Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Some type of adware

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Some type of adware

Unread postby iowabucks » August 28th, 2012, 5:25 pm

Hey everyone, i just got my new computer built and it's only 3 weeks old and i have been seeing something strange that has to be some type of adware.

First i'll say i'm using Win7 and IE9. Occationally when i'm surfing i will hit the back arrow button and my browser doesn't seem to go anywhere unless it hit it many times. If you right click on the back arrow you will see a supposed history of the last pages you have been to. This history will always show a bunch of pages that i did not visit. Doesn't really do anything other than get in the way occationally.

I tried Super Adblocker but it didn't seem to have anywhere that i could type in or add sites i wanted to block. So i uninstalled it.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.6.2
Run by Jerry at 16:19:32 on 2012-08-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16332.14259 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.archerytalk.com/vb
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
uRun: [DriverMax_RESTART]
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwar ... /CTPID.cab
TCP: DhcpNameServer = 66.207.0.3 66.207.0.2
TCP: Interfaces\{D34FC8C3-7FD1-4BA6-AFA5-F6EE5BF4709D} : DhcpNameServer = 66.207.0.3 66.207.0.2
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\system32\DRIVERS\asahci64.sys --> C:\Windows\system32\DRIVERS\asahci64.sys [?]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\system32\DRIVERS\iusb3hcs.sys --> C:\Windows\system32\DRIVERS\iusb3hcs.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe [2012-8-20 918448]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-8-20 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-8-20 149120]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe [2012-8-20 1470592]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-12 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\system32\IProsetMonitor.exe --> C:\Windows\system32\IProsetMonitor.exe [?]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-8-12 161560]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-12 1262400]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-2 382312]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-12 363800]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-13 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-13 250568]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-8-13 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-8-13 79360]
S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2012-8-20 21712]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-8-13 116648]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [2012-8-16 93848]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-28 21:19:01 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2420B90C-82DC-4C12-9E10-7E8B5812D54A}\offreg.dll
2012-08-28 14:19:18 -------- d-----w- C:\Windows\System32\appmgmt
2012-08-28 12:13:45 -------- d-----w- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
2012-08-28 12:13:35 -------- d-----w- C:\Windows\SysWow64\URTTemp
2012-08-28 12:13:34 -------- d-----w- C:\Program Files (x86)\SuperAdBlocker.com
2012-08-28 12:12:43 -------- d-----w- C:\ProgramData\Tarma Installer
2012-08-28 12:12:43 -------- d-----w- C:\Program Files (x86)\Yontoo
2012-08-27 20:54:14 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2420B90C-82DC-4C12-9E10-7E8B5812D54A}\mpengine.dll
2012-08-26 20:13:15 9309624 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-26 16:31:56 -------- d-----w- C:\Users\Jerry\AppData\Local\Adobe
2012-08-25 13:48:39 -------- d-----w- C:\Users\Jerry\AppData\Local\Brice_Lambson
2012-08-25 13:47:28 -------- d-----w- C:\ProgramData\Package Cache
2012-08-25 13:47:28 -------- d-----w- C:\Program Files\Image Resizer for Windows
2012-08-25 13:47:28 -------- d-----w- C:\Program Files (x86)\Image Resizer for Windows
2012-08-24 01:42:02 -------- d-----w- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
2012-08-21 01:34:44 -------- d-----w- C:\ProgramData\FanXpert2
2012-08-21 01:31:37 184320 ----a-w- C:\Windows\SysWow64\drivers\UpdateHelper.dll
2012-08-21 01:31:29 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-08-21 01:31:29 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-08-21 01:31:29 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-08-21 01:31:29 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-08-21 01:31:29 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-08-21 01:31:04 -------- d-----w- C:\ProgramData\ASUS
2012-08-21 01:31:01 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2012-08-21 01:31:01 13440 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2012-08-21 01:31:01 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2012-08-21 01:31:01 10216 ------w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2012-08-21 01:31:01 -------- d-----w- C:\Program Files (x86)\ASUS
2012-08-20 18:33:45 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2012-08-20 18:33:45 -------- d-----w- C:\Users\Jerry\AppData\Local\eSupport.com
2012-08-18 14:32:05 -------- d-----w- C:\Users\Jerry\AppData\Local\Microsoft Corporation
2012-08-18 14:31:35 -------- d-----w- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2012-08-18 08:20:19 0 ----a-w- C:\ProgramData\xmlA990.tmp
2012-08-18 08:20:19 0 ----a-w- C:\ProgramData\xmlA7FA.tmp
2012-08-17 14:22:06 2561896 ----a-w- C:\Windows\System32\nvsvcr.dll
2012-08-17 14:21:57 -------- d-----w- C:\temp
2012-08-17 14:10:26 0 ----a-w- C:\ProgramData\xml9BB9.tmp
2012-08-17 14:10:26 0 ----a-w- C:\ProgramData\xml9A80.tmp
2012-08-17 13:33:15 0 ----a-w- C:\ProgramData\xml9128.tmp
2012-08-17 13:33:15 0 ----a-w- C:\ProgramData\xml8F05.tmp
2012-08-17 13:24:18 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-08-17 13:10:38 -------- d-----w- C:\Users\Jerry\AppData\Roaming\NVIDIA
2012-08-17 13:10:31 -------- d-----w- C:\Program Files (x86)\GPU-Z
2012-08-17 02:17:32 0 ----a-w- C:\ProgramData\xml59AA.tmp
2012-08-17 02:17:32 0 ----a-w- C:\ProgramData\xml5881.tmp
2012-08-17 02:02:09 0 ----a-w- C:\ProgramData\xml42C0.tmp
2012-08-17 02:02:09 0 ----a-w- C:\ProgramData\xml4197.tmp
2012-08-17 02:01:47 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-08-17 01:06:30 0 ----a-w- C:\ProgramData\xml4F2A.tmp
2012-08-17 01:06:29 13494 ----a-w- C:\ProgramData\xml4BBE.tmp
2012-08-17 01:06:29 10721 ----a-w- C:\ProgramData\xml4A28.tmp
2012-08-17 01:06:29 0 ----a-w- C:\ProgramData\xml4DA3.tmp
2012-08-17 01:03:17 -------- d-----w- C:\Program Files\CPUID
2012-08-16 14:05:16 0 ----a-w- C:\ProgramData\xmlF04C.tmp
2012-08-16 14:05:16 0 ----a-w- C:\ProgramData\xmlEE77.tmp
2012-08-16 14:05:15 13494 ----a-w- C:\ProgramData\xmlED2E.tmp
2012-08-16 14:05:15 10721 ----a-w- C:\ProgramData\xmlE9C4.tmp
2012-08-16 14:02:51 -------- d--h--w- C:\Windows\msdownld.tmp
2012-08-16 14:02:46 -------- d-----w- C:\Windows\SysWow64\directx
2012-08-16 14:02:42 -------- d-----w- C:\Program Files\SiSoftware
2012-08-15 11:49:10 -------- d-----w- C:\Users\Jerry\AppData\Local\Ideazon,_Inc
2012-08-15 11:49:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Ideazon
2012-08-15 11:45:59 -------- d-----w- C:\Program Files (x86)\Ideazon
2012-08-15 11:26:47 -------- d-----w- C:\Users\Jerry\AppData\Local\PunkBuster
2012-08-15 11:26:23 -------- d-----w- C:\Users\Jerry\AppData\Local\Activision
2012-08-15 10:22:13 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-15 10:22:13 111928 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-08-15 10:22:12 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2012-08-15 10:22:12 682280 ----a-w- C:\Windows\SysWow64\pbsvc.exe
2012-08-15 10:12:23 -------- d-----w- C:\Program Files (x86)\Activision
2012-08-15 02:03:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\TS3Client
2012-08-14 13:42:45 -------- d-----w- C:\Program Files\CCleaner
2012-08-14 13:35:59 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client
2012-08-14 13:25:18 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Xfire
2012-08-14 13:25:17 -------- d-----w- C:\ProgramData\Xfire
2012-08-14 13:25:17 -------- d-----w- C:\Program Files (x86)\Xfire
2012-08-14 13:07:02 -------- d-----w- C:\Users\Jerry\AppData\Local\Innovative Solutions
2012-08-14 13:07:00 -------- d-----w- C:\Program Files (x86)\Innovative Solutions
2012-08-14 12:57:48 -------- d-----w- C:\Program Files (x86)\Pandora Recovery
2012-08-14 12:55:28 -------- d-----w- C:\Program Files (x86)\Photo-grapher
2012-08-14 12:32:38 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2012-08-14 12:32:38 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2012-08-14 12:32:33 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-08-14 12:32:23 -------- d-----w- C:\Program Files (x86)\Microsoft
2012-08-14 12:32:07 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2012-08-14 12:31:49 -------- d-----w- C:\Windows\PCHEALTH
2012-08-14 12:31:02 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\DSETUP.dll
2012-08-14 12:31:02 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\DXSETUP.exe
2012-08-14 12:31:02 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aa7a7d451cd7a18\dsetup32.dll
2012-08-14 12:25:51 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2012-08-14 12:07:06 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-08-14 12:06:54 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-08-14 12:06:39 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-08-14 12:06:31 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-08-14 01:01:59 99840 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2012-08-13 09:56:53 647872 ------w- C:\Windows\SysWow64\Mscomct2.ocx
2012-08-13 09:56:53 53248 ------w- C:\Windows\Ctregrun.exe
2012-08-13 09:52:25 -------- d-----w- C:\ProgramData\Creative Labs
2012-08-13 09:37:51 12288 ----a-w- C:\Windows\System32\INRES.DLL
2012-08-13 08:44:04 -------- d-----w- C:\Users\Jerry\AppData\Local\Diagnostics
2012-08-13 08:07:45 -------- d-----w- C:\Users\Jerry\AppData\Local\Google
2012-08-13 08:05:05 991232 ----a-w- C:\Windows\SysWow64\imageviewer2.ocx
2012-08-13 08:05:05 608448 ----a-w- C:\Windows\SysWow64\comctl32.ocx
2012-08-13 08:05:05 224016 ----a-w- C:\Windows\SysWow64\tabctl32.ocx
2012-08-13 08:05:05 200704 ----a-w- C:\Windows\SysWow64\threed32.ocx
2012-08-13 08:05:05 1703936 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-08-13 08:05:05 164144 ----a-w- C:\Windows\SysWow64\comct232.ocx
2012-08-13 08:05:05 151552 ----a-w- C:\Windows\SysWow64\ccrpfd6.ocx
2012-08-13 08:05:05 110592 ----a-w- C:\Windows\SysWow64\ccrpbds6.dll
2012-08-13 08:05:05 106496 ----a-w- C:\Windows\SysWow64\mbprgbar.ocx
2012-08-13 08:05:05 -------- d-----w- C:\Program Files (x86)\PIXresizer
2012-08-13 07:48:57 -------- d-----w- C:\Program Files (x86)\Oracle
2012-08-13 07:48:51 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-08-13 07:48:51 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-13 06:11:54 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-08-13 06:11:54 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-08-13 06:05:47 -------- d-----w- C:\Windows\SysWow64\Wat
2012-08-13 06:05:47 -------- d-----w- C:\Windows\System32\Wat
2012-08-13 05:52:06 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-08-13 05:52:05 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-08-13 05:52:05 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-08-13 05:52:05 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-08-13 05:52:05 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-13 05:52:05 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-13 05:52:05 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-08-13 05:49:59 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2012-08-13 05:48:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-08-13 05:47:24 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-08-13 05:47:24 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-08-13 05:47:24 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-08-13 05:43:36 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-08-13 05:43:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-08-13 05:43:34 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-08-13 05:43:33 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-08-13 05:41:34 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-13 05:41:34 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-08-13 05:36:17 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FF6BC3DA-B124-4C79-AA0C-C320550DAE2B}\gapaengine.dll
2012-08-12 18:20:11 -------- d-----w- C:\Windows\Panther
2012-08-12 16:55:48 -------- d-----w- C:\Program Files\NVIDIA Corporation
2012-08-12 16:55:37 -------- d-----w- C:\NVIDIA
2012-08-12 16:36:52 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-08-12 16:36:46 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-08-12 16:36:07 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Malwarebytes
2012-08-12 16:35:51 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-08-12 16:35:51 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-12 16:35:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-12 16:26:01 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-08-12 16:24:01 -------- d-----w- C:\Users\Jerry\AppData\Roaming\Intel Corporation
2012-08-12 16:22:14 568600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-08-12 16:21:48 178344 ----a-w- C:\Windows\System32\IPROSetMonitor.exe
2012-08-12 16:21:42 355016 ----a-r- C:\Windows\System32\PROUnstl.exe
2012-08-12 16:21:09 68264 ----a-w- C:\Windows\System32\e1cmsg.dll
2012-08-12 16:21:09 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2012-08-12 16:21:09 342704 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2012-08-12 16:21:08 98496 ----a-w- C:\Windows\System32\NicInstC.dll
2012-08-12 16:18:50 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2012-08-12 16:13:44 16152 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2012-08-12 16:13:38 355096 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2012-08-12 16:13:37 786200 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2012-08-12 16:09:49 -------- d-----w- C:\Program Files (x86)\ASM106xSATA
2012-08-12 16:07:03 15128 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2012-08-12 16:06:51 -------- d-sh--w- C:\Windows\Installer
2012-08-12 16:06:48 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2012-08-12 16:01:08 60184 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2012-08-12 15:55:41 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2012-08-12 15:51:31 -------- d-----w- C:\Intel
2012-08-12 15:49:51 -------- d-----w- C:\Windows\AsDmiHtm
2012-08-12 15:49:14 -------- d-----w- C:\Windows\Chipset
2012-08-12 15:49:12 16896 ----a-w- C:\Windows\AsTaskSched.dll
2012-08-12 15:49:10 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-08-12 15:45:19 -------- d-----w- C:\Users\Jerry\AppData\Local\ElevatedDiagnostics
2012-08-02 10:22:46 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
==================== Find3M ====================
.
2012-08-13 09:38:01 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-08-13 09:38:01 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-08-13 09:38:01 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-08-13 09:38:01 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-08-02 13:49:00 9663848 ----a-w- C:\Windows\System32\nvcuda.dll
2012-08-02 12:07:43 3485076 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-08-02 12:07:09 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-08-02 12:06:52 6193000 ----a-w- C:\Windows\System32\nvcpl.dll
2012-08-02 12:05:44 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-08-02 12:05:44 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-08-02 12:05:43 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-07-25 22:51:44 42440 ----a-w- C:\Windows\SysWow64\xfcodec.dll
2012-07-25 22:51:44 28104 ----a-w- C:\Windows\System32\xfcodec64.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 16:19:43.10 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/12/2012 10:41:53 AM
System Uptime: 8/28/2012 12:19:07 PM (4 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | P8Z77-V PRO
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/103mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 477 GiB total, 406.812 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP31: 8/15/2012 10:57:03 PM - Windows Update
RP32: 8/16/2012 8:57:08 AM - SiSoftware Sandra Lite
RP33: 8/16/2012 9:04:33 AM - Installed DirectX
RP34: 8/16/2012 9:01:38 PM - Installed Java 7 Update 6
RP35: 8/17/2012 9:20:21 AM - Device Driver Package Install: NVIDIA Display adapters
RP36: 8/18/2012 9:31:31 AM - Installed Windows 7 Upgrade Advisor
RP37: 8/20/2012 7:54:32 AM - Windows Update
RP38: 8/20/2012 8:31:30 PM - Installed AI Suite II
RP39: 8/20/2012 8:31:38 PM - Installed FAN Xpert 2
RP40: 8/23/2012 8:08:42 AM - Windows Update
RP41: 8/25/2012 8:47:24 AM - Image Resizer for Windows
RP42: 8/26/2012 3:13:11 PM - Windows Update
RP43: 8/28/2012 7:13:30 AM - Installed Super Ad Blocker
RP44: 8/28/2012 9:18:11 AM - Removed Super Ad Blocker
RP45: 8/28/2012 9:19:34 AM - Removed Super Ad Blocker
RP46: 8/28/2012 9:19:52 AM - Removed Super Ad Blocker
RP47: 8/28/2012 9:20:05 AM - Removed Super Ad Blocker
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.3)
AI Suite II
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Call of Duty(R) - World at War(TM) 1.6 Patch
Call of Duty(R) - World at War(TM) 1.7 Patch
Creative ALchemy
Creative Audio Control Panel
Creative Console Launcher
Creative MediaSource 5
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Creative WaveStudio 7
DriverMax 6
Google Earth
Google Update Helper
Image Resizer for Windows
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Internet TV for Windows Media Center
Java 7 Update 6
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft Choice Guard
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenAL
PandoraRecovery (Remove Only)
Photo-grapher 1
PIXresizer
PunkBuster Services
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
TeamSpeak 3 Client
TechPowerUp GPU-Z
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Center Add-in for Flash
Xfire (remove only)
Z Engine
.
==== Event Viewer Messages From Past Week ========
.
8/28/2012 7:13:48 AM, Error: Service Control Manager [7000] - The SABProcEnum service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 7:13:48 AM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\ has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
8/28/2012 7:13:47 AM, Error: Service Control Manager [7000] - The SABKUTIL service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 7:13:47 AM, Error: Service Control Manager [7000] - The SABDIFSV service failed to start due to the following error: This driver has been blocked from loading
8/28/2012 11:39:24 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
.
==== End Of File ===========================
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am
Advertisement
Register to Remove

Re: Some type of adware

Unread postby tim s » August 30th, 2012, 10:42 am

Hi iowabucks,

Welcome to Malware Removal Forum.
My name is Tim, and I will be helping you with your malware problems. This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby tim s » August 30th, 2012, 5:37 pm

Hi iowabucks,

PunkBuster warning

I noticed you have PunkBuster installed... read the "Published features" section.
PunkBuster can take control over various aspects of your computer and some gaming tools not unlike PunkBuster, also hinder their removals.
By the definition we use, PunkBuster is actual spyware. Therefore, I'm asking you to choose one of the following options:
  1. We "try" to leave PunkBuster alone... however, there is no guarantee a spyware component doesn't "inadvertently" get taken out... so PunkBuster might fail. This will also prevent you from playing games using PunkBuster enabled servers.
  2. We can just remove PunkBuster. You can reinstall it afterwards if you wish, but please keep in mind that we do consider it spyware.
  3. We can not clean this computer at all. This ensures PunkBuster will continue to function.
If you choose to remove PunkBuster, please perform the uninstall steps below. Otherwise, let me know what other option you chose.

Uninstall PunkBuster
Using the normal uninstall methods... Control Panel - Add/Remove Programs (XP) or Programs and Features (Vista - W7)
Uninstall PunkBuster
PunkBuster Services
Any other Punk Buster entries...


If there are any remnants left... you can use the Punk Buster Uninstall process:
Please download PBSVC Setup Program. Save it to your desktop.
  1. Double click on pbsvc.exe to start it... then click Uninstall.
    Vista/W7 users: right-click on pbsvc.exe, then select "Run As Administrator". If UAC prompts, please allow it.
    Once that's finished...
  2. Click Start > Run and copy and paste the following into the open text box:
    Code: Select all
    cmd /c for %i in (A B K) do sc delete PnkBstr%i
  3. Click OK. A black box will flash very briefly, this is normal.
  4. Double click My Computer on your desktop and browse to C:\windows\system32\drivers
  5. Locate the file: PnkBstrK.sys... if found delete it.
Let me know if you performed these steps successfully.
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby iowabucks » August 30th, 2012, 8:15 pm

Mods... could you move this last post please. They need to start their own thread.

On the subject of my computer. If at all possible, i would like to try to keep punkbuster. I know for a fact my game will not run without it. If it absolutely has to go, i will delete it.
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby tim s » August 31st, 2012, 8:26 am

Hi iowabucks,

We "try" to leave PunkBuster alone... however, there is no guarantee a spyware component doesn't "inadvertently" get taken out... so PunkBuster might fail. This will also prevent you from playing games using PunkBuster enabled servers.

If this is your choice then do the following I will need to check these logs:

Download OTL by OldTimer to your Desktop.

Alternative Download

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the program.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

If Logs are to long to fit in one reply post separate in to as many replies as needed.
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby iowabucks » August 31st, 2012, 1:19 pm

OTL logfile created on: 8/31/2012 12:13:15 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jerry\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 14.31 Gb Available Physical Memory | 89.70% Memory free
15.95 Gb Paging File | 14.20 Gb Available in Paging File | 89.03% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476.84 Gb Total Space | 406.24 Gb Free Space | 85.20% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/31 12:12:17 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jerry\Downloads\OTL.exe
PRC - [2012/08/20 20:31:01 | 001,470,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe
PRC - [2012/08/20 20:31:01 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/08/20 20:31:01 | 000,918,448 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2012/08/20 20:31:01 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/08/16 06:56:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/08/02 05:22:32 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/20 20:30:45 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2012/04/05 11:38:34 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/08/15 17:38:50 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009/08/17 23:19:24 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/28 05:14:30 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/20 20:31:01 | 001,470,592 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/08/20 20:31:01 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/08/20 20:31:01 | 000,918,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2012/08/20 20:31:01 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/08/16 06:56:29 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/08/13 04:56:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/08/13 04:38:20 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/08/02 05:22:32 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/18 12:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2012/01/04 14:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/04 14:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/04 14:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/07/19 20:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/05/05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/05/05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/05/05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/05/05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/05/05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/05/05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2010/05/05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/07/23 09:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/03/20 11:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV - [2012/08/20 13:33:45 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.archerytalk.com/vb
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 72 E4 84 1E 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes,DefaultScope = {319F5DCC-AD4F-4D81-B3D6-C2E86D39E375}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes\{319F5DCC-AD4F-4D81-B3D6-C2E86D39E375}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 72 E4 84 1E 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000..\Run: [DriverMax_RESTART] File not found
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\RunOnce: [InetReg] C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.207.0.3 66.207.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D34FC8C3-7FD1-4BA6-AFA5-F6EE5BF4709D}: DhcpNameServer = 66.207.0.3 66.207.0.2
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/15 19:53:55 | 000,000,142 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0227b0d1-e4a2-11e1-8ccc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0227b0d1-e4a2-11e1-8ccc-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2007/08/15 20:55:00 | 000,051,048 | R--- | M] (Activision)
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\DXSETUP.exe -- [2008/05/30 17:34:50 | 000,528,392 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/30 19:24:32 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Buckhead
[2012/08/30 19:22:35 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Computer performance
[2012/08/28 09:19:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012/08/28 07:13:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
[2012/08/28 07:13:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTemp
[2012/08/28 07:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuperAdBlocker.com
[2012/08/28 07:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/08/26 11:31:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Adobe
[2012/08/25 08:48:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Brice_Lambson
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Image Resizer for Windows
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer for Windows
[2012/08/23 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Weird pictures
[2012/08/23 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Website keeps
[2012/08/23 20:42:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
[2012/08/23 20:41:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\WAW patches
[2012/08/23 20:41:06 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Videocamera info
[2012/08/23 20:31:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Vegas Movie Studio PE. 9.0 Projects
[2012/08/23 20:30:36 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2012
[2012/08/21 04:38:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/08/21 00:04:27 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\AR & XD stuff
[2012/08/21 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\stereo
[2012/08/21 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\13 Point Harvest Pics
[2012/08/21 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Specific deer
[2012/08/21 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Sites to check occationally
[2012/08/21 00:04:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Sites i am registered at
[2012/08/21 00:04:05 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\scores
[2012/08/21 00:04:03 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Resume
[2012/08/21 00:04:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\recipes
[2012/08/21 00:04:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\RC
[2012/08/21 00:03:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Punkbusters
[2012/08/21 00:03:52 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\predator pics
[2012/08/21 00:03:44 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\phone
[2012/08/21 00:03:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\My Deercams
[2012/08/21 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\my 69
[2012/08/21 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Minnow tank
[2012/08/21 00:03:25 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\kitties
[2012/08/21 00:03:20 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Iowa Speedway
[2012/08/21 00:03:18 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\iowa hawkeyes
[2012/08/21 00:02:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Internet Transfer Destination Folder
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\internet speed test and benchmark tests
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Internet Deer Pics
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\ice fishing
[2012/08/21 00:02:08 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hunting spots
[2012/08/21 00:01:49 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hunting pics
[2012/08/21 00:01:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\house
[2012/08/21 00:01:31 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hot Cars
[2012/08/21 00:01:31 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\GPS stuff
[2012/08/21 00:01:30 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Gatlinberg
[2012/08/21 00:01:29 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Friends deer & turkeys
[2012/08/21 00:00:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Fishing pics
[2012/08/21 00:00:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Film dipping
[2012/08/21 00:00:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Ebay stuff
[2012/08/21 00:00:38 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\divorce decree
[2012/08/20 23:59:37 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Deercam video
[2012/08/20 23:59:35 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Deer mounts
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Dad
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Cozumel
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Contests
[2012/08/20 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Computer info
[2012/08/20 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\College bowl pick sites
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Chris's pics
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Cart pics
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Bronco info
[2012/08/20 23:59:14 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2011
[2012/08/20 23:59:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2010
[2012/08/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2009
[2012/08/20 23:58:19 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2008
[2012/08/20 23:58:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2007
[2012/08/20 23:58:14 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2006
[2012/08/20 23:58:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2005
[2012/08/20 23:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2004 and before
[2012/08/20 23:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Bank
[2012/08/20 23:58:09 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Automotive info
[2012/08/20 22:05:30 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Autoruns
[2012/08/20 20:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\FanXpert2
[2012/08/20 20:31:37 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2012/08/20 20:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2012/08/20 20:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/08/20 20:31:01 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2012/08/20 20:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/08/20 13:33:45 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/08/20 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\eSupport.com
[2012/08/18 09:32:05 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Microsoft Corporation
[2012/08/18 09:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2012/08/17 09:22:06 | 002,561,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/08/17 09:21:57 | 000,000,000 | ---D | C] -- C:\temp
[2012/08/17 09:20:06 | 027,525,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/08/17 09:20:06 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/08/17 09:20:06 | 020,938,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/08/17 09:20:06 | 018,220,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/08/17 09:20:06 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/08/17 09:20:06 | 015,284,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/08/17 09:20:06 | 009,663,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/08/17 09:20:06 | 007,927,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/08/17 09:20:06 | 007,426,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/08/17 09:20:06 | 005,899,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/08/17 09:20:06 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/08/17 09:20:06 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/08/17 09:20:06 | 002,386,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/08/17 09:20:06 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/08/17 09:20:06 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/08/17 09:20:06 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/08/17 09:20:06 | 000,824,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/08/17 09:20:06 | 000,341,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2012/08/17 09:20:06 | 000,294,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2012/08/17 09:20:06 | 000,246,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/08/17 09:20:06 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/08/17 08:10:38 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\NVIDIA
[2012/08/17 08:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2012/08/16 21:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/16 21:01:48 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/16 21:01:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/16 21:01:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/16 21:01:47 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/16 21:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/08/16 20:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012/08/16 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012/08/16 09:04:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/08/16 09:04:44 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/08/16 09:04:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/08/16 09:04:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/08/16 09:04:44 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/08/16 09:04:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/16 09:04:43 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/08/16 09:04:43 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/08/16 09:04:43 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/16 09:04:43 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/08/16 09:04:43 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/08/16 09:04:43 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/08/16 09:04:43 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/08/16 09:04:43 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/08/16 09:04:43 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/08/16 09:04:43 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/08/16 09:04:43 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/08/16 09:04:43 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/08/16 09:04:43 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/08/16 09:04:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/08/16 09:04:42 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/08/16 09:04:42 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/08/16 09:04:42 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/08/16 09:04:42 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/08/16 09:04:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/08/16 09:04:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/08/16 09:04:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/08/16 09:04:42 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/08/16 09:04:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/08/16 09:04:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/08/16 09:04:41 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/08/16 09:04:41 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/08/16 09:04:41 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/08/16 09:04:41 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/08/16 09:04:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/08/16 09:04:41 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/08/16 09:04:41 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/08/16 09:04:41 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/08/16 09:04:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/08/16 09:04:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/08/16 09:04:41 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/08/16 09:04:41 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/08/16 09:04:40 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/08/16 09:04:40 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/08/16 09:04:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/08/16 09:04:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/08/16 09:04:40 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/08/16 09:04:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/08/16 09:04:40 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/08/16 09:04:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/08/16 09:04:40 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/08/16 09:04:40 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/08/16 09:04:40 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/08/16 09:04:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/08/16 09:04:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/08/16 09:04:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/08/16 09:04:39 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/08/16 09:04:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/08/16 09:04:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/08/16 09:04:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/08/16 09:04:39 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/08/16 09:04:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/08/16 09:04:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/08/16 09:04:39 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/08/16 09:04:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/08/16 09:04:39 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/08/16 09:04:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/08/16 09:04:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/08/16 09:04:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/08/16 09:04:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/08/16 09:04:38 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/08/16 09:04:38 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/08/16 09:04:38 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/08/16 09:04:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/08/16 09:04:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/08/16 09:04:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/08/16 09:04:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/08/16 09:04:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/08/16 09:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2012/08/16 09:02:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/08/16 09:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2012/08/15 06:49:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Ideazon,_Inc
[2012/08/15 06:49:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Ideazon
[2012/08/15 06:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ideazon Z Engine
[2012/08/15 06:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ideazon
[2012/08/15 06:26:47 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\PunkBuster
[2012/08/15 06:26:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Activision
[2012/08/15 05:23:52 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/08/15 05:23:52 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/08/15 05:23:52 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/08/15 05:23:52 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/08/15 05:23:52 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/08/15 05:23:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/08/15 05:23:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/08/15 05:23:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/08/15 05:23:52 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/08/15 05:23:52 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/08/15 05:23:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/08/15 05:23:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/08/15 05:23:51 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/08/15 05:23:51 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/08/15 05:23:51 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/08/15 05:23:51 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/08/15 05:23:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/08/15 05:23:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/08/15 05:23:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/08/15 05:23:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/08/15 05:23:50 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/08/15 05:23:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/08/15 05:23:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/08/15 05:23:50 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/08/15 05:23:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/08/15 05:23:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/08/15 05:23:50 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/08/15 05:23:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/08/15 05:23:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/08/15 05:23:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/08/15 05:23:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/08/15 05:23:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/08/15 05:23:49 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/08/15 05:23:49 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/08/15 05:23:49 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/08/15 05:23:49 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/08/15 05:23:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/08/15 05:23:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/08/15 05:23:49 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/08/15 05:23:49 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/08/15 05:23:48 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/08/15 05:23:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/08/15 05:23:48 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/08/15 05:23:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/08/15 05:23:48 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/08/15 05:23:48 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/08/15 05:23:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/08/15 05:23:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/08/15 05:23:48 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/08/15 05:23:48 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/08/15 05:23:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/08/15 05:23:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/08/15 05:23:48 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/08/15 05:23:48 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/08/15 05:23:47 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/08/15 05:23:47 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/08/15 05:23:47 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/08/15 05:23:47 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/08/15 05:23:47 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/08/15 05:23:47 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/08/15 05:23:47 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/08/15 05:23:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/08/15 05:23:47 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/08/15 05:23:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/08/15 05:23:46 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/08/15 05:23:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/08/15 05:23:46 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/08/15 05:23:46 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/08/15 05:23:46 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/08/15 05:23:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/08/15 05:23:46 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/08/15 05:23:46 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/08/15 05:23:45 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/08/15 05:23:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/08/15 05:23:45 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/08/15 05:23:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/08/15 05:23:45 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/08/15 05:23:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/08/15 05:23:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/08/15 05:23:45 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/08/15 05:23:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/08/15 05:23:45 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/08/15 05:23:44 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/08/15 05:23:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/08/15 05:23:43 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/08/15 05:23:43 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/08/15 05:23:43 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/08/15 05:23:43 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/08/15 05:23:43 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/08/15 05:23:43 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/08/15 05:23:42 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/08/15 05:23:42 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/08/15 05:23:42 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/08/15 05:23:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/08/15 05:23:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/08/15 05:23:42 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/08/15 05:23:42 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/08/15 05:23:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/08/15 05:23:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/08/15 05:23:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/08/15 05:23:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/08/15 05:23:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/08/15 05:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/08/14 21:46:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/14 21:46:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/14 21:46:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/14 21:46:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/14 21:46:08 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/14 21:46:08 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/14 21:46:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/14 21:46:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/14 21:46:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/14 21:46:08 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/14 21:46:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/14 21:46:07 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/14 21:46:07 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/14 21:03:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\TS3Client
[2012/08/14 20:41:58 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/14 20:41:56 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/14 20:41:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/14 20:41:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/14 20:41:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/14 20:41:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/14 20:41:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/14 20:41:54 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/14 08:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/14 08:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012/08/14 08:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2012/08/14 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2012/08/14 08:07:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Innovative Solutions
[2012/08/14 08:07:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012/08/14 08:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2012/08/14 07:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Recovery
[2012/08/14 07:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pandora Recovery
[2012/08/14 07:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo-grapher
[2012/08/14 07:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photo-grapher
[2012/08/14 07:32:38 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/08/14 07:32:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/08/14 07:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/08/14 07:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/08/14 07:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/08/14 07:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/08/14 07:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/08/14 07:31:49 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/08/14 07:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/08/13 04:56:53 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomct2.ocx
[2012/08/13 04:56:53 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe
[2012/08/13 04:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012/08/13 04:38:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2012/08/13 04:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2012/08/13 04:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/08/13 04:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2012/08/13 04:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/08/13 04:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012/08/13 04:38:04 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2012/08/13 04:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012/08/13 04:38:03 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2012/08/13 04:38:01 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/08/13 04:38:01 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/08/13 04:38:01 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/08/13 04:38:01 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/08/13 04:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012/08/13 04:37:51 | 000,012,288 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\INRES.DLL
[2012/08/13 04:37:51 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRES.DLL
[2012/08/13 04:37:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2012/08/13 04:37:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2012/08/13 04:37:29 | 022,691,984 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\AppSetup.exe
[2012/08/13 04:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/08/13 03:44:04 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Diagnostics
[2012/08/13 03:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/08/13 03:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/08/13 03:07:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Google
[2012/08/13 03:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXresizer
[2012/08/13 03:05:05 | 001,703,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/08/13 03:05:05 | 000,991,232 | ---- | C] (Viscom Software ) -- C:\Windows\SysWow64\imageviewer2.ocx
[2012/08/13 03:05:05 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2012/08/13 03:05:05 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2012/08/13 03:05:05 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\threed32.ocx
[2012/08/13 03:05:05 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comct232.ocx
[2012/08/13 03:05:05 | 000,151,552 | ---- | C] (Domenico Statuto - CCRP) -- C:\Windows\SysWow64\ccrpfd6.ocx
[2012/08/13 03:05:05 | 000,110,592 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\SysWow64\ccrpbds6.dll
[2012/08/13 03:05:05 | 000,106,496 | ---- | C] (Marco Bellinaso) -- C:\Windows\SysWow64\mbprgbar.ocx
[2012/08/13 03:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PIXresizer
[2012/08/13 02:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/08/13 02:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/08/13 02:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/08/13 02:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/08/13 02:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/08/13 02:48:51 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/13 02:48:51 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/13 02:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/13 02:04:24 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Toms stand
[2012/08/13 02:03:08 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\New Computer
[2012/08/13 02:02:58 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Computer Cleaning
[2012/08/13 02:02:09 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Blacked out bows
[2012/08/13 01:19:13 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/08/13 01:19:13 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/08/13 01:19:13 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/08/13 01:19:13 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/08/13 01:19:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/08/13 01:19:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/08/13 01:19:13 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/08/13 01:19:10 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/08/13 01:19:10 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/08/13 01:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/08/13 01:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/08/13 01:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/08/13 01:11:54 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/08/13 01:11:54 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/08/13 01:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/08/13 01:05:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/08/13 01:05:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/08/13 00:55:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/13 00:55:27 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/13 00:55:27 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/13 00:55:27 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/13 00:55:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/13 00:55:27 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/13 00:55:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/13 00:55:27 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/13 00:55:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/13 00:55:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/13 00:55:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/13 00:55:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/13 00:55:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/13 00:55:27 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/13 00:55:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/13 00:55:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/13 00:55:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/13 00:55:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/13 00:55:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/13 00:55:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/13 00:55:26 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/13 00:55:26 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/13 00:55:26 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/13 00:55:26 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/13 00:55:26 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/13 00:55:26 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/13 00:55:26 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/13 00:55:26 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/13 00:55:26 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/13 00:55:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/13 00:55:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/13 00:55:26 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/13 00:55:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/13 00:55:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/13 00:55:26 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/13 00:55:26 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/13 00:55:26 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/13 00:55:26 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/13 00:55:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/13 00:55:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/13 00:55:26 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/13 00:55:26 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/13 00:55:26 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/13 00:55:26 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/13 00:55:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/13 00:55:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/13 00:55:26 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/13 00:55:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/13 00:55:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/13 00:55:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/13 00:55:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/13 00:55:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/13 00:55:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/13 00:55:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/13 00:55:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/13 00:52:06 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/08/13 00:52:05 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/08/13 00:52:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/08/13 00:50:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/08/13 00:50:10 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/08/13 00:50:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/08/13 00:50:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/08/13 00:50:10 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/08/13 00:50:10 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/08/13 00:50:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/08/13 00:50:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/08/13 00:50:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/08/13 00:50:10 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/08/13 00:50:10 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/08/13 00:50:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/08/13 00:50:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/08/13 00:50:09 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/08/13 00:50:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/08/13 00:50:08 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/08/13 00:50:08 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/08/13 00:50:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/08/13 00:50:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/08/13 00:50:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/08/13 00:50:07 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/08/13 00:50:07 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/08/13 00:50:07 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/08/13 00:50:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/08/13 00:50:06 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/08/13 00:50:06 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/08/13 00:50:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/08/13 00:50:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/08/13 00:50:06 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/08/13 00:50:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/08/13 00:50:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/08/13 00:50:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/08/13 00:50:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/08/13 00:50:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/08/13 00:50:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/08/13 00:50:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/08/13 00:50:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/08/13 00:50:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/08/13 00:50:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/08/13 00:50:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/08/13 00:50:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/08/13 00:50:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/08/13 00:50:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/08/13 00:50:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/08/13 00:50:01 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/08/13 00:50:01 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/08/13 00:50:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/08/13 00:50:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/08/13 00:50:00 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/08/13 00:50:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/08/13 00:50:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/08/13 00:50:00 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/08/13 00:49:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/08/13 00:49:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/08/13 00:49:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/08/13 00:49:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/08/13 00:49:54 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/08/13 00:49:54 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/08/13 00:49:54 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/08/13 00:49:54 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/08/13 00:49:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/08/13 00:49:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/08/13 00:49:54 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/08/13 00:49:54 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/08/13 00:49:54 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/08/13 00:49:53 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/08/13 00:49:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/08/13 00:49:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/08/13 00:49:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/08/13 00:49:34 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/08/13 00:49:34 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/08/13 00:49:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/08/13 00:49:30 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/08/13 00:49:30 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/08/13 00:49:30 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/08/13 00:49:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/08/13 00:49:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/08/13 00:49:30 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/08/13 00:49:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/08/13 00:49:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/08/13 00:49:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/08/13 00:49:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/08/13 00:49:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby iowabucks » August 31st, 2012, 1:20 pm

[2012/08/13 00:49:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/13 00:49:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/08/13 00:49:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/08/13 00:49:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/08/13 00:49:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/08/13 00:49:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/08/13 00:49:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/08/13 00:49:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/08/13 00:49:28 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/08/13 00:49:28 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/08/13 00:49:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/08/13 00:49:28 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/08/13 00:49:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/08/13 00:49:28 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/08/13 00:49:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/08/13 00:49:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/08/13 00:49:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/08/13 00:49:25 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/08/13 00:49:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/08/13 00:49:24 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/08/13 00:49:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/08/13 00:49:19 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/08/13 00:48:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/08/13 00:48:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/08/13 00:48:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/08/13 00:48:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/08/13 00:48:38 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/08/13 00:48:38 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/08/13 00:48:25 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/08/13 00:48:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/08/13 00:48:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/08/13 00:48:24 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/08/13 00:48:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/08/13 00:48:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/08/13 00:48:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/08/13 00:47:24 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/08/13 00:47:24 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/08/13 00:43:36 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/08/13 00:43:36 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/08/13 00:43:36 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/08/13 00:43:35 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/08/13 00:43:35 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/08/13 00:43:35 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/08/13 00:43:34 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/08/13 00:43:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/08/13 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Macromedia
[2012/08/13 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Adobe
[2012/08/13 00:41:34 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/13 00:41:34 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/13 00:41:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/08/13 00:41:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/08/12 13:20:11 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/08/12 12:26:17 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/08/12 12:20:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/08/12 12:20:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/08/12 11:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/08/12 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/08/12 11:56:43 | 006,193,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/08/12 11:56:43 | 003,266,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/08/12 11:56:43 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/08/12 11:56:43 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/08/12 11:56:40 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/08/12 11:56:40 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/08/12 11:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/08/12 11:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/08/12 11:56:33 | 010,674,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/08/12 11:56:33 | 008,499,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/08/12 11:56:33 | 002,816,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/08/12 11:56:33 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/08/12 11:56:33 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/08/12 11:56:33 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/08/12 11:56:33 | 000,962,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/08/12 11:56:33 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/08/12 11:56:33 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/08/12 11:56:33 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/08/12 11:56:33 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/08/12 11:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/08/12 11:55:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/08/12 11:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/08/12 11:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/12 11:36:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Malwarebytes
[2012/08/12 11:35:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/12 11:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/08/12 11:24:01 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Intel Corporation
[2012/08/12 11:22:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/08/12 11:22:14 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/08/12 11:21:48 | 000,178,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe
[2012/08/12 11:21:42 | 000,355,016 | R--- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2012/08/12 11:21:09 | 000,342,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012/08/12 11:21:09 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012/08/12 11:21:09 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2012/08/12 11:21:08 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012/08/12 11:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012/08/12 11:13:44 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/08/12 11:13:38 | 000,355,096 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/08/12 11:13:37 | 000,786,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/08/12 11:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2012/08/12 11:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA
[2012/08/12 11:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/08/12 11:06:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/08/12 11:06:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/08/12 11:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/08/12 11:01:08 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/08/12 11:00:56 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/08/12 11:00:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\InstallShield
[2012/08/12 10:55:41 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/08/12 10:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/08/12 10:51:31 | 000,000,000 | ---D | C] -- C:\Intel
[2012/08/12 10:49:51 | 000,000,000 | ---D | C] -- C:\Windows\AsDmiHtm
[2012/08/12 10:49:14 | 000,000,000 | ---D | C] -- C:\Windows\Chipset
[2012/08/12 10:49:12 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012/08/12 10:45:19 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\ElevatedDiagnostics
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Searches
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/08/12 10:42:03 | 000,000,000 | -H-D | C] -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/08/12 10:41:57 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Contacts
[2012/08/12 10:41:57 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Identities
[2012/08/12 10:41:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\VirtualStore
[2012/08/12 10:41:55 | 000,000,000 | --SD | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft
[2012/08/12 10:41:55 | 000,000,000 | RHSD | C] -- C:\Users\Jerry\Documents\My Music
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Videos
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Saved Games
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Pictures
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Music
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Links
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Favorites
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Downloads
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Documents
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Desktop
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\Temporary Internet Files
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Templates
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Start Menu
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\SendTo
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Recent
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\PrintHood
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\NetHood
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Documents\My Videos
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Documents\My Pictures
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\My Documents
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Local Settings
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\History
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Cookies
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Application Data
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\Application Data
[2012/08/12 10:41:55 | 000,000,000 | -H-D | C] -- C:\Users\Jerry\AppData
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Temp
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Microsoft
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Media Center Programs
[2012/08/12 10:41:53 | 000,000,000 | -HSD | C] -- C:\Recovery
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/31 12:07:21 | 000,032,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 12:07:21 | 000,032,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/31 12:04:28 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/31 12:04:28 | 000,626,040 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/31 12:04:28 | 000,107,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/31 12:00:18 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/31 12:00:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/30 21:40:57 | 000,060,640 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/30 21:40:57 | 000,060,640 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/30 21:40:57 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/30 21:17:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/30 20:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/28 07:06:29 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/28 05:14:30 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/28 05:14:30 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/25 17:43:34 | 000,000,981 | ---- | M] () -- C:\Users\Jerry\Desktop\New Rich Text Document.rtf
[2012/08/23 20:51:18 | 002,134,362 | ---- | M] () -- C:\Users\Jerry\Desktop\JPEG Image (3718).jpg
[2012/08/22 21:18:31 | 000,335,802 | ---- | M] () -- C:\Users\Jerry\Desktop\DSC07943.jpg
[2012/08/20 22:32:06 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/20 22:32:06 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/20 20:30:46 | 000,028,672 | ---- | M] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2012/08/20 20:30:46 | 000,013,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/08/20 20:30:44 | 000,011,832 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/08/20 20:30:44 | 000,010,216 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/08/20 20:13:17 | 000,038,966 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012/08/20 13:33:45 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/08/17 19:58:45 | 000,007,597 | ---- | M] () -- C:\Users\Jerry\AppData\Local\Resmon.ResmonCfg
[2012/08/16 21:01:45 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/16 21:01:44 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/16 21:01:44 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/16 21:01:44 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/16 21:01:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/16 21:01:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/16 09:02:46 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.lnk
[2012/08/16 06:56:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/15 06:26:12 | 000,000,694 | ---- | M] () -- C:\Users\Jerry\Desktop\Call of Duty® World at War - Shortcut.lnk
[2012/08/15 05:22:12 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/08/15 05:01:59 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/14 08:42:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/14 08:36:00 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/08/14 08:25:17 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/08/14 07:57:49 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2012/08/14 07:55:28 | 000,001,071 | ---- | M] () -- C:\Users\Jerry\Desktop\Photo-grapher.lnk
[2012/08/14 07:46:00 | 000,002,212 | ---- | M] () -- C:\Users\Jerry\Desktop\Windows Live Mail.lnk
[2012/08/13 04:38:01 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/08/13 04:38:01 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/08/13 04:38:01 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/08/13 04:38:01 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/08/13 04:38:01 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012/08/13 03:08:30 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/08/13 03:05:06 | 000,001,075 | ---- | M] () -- C:\Users\Jerry\Desktop\PIXresizer.lnk
[2012/08/13 01:07:17 | 000,001,447 | ---- | M] () -- C:\Users\Jerry\Desktop\Internet Explorer.lnk
[2012/08/13 01:07:17 | 000,001,441 | ---- | M] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/13 00:55:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/13 00:55:27 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/13 00:55:27 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/13 00:55:27 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/13 00:55:27 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/13 00:55:27 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/13 00:55:27 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/13 00:55:27 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/13 00:55:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/13 00:55:27 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/13 00:55:27 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/13 00:55:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/13 00:55:27 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/13 00:55:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/13 00:55:27 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/13 00:55:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/13 00:55:27 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/13 00:55:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/13 00:55:27 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/13 00:55:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/13 00:55:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/13 00:55:26 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/13 00:55:26 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/13 00:55:26 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/13 00:55:26 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/13 00:55:26 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/13 00:55:26 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/13 00:55:26 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/13 00:55:26 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/13 00:55:26 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/13 00:55:26 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/13 00:55:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/13 00:55:26 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/13 00:55:26 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/13 00:55:26 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/13 00:55:26 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/13 00:55:26 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/13 00:55:26 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/13 00:55:26 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/13 00:55:26 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/13 00:55:26 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/13 00:55:26 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/13 00:55:26 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/13 00:55:26 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/13 00:55:26 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/13 00:55:26 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/13 00:55:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/13 00:55:26 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/13 00:55:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/13 00:55:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/13 00:55:26 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/13 00:55:26 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/13 00:55:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/13 00:55:26 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/13 00:55:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/13 00:55:26 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/13 00:55:26 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/12 12:21:47 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/08/12 12:21:47 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/08/12 12:20:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/08/12 11:36:59 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/12 11:36:53 | 000,001,915 | ---- | M] () -- C:\Users\Jerry\Desktop\Microsoft Security Essentials.lnk
[2012/08/12 11:36:52 | 000,730,638 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/12 11:35:51 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 11:13:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/08/12 11:09:09 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012/08/12 10:49:14 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012/08/02 08:49:00 | 027,525,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/08/02 08:49:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/08/02 08:49:00 | 020,938,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/08/02 08:49:00 | 018,220,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/08/02 08:49:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/08/02 08:49:00 | 015,284,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/08/02 08:49:00 | 010,674,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/08/02 08:49:00 | 009,663,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/08/02 08:49:00 | 008,499,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/08/02 08:49:00 | 007,927,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/08/02 08:49:00 | 007,426,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/08/02 08:49:00 | 005,899,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/08/02 08:49:00 | 002,816,872 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/08/02 08:49:00 | 002,744,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/08/02 08:49:00 | 002,573,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/08/02 08:49:00 | 002,386,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/08/02 08:49:00 | 002,216,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/08/02 08:49:00 | 001,865,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/08/02 08:49:00 | 001,763,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/08/02 08:49:00 | 001,472,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/08/02 08:49:00 | 000,962,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/08/02 08:49:00 | 000,824,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/08/02 08:49:00 | 000,341,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2012/08/02 08:49:00 | 000,294,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2012/08/02 08:49:00 | 000,246,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/08/02 08:49:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/08/02 08:49:00 | 000,016,354 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/08/02 07:07:43 | 003,485,076 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/08/02 07:07:09 | 003,266,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/08/02 07:06:52 | 006,193,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/08/02 07:05:44 | 002,561,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/08/02 07:05:44 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/08/02 07:05:43 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/08/02 05:22:46 | 000,428,904 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/28 06:51:14 | 002,134,362 | ---- | C] () -- C:\Users\Jerry\Desktop\JPEG Image (3718).jpg
[2012/08/23 20:43:47 | 000,000,159 | ---- | C] () -- C:\Users\Jerry\Documents\official-antec-lanboy-air-case-club.htm
[2012/08/23 20:43:46 | 002,165,355 | ---- | C] () -- C:\Users\Jerry\Documents\IMG_20120620_090742.jpg
[2012/08/23 20:43:46 | 001,866,577 | ---- | C] () -- C:\Users\Jerry\Documents\Lee and Tiffany.JPG
[2012/08/23 20:43:46 | 001,760,046 | ---- | C] () -- C:\Users\Jerry\Documents\first attempt at hydrographics.JPG
[2012/08/23 20:43:46 | 001,700,775 | ---- | C] () -- C:\Users\Jerry\Documents\Don and Kandi Kisky.JPG
[2012/08/23 20:43:46 | 001,632,344 | ---- | C] () -- C:\Users\Jerry\Documents\IMG_20120620_090719.jpg
[2012/08/23 20:43:46 | 000,644,352 | ---- | C] () -- C:\Users\Jerry\Documents\Knight muzzleloader.JPG
[2012/08/23 20:43:46 | 000,613,045 | ---- | C] () -- C:\Users\Jerry\Documents\InstallTrophyScore.exe
[2012/08/23 20:43:46 | 000,412,143 | ---- | C] () -- C:\Users\Jerry\Documents\lyme test results.pdf
[2012/08/23 20:43:46 | 000,148,744 | ---- | C] () -- C:\Users\Jerry\Documents\bookmark.htm
[2012/08/23 20:43:46 | 000,022,547 | ---- | C] () -- C:\Users\Jerry\Documents\Muscatine traffic camera locations.pdf
[2012/08/23 20:43:46 | 000,009,616 | ---- | C] () -- C:\Users\Jerry\Documents\mattsGED.pdf
[2012/08/23 20:43:46 | 000,006,185 | ---- | C] () -- C:\Users\Jerry\Documents\film dipping.rtf
[2012/08/23 20:43:46 | 000,000,343 | ---- | C] () -- C:\Users\Jerry\Documents\alternate email address.rtf
[2012/08/23 20:43:46 | 000,000,217 | ---- | C] () -- C:\Users\Jerry\Documents\magcover Magazine Cover - Create your own Mag Cover!.url
[2012/08/23 20:43:46 | 000,000,211 | ---- | C] () -- C:\Users\Jerry\Documents\Nestle My Benefits.url
[2012/08/23 20:30:59 | 001,560,465 | ---- | C] () -- C:\Users\Jerry\Documents\skyline-New-York-City.jpg
[2012/08/23 20:30:59 | 000,116,114 | ---- | C] () -- C:\Users\Jerry\Documents\Predator Brown Deception camo .jpg
[2012/08/23 20:30:59 | 000,007,691 | ---- | C] () -- C:\Users\Jerry\Documents\Tims info.rtf
[2012/08/23 20:30:59 | 000,000,430 | ---- | C] () -- C:\Users\Jerry\Documents\Things to do to the Bronco.rtf
[2012/08/23 20:30:59 | 000,000,420 | ---- | C] () -- C:\Users\Jerry\Documents\Pat's info.rtf
[2012/08/23 20:30:59 | 000,000,400 | ---- | C] () -- C:\Users\Jerry\Documents\Things to dip.rtf
[2012/08/23 20:30:59 | 000,000,367 | ---- | C] () -- C:\Users\Jerry\Documents\YouTube - wallbanger1.mp4.url
[2012/08/22 21:23:40 | 000,335,802 | ---- | C] () -- C:\Users\Jerry\Desktop\DSC07943.jpg
[2012/08/20 20:31:01 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/08/20 20:31:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/08/20 20:31:01 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/08/18 09:31:35 | 000,002,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2012/08/17 19:58:45 | 000,007,597 | ---- | C] () -- C:\Users\Jerry\AppData\Local\Resmon.ResmonCfg
[2012/08/17 08:24:18 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/16 09:02:46 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.lnk
[2012/08/16 09:02:44 | 014,835,712 | ---- | C] () -- C:\ProgramData\sandra.mda
[2012/08/15 06:26:12 | 000,000,694 | ---- | C] () -- C:\Users\Jerry\Desktop\Call of Duty® World at War - Shortcut.lnk
[2012/08/15 05:22:13 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/15 05:22:13 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/15 05:22:12 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/08/15 05:22:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/15 05:03:59 | 000,000,981 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Document.rtf
[2012/08/14 08:42:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/14 08:36:00 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/08/14 08:25:17 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/08/14 07:57:49 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2012/08/14 07:55:28 | 000,001,071 | ---- | C] () -- C:\Users\Jerry\Desktop\Photo-grapher.lnk
[2012/08/14 07:46:00 | 000,002,212 | ---- | C] () -- C:\Users\Jerry\Desktop\Windows Live Mail.lnk
[2012/08/13 04:39:05 | 000,060,640 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:39:05 | 000,060,640 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:39:05 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:38:38 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2012/08/13 04:38:01 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2012/08/13 04:38:01 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/08/13 04:38:01 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2012/08/13 04:38:01 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/08/13 04:38:01 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012/08/13 03:39:52 | 000,000,215 | ---- | C] () -- C:\Users\Jerry\Desktop\Bing Maps.url
[2012/08/13 03:08:30 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/08/13 03:07:49 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/13 03:07:49 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/13 03:05:06 | 000,001,075 | ---- | C] () -- C:\Users\Jerry\Desktop\PIXresizer.lnk
[2012/08/13 02:52:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/13 02:04:38 | 000,000,400 | ---- | C] () -- C:\Users\Jerry\Desktop\Things to dip.rtf
[2012/08/13 02:04:35 | 000,000,568 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Format.rtf
[2012/08/13 02:04:33 | 000,000,429 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Format (2).rtf
[2012/08/13 00:55:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/13 00:55:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/13 00:41:34 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/12 12:21:43 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/08/12 12:21:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/08/12 12:20:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/08/12 11:56:43 | 003,485,076 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/08/12 11:56:33 | 000,016,354 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/08/12 11:36:59 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/08/12 11:36:53 | 000,001,915 | ---- | C] () -- C:\Users\Jerry\Desktop\Microsoft Security Essentials.lnk
[2012/08/12 11:36:52 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/12 11:35:51 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 11:21:42 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2012/08/12 11:21:09 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012/08/12 11:13:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/08/12 11:07:03 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/08/12 10:50:12 | 000,001,441 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/12 10:46:55 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/08/12 10:46:47 | 000,038,966 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/08/12 10:42:04 | 000,001,447 | ---- | C] () -- C:\Users\Jerry\Desktop\Internet Explorer.lnk
[2012/08/12 10:42:04 | 000,001,413 | ---- | C] () -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/08/12 10:41:55 | 000,000,290 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/12 10:41:55 | 000,000,272 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/02 05:22:46 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/07/25 17:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012/08/15 06:49:07 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Ideazon
[2012/08/23 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
[2012/08/28 07:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
[2012/08/14 21:03:17 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\TS3Client
[2009/07/14 00:08:49 | 000,014,658 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby iowabucks » August 31st, 2012, 1:21 pm

OTL Extras logfile created on: 8/31/2012 12:13:15 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jerry\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 14.31 Gb Available Physical Memory | 89.70% Memory free
15.95 Gb Paging File | 14.20 Gb Available in Paging File | 89.03% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476.84 Gb Total Space | 406.24 Gb Free Space | 85.20% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08356790-660B-4486-B518-D9EE528DA4C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{101F2513-9390-437A-923F-F51AD3D186DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18F8C08E-2A0C-41E9-B2CE-3D33C2931553}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1AFB31AC-4527-4C9A-A7E5-B91B82D0FEC9}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E5133B8-1136-4AE0-BAB7-31B8153B4BD4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22B61536-09F0-4A71-9DAA-0F5489B38321}" = rport=445 | protocol=6 | dir=out | app=system |
"{285BD28A-22B4-41F7-8D59-CDAA4911AE7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32DD3B24-FE74-44FB-AA3E-19E58BBE069B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56707FF5-8D38-4A5C-A33A-E05CAEFB9586}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011\wnt500x64\rpcsandrasrv.exe |
"{7C9626D7-0D01-41A0-9D86-272B8E46CBF4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{874D8C76-450C-414F-AF2A-696FDEF4D96B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8E138BC4-5F39-4DEF-99A9-DA3FD9BEE686}" = rport=138 | protocol=17 | dir=out | app=system |
"{8E79783F-DB13-4F21-AE31-97079971A7EE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{96E02E88-92BD-4053-BEC8-6DF97ED9437C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9C75BCF8-9C61-4065-99A2-AFCDE7D7A8D2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A3CEC1D9-D655-45E3-83CA-4A8855A2AD91}" = lport=137 | protocol=17 | dir=in | app=system |
"{D16088D4-6F3E-45EA-95A5-6A03F156CD8E}" = lport=445 | protocol=6 | dir=in | app=system |
"{D73229D6-C080-4F37-AA4B-1716F6A87727}" = rport=139 | protocol=6 | dir=out | app=system |
"{E991C8A2-D968-4129-AE46-F925C61B3746}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011\rpcagentsrv.exe |
"{EA9738FE-7077-4B28-B6DD-2FFC174055BF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{ECD0EC39-719B-4491-A881-FDBF57B70B45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F232965F-37AA-4B91-B03E-02E5E1A1E805}" = rport=137 | protocol=17 | dir=out | app=system |
"{F578B665-DE73-48F8-BA87-A8814567D0FF}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08AE73F9-AF3A-4B7C-AEE3-F31169008248}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0CD007B2-FB7A-44B7-B3E5-2415937ADF92}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{0ED88361-7AE0-47DB-A138-73B97C5D5D64}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{306E4056-134A-41F6-8EC4-B26A8533CEEF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31AD1B0E-BDD8-4448-88C2-70369DEF626D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3D47B5F9-5AC3-43CD-840E-872BC318D43B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4026DAFE-0DE9-48CD-A156-9628683B7931}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{419E570C-E85C-4684-B9BF-8A32BFA3D445}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47768C46-4B58-479C-BB09-EC181ACF5BFA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D85C7F5-4BDE-4571-8A56-42D3AEE6CC1B}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{4E36AD25-4F4B-48D1-9FBB-7FC0D3E07DFF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{51E818D6-9513-42F5-98A9-DD0C3D341ECB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{546343DE-0741-4550-BE27-458AEAA0C622}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{657D6D2F-CD6C-4E6F-9DC5-0046C31BFDB6}" = protocol=58 | dir=in | app=system |
"{67A66D59-F2AF-4712-B00F-5136D5B5AEF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68474134-92AB-4B72-BAFB-C93072D023EE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6B5B8A20-B0C2-4AA5-A851-B1866DCE496D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6CD7CCEF-48D8-43C1-9A62-D89CF280C3A3}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{73EB8C2C-B509-4521-B92A-A164C2D5864B}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{874A6CE3-1971-4AEA-8AA7-EFFB4CD12FFC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95B36F81-50A4-4A81-ACB1-B6B0892B2D23}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{AEF81D71-ACB7-4FD9-9586-F06120227E2F}" = protocol=6 | dir=out | app=system |
"{B427F1AE-096B-4C08-9E15-F979C67EEB63}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B565B487-C153-46FB-939E-E660A2A3B378}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5937952-EF32-44EF-BD04-F5BC5917049C}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{BDF3017F-B2E6-4DF0-80FB-AA9226A87342}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4CEE026-FF56-473D-8A7B-E3956096A267}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7E64F80-EF50-4F73-89EE-2134B4D63041}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC067588-ABDC-4D25-9EF0-B15467373D0C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D8F80B08-73F4-481C-AA3B-A5032E64B013}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DD97ACA7-5055-4EA4-81F0-FA5641BA5A0D}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{E071B1BF-7DAD-4ED5-AE02-0FC658D4480A}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{EA80CDA7-F87B-4926-AE3D-4EC92D4EABB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EACF539F-83D5-46A4-9176-6305E1465F3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1E1DAC7E-6712-477C-88E1-488769BBCB64}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{5485B3C9-6C8A-427D-A547-612FFCA88FF6}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B1D3C64-EEBC-4807-93FF-DB71719E77F7}" = Image Resizer for Windows (64 bit)
"{357A82F9-B5FF-46C8-ABA2-104695E0F1D1}" = Intel(R) Network Connections 16.6.126.0
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.3
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"PROSetDX" = Intel(R) Network Connections 16.6.126.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}" = Image Resizer for Windows
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DMX5_is1" = DriverMax 6
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PandoraRecovery" = PandoraRecovery (Remove Only)
"Photo-grapher_is1" = Photo-grapher 1
"PIXresizer_is1" = PIXresizer
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/28/2012 12:41:12 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/28/2012 6:13:01 PM | Computer Name = Jerry-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
time stamp: 0x4fecf1b7 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting
process id: 0x11fc Faulting application start time: 0x01cd85689eef806d Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 87425f04-f15d-11e1-8a9e-c86000dd8f44

Error - 8/28/2012 6:13:28 PM | Computer Name = Jerry-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
time stamp: 0x4fecf1b7 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting
process id: 0x1258 Faulting application start time: 0x01cd856a4ae0b36a Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 97aff547-f15d-11e1-8a9e-c86000dd8f44

Error - 8/28/2012 6:14:19 PM | Computer Name = Jerry-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
time stamp: 0x4fecf1b7 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting
process id: 0xb6c Faulting application start time: 0x01cd856a674d1ffd Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: b5cb9d50-f15d-11e1-8a9e-c86000dd8f44

Error - 8/28/2012 6:14:40 PM | Computer Name = Jerry-PC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16448,
time stamp: 0x4fecf1b7 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting
process id: 0x127c Faulting application start time: 0x01cd856a7a6180d3 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: c299ba61-f15d-11e1-8a9e-c86000dd8f44

Error - 8/29/2012 1:30:08 AM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/30/2012 9:10:54 AM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/30/2012 6:53:47 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/30/2012 9:09:24 PM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/31/2012 1:02:06 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/28/2012 8:13:47 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description = The SABDIFSV service failed to start due to the following error: %%1275

Error - 8/28/2012 8:13:47 AM | Computer Name = Jerry-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\ has
been blocked from loading due to incompatibility with this system. Please contact
your software vendor for a compatible version of the driver.

Error - 8/28/2012 8:13:47 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description = The SABKUTIL service failed to start due to the following error: %%1275

Error - 8/28/2012 8:13:48 AM | Computer Name = Jerry-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\ has
been blocked from loading due to incompatibility with this system. Please contact
your software vendor for a compatible version of the driver.

Error - 8/28/2012 8:13:48 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description = The SABProcEnum service failed to start due to the following error:
%%1275

Error - 8/28/2012 12:39:24 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/29/2012 5:42:10 PM | Computer Name = Jerry-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 8/30/2012 9:09:06 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/30/2012 6:51:59 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/31/2012 1:00:18 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL


< End of report >
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby tim s » September 1st, 2012, 11:22 am

Hi iowabucks,

Ok this is Next:

Please download SystemLook from one of the links below and save it to your Desktop.
For 64 bit Systems:
Download Mirror #1
Download Mirror #2


  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *Tarma*
    *Yontoo*
    
    :folderfind
    *Tarma*
    *Yontoo*
    
    :Regfind
    Tarma
    Yontoo
    
  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Please include in your next reply:
SystemLook.txt
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby iowabucks » September 2nd, 2012, 9:06 am

SystemLook 30.07.11 by jpshortstuff
Log created at 08:05 on 02/09/2012 by Jerry
Administrator - Elevation successful

========== filefind ==========

Searching for "*Tarma*"
No files found.

Searching for "*Yontoo*"
C:\Users\Jerry\AppData\Local\Temp\YontooSetup-Silent.exe ------- 800768 bytes [12:12 28/08/2012] [22:19 02/03/2012] 0244535DC98E386633BCEB6E42558FBF

========== folderfind ==========

Searching for "*Tarma*"
C:\ProgramData\Tarma Installer d------ [12:12 28/08/2012]
C:\Users\All Users\Tarma Installer d------ [12:12 28/08/2012]

Searching for "*Yontoo*"
No folders found.

========== Regfind ==========

Searching for "Tarma"
[HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer]

Searching for "Yontoo"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASMANCS]

-= EOF =-
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby tim s » September 2nd, 2012, 3:03 pm

Hi iowabucks,

Thanks for posting logs. Ok now we can start with cleaning.


Next:
Perform a Custom Fix with OTL

  • Right click on OTL.exe select "Run As Administrator" to run it. If prompted by UAC, please allow it.
  • In the Custom Scan/Fixes box at the bottom, copy then paste in the following lines from the code box (Do not include the word "Code"):
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASAPI32]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASMANCS]
    
    :Files
    C:\Users\Jerry\AppData\Local\Temp\YontooSetup-Silent.exe
    C:\ProgramData\Tarma Installer
    C:\Users\All Users\Tarma Installer
    
    :Commands
    [EMPTYTEMP]
    
  • Make sure you have pasted the lines from code box above.
  • Click the Run Fix button at top. If prompted... click OK.
  • Let the Program run unhindered. When the scan completes, Notepad will open with the scan results (OTL.txt). The report is saved in the same location as OTL.
    example: C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log
  • Please post the contents of report in your next reply.
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby iowabucks » September 2nd, 2012, 3:58 pm

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Tarma Installer\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooSetup-Silent-0BDC_RASMANCS\ deleted successfully.
========== FILES ==========
C:\Users\Jerry\AppData\Local\Temp\YontooSetup-Silent.exe moved successfully.
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\Cache folder moved successfully.
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96} folder moved successfully.
C:\ProgramData\Tarma Installer folder moved successfully.
File\Folder C:\Users\All Users\Tarma Installer not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jerry
->Temp folder emptied: 1348362 bytes
->Temporary Internet Files folder emptied: 480844385 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 18682 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 120492947 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 862545086 bytes

Total Files Cleaned = 1,397.00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 09022012_145145

Files\Folders moved on Reboot...
C:\Users\Jerry\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF1CBB686421E8666B.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF3719ADB7FFF21FAA.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF7004E6780480DF10.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF71A43072C0E36EA8.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF8D2754D3C5A3C9B2.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF99B4C8FE5D523776.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DF9F3B730FA0AB6EC1.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFA56D6B39DD99A794.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFB7E1A06A71F59C4F.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFB952C24AE70703A0.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFDBC4CF1D3930AFB2.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFEF31E42517D97F77.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFF2B8242E634075E3.TMP not found!
File\Folder C:\Users\Jerry\AppData\Local\Temp\~DFFE103A2AB5777E47.TMP not found!
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SEJQ8FAG\watch[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PDML5WTH\afr[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PDML5WTH\afr[2].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KKWO7CA5\xd_arbiter[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JAI08A9D\videos[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JAI08A9D\xd_arbiter[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\CWZRLYJZ\showthread[4].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\56SNZ7JS\afr[10].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\56SNZ7JS\afr[9].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4Q6VVHKE\viewtopic[1].htm moved successfully.
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
File\Folder C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\flaE57D.tmp not found!
C:\Users\Jerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby tim s » September 2nd, 2012, 5:49 pm

Hi iowabucks,

Good job
The orginal symptoms you had asked about when surfing the internet in your starter post here are just normal behavior. Askey127 explained it best Here in relpy to a Topic you started in The Discussion room.

The Host files Askey127 mentioned about:
MVPS Hosts
Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE

Now this is next to see if anything else needs to be checked.

ESET Online Scanner
Vista - W7 users: You will need to to right-click on the IE or FF icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.
Note: If using Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted... then double click on it to install.
Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.
Do NOT use the computer while the scan is running... make sure all other programs and windows are closed!


Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.
  • Click the [Run ESET Online Scanner] button.
  • Read the End User License Agreement and check the box: [Yes, I accept the terms of use].
  • Click the green [Start] button.
  • Accept any security warnings from your browser (which means allow the Add-On/Active X to install) and allow the download/installation of any require files.
    If your browser blocks or halts a download, please allow it to download any required files.
  • Under scan settings:
    • Check "Scan archives"
    • Remove found threats is UNCHECKED
  • Click Advanced settings ... select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the [Start] button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running.
  • When the scan completes... press the text: Image
  • Press the text: Image ... then save the file to your desktop as ESETScan.txt.
  • Press the [Back] button... then press the [Finish] button.
  • Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Remember to enable your Anti-virus protection... before continuing!

-------------------------------------------------------------------------

This is Next:

ReScan with OTL
  • Double click OTL.exe to launch the program.
  • Check the box at the top, labeled Include 64 bit scans
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.

Post in next reply
ESETScan.txt or let me know if it did not find anything.
New OTL logs
User avatar
tim s
MRU Honors Grad Emeritus
 
Posts: 1541
Joined: February 11th, 2006, 10:27 am

Re: Some type of adware

Unread postby iowabucks » September 2nd, 2012, 7:02 pm

C:\_OTL\MovedFiles\09022012_145145\C_ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\_OTL\MovedFiles\09022012_145145\C_Users\Jerry\AppData\Local\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application


OTL logfile created on: 9/2/2012 5:44:18 PM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jerry\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.80 Gb Available Physical Memory | 86.56% Memory free
15.95 Gb Paging File | 13.87 Gb Available in Paging File | 86.94% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476.84 Gb Total Space | 406.73 Gb Free Space | 85.30% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/02 14:50:19 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jerry\Desktop\OTL.exe
PRC - [2012/08/20 20:31:01 | 001,470,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe
PRC - [2012/08/20 20:31:01 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/08/20 20:31:01 | 000,918,448 | ---- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
PRC - [2012/08/20 20:31:01 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2012/08/16 06:56:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/08/02 05:22:32 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/01/10 09:39:40 | 001,501,824 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/20 20:30:45 | 000,662,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2012/04/05 11:38:34 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/26 18:37:26 | 001,616,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2012/01/10 21:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2011/08/15 17:38:50 | 000,178,344 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel(R)
SRV:64bit: - [2009/08/17 23:19:24 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/28 05:14:30 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/20 20:31:01 | 001,470,592 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.02\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/08/20 20:31:01 | 000,951,936 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/08/20 20:31:01 | 000,918,448 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe -- (asComSvc)
SRV - [2012/08/20 20:31:01 | 000,149,120 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2012/08/16 06:56:29 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/08/13 04:56:52 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/08/13 04:38:20 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/08/02 05:22:32 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/15 05:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/20 16:29:28 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/01/20 16:29:26 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/01/20 11:45:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/29 20:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/18 12:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2012/01/04 14:58:50 | 000,786,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/01/04 14:58:50 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/01/04 14:58:50 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/11/29 19:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/11/10 01:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/07/19 20:37:56 | 000,342,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/05/05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/05/05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/05/05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/05/05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/05/05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/05/05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2010/05/05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/05/05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010/05/05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010/05/05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/08/07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/07/23 09:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/03/20 11:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Alpham264.sys -- (Alpham2)
DRV - [2012/08/20 13:33:45 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.archerytalk.com/vb
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 72 E4 84 1E 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes,DefaultScope = {319F5DCC-AD4F-4D81-B3D6-C2E86D39E375}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\..\SearchScopes\{319F5DCC-AD4F-4D81-B3D6-C2E86D39E375}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 72 E4 84 1E 79 CD 01 [binary data]
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1000..\Run: [DriverMax_RESTART] File not found
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\RunOnce: [InetReg] C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe (Creative Technology Ltd)
O4 - HKU\S-1-5-21-3562028091-1576662134-1861722290-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.207.0.3 66.207.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D34FC8C3-7FD1-4BA6-AFA5-F6EE5BF4709D}: DhcpNameServer = 66.207.0.3 66.207.0.2
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/15 19:53:55 | 000,000,142 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{0227b0d1-e4a2-11e1-8ccc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0227b0d1-e4a2-11e1-8ccc-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup\rsrc\AUTORUN.EXE -- [2007/08/15 20:55:00 | 000,051,048 | R--- | M] (Activision)
O33 - MountPoints2\{1d41e62f-e49a-11e1-b2a4-806e6f6e6963}\Shell\dinstall\command - "" = D:\DirectX\DXSETUP.exe -- [2008/05/30 17:34:50 | 000,528,392 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/02 17:08:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/09/02 14:51:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/02 14:50:14 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jerry\Desktop\OTL.exe
[2012/08/30 19:24:32 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Buckhead
[2012/08/30 19:22:35 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Computer performance
[2012/08/28 09:19:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012/08/28 07:13:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
[2012/08/28 07:13:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTemp
[2012/08/28 07:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SuperAdBlocker.com
[2012/08/26 11:31:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Adobe
[2012/08/25 08:48:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Brice_Lambson
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Resizer for Windows
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\Image Resizer for Windows
[2012/08/25 08:47:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image Resizer for Windows
[2012/08/23 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Weird pictures
[2012/08/23 20:43:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Website keeps
[2012/08/23 20:42:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
[2012/08/23 20:41:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\WAW patches
[2012/08/23 20:41:06 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Videocamera info
[2012/08/23 20:31:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Vegas Movie Studio PE. 9.0 Projects
[2012/08/23 20:30:36 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2012
[2012/08/21 04:38:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012/08/21 00:04:27 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\AR & XD stuff
[2012/08/21 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\stereo
[2012/08/21 00:04:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\13 Point Harvest Pics
[2012/08/21 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Specific deer
[2012/08/21 00:04:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Sites to check occationally
[2012/08/21 00:04:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Sites i am registered at
[2012/08/21 00:04:05 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\scores
[2012/08/21 00:04:03 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Resume
[2012/08/21 00:04:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\recipes
[2012/08/21 00:04:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\RC
[2012/08/21 00:03:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Punkbusters
[2012/08/21 00:03:52 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\predator pics
[2012/08/21 00:03:44 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\phone
[2012/08/21 00:03:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\My Deercams
[2012/08/21 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\my 69
[2012/08/21 00:03:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Minnow tank
[2012/08/21 00:03:25 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\kitties
[2012/08/21 00:03:20 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Iowa Speedway
[2012/08/21 00:03:18 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\iowa hawkeyes
[2012/08/21 00:02:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Internet Transfer Destination Folder
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\internet speed test and benchmark tests
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Internet Deer Pics
[2012/08/21 00:02:11 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\ice fishing
[2012/08/21 00:02:08 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hunting spots
[2012/08/21 00:01:49 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hunting pics
[2012/08/21 00:01:43 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\house
[2012/08/21 00:01:31 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Hot Cars
[2012/08/21 00:01:31 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\GPS stuff
[2012/08/21 00:01:30 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Gatlinberg
[2012/08/21 00:01:29 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Friends deer & turkeys
[2012/08/21 00:00:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Fishing pics
[2012/08/21 00:00:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Film dipping
[2012/08/21 00:00:39 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Ebay stuff
[2012/08/21 00:00:38 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\divorce decree
[2012/08/20 23:59:37 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Deercam video
[2012/08/20 23:59:35 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Deer mounts
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Dad
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Cozumel
[2012/08/20 23:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Contests
[2012/08/20 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Computer info
[2012/08/20 23:59:28 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\College bowl pick sites
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Chris's pics
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Cart pics
[2012/08/20 23:59:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Bronco info
[2012/08/20 23:59:14 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2011
[2012/08/20 23:59:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2010
[2012/08/20 23:58:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2009
[2012/08/20 23:58:19 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2008
[2012/08/20 23:58:17 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2007
[2012/08/20 23:58:14 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2006
[2012/08/20 23:58:12 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2005
[2012/08/20 23:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Best Deer Cam Pics 2004 and before
[2012/08/20 23:58:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Bank
[2012/08/20 23:58:09 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Automotive info
[2012/08/20 22:05:30 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Documents\Autoruns
[2012/08/20 20:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\FanXpert2
[2012/08/20 20:31:37 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2012/08/20 20:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2012/08/20 20:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/08/20 20:31:01 | 000,028,672 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2012/08/20 20:31:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/08/20 13:33:45 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/08/20 13:33:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\eSupport.com
[2012/08/18 09:32:05 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Microsoft Corporation
[2012/08/18 09:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
[2012/08/17 09:22:06 | 002,561,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012/08/17 09:21:57 | 000,000,000 | ---D | C] -- C:\temp
[2012/08/17 09:20:06 | 027,525,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/08/17 09:20:06 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/08/17 09:20:06 | 020,938,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/08/17 09:20:06 | 018,220,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/08/17 09:20:06 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/08/17 09:20:06 | 015,284,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/08/17 09:20:06 | 009,663,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/08/17 09:20:06 | 007,927,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2012/08/17 09:20:06 | 007,426,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/08/17 09:20:06 | 005,899,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2012/08/17 09:20:06 | 002,744,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/08/17 09:20:06 | 002,573,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/08/17 09:20:06 | 002,386,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/08/17 09:20:06 | 002,216,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/08/17 09:20:06 | 001,865,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/08/17 09:20:06 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
[2012/08/17 09:20:06 | 000,824,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/08/17 09:20:06 | 000,341,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2012/08/17 09:20:06 | 000,294,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2012/08/17 09:20:06 | 000,246,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/08/17 09:20:06 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/08/17 08:10:38 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\NVIDIA
[2012/08/17 08:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2012/08/16 21:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/08/16 21:01:48 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/16 21:01:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/16 21:01:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/16 21:01:47 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/16 21:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/08/16 20:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012/08/16 20:03:17 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012/08/16 09:04:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2012/08/16 09:04:44 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2012/08/16 09:04:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2012/08/16 09:04:44 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2012/08/16 09:04:44 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2012/08/16 09:04:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2012/08/16 09:04:43 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2012/08/16 09:04:43 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2012/08/16 09:04:43 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2012/08/16 09:04:43 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2012/08/16 09:04:43 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2012/08/16 09:04:43 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2012/08/16 09:04:43 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2012/08/16 09:04:43 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2012/08/16 09:04:43 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2012/08/16 09:04:43 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2012/08/16 09:04:43 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2012/08/16 09:04:43 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2012/08/16 09:04:43 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2012/08/16 09:04:43 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2012/08/16 09:04:42 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2012/08/16 09:04:42 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2012/08/16 09:04:42 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2012/08/16 09:04:42 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2012/08/16 09:04:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2012/08/16 09:04:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2012/08/16 09:04:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2012/08/16 09:04:42 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2012/08/16 09:04:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2012/08/16 09:04:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2012/08/16 09:04:41 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2012/08/16 09:04:41 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2012/08/16 09:04:41 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2012/08/16 09:04:41 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2012/08/16 09:04:41 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2012/08/16 09:04:41 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2012/08/16 09:04:41 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2012/08/16 09:04:41 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2012/08/16 09:04:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2012/08/16 09:04:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2012/08/16 09:04:41 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2012/08/16 09:04:41 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2012/08/16 09:04:40 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2012/08/16 09:04:40 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2012/08/16 09:04:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2012/08/16 09:04:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2012/08/16 09:04:40 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2012/08/16 09:04:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2012/08/16 09:04:40 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2012/08/16 09:04:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2012/08/16 09:04:40 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2012/08/16 09:04:40 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2012/08/16 09:04:40 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2012/08/16 09:04:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2012/08/16 09:04:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2012/08/16 09:04:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2012/08/16 09:04:39 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2012/08/16 09:04:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2012/08/16 09:04:39 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2012/08/16 09:04:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2012/08/16 09:04:39 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2012/08/16 09:04:39 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2012/08/16 09:04:39 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2012/08/16 09:04:39 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2012/08/16 09:04:39 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2012/08/16 09:04:39 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2012/08/16 09:04:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2012/08/16 09:04:39 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2012/08/16 09:04:39 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2012/08/16 09:04:39 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2012/08/16 09:04:38 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2012/08/16 09:04:38 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2012/08/16 09:04:38 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2012/08/16 09:04:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2012/08/16 09:04:38 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2012/08/16 09:04:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2012/08/16 09:04:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2012/08/16 09:04:38 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2012/08/16 09:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
[2012/08/16 09:02:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012/08/16 09:02:42 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware
[2012/08/15 06:49:10 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Ideazon,_Inc
[2012/08/15 06:49:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Ideazon
[2012/08/15 06:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ideazon Z Engine
[2012/08/15 06:45:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ideazon
[2012/08/15 06:26:47 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\PunkBuster
[2012/08/15 06:26:23 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Activision
[2012/08/15 05:23:52 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2012/08/15 05:23:52 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2012/08/15 05:23:52 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2012/08/15 05:23:52 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2012/08/15 05:23:52 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2012/08/15 05:23:52 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2012/08/15 05:23:52 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2012/08/15 05:23:52 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2012/08/15 05:23:52 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2012/08/15 05:23:52 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2012/08/15 05:23:52 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2012/08/15 05:23:52 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2012/08/15 05:23:51 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2012/08/15 05:23:51 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2012/08/15 05:23:51 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2012/08/15 05:23:51 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2012/08/15 05:23:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2012/08/15 05:23:51 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2012/08/15 05:23:51 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2012/08/15 05:23:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2012/08/15 05:23:50 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2012/08/15 05:23:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2012/08/15 05:23:50 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2012/08/15 05:23:50 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2012/08/15 05:23:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2012/08/15 05:23:50 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2012/08/15 05:23:50 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2012/08/15 05:23:50 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2012/08/15 05:23:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2012/08/15 05:23:50 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2012/08/15 05:23:50 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2012/08/15 05:23:50 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2012/08/15 05:23:49 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2012/08/15 05:23:49 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2012/08/15 05:23:49 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2012/08/15 05:23:49 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2012/08/15 05:23:49 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2012/08/15 05:23:49 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2012/08/15 05:23:49 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2012/08/15 05:23:49 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2012/08/15 05:23:48 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2012/08/15 05:23:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2012/08/15 05:23:48 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2012/08/15 05:23:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2012/08/15 05:23:48 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2012/08/15 05:23:48 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2012/08/15 05:23:48 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2012/08/15 05:23:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2012/08/15 05:23:48 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2012/08/15 05:23:48 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2012/08/15 05:23:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2012/08/15 05:23:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2012/08/15 05:23:48 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2012/08/15 05:23:48 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2012/08/15 05:23:47 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2012/08/15 05:23:47 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2012/08/15 05:23:47 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2012/08/15 05:23:47 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2012/08/15 05:23:47 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2012/08/15 05:23:47 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2012/08/15 05:23:47 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2012/08/15 05:23:47 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2012/08/15 05:23:47 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2012/08/15 05:23:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2012/08/15 05:23:46 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2012/08/15 05:23:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2012/08/15 05:23:46 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2012/08/15 05:23:46 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2012/08/15 05:23:46 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2012/08/15 05:23:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2012/08/15 05:23:46 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2012/08/15 05:23:46 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2012/08/15 05:23:45 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2012/08/15 05:23:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2012/08/15 05:23:45 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2012/08/15 05:23:45 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2012/08/15 05:23:45 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2012/08/15 05:23:45 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2012/08/15 05:23:45 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2012/08/15 05:23:45 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2012/08/15 05:23:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2012/08/15 05:23:45 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2012/08/15 05:23:44 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2012/08/15 05:23:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2012/08/15 05:23:43 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2012/08/15 05:23:43 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2012/08/15 05:23:43 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2012/08/15 05:23:43 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2012/08/15 05:23:43 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2012/08/15 05:23:43 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2012/08/15 05:23:42 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2012/08/15 05:23:42 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2012/08/15 05:23:42 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2012/08/15 05:23:42 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2012/08/15 05:23:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2012/08/15 05:23:42 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2012/08/15 05:23:42 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2012/08/15 05:23:42 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2012/08/15 05:23:41 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2012/08/15 05:23:41 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2012/08/15 05:23:41 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2012/08/15 05:23:41 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2012/08/15 05:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2012/08/14 21:46:09 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/14 21:46:09 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/14 21:46:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/14 21:46:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/14 21:46:08 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/14 21:46:08 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/14 21:46:08 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/14 21:46:08 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/14 21:46:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/14 21:46:08 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/14 21:46:08 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/14 21:46:07 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/14 21:46:07 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/14 21:03:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\TS3Client
[2012/08/14 20:41:58 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/14 20:41:56 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/14 20:41:56 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/14 20:41:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/14 20:41:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/14 20:41:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/14 20:41:56 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/14 20:41:54 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/14 08:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/14 08:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012/08/14 08:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2012/08/14 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
[2012/08/14 08:25:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2012/08/14 08:07:02 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Innovative Solutions
[2012/08/14 08:07:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012/08/14 08:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Innovative Solutions
[2012/08/14 07:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pandora Recovery
[2012/08/14 07:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pandora Recovery
[2012/08/14 07:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo-grapher
[2012/08/14 07:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Photo-grapher
[2012/08/14 07:32:38 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2012/08/14 07:32:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2012/08/14 07:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/08/14 07:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/08/14 07:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/08/14 07:32:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2012/08/14 07:31:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/08/14 07:31:49 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/08/14 07:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/08/13 04:56:53 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomct2.ocx
[2012/08/13 04:56:53 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe
[2012/08/13 04:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2012/08/13 04:38:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2012/08/13 04:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2012/08/13 04:38:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2012/08/13 04:38:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2012/08/13 04:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2012/08/13 04:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2012/08/13 04:38:04 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2012/08/13 04:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012/08/13 04:38:03 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2012/08/13 04:38:01 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/08/13 04:38:01 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/08/13 04:38:01 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/08/13 04:38:01 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/08/13 04:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012/08/13 04:37:51 | 000,012,288 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\INRES.DLL
[2012/08/13 04:37:51 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRES.DLL
[2012/08/13 04:37:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2012/08/13 04:37:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2012/08/13 04:37:29 | 022,691,984 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\AppSetup.exe
[2012/08/13 04:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/08/13 03:44:04 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Diagnostics
[2012/08/13 03:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/08/13 03:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/08/13 03:07:45 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Google
[2012/08/13 03:05:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXresizer
[2012/08/13 03:05:05 | 001,703,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/08/13 03:05:05 | 000,991,232 | ---- | C] (Viscom Software ) -- C:\Windows\SysWow64\imageviewer2.ocx
[2012/08/13 03:05:05 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx
[2012/08/13 03:05:05 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx
[2012/08/13 03:05:05 | 000,200,704 | ---- | C] (Sheridan Software Systems, Inc.) -- C:\Windows\SysWow64\threed32.ocx
[2012/08/13 03:05:05 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comct232.ocx
[2012/08/13 03:05:05 | 000,151,552 | ---- | C] (Domenico Statuto - CCRP) -- C:\Windows\SysWow64\ccrpfd6.ocx
[2012/08/13 03:05:05 | 000,110,592 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\SysWow64\ccrpbds6.dll
[2012/08/13 03:05:05 | 000,106,496 | ---- | C] (Marco Bellinaso) -- C:\Windows\SysWow64\mbprgbar.ocx
[2012/08/13 03:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PIXresizer
[2012/08/13 02:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/08/13 02:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/08/13 02:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/08/13 02:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/08/13 02:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/08/13 02:48:51 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/13 02:48:51 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/13 02:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/08/13 02:04:24 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Toms stand
[2012/08/13 02:03:08 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\New Computer
[2012/08/13 02:02:58 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Computer Cleaning
[2012/08/13 02:02:09 | 000,000,000 | ---D | C] -- C:\Users\Jerry\Desktop\Blacked out bows
[2012/08/13 01:19:13 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2012/08/13 01:19:13 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2012/08/13 01:19:13 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2012/08/13 01:19:13 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2012/08/13 01:19:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2012/08/13 01:19:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2012/08/13 01:19:13 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2012/08/13 01:19:10 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2012/08/13 01:19:10 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2012/08/13 01:12:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/08/13 01:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/08/13 01:12:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/08/13 01:11:54 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/08/13 01:11:54 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/08/13 01:08:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012/08/13 01:05:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/08/13 01:05:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am

Re: Some type of adware

Unread postby iowabucks » September 2nd, 2012, 7:05 pm

[2012/08/13 00:55:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/13 00:55:27 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/13 00:55:27 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/13 00:55:27 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/13 00:55:27 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/13 00:55:27 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/13 00:55:27 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/13 00:55:27 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/13 00:55:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/13 00:55:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/13 00:55:27 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/13 00:55:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/13 00:55:27 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/13 00:55:27 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/13 00:55:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/13 00:55:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/13 00:55:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/13 00:55:27 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/13 00:55:27 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/13 00:55:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/13 00:55:26 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/13 00:55:26 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/13 00:55:26 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/13 00:55:26 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/13 00:55:26 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/13 00:55:26 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/13 00:55:26 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/13 00:55:26 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/13 00:55:26 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/13 00:55:26 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/13 00:55:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/13 00:55:26 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/13 00:55:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/13 00:55:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/13 00:55:26 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/13 00:55:26 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/13 00:55:26 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/13 00:55:26 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/13 00:55:26 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/13 00:55:26 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/13 00:55:26 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/13 00:55:26 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/13 00:55:26 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/13 00:55:26 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/13 00:55:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/13 00:55:26 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/13 00:55:26 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/13 00:55:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/13 00:55:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/13 00:55:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/13 00:55:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/13 00:55:26 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/13 00:55:26 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/13 00:55:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/13 00:55:26 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/13 00:52:06 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/08/13 00:52:05 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/08/13 00:52:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/08/13 00:50:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2012/08/13 00:50:10 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2012/08/13 00:50:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2012/08/13 00:50:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2012/08/13 00:50:10 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2012/08/13 00:50:10 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2012/08/13 00:50:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2012/08/13 00:50:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2012/08/13 00:50:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2012/08/13 00:50:10 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2012/08/13 00:50:10 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2012/08/13 00:50:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2012/08/13 00:50:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2012/08/13 00:50:09 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/08/13 00:50:09 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/08/13 00:50:08 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/08/13 00:50:08 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2012/08/13 00:50:08 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/08/13 00:50:08 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/08/13 00:50:08 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/08/13 00:50:07 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2012/08/13 00:50:07 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2012/08/13 00:50:07 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2012/08/13 00:50:07 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2012/08/13 00:50:06 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012/08/13 00:50:06 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2012/08/13 00:50:06 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/08/13 00:50:06 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/08/13 00:50:06 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2012/08/13 00:50:06 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2012/08/13 00:50:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2012/08/13 00:50:05 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2012/08/13 00:50:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2012/08/13 00:50:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2012/08/13 00:50:05 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2012/08/13 00:50:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2012/08/13 00:50:05 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2012/08/13 00:50:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2012/08/13 00:50:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2012/08/13 00:50:02 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/08/13 00:50:02 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/08/13 00:50:02 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2012/08/13 00:50:02 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2012/08/13 00:50:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2012/08/13 00:50:01 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2012/08/13 00:50:01 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2012/08/13 00:50:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/08/13 00:50:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/08/13 00:50:00 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012/08/13 00:50:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2012/08/13 00:50:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2012/08/13 00:50:00 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012/08/13 00:49:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2012/08/13 00:49:59 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2012/08/13 00:49:59 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2012/08/13 00:49:59 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2012/08/13 00:49:54 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2012/08/13 00:49:54 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2012/08/13 00:49:54 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2012/08/13 00:49:54 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2012/08/13 00:49:54 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/08/13 00:49:54 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/08/13 00:49:54 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2012/08/13 00:49:54 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2012/08/13 00:49:54 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2012/08/13 00:49:53 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2012/08/13 00:49:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2012/08/13 00:49:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2012/08/13 00:49:51 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/08/13 00:49:34 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/08/13 00:49:34 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/08/13 00:49:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/08/13 00:49:30 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/08/13 00:49:30 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/08/13 00:49:30 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/08/13 00:49:30 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/08/13 00:49:30 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/08/13 00:49:30 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/08/13 00:49:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/08/13 00:49:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/08/13 00:49:30 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/08/13 00:49:30 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/08/13 00:49:30 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/08/13 00:49:30 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/08/13 00:49:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/13 00:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/13 00:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/08/13 00:49:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/08/13 00:49:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/08/13 00:49:29 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/08/13 00:49:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/08/13 00:49:29 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/08/13 00:49:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/08/13 00:49:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/08/13 00:49:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/08/13 00:49:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/08/13 00:49:28 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012/08/13 00:49:28 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/08/13 00:49:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/08/13 00:49:28 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2012/08/13 00:49:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2012/08/13 00:49:28 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/08/13 00:49:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/08/13 00:49:26 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/08/13 00:49:26 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/08/13 00:49:25 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2012/08/13 00:49:25 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2012/08/13 00:49:24 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012/08/13 00:49:24 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012/08/13 00:49:19 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2012/08/13 00:48:42 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/08/13 00:48:41 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2012/08/13 00:48:41 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2012/08/13 00:48:40 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2012/08/13 00:48:38 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2012/08/13 00:48:38 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2012/08/13 00:48:25 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/08/13 00:48:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2012/08/13 00:48:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2012/08/13 00:48:24 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2012/08/13 00:48:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2012/08/13 00:48:19 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/08/13 00:48:19 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/08/13 00:47:24 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/08/13 00:47:24 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/08/13 00:43:36 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012/08/13 00:43:36 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012/08/13 00:43:36 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012/08/13 00:43:35 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012/08/13 00:43:35 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012/08/13 00:43:35 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012/08/13 00:43:34 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012/08/13 00:43:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012/08/13 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Macromedia
[2012/08/13 00:41:41 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Adobe
[2012/08/13 00:41:34 | 000,696,520 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/13 00:41:34 | 000,073,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/13 00:41:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/08/13 00:41:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/08/12 13:20:11 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012/08/12 12:26:17 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/08/12 12:20:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012/08/12 12:20:28 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/08/12 11:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/08/12 11:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/08/12 11:56:43 | 006,193,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012/08/12 11:56:43 | 003,266,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012/08/12 11:56:43 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012/08/12 11:56:43 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012/08/12 11:56:40 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/08/12 11:56:40 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/08/12 11:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/08/12 11:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/08/12 11:56:33 | 010,674,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/08/12 11:56:33 | 008,499,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/08/12 11:56:33 | 002,816,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/08/12 11:56:33 | 001,763,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012/08/12 11:56:33 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012/08/12 11:56:33 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2012/08/12 11:56:33 | 000,962,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/08/12 11:56:33 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/08/12 11:56:33 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/08/12 11:56:33 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2012/08/12 11:56:33 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2012/08/12 11:55:48 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/08/12 11:55:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012/08/12 11:36:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/08/12 11:36:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/12 11:36:07 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Malwarebytes
[2012/08/12 11:35:51 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/12 11:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/12 11:26:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012/08/12 11:24:01 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Intel Corporation
[2012/08/12 11:22:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/08/12 11:22:14 | 000,568,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2012/08/12 11:21:48 | 000,178,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\IPROSetMonitor.exe
[2012/08/12 11:21:42 | 000,355,016 | R--- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2012/08/12 11:21:09 | 000,342,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1c62x64.sys
[2012/08/12 11:21:09 | 000,068,264 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1cmsg.dll
[2012/08/12 11:21:09 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2012/08/12 11:21:08 | 000,098,496 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstC.dll
[2012/08/12 11:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2012/08/12 11:13:44 | 000,016,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hcs.sys
[2012/08/12 11:13:38 | 000,355,096 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3hub.sys
[2012/08/12 11:13:37 | 000,786,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iusb3xhc.sys
[2012/08/12 11:09:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2012/08/12 11:09:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA
[2012/08/12 11:06:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/08/12 11:06:57 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/08/12 11:06:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012/08/12 11:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/08/12 11:01:08 | 000,060,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2012/08/12 11:00:56 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/08/12 11:00:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\InstallShield
[2012/08/12 10:55:41 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/08/12 10:55:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/08/12 10:51:31 | 000,000,000 | ---D | C] -- C:\Intel
[2012/08/12 10:49:51 | 000,000,000 | ---D | C] -- C:\Windows\AsDmiHtm
[2012/08/12 10:49:14 | 000,000,000 | ---D | C] -- C:\Windows\Chipset
[2012/08/12 10:49:12 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2012/08/12 10:45:19 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\ElevatedDiagnostics
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Searches
[2012/08/12 10:42:03 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/08/12 10:42:03 | 000,000,000 | -H-D | C] -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/08/12 10:41:57 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Contacts
[2012/08/12 10:41:57 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Identities
[2012/08/12 10:41:56 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\VirtualStore
[2012/08/12 10:41:55 | 000,000,000 | --SD | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft
[2012/08/12 10:41:55 | 000,000,000 | RHSD | C] -- C:\Users\Jerry\Documents\My Music
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Videos
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Saved Games
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Pictures
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Music
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Links
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Favorites
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Downloads
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Documents
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\Desktop
[2012/08/12 10:41:55 | 000,000,000 | R--D | C] -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\Temporary Internet Files
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Templates
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Start Menu
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\SendTo
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Recent
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\PrintHood
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\NetHood
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Documents\My Videos
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Documents\My Pictures
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\My Documents
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Local Settings
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\History
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Cookies
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\Application Data
[2012/08/12 10:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Jerry\AppData\Local\Application Data
[2012/08/12 10:41:55 | 000,000,000 | -H-D | C] -- C:\Users\Jerry\AppData
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Temp
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Local\Microsoft
[2012/08/12 10:41:55 | 000,000,000 | ---D | C] -- C:\Users\Jerry\AppData\Roaming\Media Center Programs
[2012/08/12 10:41:53 | 000,000,000 | -HSD | C] -- C:\Recovery
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/02 17:17:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/02 16:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/02 16:18:17 | 000,001,015 | ---- | M] () -- C:\Users\Jerry\Desktop\New Rich Text Document.rtf
[2012/09/02 16:15:44 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/02 16:15:44 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/02 16:14:59 | 000,111,928 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/02 15:06:33 | 000,729,688 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/02 15:06:33 | 000,626,040 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/02 15:06:33 | 000,107,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/02 15:01:36 | 000,032,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 15:01:36 | 000,032,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/02 14:54:54 | 002,147,571 | ---- | M] () -- C:\Users\Jerry\Desktop\DSC05730.JPG
[2012/09/02 14:54:47 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/02 14:54:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/02 14:54:19 | 000,060,640 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/09/02 14:54:19 | 000,060,640 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/09/02 14:54:19 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/09/02 14:50:19 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jerry\Desktop\OTL.exe
[2012/09/02 14:44:43 | 007,744,866 | ---- | M] () -- C:\Users\Jerry\Desktop\Untitled.png
[2012/08/28 05:14:30 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/28 05:14:30 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/23 20:51:18 | 002,134,362 | ---- | M] () -- C:\Users\Jerry\Desktop\JPEG Image (3718).jpg
[2012/08/22 21:18:31 | 000,335,802 | ---- | M] () -- C:\Users\Jerry\Desktop\DSC07943.jpg
[2012/08/20 20:30:46 | 000,028,672 | ---- | M] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2012/08/20 20:30:46 | 000,013,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/08/20 20:30:44 | 000,011,832 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/08/20 20:30:44 | 000,010,216 | ---- | M] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/08/20 20:13:17 | 000,038,966 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2012/08/20 13:33:45 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2012/08/17 19:58:45 | 000,007,597 | ---- | M] () -- C:\Users\Jerry\AppData\Local\Resmon.ResmonCfg
[2012/08/16 21:01:45 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012/08/16 21:01:44 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/08/16 21:01:44 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/08/16 21:01:44 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/16 21:01:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/16 21:01:44 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/16 09:02:46 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.lnk
[2012/08/16 06:56:29 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/15 06:26:12 | 000,000,694 | ---- | M] () -- C:\Users\Jerry\Desktop\Call of Duty® World at War - Shortcut.lnk
[2012/08/15 05:22:12 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/08/15 05:01:59 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/14 08:42:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/14 08:36:00 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/08/14 08:25:17 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/08/14 07:57:49 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2012/08/14 07:55:28 | 000,001,071 | ---- | M] () -- C:\Users\Jerry\Desktop\Photo-grapher.lnk
[2012/08/14 07:46:00 | 000,002,212 | ---- | M] () -- C:\Users\Jerry\Desktop\Windows Live Mail.lnk
[2012/08/13 04:38:01 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012/08/13 04:38:01 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012/08/13 04:38:01 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012/08/13 04:38:01 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012/08/13 04:38:01 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2012/08/13 03:08:30 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/08/13 03:05:06 | 000,001,075 | ---- | M] () -- C:\Users\Jerry\Desktop\PIXresizer.lnk
[2012/08/13 01:07:17 | 000,001,447 | ---- | M] () -- C:\Users\Jerry\Desktop\Internet Explorer.lnk
[2012/08/13 01:07:17 | 000,001,441 | ---- | M] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/13 00:55:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/08/13 00:55:27 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/08/13 00:55:27 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/08/13 00:55:27 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/08/13 00:55:27 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/08/13 00:55:27 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/08/13 00:55:27 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/08/13 00:55:27 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/08/13 00:55:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/08/13 00:55:27 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/08/13 00:55:27 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/08/13 00:55:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/08/13 00:55:27 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/08/13 00:55:27 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/08/13 00:55:27 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/13 00:55:27 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/08/13 00:55:27 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/08/13 00:55:27 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/08/13 00:55:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/08/13 00:55:27 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/08/13 00:55:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/08/13 00:55:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/08/13 00:55:26 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/08/13 00:55:26 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/08/13 00:55:26 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/08/13 00:55:26 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/08/13 00:55:26 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/08/13 00:55:26 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/08/13 00:55:26 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/08/13 00:55:26 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/08/13 00:55:26 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/08/13 00:55:26 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/08/13 00:55:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/08/13 00:55:26 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/08/13 00:55:26 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/08/13 00:55:26 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/08/13 00:55:26 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/08/13 00:55:26 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/08/13 00:55:26 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/08/13 00:55:26 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/08/13 00:55:26 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/08/13 00:55:26 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/08/13 00:55:26 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/08/13 00:55:26 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/08/13 00:55:26 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/08/13 00:55:26 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/08/13 00:55:26 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/08/13 00:55:26 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/08/13 00:55:26 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/08/13 00:55:26 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/08/13 00:55:26 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/08/13 00:55:26 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/13 00:55:26 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/08/13 00:55:26 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/08/13 00:55:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/08/13 00:55:26 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/08/13 00:55:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/08/13 00:55:26 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/08/13 00:55:26 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/08/12 12:21:47 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/08/12 12:21:47 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/08/12 12:20:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/08/12 11:36:59 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/12 11:36:53 | 000,001,915 | ---- | M] () -- C:\Users\Jerry\Desktop\Microsoft Security Essentials.lnk
[2012/08/12 11:36:52 | 000,730,638 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/12 11:35:51 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 11:13:45 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/08/12 11:09:09 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2012/08/12 10:49:14 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[18 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/02 14:41:50 | 007,744,866 | ---- | C] () -- C:\Users\Jerry\Desktop\Untitled.png
[2012/09/02 14:36:23 | 002,147,571 | ---- | C] () -- C:\Users\Jerry\Desktop\DSC05730.JPG
[2012/08/28 06:51:14 | 002,134,362 | ---- | C] () -- C:\Users\Jerry\Desktop\JPEG Image (3718).jpg
[2012/08/23 20:43:47 | 000,000,159 | ---- | C] () -- C:\Users\Jerry\Documents\official-antec-lanboy-air-case-club.htm
[2012/08/23 20:43:46 | 002,165,355 | ---- | C] () -- C:\Users\Jerry\Documents\IMG_20120620_090742.jpg
[2012/08/23 20:43:46 | 001,866,577 | ---- | C] () -- C:\Users\Jerry\Documents\Lee and Tiffany.JPG
[2012/08/23 20:43:46 | 001,760,046 | ---- | C] () -- C:\Users\Jerry\Documents\first attempt at hydrographics.JPG
[2012/08/23 20:43:46 | 001,700,775 | ---- | C] () -- C:\Users\Jerry\Documents\Don and Kandi Kisky.JPG
[2012/08/23 20:43:46 | 001,632,344 | ---- | C] () -- C:\Users\Jerry\Documents\IMG_20120620_090719.jpg
[2012/08/23 20:43:46 | 000,644,352 | ---- | C] () -- C:\Users\Jerry\Documents\Knight muzzleloader.JPG
[2012/08/23 20:43:46 | 000,613,045 | ---- | C] () -- C:\Users\Jerry\Documents\InstallTrophyScore.exe
[2012/08/23 20:43:46 | 000,412,143 | ---- | C] () -- C:\Users\Jerry\Documents\lyme test results.pdf
[2012/08/23 20:43:46 | 000,148,744 | ---- | C] () -- C:\Users\Jerry\Documents\bookmark.htm
[2012/08/23 20:43:46 | 000,022,547 | ---- | C] () -- C:\Users\Jerry\Documents\Muscatine traffic camera locations.pdf
[2012/08/23 20:43:46 | 000,009,616 | ---- | C] () -- C:\Users\Jerry\Documents\mattsGED.pdf
[2012/08/23 20:43:46 | 000,006,185 | ---- | C] () -- C:\Users\Jerry\Documents\film dipping.rtf
[2012/08/23 20:43:46 | 000,000,343 | ---- | C] () -- C:\Users\Jerry\Documents\alternate email address.rtf
[2012/08/23 20:43:46 | 000,000,217 | ---- | C] () -- C:\Users\Jerry\Documents\magcover Magazine Cover - Create your own Mag Cover!.url
[2012/08/23 20:43:46 | 000,000,211 | ---- | C] () -- C:\Users\Jerry\Documents\Nestle My Benefits.url
[2012/08/23 20:30:59 | 001,560,465 | ---- | C] () -- C:\Users\Jerry\Documents\skyline-New-York-City.jpg
[2012/08/23 20:30:59 | 000,116,114 | ---- | C] () -- C:\Users\Jerry\Documents\Predator Brown Deception camo .jpg
[2012/08/23 20:30:59 | 000,007,691 | ---- | C] () -- C:\Users\Jerry\Documents\Tims info.rtf
[2012/08/23 20:30:59 | 000,000,430 | ---- | C] () -- C:\Users\Jerry\Documents\Things to do to the Bronco.rtf
[2012/08/23 20:30:59 | 000,000,420 | ---- | C] () -- C:\Users\Jerry\Documents\Pat's info.rtf
[2012/08/23 20:30:59 | 000,000,400 | ---- | C] () -- C:\Users\Jerry\Documents\Things to dip.rtf
[2012/08/23 20:30:59 | 000,000,367 | ---- | C] () -- C:\Users\Jerry\Documents\YouTube - wallbanger1.mp4.url
[2012/08/22 21:23:40 | 000,335,802 | ---- | C] () -- C:\Users\Jerry\Desktop\DSC07943.jpg
[2012/08/20 20:31:01 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/08/20 20:31:01 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/08/20 20:31:01 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/08/18 09:31:35 | 000,002,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
[2012/08/17 19:58:45 | 000,007,597 | ---- | C] () -- C:\Users\Jerry\AppData\Local\Resmon.ResmonCfg
[2012/08/17 08:24:18 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/16 09:02:46 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2011.lnk
[2012/08/16 09:02:44 | 014,835,712 | ---- | C] () -- C:\ProgramData\sandra.mda
[2012/08/15 06:26:12 | 000,000,694 | ---- | C] () -- C:\Users\Jerry\Desktop\Call of Duty® World at War - Shortcut.lnk
[2012/08/15 05:22:13 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/15 05:22:13 | 000,111,928 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/15 05:22:12 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/08/15 05:22:12 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/15 05:03:59 | 000,001,015 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Document.rtf
[2012/08/14 08:42:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/14 08:36:00 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012/08/14 08:25:17 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2012/08/14 07:57:49 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\Pandora Recovery.lnk
[2012/08/14 07:55:28 | 000,001,071 | ---- | C] () -- C:\Users\Jerry\Desktop\Photo-grapher.lnk
[2012/08/14 07:46:00 | 000,002,212 | ---- | C] () -- C:\Users\Jerry\Desktop\Windows Live Mail.lnk
[2012/08/13 04:39:05 | 000,060,640 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:39:05 | 000,060,640 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:39:05 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000008-00000000-00000001-00001102-00000005-00221102}.rfx
[2012/08/13 04:38:38 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2012/08/13 04:38:01 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2012/08/13 04:38:01 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/08/13 04:38:01 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2012/08/13 04:38:01 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/08/13 04:38:01 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2012/08/13 03:39:52 | 000,000,215 | ---- | C] () -- C:\Users\Jerry\Desktop\Bing Maps.url
[2012/08/13 03:08:30 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/08/13 03:07:49 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/13 03:07:49 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/13 03:05:06 | 000,001,075 | ---- | C] () -- C:\Users\Jerry\Desktop\PIXresizer.lnk
[2012/08/13 02:52:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/08/13 02:04:38 | 000,000,400 | ---- | C] () -- C:\Users\Jerry\Desktop\Things to dip.rtf
[2012/08/13 02:04:35 | 000,000,568 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Format.rtf
[2012/08/13 02:04:33 | 000,000,429 | ---- | C] () -- C:\Users\Jerry\Desktop\New Rich Text Format (2).rtf
[2012/08/13 00:55:27 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/08/13 00:55:26 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/08/13 00:41:34 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/12 12:21:43 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/08/12 12:21:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/08/12 12:20:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/08/12 11:56:43 | 003,485,076 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012/08/12 11:56:33 | 000,016,354 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/08/12 11:36:59 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/08/12 11:36:53 | 000,001,915 | ---- | C] () -- C:\Users\Jerry\Desktop\Microsoft Security Essentials.lnk
[2012/08/12 11:36:52 | 000,730,638 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/12 11:35:51 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/12 11:21:42 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2012/08/12 11:21:09 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2012/08/12 11:13:45 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012/08/12 11:07:03 | 000,015,128 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/08/12 10:50:12 | 000,001,441 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/08/12 10:46:55 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/08/12 10:46:47 | 000,038,966 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2012/08/12 10:42:04 | 000,001,447 | ---- | C] () -- C:\Users\Jerry\Desktop\Internet Explorer.lnk
[2012/08/12 10:42:04 | 000,001,413 | ---- | C] () -- C:\Users\Jerry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/08/12 10:41:55 | 000,000,290 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/08/12 10:41:55 | 000,000,272 | ---- | C] () -- C:\Users\Jerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/08/02 05:22:46 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/07/25 17:51:44 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/01/10 20:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012/08/15 06:49:07 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\Ideazon
[2012/08/23 20:42:02 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\PandoraRecovery
[2012/08/28 07:13:45 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\SuperAdBlocker.com
[2012/08/14 21:03:17 | 000,000,000 | ---D | M] -- C:\Users\Jerry\AppData\Roaming\TS3Client
[2009/07/14 00:08:49 | 000,015,408 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 9/2/2012 5:44:18 PM - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Jerry\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

15.95 Gb Total Physical Memory | 13.80 Gb Available Physical Memory | 86.56% Memory free
15.95 Gb Paging File | 13.87 Gb Available in Paging File | 86.94% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 476.84 Gb Total Space | 406.73 Gb Free Space | 85.30% Space Free | Partition Type: NTFS
Drive D: | 6.95 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JERRY-PC | User Name: Jerry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08356790-660B-4486-B518-D9EE528DA4C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{101F2513-9390-437A-923F-F51AD3D186DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18F8C08E-2A0C-41E9-B2CE-3D33C2931553}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1AFB31AC-4527-4C9A-A7E5-B91B82D0FEC9}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E5133B8-1136-4AE0-BAB7-31B8153B4BD4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22B61536-09F0-4A71-9DAA-0F5489B38321}" = rport=445 | protocol=6 | dir=out | app=system |
"{285BD28A-22B4-41F7-8D59-CDAA4911AE7D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32DD3B24-FE74-44FB-AA3E-19E58BBE069B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{56707FF5-8D38-4A5C-A33A-E05CAEFB9586}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011\wnt500x64\rpcsandrasrv.exe |
"{7C9626D7-0D01-41A0-9D86-272B8E46CBF4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{874D8C76-450C-414F-AF2A-696FDEF4D96B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{8E138BC4-5F39-4DEF-99A9-DA3FD9BEE686}" = rport=138 | protocol=17 | dir=out | app=system |
"{8E79783F-DB13-4F21-AE31-97079971A7EE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{96E02E88-92BD-4053-BEC8-6DF97ED9437C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9C75BCF8-9C61-4065-99A2-AFCDE7D7A8D2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A3CEC1D9-D655-45E3-83CA-4A8855A2AD91}" = lport=137 | protocol=17 | dir=in | app=system |
"{D16088D4-6F3E-45EA-95A5-6A03F156CD8E}" = lport=445 | protocol=6 | dir=in | app=system |
"{D73229D6-C080-4F37-AA4B-1716F6A87727}" = rport=139 | protocol=6 | dir=out | app=system |
"{E991C8A2-D968-4129-AE46-F925C61B3746}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011\rpcagentsrv.exe |
"{EA9738FE-7077-4B28-B6DD-2FFC174055BF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{ECD0EC39-719B-4491-A881-FDBF57B70B45}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F232965F-37AA-4B91-B03E-02E5E1A1E805}" = rport=137 | protocol=17 | dir=out | app=system |
"{F578B665-DE73-48F8-BA87-A8814567D0FF}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08AE73F9-AF3A-4B7C-AEE3-F31169008248}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0CD007B2-FB7A-44B7-B3E5-2415937ADF92}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{0ED88361-7AE0-47DB-A138-73B97C5D5D64}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2F724557-A4EB-421F-A176-14D51170E61D}" = protocol=58 | dir=in | app=system |
"{306E4056-134A-41F6-8EC4-B26A8533CEEF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31AD1B0E-BDD8-4448-88C2-70369DEF626D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3D47B5F9-5AC3-43CD-840E-872BC318D43B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4026DAFE-0DE9-48CD-A156-9628683B7931}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{419E570C-E85C-4684-B9BF-8A32BFA3D445}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47768C46-4B58-479C-BB09-EC181ACF5BFA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4D85C7F5-4BDE-4571-8A56-42D3AEE6CC1B}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{4E36AD25-4F4B-48D1-9FBB-7FC0D3E07DFF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{51E818D6-9513-42F5-98A9-DD0C3D341ECB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{546343DE-0741-4550-BE27-458AEAA0C622}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{61F5F60B-ED80-42F5-B0E4-6BA54478C758}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{67A66D59-F2AF-4712-B00F-5136D5B5AEF5}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{68474134-92AB-4B72-BAFB-C93072D023EE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6B5B8A20-B0C2-4AA5-A851-B1866DCE496D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{73EB8C2C-B509-4521-B92A-A164C2D5864B}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{874A6CE3-1971-4AEA-8AA7-EFFB4CD12FFC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95B36F81-50A4-4A81-ACB1-B6B0892B2D23}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{AEF81D71-ACB7-4FD9-9586-F06120227E2F}" = protocol=6 | dir=out | app=system |
"{B427F1AE-096B-4C08-9E15-F979C67EEB63}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B565B487-C153-46FB-939E-E660A2A3B378}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B5937952-EF32-44EF-BD04-F5BC5917049C}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{BDF3017F-B2E6-4DF0-80FB-AA9226A87342}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4CEE026-FF56-473D-8A7B-E3956096A267}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7E64F80-EF50-4F73-89EE-2134B4D63041}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC067588-ABDC-4D25-9EF0-B15467373D0C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D8F80B08-73F4-481C-AA3B-A5032E64B013}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DD97ACA7-5055-4EA4-81F0-FA5641BA5A0D}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{E071B1BF-7DAD-4ED5-AE02-0FC658D4480A}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{EA80CDA7-F87B-4926-AE3D-4EC92D4EABB3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EACF539F-83D5-46A4-9176-6305E1465F3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1E1DAC7E-6712-477C-88E1-488769BBCB64}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{5485B3C9-6C8A-427D-A547-612FFCA88FF6}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B1D3C64-EEBC-4807-93FF-DB71719E77F7}" = Image Resizer for Windows (64 bit)
"{357A82F9-B5FF-46C8-ABA2-104695E0F1D1}" = Intel(R) Network Connections 16.6.126.0
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 305.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.61.3
"DriverAgent.exe" = DriverAgent by eSupport.com
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"PROSetDX" = Intel(R) Network Connections 16.6.126.0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}" = Z Engine
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9dfff2f7-5cd7-4fd4-9b75-7d53b042d94b}" = Image Resizer for Windows
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ALchemy" = Creative ALchemy
"AudioCS" = Creative Audio Control Panel
"Console Launcher" = Creative Console Launcher
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DMX5_is1" = DriverMax 6
"ESET Online Scanner" = ESET Online Scanner v3
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PandoraRecovery" = PandoraRecovery (Remove Only)
"Photo-grapher_is1" = Photo-grapher 1
"PIXresizer_is1" = PIXresizer
"PunkBusterSvc" = PunkBuster Services
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"WaveStudio 7" = Creative WaveStudio 7
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/29/2012 1:30:08 AM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/30/2012 9:10:54 AM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/30/2012 6:53:47 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/30/2012 9:09:24 PM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/31/2012 1:02:06 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/31/2012 8:44:31 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/31/2012 9:35:34 PM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/31/2012 11:20:34 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/2/2012 1:30:09 AM | Computer Name = Jerry-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files (x86)\innovative
solutions\drivermax\DPInst\ia64\dpinst.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 9/2/2012 3:56:35 PM | Computer Name = Jerry-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/28/2012 8:13:48 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7000
Description = The SABProcEnum service failed to start due to the following error:
%%1275

Error - 8/28/2012 12:39:24 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/29/2012 5:42:10 PM | Computer Name = Jerry-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.

Error - 8/30/2012 9:09:06 AM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/30/2012 6:51:59 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/31/2012 1:00:18 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/31/2012 8:42:43 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 8/31/2012 11:18:46 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL

Error - 9/2/2012 3:51:45 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Stereoscopic 3D Driver Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 9/2/2012 3:54:47 PM | Computer Name = Jerry-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SABKUTIL


< End of report >
iowabucks
Regular Member
 
Posts: 50
Joined: January 5th, 2009, 1:07 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 301 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware