:\TDSSKiller.2.6.9.0_16.10.2011_14.35.35_log.txt
[2010/03/30 16:00:26 | 000,016,832 | -H-- | M] () -- C:\version


< MD5 for: AGP440.SYS >
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 19:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 19:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 19:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 19:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 19:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/13 19:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2010/11/20 21:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 21:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 00:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 00:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 00:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 00:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: MV61XX.SYS >
[2009/05/11 16:49:10 | 000,178,728 | ---- | M] (Marvell Semiconductor, Inc.) MD5=42AB117AB98AC93F487B2913EE4FBDD8 -- C:\Program Files (x86)\Marvell\61xx\driver\mv61xx.sys
[2009/05/11 16:49:10 | 000,178,728 | ---- | M] (Marvell Semiconductor, Inc.) MD5=42AB117AB98AC93F487B2913EE4FBDD8 -- C:\Windows\SysNative\drivers\mv61xx.sys
[2009/05/11 16:49:10 | 000,178,728 | ---- | M] (Marvell Semiconductor, Inc.) MD5=42AB117AB98AC93F487B2913EE4FBDD8 -- C:\Windows\SysNative\DriverStore\FileRepository\mv61xx.inf_amd64_neutral_8500cb13f21a7f46\mv61xx.sys

< MD5 for: NETLOGON.DLL >
[2010/11/20 21:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 21:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 21:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 21:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 00:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 00:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 00:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/20 21:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/20 21:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 00:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 4:50 pm

< MD5 for: NVSTOR.SYS >
[2011/03/11 00:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 00:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 21:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 21:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/20 21:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 21:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 21:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 21:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

< %PROGRAMFILES%\*. >
[2011/09/28 23:01:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/09/25 23:48:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AMD
[2011/09/24 20:17:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/09/25 23:52:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ASUS
[2011/09/26 00:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bethesda Softworks
[2011/10/14 14:25:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/10/10 13:56:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/09/24 22:37:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Diablo II
[2011/09/25 04:06:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2011/10/03 17:12:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Evernote
[2011/09/24 14:36:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/09/26 18:10:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guild Wars
[2011/09/26 00:04:13 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/10/13 03:22:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/09/25 23:05:01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Interplay
[2011/09/24 20:17:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\IObit
[2011/10/14 14:27:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/09/25 04:10:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/09/24 23:02:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LeagueOfLegends
[2011/10/15 08:43:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/09/25 13:33:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Marvell
[2011/10/10 13:57:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/09/24 22:19:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011/09/24 22:16:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Security Client
[2011/10/13 03:23:36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/10/10 14:03:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/09/26 14:16:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft XNA
[2011/09/24 19:56:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2011/10/16 00:02:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/09/25 19:32:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2011/09/24 20:00:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2011/09/25 04:12:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\OpenOffice.org 3
[2011/09/25 04:06:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin
[2011/09/25 04:06:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Origin Games
[2011/09/24 21:55:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2011/09/24 20:27:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2011/09/25 23:49:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/09/24 21:52:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2011/09/24 21:04:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RocketDock
[2011/09/25 14:00:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2011/09/25 14:00:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio 2011
[2011/09/25 13:54:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio Streamer Desktop Applications
[2011/09/24 21:57:51 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/09/25 14:00:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartSound Software
[2011/10/15 23:49:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2011/10/15 17:51:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trend Micro
[2011/09/24 22:12:45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TVersity Codec Pack
[2009/07/13 22:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/09/25 13:32:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VIA
[2011/09/25 04:18:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2011/09/24 21:30:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Warcraft III
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/10/10 14:06:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 23:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 21:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 01:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/09/24 22:12:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xiph.Org

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents >

< End of report >
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 16th, 2011, 4:51 pm

OTL Extras logfile created on: 10/16/2011 2:35:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Cameron\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 36.65% Memory free
8.00 Gb Paging File | 5.16 Gb Available in Paging File | 64.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 282.23 Gb Free Space | 60.61% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 433.76 Gb Free Space | 46.56% Space Free | Partition Type: NTFS
Drive H: | 298.01 Gb Total Space | 192.82 Gb Free Space | 64.70% Space Free | Partition Type: FAT32

