1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can someone check out my hijack and DDS logs..

Discussion in 'Virus & Other Malware Removal' started by voldo2006, Oct 27, 2011.

Thread Status:
Not open for further replies.
  1. voldo2006

    voldo2006 Thread Starter

    Joined:
    Oct 27, 2011
    Messages:
    1
    I thought there might be something wrong with my computer since my kids were getting on it. I installed the free zonealarm and within the application control settings, i find lots of programs allowed access to the network from my local\Temp
    "Freeware implementation of REG.EXE" AppData\Local\Temp\RarSFX1\procs\explorer.exe 0 KB
    "Freeware implementation of REG.EXE" AppData\Local\Temp\RarSFX0\swreg.exe 158 KB
    AppData\Local\Temp\RarSFX1\h\explorer.exe 0 KB
    AppData\Local\Temp\RarSFX0\procs\explorer.exe 249 KB
    AppData\Local\Temp\RarSFX0\h\explorer.exe 1 KB
    AppData\Local\Temp\RarSFX0\swreg.exe 158 KB
    AppData\Local\Temp\RarSFX1\swreg.exe 0 KB
    AppData\Local\Temp\RarSFX1\procs\iexplorer.exe 0 KB
    AppData\Local\Temp\RarSFX0\procs\iexplorer.exe 249 KB
    AppData\Local\Temp\RarSFX1\procs\iexplorer.exe 0 KB
    AppData\Local\Temp\RarSFX1\h\iexplorer.exe 0 KB
    AppData\Local\Temp\RarSFX0\procs\iexplorer.exe 249 KB
    "NirCmd" AppData\Local\Temp\RarSFX1\nircmd.exe 0 KB
    "NirCmd" AppData\Local\Temp\RarSFX1\winlogon.exe 0 KB
    "NirCmd" AppData\Local\Temp\RarSFX1\nird\iexplorer.exe 0 KB
    "NirCmd" AppData\Local\Temp\RarSFX1\userinit.exe 0 KB

    There are more I didn't list. Some things zonealarm found were
    AppData\Local\Temp\system\audiadg.exe
    " \wmiapsvrd.exe


    Im running Windows 7 64 bit.
    ----------------------------------------------------------------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:13:06 PM, on 10/27/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\multiscan.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\Voldo\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - Startup: SpywareBlaster.lnk = C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    ----------------------------------------------------------------------------------------------------
    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
    Run by Voldo at 19:45:09 on 2011-10-27
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.2933.1540 [GMT -7:00]
    .
    AV: ZoneAlarm Antivirus *Enabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
    AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: ZoneAlarm Anti-Spyware *Enabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
    FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\system32\locator.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    C:\PROGRA~2\CHECKP~1\ZONEAL~1\MAILFR~1\mantispm.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files (x86)\CheckPoint\ZoneAlarm\multiscan.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\Voldo\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\explorer.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://google.com/
    BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    StartupFolder: C:\Users\Voldo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SPYWAR~1.LNK - C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe
    uPolicies-explorer: HideSCABattery = 1 (0x1)
    uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
    uPolicies-explorer: NoInstrumentation = 1 (0x1)
    mPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: LocalAccountTokenFilterPolicy = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 192.168.254.251
    TCP: Interfaces\{3792F5A2-8A81-409C-8DD6-C240D4E1D96B} : DhcpNameServer = 192.168.254.251
    BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    BHO-X64: ZoneAlarm Security Engine Registrar - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Voldo\AppData\Roaming\Mozilla\Firefox\Profiles\cifqv5x8.default\
    FF - prefs.js: browser.startup.homepage - www.google.com
    FF - prefs.js: network.proxy.type - 4
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll
    FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fltsrv;Acronis Storage Filter Management;C:\Windows\system32\DRIVERS\fltsrv.sys --> C:\Windows\system32\DRIVERS\fltsrv.sys [?]
    R0 vidsflt58;Acronis Disk Storage Filter (58);C:\Windows\system32\DRIVERS\vsflt58.sys --> C:\Windows\system32\DRIVERS\vsflt58.sys [?]
    R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys --> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
    R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-10-22 98208]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-19 86224]
    R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-10-19 110032]
    R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-7-25 33672]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-20 366152]
    R2 OS Selector;Acronis OS Selector activator;C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-5-25 2139400]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
    R2 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
    R3 appliandMP;appliandMP;C:\Windows\system32\DRIVERS\appliand.sys --> C:\Windows\system32\DRIVERS\appliand.sys [?]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    S3 appliand;Applian Network Service;C:\Windows\system32\DRIVERS\appliand.sys --> C:\Windows\system32\DRIVERS\appliand.sys [?]
    S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
    S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys --> C:\Windows\system32\drivers\Synth3dVsc.sys [?]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-20 1431888]
    S4 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-7-25 827520]
    S4 mi-raysat_3dsmax2012_64;mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit;C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [2011-2-22 86016]
    S4 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-1-31 66560]
    S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-10-20 386344]
    S4 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S4 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-19 2533400]
    .
    =============== Created Last 30 ================
    .
    2011-10-28 01:59:55 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B93A255-DC2E-4030-9E48-8B1E3EEE557B}\offreg.dll
    2011-10-27 18:17:15 175616 ----a-w- C:\Windows\SysWow64\unrar.dll
    2011-10-27 18:17:12 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
    2011-10-27 13:08:56 -------- d-----w- C:\$RECYCLE.BIN
    2011-10-27 12:58:37 98816 ----a-w- C:\Windows\sed.exe
    2011-10-27 12:58:37 518144 ----a-w- C:\Windows\SWREG.exe
    2011-10-27 12:58:37 256000 ----a-w- C:\Windows\PEV.exe
    2011-10-27 12:58:37 208896 ----a-w- C:\Windows\MBR.exe
    2011-10-27 12:35:18 -------- d-----w- C:\ProgramData\Kaspersky SDK
    2011-10-27 12:34:48 -------- d-----w- C:\Users\Voldo\AppData\Roaming\MailFrontier
    2011-10-27 12:15:52 -------- d-----w- C:\Users\Voldo\AppData\Roaming\CheckPoint
    2011-10-27 12:15:48 -------- d-----w- C:\Program Files (x86)\zonealarm_security_suite
    2011-10-27 12:15:30 -------- d-----w- C:\Program Files\CheckPoint
    2011-10-27 12:14:37 -------- d-----w- C:\ProgramData\CheckPoint
    2011-10-27 11:58:32 -------- d-----w- C:\Program Files (x86)\CheckPoint
    2011-10-27 06:52:30 -------- d-----w- C:\Windows\Internet Logs
    2011-10-23 21:40:37 -------- d-----w- C:\Program Files (x86)\EASEUS
    2011-10-23 21:24:48 -------- d-----w- C:\Users\Voldo\AppData\Local\WBFSManager
    2011-10-23 21:23:46 -------- d-----w- C:\Program Files\WBFS
    2011-10-23 11:56:15 -------- d-----w- C:\Program Files\Yamicsoft
    2011-10-23 03:54:30 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
    2011-10-23 03:54:30 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
    2011-10-23 03:54:30 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
    2011-10-23 03:54:30 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
    2011-10-23 03:54:30 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
    2011-10-23 03:54:30 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
    2011-10-23 03:54:29 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
    2011-10-23 03:54:29 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
    2011-10-22 22:38:56 -------- d-----w- C:\Users\Voldo\AppData\Local\SupportSoft
    2011-10-22 22:38:38 -------- d-----w- C:\ProgramData\PCDr
    2011-10-22 22:38:11 -------- d-----w- C:\Program Files (x86)\Dell Support Center
    2011-10-22 22:38:10 -------- d-----w- C:\Program Files (x86)\Common Files\supportsoft
    2011-10-22 22:37:20 74 --sh--r- C:\Windows\CT4CET.bin
    2011-10-22 22:37:18 75056 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npRLCT4Player.dll
    2011-10-22 22:37:18 464176 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\imagickrt.dll
    2011-10-22 22:37:18 431512 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\ctplayerobject.dll
    2011-10-22 22:37:18 218416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\RLVoicePacker.dll
    2011-10-22 22:37:18 210224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\RLMusicPacker.dll
    2011-10-22 22:37:18 173360 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\RLVoiceUnpacker.dll
    2011-10-22 22:37:18 144688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\rlcontentclass.dll
    2011-10-22 22:37:18 111920 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\RLMusicUnpacker.dll
    2011-10-22 22:37:17 83248 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\ctframeplayerobject.dll
    2011-10-22 22:37:17 238896 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\CrazyTalk4Native.dll
    2011-10-22 22:37:17 210320 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\ctdomemhelper.dll
    2011-10-22 22:36:59 -------- d-----w- C:\Program Files (x86)\Common Files\Reallusion
    2011-10-22 22:36:16 -------- d-----w- C:\Program Files (x86)\Creative
    2011-10-22 22:35:17 -------- d-----w- C:\Program Files (x86)\Dell Webcam
    2011-10-22 22:35:16 224768 ----a-w- C:\Windows\System32\drivers\CtAudDrv.sys
    2011-10-22 22:35:16 172704 ----a-w- C:\Windows\System32\drivers\CtClsFlt.sys
    2011-10-22 22:35:13 -------- d-----w- C:\Program Files (x86)\Creative Live! Cam
    2011-10-22 22:34:58 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2011-10-22 22:34:58 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
    2011-10-22 22:34:57 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
    2011-10-22 22:34:57 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
    2011-10-22 22:34:57 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
    2011-10-22 22:34:57 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
    2011-10-22 22:34:57 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
    2011-10-22 22:34:57 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
    2011-10-22 22:34:13 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
    2011-10-22 22:34:07 36921 ----a-w- C:\Windows\SysWow64\hcwutl32.dll
    2011-10-22 22:34:07 -------- d-----w- C:\Program Files (x86)\HCW72
    2011-10-22 22:33:59 -------- d-----w- C:\Windows\AF09493291E64EF88AB81C7226DFEECB.TMP
    2011-10-22 22:33:36 455680 ----a-w- C:\Windows\System32\deploytk.dll
    2011-10-22 22:30:02 7367200 ----a-w- C:\Windows\System32\RTSUSTORicon.dll
    2011-10-22 22:29:35 422432 ----a-w- C:\Windows\System32\RtsUStor.dll
    2011-10-22 22:29:35 232992 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
    2011-10-22 11:36:34 46 ----a-w- C:\Users\Voldo\SHARE.bat
    2011-10-22 10:11:44 -------- d-----w- C:\Users\Voldo\AppData\Local\Apple Computer
    2011-10-22 03:17:41 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3
    2011-10-22 01:54:44 -------- d-----w- C:\Users\Voldo\AppData\Local\WindowsUpdate
    2011-10-22 01:39:14 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B93A255-DC2E-4030-9E48-8B1E3EEE557B}\mpengine.dll
    2011-10-21 22:07:42 -------- d-----w- C:\Program Files (x86)\UltraISO
    2011-10-21 22:07:42 -------- d-----w- C:\Program Files (x86)\Common Files\EZB Systems
    2011-10-21 21:09:18 -------- d-----w- C:\Windows\Acronis
    2011-10-21 20:37:11 -------- d-----w- C:\Program Files (x86)\PhotoLapse
    2011-10-21 19:59:17 -------- dc----w- C:\Users\Voldo\AppData\Local\MigWiz
    2011-10-21 19:58:12 3006264 ----a-w- C:\Windows\System32\auto_reactivate.exe
    2011-10-21 19:57:01 -------- d-----r- C:\bootwiz
    2011-10-21 19:54:54 1284192 ----a-w- C:\Windows\System32\drivers\tdrpman.sys
    2011-10-21 19:54:52 986208 ----a-w- C:\Windows\System32\drivers\timntr.sys
    2011-10-21 19:54:40 210528 ----a-w- C:\Windows\System32\drivers\vididr.sys
    2011-10-21 19:54:39 142944 ----a-w- C:\Windows\System32\drivers\vsflt58.sys
    2011-10-21 19:54:36 310368 ----a-w- C:\Windows\System32\drivers\snapman.sys
    2011-10-21 19:54:33 132704 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
    2011-10-21 19:51:53 -------- d-sh--w- C:\Windows\Installer
    2011-10-21 09:53:19 2871808 ----a-w- C:\Windows\explorer.exe
    2011-10-21 09:33:00 -------- d-----w- C:\Users\Voldo\AppData\Roaming\replacer
    2011-10-21 09:31:23 332288 ----a-w- C:\Windows\System32\uxtheme.dll.backup
    2011-10-21 09:31:21 2851840 ----a-w- C:\Windows\System32\themeui.dll.backup
    2011-10-21 09:31:19 44544 ----a-w- C:\Windows\System32\themeservice.dll.backup
    2011-10-21 08:55:13 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
    2011-10-21 07:22:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-10-21 06:28:50 -------- d-----w- C:\Users\Voldo\AppData\Local\TechSmith
    2011-10-21 06:05:42 -------- d-----w- C:\Windows\SysWow64\xlive
    2011-10-21 06:05:36 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
    2011-10-21 06:00:24 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2011-10-21 04:50:58 -------- d-----w- C:\Program Files (x86)\Square Enix
    2011-10-21 04:04:04 -------- d-----w- C:\Users\Voldo\AppData\Local\Jaksta_Technologies_Pty_L
    2011-10-21 04:02:05 33888 ----a-w- C:\Windows\System32\drivers\appliand.sys
    2011-10-21 04:01:59 -------- d-----w- C:\Program Files (x86)\Applian Technologies
    2011-10-21 04:01:47 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Replay Media Catcher 4
    2011-10-21 04:01:47 -------- d-----w- C:\ProgramData\Applian
    2011-10-21 03:57:52 -------- d-----w- C:\Fraps
    2011-10-20 18:29:41 -------- d-----w- C:\Program Files\Foxit Software
    2011-10-20 18:16:30 -------- d-----w- C:\ProgramData\SmartSound Software Inc
    2011-10-20 18:16:23 -------- d-----w- C:\ProgramData\eSellerate
    2011-10-20 18:16:23 -------- d-----w- C:\Program Files (x86)\SmartSound Software
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2011-10-20 18:15:59 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2011-10-20 18:15:08 -------- d-----w- C:\Users\Voldo\AppData\Local\Apple
    2011-10-20 16:47:11 7367200 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
    2011-10-20 14:52:42 -------- d-----w- C:\Users\Voldo\AppData\Local\ElevatedDiagnostics
    2011-10-20 14:11:43 -------- d-----w- C:\Program Files (x86)\VideoLAN
    2011-10-20 13:48:19 -------- d-----w- C:\New folder
    2011-10-20 10:51:26 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Malwarebytes
    2011-10-20 10:51:21 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-10-20 10:51:17 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-10-20 10:51:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-10-20 10:26:03 -------- d-----w- C:\Program Files\Dell
    2011-10-20 10:25:38 -------- d-----w- C:\Windows\SysWow64\sda
    2011-10-20 10:09:01 -------- d-----w- C:\Users\Voldo\AppData\Local\Totalidea_Software
    2011-10-20 10:09:00 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Tweak-7
    2011-10-20 10:01:29 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2011-10-20 10:01:28 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
    2011-10-20 10:01:27 -------- d-----w- C:\Program Files (x86)\SpywareBlaster
    2011-10-20 10:01:04 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Athentech
    2011-10-20 09:56:31 -------- d-----w- C:\Program Files (x86)\Athentech
    2011-10-20 09:55:40 -------- d-----w- C:\Program Files\Athentech
    2011-10-20 09:51:35 -------- d-----w- C:\Program Files\Lavasoft AdAware Pro 2009 8.0.7
    2011-10-20 09:42:19 -------- d-----w- C:\Users\Voldo\AppData\Local\VS Revo Group
    2011-10-20 09:42:16 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
    2011-10-20 09:42:14 -------- d-----w- C:\Program Files\VS Revo Group
    2011-10-20 09:36:06 -------- d-----w- C:\Users\Voldo\AppData\Local\Diagnostics
    2011-10-20 09:17:11 -------- d-----w- C:\Program Files\Tweak-7
    2011-10-20 09:05:41 -------- d-----w- C:\Program Files (x86)\Fear-Otaku Software
    2011-10-20 08:37:06 -------- d-----w- C:\Program Files (x86)\Yahoo!
    2011-10-20 08:25:16 -------- d-----w- C:\Users\Voldo\AppData\Local\Adobe
    2011-10-20 08:23:06 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
    2011-10-20 08:23:05 -------- d-----w- C:\Program Files\Common Files\Topaz Labs
    2011-10-20 08:22:53 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
    2011-10-20 08:22:51 -------- d-----w- C:\Program Files\Topaz Labs
    2011-10-20 08:22:51 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs
    2011-10-20 08:22:24 -------- d-----w- C:\Users\Voldo\AppData\Local\PackageAware
    2011-10-20 08:20:00 -------- d-----w- C:\ProgramData\boost_interprocess
    2011-10-20 07:31:53 -------- d-----w- C:\Users\Voldo\AppData\Local\Autodesk
    2011-10-20 07:20:31 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared
    2011-10-20 07:18:34 -------- d-----w- C:\Program Files\Common Files\Autodesk Shared
    2011-10-20 07:18:34 -------- d-----w- C:\Program Files\Autodesk
    2011-10-20 07:17:59 -------- d-----w- C:\Program Files (x86)\Autodesk
    2011-10-20 07:01:33 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Autodesk
    2011-10-20 06:19:46 -------- d-----w- C:\Users\Voldo\AppData\Roaming\Avira
    2011-10-20 06:19:22 27760 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
    2011-10-20 06:19:21 97312 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
    2011-10-20 06:19:21 -------- d-----w- C:\ProgramData\Avira
    2011-10-20 06:19:21 -------- d-----w- C:\Program Files (x86)\Avira
    2011-10-19 22:57:46 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-19 22:47:27 -------- d-----w- C:\Program Files (x86)\uTorrent
    2011-10-19 22:47:04 -------- d-----w- C:\Users\Voldo\AppData\Roaming\uTorrent
    2011-10-19 22:47:04 -------- d-----w- C:\Users\Voldo\AppData\Local\uTorrent
    2011-10-19 22:26:49 -------- d-----w- C:\Program Files (x86)\Realtek
    2011-10-19 22:25:50 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
    2011-10-19 22:25:31 -------- d-----w- C:\Program Files\Common Files\Intel
    2011-10-19 22:25:31 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
    2011-10-19 22:19:46 -------- d-----w- C:\Program Files (x86)\Cisco
    2011-10-19 21:52:49 -------- d-----w- C:\Windows\SysWow64\Wat
    2011-10-19 21:52:49 -------- d-----w- C:\Windows\System32\Wat
    2011-10-19 21:33:18 -------- d-----w- C:\Program Files (x86)\Driver-Soft
    2011-10-19 21:29:04 411480 ----a-w- C:\Windows\SysWow64\tsccvid.dll
    2011-10-19 21:28:50 -------- d-----w- C:\Windows\SysWow64\Flash
    2011-10-19 21:28:45 -------- d-----w- C:\Program Files (x86)\Common Files\TechSmith Shared
    2011-10-19 21:26:41 -------- d-----w- C:\Windows\SysWow64\Atheros_L1e
    2011-10-19 21:25:59 74280 ----a-w- C:\Windows\System32\drivers\L1C62x64.sys
    2011-10-19 21:23:51 -------- d-----w- C:\Program Files\ATI
    2011-10-19 21:23:36 -------- d-----w- C:\Program Files\ATI Technologies
    2011-10-19 21:21:36 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
    2011-10-19 21:21:26 -------- d-----w- C:\Intel
    2011-10-19 21:20:55 -------- d-----w- C:\Windows\System32\SRSLabs
    2011-10-19 21:20:54 -------- d-----w- C:\Program Files\Realtek
    2011-10-19 21:20:34 -------- d--h--w- C:\Program Files (x86)\Temp
    2011-10-19 21:20:33 1698408 ----a-w- C:\Windows\RtlExUpd.dll
    2011-10-19 21:19:56 -------- d-----w- C:\dell
    2011-10-19 17:53:39 -------- d-----w- C:\Boot
    2011-10-19 17:00:21 -------- d-----w- C:\Users\Voldo\AppData\Local\VirtualStore
    2011-10-11 17:10:50 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2011-10-11 17:10:50 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2011-10-11 17:10:50 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2011-10-11 17:10:50 3138048 ----a-w- C:\Windows\System32\win32k.sys
    2011-10-11 17:10:50 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2011-10-11 17:10:49 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
    2011-10-11 17:10:49 613888 ----a-w- C:\Windows\System32\psisdecd.dll
    2011-10-11 17:10:49 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
    2011-10-11 17:10:49 108032 ----a-w- C:\Windows\System32\psisrndr.ax
    2011-10-10 16:18:46 -------- d-----w- C:\Windows\Panther
    2011-10-10 15:36:14 748336 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    2011-10-10 15:31:46 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2011-10-10 15:26:41 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-10-10 15:26:40 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-10-10 15:26:40 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-10-10 15:26:06 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-10-03 20:43:10 167704 ----a-w- C:\Windows\System32\igfxtray.exe
    2011-10-03 20:43:06 510232 ----a-w- C:\Windows\System32\igfxsrvc.exe
    2011-10-03 20:43:04 416024 ----a-w- C:\Windows\System32\igfxpers.exe
    2011-10-03 20:43:00 239896 ----a-w- C:\Windows\System32\igfxext.exe
    2011-10-03 20:42:54 392472 ----a-w- C:\Windows\System32\hkcmd.exe
    2011-10-03 20:42:50 4378392 ----a-w- C:\Windows\System32\GfxUI.exe
    2011-10-03 20:42:46 184600 ----a-w- C:\Windows\System32\difx64.exe
    .
    ==================== Find3M ====================
    .
    2011-10-22 00:31:03 332288 ----a-w- C:\Windows\System32\uxtheme.dll
    2011-10-22 00:31:01 2851840 ----a-w- C:\Windows\System32\themeui.dll
    2011-10-22 00:30:58 44544 ----a-w- C:\Windows\System32\themeservice.dll
    2011-10-10 15:36:14 74752 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2011-10-10 15:35:58 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2011-09-26 09:52:20 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2538.dll
    2011-09-26 09:44:56 8313856 ----a-w- C:\Windows\System32\igdumd64.dll
    2011-09-26 09:40:28 12309440 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
    2011-09-26 09:30:20 6323712 ----a-w- C:\Windows\SysWow64\igdumd32.dll
    2011-09-26 09:19:20 581120 ----a-w- C:\Windows\SysWow64\igdumdx32.dll
    2011-09-26 09:12:36 14592000 ----a-w- C:\Windows\System32\igd10umd64.dll
    2011-09-26 08:53:10 12340224 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
    2011-09-26 08:26:56 18651136 ----a-w- C:\Windows\System32\ig4icd64.dll
    2011-09-26 07:58:02 13903360 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
    2011-09-26 07:44:54 378368 ----a-w- C:\Windows\System32\igfxTMM.dll
    2011-09-26 07:44:46 375808 ----a-w- C:\Windows\System32\igfxpph.dll
    2011-09-26 07:44:28 28672 ----a-w- C:\Windows\System32\igfxexps.dll
    2011-09-26 07:44:14 62464 ----a-w- C:\Windows\System32\igfxsrvc.dll
    2011-09-26 07:43:46 110080 ----a-w- C:\Windows\System32\hccutils.dll
    2011-09-26 07:43:36 4096 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
    2011-09-26 07:43:36 146432 ----a-w- C:\Windows\System32\gfxSrvc.dll
    2011-09-26 07:43:34 390144 ----a-w- C:\Windows\System32\igfxdev.dll
    2011-09-26 07:43:00 285696 ----a-w- C:\Windows\System32\igfxrenu.lrc
    2011-09-26 07:42:54 9014784 ----a-w- C:\Windows\System32\igfxress.dll
    2011-09-26 07:42:54 142336 ----a-w- C:\Windows\System32\igfxdo.dll
    2011-09-26 07:39:10 24576 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
    2011-09-26 07:38:22 294400 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
    2011-09-26 07:36:22 2177536 ----a-w- C:\Windows\System32\igfxcmjit64.dll
    2011-09-26 07:36:22 171520 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
    2011-09-26 07:36:22 1663488 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
    2011-09-26 07:36:22 148480 ----a-w- C:\Windows\System32\igfxcmrt64.dll
    2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
    2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
    2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-09-01 02:58:50 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2509.dll
    2011-09-01 02:51:16 867020 ----a-w- C:\Windows\SysWow64\igkrng575.bin
    2011-09-01 02:51:16 867020 ----a-w- C:\Windows\System32\igkrng575.bin
    2011-09-01 02:51:16 128204 ----a-w- C:\Windows\SysWow64\igcompkrng575.bin
    2011-09-01 02:51:16 128204 ----a-w- C:\Windows\System32\igcompkrng575.bin
    2011-09-01 02:51:16 105608 ----a-w- C:\Windows\SysWow64\igfcg575m.bin
    2011-09-01 02:51:16 105608 ----a-w- C:\Windows\System32\igfcg575m.bin
    2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-09-01 02:13:52 98304 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
    2011-09-01 02:13:52 98304 ----a-w- C:\Windows\System32\iglhcp64.dll
    2011-09-01 02:13:52 94208 ----a-w- C:\Windows\System32\IccLibDll_x64.dll
    2011-09-01 02:13:52 376832 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
    2011-09-01 02:13:52 376832 ----a-w- C:\Windows\System32\iglhsip64.dll
    2011-08-23 13:12:56 317440 ----a-w- C:\Windows\System32\drivers\IntcDAud.sys
    2011-08-23 13:12:38 14848 ----a-w- C:\Windows\System32\IntcDAuC.dll
    .
    ============= FINISH: 19:46:19.24 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Enterprise
    Boot Device: \Device\HarddiskVolume1
    Install Date: 10/19/2011 9:59:55 AM
    System Uptime: 10/27/2011 6:56:47 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 08VFX1
    Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz | U2E1 | 2399/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 270 GiB total, 211.858 GiB free.
    D: is CDROM ()
    E: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Broadcom 802.11n Network Adapter
    Device ID: PCI\VEN_14E4&DEV_4727&SUBSYS_00101028&REV_01\4&D0BBF38&0&00E1
    Manufacturer: Broadcom
    Name: Broadcom 802.11n Network Adapter
    PNP Device ID: PCI\VEN_14E4&DEV_4727&SUBSYS_00101028&REV_01\4&D0BBF38&0&00E1
    Service: BCM43XX
    .
    ==== System Restore Points ===================
    .
    RP73: 10/24/2011 10:11:52 PM - Before CS5 patch
    RP74: 10/27/2011 2:59:37 PM - cleaned up
    .
    ==== Installed Programs ======================
    .
    Acronis Disk Director Home
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Professional CS5
    Adobe Photoshop CS5
    Advanced Audio FX Engine
    Apple Application Support
    Apple Software Update
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    Autodesk Backburner 2012.0.0
    Autodesk Material Library 2012
    Autodesk Material Library Base Resolution Image Library 2012
    Autodesk Material Library Medium Resolution Image Library 2012
    Avira Free Antivirus
    Batman Arkham Asylum Game Of The Year Edition
    Camtasia Studio 7
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    CyberLink PowerDirector
    CyberLink WaveEditor
    Dell Support Center (Support Software)
    Dell Webcam Central
    Driver Genius Professional Edition
    EASEUS Data Recovery Wizard Professional 5.5.1
    Foxit PDF Editor
    Fraps (remove only)
    Hauppauge TV Tuner Diagnostics (1.2.7076)
    Hauppauge TV Tuner Driver
    Intel(R) Management Engine Components
    Intel(R) Processor Graphics
    IP Filter Updater 0.3
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 29
    K-Lite Codec Pack 7.8.0 (Basic)
    Live! Cam Avatar Creator
    Malwarebytes' Anti-Malware version 1.51.2.1300
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable - KB2467175
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Mozilla Firefox 7.0.1 (x86 en-US)
    Notepad++
    OpenOffice.org 3.3
    Perfectly Clear Plugin 1.5.8
    QuickTime
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Replay Media Catcher 4 (4.3.2)
    SmartSound Quicktracks 5
    SpywareBlaster 4.4
    Topaz ReMask 3
    Topaz ReMask 3 (64-bit)
    UltraISO Premium V9.5
    VC 9.0 Runtime
    VLC media player 1.1.11
    Yahoo! Messenger
    ZoneAlarm Antivirus
    ZoneAlarm Firewall
    ZoneAlarm Internet Security Suite
    ZoneAlarm Security
    .
    ==== End Of File ===========================


    Thanks
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1024359

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice