A few weeks ago my computer started behaving erratically. It started with a Blue Screen of Death(BSOD) randomly while installing something. Initially I did not catch the stop error and didn't think about it again until a few days later when it happened a second time. I suddenly started getting BSODs frequently, and I started to research the error code/codes which initially was 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFF9B1FB674, 0xFFFFFFFF9A557B00, 0x0).
I found many sites reference this as possible malware so I started to look deeper into possible infections. I started to find more and more registry entries which may or may not have been some sort of infection. At this point I became a bit overwhelmed with the information and the amounting paranoia I was feeling.
Then last night I started running some checks when suddenly my internet cut out for about 30 minutes, just as I finally got ahold of a rep at the ISPs office it came back on. About 2-3 minutes after the internet came back on, my computer went BSOD and I restarted in safemode and found log files I have never seen before. At this point I am at a loss as to where to go from here. I do tend to think "I can fix this", and I hope that didn't result in me making things worse. Any help would be very appreciated! Thank You!
DDS Logs
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Awesome at 21:34:54 on 2012-08-21
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3454.2497 [GMT -4:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Device Center\itype.exe
C:\Program Files\Microsoft Device Center\ipoint.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [AdobeBridge]
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IntelliType Pro] "c:\program files\microsoft device center\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft device center\ipoint.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [<NO NAME>]
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe
mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BFE936B7-82DE-46C2-BD40-E24CC960AE59} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BFE936B7-82DE-46C2-BD40-E24CC960AE59}\642494026516E60285 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{BFE936B7-82DE-46C2-BD40-E24CC960AE59}\C696E6B6379737 : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\awesome\appdata\roaming\mozilla\firefox\profiles\c5348wjg.default\
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\users\awesome\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\users\awesome\appdata\roaming\mozilla\firefox\profiles\c5348wjg.default\extensions\technicianconsole@logmeinrescue.com\plugins\npRescue.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc - BRI/1
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-6-11 291840]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-11-23 1052472]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-20 655944]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2012-8-2 37944]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2012-8-20 7680]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-20 22344]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-8-20 171520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-29 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-28 113120]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2011-4-11 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2011-4-11 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2011-4-11 112640]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-7-28 1343400]
.
=============== Created Last 30 ================
.
2012-08-22 01:27:32 -------- d-----w- c:\programdata\CPA_VA
2012-08-21 08:36:55 -------- d-----w- c:\users\awesome\appdata\local\ElevatedDiagnostics
2012-08-21 04:18:37 -------- d-----w- c:\programdata\Comodo
2012-08-21 04:18:35 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-08-21 04:18:35 -------- d-----w- c:\program files\COMODO
2012-08-21 03:52:52 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{100152be-1385-49bb-a3bc-24a7675e3e8a}\offreg.dll
2012-08-21 01:15:05 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-08-21 01:15:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-08-21 00:34:03 -------- d-----w- c:\program files\ESET
2012-08-21 00:30:18 -------- d-----w- c:\users\awesome\appdata\roaming\Malwarebytes
2012-08-21 00:29:26 -------- d-----w- c:\programdata\Malwarebytes
2012-08-21 00:29:24 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 00:29:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-20 23:23:35 -------- d---a-w- C:\.Trash-999
2012-08-20 22:18:18 -------- d-----w- c:\users\awesome\appdata\local\Toshiba
2012-08-20 22:11:01 58888 ------w- c:\windows\system32\agrsmdel.exe
2012-08-20 22:11:01 -------- d-----w- c:\program files\ltmoh
2012-08-20 22:10:52 -------- d-----w- c:\windows\Options
2012-08-20 21:54:58 -------- d-----w- c:\windows\system32\sda
2012-08-20 21:54:33 7360512 ----a-w- c:\windows\system32\RTSUSTORicon.dll
2012-08-20 21:54:32 270336 ----a-w- c:\windows\system32\RtsUStor.dll
2012-08-20 21:54:32 171520 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2012-08-20 21:23:40 831488 ----a-w- c:\windows\RtlExUpd.dll
2012-08-20 21:23:40 -------- d--h--w- c:\program files\Temp
2012-08-20 21:23:38 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2012-08-20 21:23:38 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2012-08-20 21:23:38 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2012-08-20 21:23:38 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2012-08-20 21:23:38 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2012-08-20 21:23:36 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2012-08-20 21:23:35 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2012-08-20 21:15:12 128344 ----a-w- c:\windows\system32\TODDSrv.exe
2012-08-20 21:11:01 -------- d-----w- C:\sle0v190
2012-08-20 21:10:38 -------- d-----w- c:\windows\pss
2012-08-20 19:21:46 152848 ----a-w- c:\windows\system32\Comdlg32.ocx
2012-08-20 19:21:45 9728 ----a-w- c:\windows\system32\TCMSVR.dll
2012-08-20 19:21:44 7680 ----a-w- c:\windows\system32\drivers\FwLnk.sys
2012-08-20 19:18:34 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-08-20 19:18:33 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2012-08-20 19:18:33 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2012-08-20 19:18:33 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2012-08-20 19:18:33 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2012-08-20 19:18:33 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2012-08-20 19:18:32 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2012-08-20 19:18:32 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2012-08-20 18:23:03 -------- d-----w- c:\program files\HWiNFO32
2012-08-20 17:06:53 -------- d-----w- c:\program files\WhoCrashed
2012-08-20 16:29:37 -------- d-----w- c:\program files\SystemRequirementsLab
2012-08-20 06:20:38 917504 ----a-w- c:\windows\system32\Flash.ocx
2012-08-20 05:12:52 -------- d-----w- c:\program files\NetDragon
2012-08-20 03:59:29 -------- d-----w- c:\users\awesome\appdata\local\Diagnostics
2012-08-18 11:50:47 -------- d-----w- c:\users\awesome\appdata\local\LogMeIn Rescue
2012-08-18 11:50:11 -------- d-----w- c:\program files\LogMeIn Rescue Technician Console
2012-08-18 11:21:59 -------- d-----w- c:\program files\LogMeIn Rescue
2012-08-18 04:34:58 -------- d-----w- c:\users\awesome\appdata\roaming\TunkDesign
2012-08-18 01:01:53 -------- d-----w- c:\program files\Code Laboratories
2012-08-17 17:17:16 -------- d-----w- c:\programdata\ALM
2012-08-17 15:42:09 -------- d-----w- c:\users\awesome\appdata\roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-08-17 14:36:00 -------- d-----w- c:\users\awesome\Adobe Flash Builder 4.6
2012-08-17 14:25:05 -------- d-----w- c:\program files\common files\PX Storage Engine
2012-08-17 14:24:59 -------- d-----w- c:\program files\My Company Name
2012-08-17 12:20:56 -------- d-----w- c:\users\awesome\appdata\roaming\.jclient
2012-08-17 11:10:38 -------- d-----w- c:\users\awesome\appdata\roaming\.blackMagicAndCheerios
2012-08-15 16:49:34 -------- d-----w- c:\program files\Sun
2012-08-15 03:56:52 400896 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 03:56:47 492032 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 03:56:47 317440 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 03:56:45 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 03:56:43 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 03:56:43 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 03:56:41 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-08 03:25:50 70144 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPP8F.DLL
2012-08-08 03:25:50 27648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNMPD8F.DLL
2012-08-08 03:25:22 224768 ----a-w- c:\windows\system32\CNMLM8F.DLL
2012-08-06 15:29:45 -------- d-----w- c:\users\awesome\appdata\local\Google
2012-08-06 11:23:17 -------- d-----w- c:\users\awesome\jagexcache1
2012-08-06 11:12:55 -------- d-----w- c:\users\awesome\jagexcache
2012-08-03 05:02:31 -------- d-----w- c:\program files\common files\Toshiba Shared
2012-08-03 03:44:40 -------- d-----w- c:\program files\Toshiba
2012-08-03 03:43:26 -------- d-----w- c:\users\awesome\appdata\roaming\WinBatch
2012-08-03 03:37:51 -------- d-----w- C:\ToshibaUpdate
2012-08-03 03:35:36 -------- d-----w- c:\users\awesome\appdata\local\AMD
2012-08-03 03:34:36 -------- d-----w- c:\users\awesome\appdata\local\ATI
2012-08-03 03:34:15 -------- d-----w- c:\program files\AMD APP
2012-08-03 03:33:13 -------- d-----w- c:\programdata\AMD
2012-08-03 03:33:05 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2012-08-03 03:32:39 -------- d-----w- c:\program files\ATI
2012-08-03 03:31:37 -------- d-----w- C:\AMD
2012-08-03 03:26:41 -------- d-----w- c:\program files\ATI Technologies
2012-08-03 03:26:26 221184 ----a-w- c:\program files\common files\installshield\iscript\IScript.dll
2012-08-03 03:26:25 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2012-08-03 03:26:25 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2012-08-03 03:26:25 217088 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2012-08-03 03:26:25 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2012-08-03 03:26:02 -------- d-----w- C:\ATI
2012-08-02 18:47:12 -------- d-----w- c:\users\awesome\appdata\roaming\.Spoutcraft
2012-08-02 04:47:34 -------- d-----w- c:\windows\system32\appmgmt
2012-08-02 04:33:29 -------- d-----w- c:\program files\Microsoft Device Center
2012-08-01 17:54:02 -------- d-----w- c:\users\awesome\appdata\roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-08-01 17:51:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-08-01 16:03:20 -------- d-----w- c:\users\awesome\appdata\local\Adobe
2012-08-01 15:52:20 -------- d-----w- c:\users\awesome\appdata\roaming\SignCut
2012-08-01 15:52:20 -------- d-----w- c:\program files\SignCut
2012-08-01 14:02:08 -------- d-----w- c:\program files\BitTorrent
2012-08-01 14:01:24 -------- d-----w- c:\users\awesome\appdata\roaming\BitTorrent
2012-07-31 14:35:35 -------- d-----w- c:\program files\Microsoft
2012-07-31 14:34:35 -------- d-----w- c:\users\awesome\appdata\roaming\HpUpdate
2012-07-31 14:34:22 527208 ------w- c:\windows\system32\HPDiscoPM5312.dll
2012-07-31 14:34:06 -------- d-----w- c:\program files\HP
2012-07-31 14:33:55 -------- d-----w- c:\users\awesome\appdata\local\HP
2012-07-31 12:09:52 -------- d-----w- c:\users\awesome\appdata\roaming\TS3Client
2012-07-31 12:01:49 -------- d-----w- c:\program files\TeamSpeak 3 Client
2012-07-31 08:59:08 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-07-31 08:59:03 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{100152be-1385-49bb-a3bc-24a7675e3e8a}\mpengine.dll
2012-07-30 20:00:01 -------- d-----w- c:\users\awesome\appdata\roaming\MultiSkypeLauncher
2012-07-30 19:59:25 -------- d-----w- c:\program files\MultiSkypeLauncher
2012-07-30 17:39:36 -------- d-----w- c:\program files\VideoLAN
2012-07-30 14:54:55 -------- d-----w- c:\users\awesome\appdata\local\Microsoft Games
2012-07-30 14:53:44 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-07-30 14:53:23 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-07-30 14:52:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2012-07-30 14:51:53 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-07-30 14:51:10 -------- d-----w- c:\users\awesome\appdata\local\Microsoft Help
2012-07-30 05:21:51 -------- d-----w- c:\users\awesome\appdata\roaming\Gyazo
2012-07-29 10:47:44 -------- d-----w- c:\program files\Gyazo
2012-07-29 10:10:06 -------- d-----w- c:\users\awesome\appdata\roaming\Mumble
2012-07-29 09:11:59 -------- d-----w- c:\program files\Mumble
2012-07-29 09:11:16 -------- d-----w- c:\program files\Clownfish
2012-07-29 06:42:32 -------- d-----w- c:\windows\Panther
2012-07-29 06:42:17 -------- d-sh--w- C:\Boot
2012-07-29 05:17:35 -------- d-----w- c:\users\awesome\appdata\local\Macromedia
2012-07-29 05:07:32 -------- d-----w- c:\users\awesome\appdata\roaming\.techniclauncher
2012-07-29 05:06:29 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-29 05:06:29 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-29 03:57:05 -------- d-----w- c:\users\awesome\appdata\roaming\.minecraft
2012-07-29 03:41:06 0 ----a-w- c:\windows\ativpsrm.bin
2012-07-29 03:39:36 -------- d-----w- c:\windows\system32\Wat
2012-07-29 03:35:23 -------- d-----w- c:\windows\PCHEALTH
2012-07-29 03:25:23 -------- d-----w- c:\program files\Synaptics
2012-07-29 03:18:20 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-29 03:18:20 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-29 03:18:20 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-07-29 03:18:20 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-29 03:18:03 -------- d-----r- c:\program files\Skype
2012-07-29 03:14:13 -------- d-----w- c:\program files\Oracle
2012-07-29 03:14:06 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-29 03:14:06 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-29 03:13:40 -------- d-sh--w- c:\windows\Installer
2012-07-29 03:11:19 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-07-29 03:04:44 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-07-29 03:04:44 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-07-29 03:04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-07-29 03:04:35 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-07-29 03:04:35 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-07-29 03:04:29 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-07-29 03:04:28 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2012-07-29 03:04:27 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-07-29 03:04:26 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-07-29 03:03:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-29 03:01:59 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-29 03:01:59 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-07-29 02:52:52 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-07-29 02:52:43 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-07-29 02:52:43 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-29 02:52:12 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-27 01:36:58 42208 ----a-w- c:\windows\system32\drivers\point32.sys
2012-06-26 06:03:32 68904 ----a-w- c:\windows\system32\CLEyeDevices.dll
2012-06-25 02:24:46 46432 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-06-11 17:50:42 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-06-11 17:50:24 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 17:50:14 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 17:49:22 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 17:48:30 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-06 12:49:52 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-28 11:09:04 2104416 ----a-w- c:\windows\system32\coin91.dll
.
============= FINISH: 21:35:14.22 ===============