Computer Name: HXCBOOMSTICK-PC | User Name: Cameron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1145810172-3958703631-3042637037-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{62140B07-129A-2BD0-81D2-2A1A7408ADC8}" = ATI Catalyst Install Manager
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B44C746E-2A9E-4184-9FF8-7A44FCA749CE}" = Roxio Streamer x64
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.01 (64-bit)
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{4433FF9E-AF21-4E41-B296-4E13BF4D52F5}" = Roxio Creator 2011
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F9EB3E8-5CF3-448F-A2A0-982BE6C5FDDE}" = Roxio Creator 2011
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F717571-FEE8-45CD-8B03-5B2D06AD28F7}" = Roxio Creator 2011 Content
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A12CF335-1B84-4781-9735-44E39C6D3DD0}" = Roxio Creator 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9024A22-FB0E-4DDC-AB93-44D686F7F491}" = Roxio CinePlayer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{B0CC5440-E305-11E0-BCC1-1CC1DEF07CBE}" = Evernote v. 4.5.1
"{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}" = Turbo Key
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E24A0015-C73F-4B57-B8DF-5EB84D2E9685}" = Adobe Flash Player 10 ActiveX
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F38406EE-EB4C-449E-B0EF-6887CA988124}" = Roxio Streamer Desktop Applications
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Diablo II" = Diablo II
"Fallout Collection" = Fallout Collection
"Google Chrome" = Google Chrome
"Guild Wars" = Guild Wars
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}" = RAIDXpert
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"mv61xxDriver" = marvell 61xx
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"RocketDock_is1" = RocketDock 1.3.5
"Roxio PhotoShow" = Roxio PhotoShow
"Steam App 10" = Counter-Strike
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 400" = Portal
"Steam App 42910" = Magicka
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 63200" = Monday Night Combat
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 8980" = Borderlands
"TVersity Codec Pack" = TVersity Codec Pack 1.7
"TVersity Media Server" = TVersity Media Server 1.9.7
"VLC media player" = VLC media player 1.1.11
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/15/2011 10:34:48 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 981137

Error - 10/15/2011 10:34:48 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 981137

Error - 10/15/2011 10:34:49 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2011 10:34:49 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 982135

Error - 10/15/2011 10:34:49 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 982135

Error - 10/15/2011 10:34:50 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/15/2011 10:34:50 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 983134

Error - 10/15/2011 10:34:50 PM | Computer Name = HXCBOOMSTICK-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 983134

Error - 10/16/2011 1:34:46 AM | Computer Name = hXcBoomstick-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/16/2011 1:36:05 AM | Computer Name = hXcBoomstick-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 7.0.1.4288 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: dcc Start
Time: 01cc8bc52d76860c Termination Time: 52 Application Path: C:\Program Files (x86)\Mozilla
Firefox\firefox.exe Report Id: b52ee38c-f7b8-11e0-af1d-f46d0495da77

[ System Events ]
Error - 10/14/2011 11:44:31 PM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 10/15/2011 4:01:51 PM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 10/15/2011 9:46:24 PM | Computer Name = hXcBoomstick-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:43:41 PM on ?10/?15/?2011 was unexpected.

Error - 10/15/2011 9:46:31 PM | Computer Name = hXcBoomstick-PC | Source = BugCheck | ID = 1001
Description =

Error - 10/15/2011 9:46:57 PM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 10/16/2011 1:33:51 AM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Roxio
Hard Drive Watcher 12 service to connect.

Error - 10/16/2011 1:39:49 AM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 10/16/2011 1:47:01 AM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7031
Description = The TVersity Media Server service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 1000 milliseconds:
Restart the service.

Error - 10/16/2011 1:47:10 AM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7031
Description = The TVersity Media Server service terminated unexpectedly. It has
done this 2 time(s). The following corrective action will be taken in 3000 milliseconds:
Restart the service.

Error - 10/16/2011 1:48:05 AM | Computer Name = hXcBoomstick-PC | Source = Service Control Manager | ID = 7031
Description = The TVersity Media Server service terminated unexpectedly. It has
done this 3 time(s). The following corrective action will be taken in 300000 milliseconds:
Restart the service.


< End of report >

That should be everything you asked for. I really appreciate all the help.
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby Gary R » October 17th, 2011, 3:57 am

I think I may have found the source of your problem.

First

Please go to Control Panel > Programs > Uninstall a program and Uninstall the following:

Advanced SystemCare 4
Java(TM) 6 Update 22


IOBit is a program whose creators are known to steal the work of others and incorporate it into their products .... http://forums.malwarebytes.org/index.ph ... opic=29681

Old versions of Java can be exploited.

Reboot your computer when finished.

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}
[2011/10/14 09:47:49 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1000..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-1145810172-3958703631-3042637037-1001..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
[2011/09/24 20:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011/09/24 20:17:03 | 000,000,000 | ---D | C] -- C:\Users\Cameron\AppData\Roaming\IObit

:Files
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Next

Please run a scan with ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go HERE then click on: Image
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log in your next reply please.
  • Now click on: Image (Selecting Uninstall application on close if you so wish)

Summary of the logs I need from you in your next post:
  • OTL log
  • E-Set log
  • Are you still being re-directed ?


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 17th, 2011, 11:59 am

All processes killed
========== OTL ==========
Error: No service named AdvancedSystemCareService was found to stop!
Service\Driver key AdvancedSystemCareService not found.
File C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe not found.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\defaults\preferences folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\defaults folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\chrome folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451} folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\defaults\preferences folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\defaults folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\chrome folder moved successfully.
C:\Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451} folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1145810172-3958703631-3042637037-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 4 not found.
File C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe not found.
Registry value HKEY_USERS\S-1-5-21-1145810172-3958703631-3042637037-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 4 deleted successfully.
File C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\S-1-5-21-1145810172-3958703631-3042637037-1001\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Program Files (x86)\IObit\Advanced SystemCare 4\Update folder moved successfully.
C:\Program Files (x86)\IObit\Advanced SystemCare 4\LatestNews folder moved successfully.
C:\Program Files (x86)\IObit\Advanced SystemCare 4 folder moved successfully.
C:\Program Files (x86)\IObit folder moved successfully.
C:\Users\Cameron\AppData\Roaming\IObit\Advanced SystemCare V4\PMonitor folder moved successfully.
C:\Users\Cameron\AppData\Roaming\IObit\Advanced SystemCare V4\Log folder moved successfully.
C:\Users\Cameron\AppData\Roaming\IObit\Advanced SystemCare V4\Backup folder moved successfully.
C:\Users\Cameron\AppData\Roaming\IObit\Advanced SystemCare V4 folder moved successfully.
C:\Users\Cameron\AppData\Roaming\IObit folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Cameron\Desktop\cmd.bat deleted successfully.
C:\Users\Cameron\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Cameron
->Temp folder emptied: 515303 bytes
->Temporary Internet Files folder emptied: 7705006 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 270262256 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2687 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 83474 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 266.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10172011_095326

Files\Folders moved on Reboot...
C:\Users\Cameron\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\temp\hsperfdata_HXCBOOMSTICK-PC$\1868 not found!

Registry entries deleted on Reboot...
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 17th, 2011, 3:58 pm

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=89e7310b26b89946947a6f498da6c6f0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-10-17 07:48:19
# local_time=2011-10-17 01:48:19 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 58266 58266 0 0
# compatibility_mode=5893 16776574 100 94 0 70410834 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=190782
# found=6
# cleaned=0
# scan_time=13515
C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Default\kmemeflcmjolpenocifikohachggkffh\contentscript.js Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Cameron\Downloads\cnet_ffdshow-20041012_exe.exe a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10172011_095326\C_Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\2ov7pwu6.hXcBoomstick\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
C:\_OTL\MovedFiles\10172011_095326\C_Users\Cameron\AppData\Roaming\Mozilla\Firefox\Profiles\gwsivuzf.default\extensions\{5b249794-758a-4c06-91d7-0d82f30ff451}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-04 001608\Backup files 65.zip a variant of Win32/InstallCore.D application (unable to clean) 00000000000000000000000000000000 I
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-16 190001\Backup files 1.zip Win32/TrojanDownloader.Tracur.F trojan (unable to clean) 00000000000000000000000000000000 I

I am not getting redirected anymore. Thanks, but I should probably clean the things that ESET found? Right?
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby Gary R » October 17th, 2011, 4:07 pm

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:Files
C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Default\kmemeflcmjolpenocifikohachggkffh\contentscript.js
C:\Users\Cameron\Downloads\cnet_ffdshow-20041012_exe.exe
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-04 001608\Backup files 65.zip
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-16 190001\Backup files 1.zip

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby hXcBoomstick88 » October 17th, 2011, 4:47 pm

========== FILES ==========
C:\Users\Cameron\AppData\Local\Google\Chrome\User Data\Default\Default\kmemeflcmjolpenocifikohachggkffh\contentscript.js moved successfully.
C:\Users\Cameron\Downloads\cnet_ffdshow-20041012_exe.exe moved successfully.
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-04 001608\Backup files 65.zip moved successfully.
F:\HXCBOOMSTICK-PC\Backup Set 2011-10-04 001608\Backup Files 2011-10-16 190001\Backup files 1.zip moved successfully.

OTL by OldTimer - Version 3.2.31.0 log created on 10172011_144655
hXcBoomstick88
Active Member
 
Posts: 10
Joined: October 15th, 2011, 7:59 pm

Re: Redirect Virus. Hijack This Log. Help please?

Unread postby Gary R » October 17th, 2011, 5:08 pm

Looks like we've got everything, time for a little housekeeping.

First

Download and install the latest version of java JDK 6 Update 27 (JDK or JRE).

Next

Let's clear out OTL and the files and folders it created. This will also remove TDSSKiller.
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 114 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware