Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by SYSTEM on MININT-T3UT37L on 27-07-2014 12:39:00 Running from C:\BleepingComp Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet004 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-08] (NVIDIA Corporation) HKLM\...\Run: [Zune Launcher] => "C:\Program Files\Zune\ZuneLauncher.exe" HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1911808 2012-09-08] (Dominik Reichl) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MSI) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.) HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\VIPRE\SBAMTray.exe [3216272 2013-09-05] (ThreatTrack Security, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation) Winlogon\Notify\CSEWLPackage-x32: C:\Program Files (x86)\ScriptLogic Corporation\Privilege Authority\GPEExtensionsProxy.dll (ScriptLogic Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoNetworkConnections] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\Administrator\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Administrator\...\Run: [NVIDIA nTune] => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile HKU\Administrator\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-25] (FileHippo.com) HKU\Administrator\...\Run: [SolarWinds SRTM] => "C:\Program Files (x86)\SolarWinds\StorageResponseTimeMonitor\SRTM.exe" HKU\Administrator\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\Administrator\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Administrator\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Administrator\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\Administrator\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Administrator\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Administrator\...\Policies\Explorer: [NoNetHood] 0 HKU\Administrator\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Administrator\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Administrator\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Administrator\...\Policies\Explorer: [NoSecConsole] 0 HKU\Administrator\...\Policies\Explorer: [NoSecurityTab] 0 HKU\Administrator\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Administrator\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Administrator\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Administrator\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 HKU\Administrator\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\Administrator\...\Policies\Explorer: [NoAddPrinter] 0 HKU\Administrator\...\Policies\Explorer: [NoBandCustomize] 0 HKU\Administrator\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\Administrator\...\Policies\Explorer: [NoCommonGroups] 0 HKU\Administrator\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\Administrator\...\Policies\Explorer: [NoDFSTab] 0 HKU\Administrator\...\Policies\Explorer: [NoFileMenu] 0 HKU\Administrator\...\Policies\Explorer: [NoHardwareTab] 0 HKU\Administrator\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\Administrator\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\Administrator\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\Administrator\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\Administrator.Argonne7-64\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Administrator.Argonne7-64\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-25] (FileHippo.com) HKU\Administrator.Argonne7-64\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1342520 2012-03-28] (Hobbyist Software) HKU\Administrator.Argonne7-64\...\Run: [SUMo] => C:\Program Files (x86)\KC Softwares\SUMo\SUMo.exe [1431552 2012-03-30] (KC Softwares) HKU\Administrator.Argonne7-64\...\Run: [SolarWinds SRTM] => "C:\Program Files (x86)\SolarWinds\StorageResponseTimeMonitor\SRTM.exe" HKU\Administrator.Argonne7-64\...\Run: [NVIDIA nTune] => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile HKU\Administrator.Argonne7-64\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-10-26] (AMD) HKU\Administrator.Argonne7-64\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoAddPrinter] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoBandCustomize] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoCommonGroups] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDFSTab] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoFileMenu] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoHardwareTab] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetHood] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSecConsole] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\Dave\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Dave\...\Run: [CTRegRun] => C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd ) HKU\Dave\...\Run: [StartUp This] => C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe [251184 2009-10-02] (Laplink Software, Inc.) HKU\Dave\...\Run: [TranscodeServer] => C:\Program Files (x86)\Realtek\Transcode Server\TranscodeServer.exe [1163351 2009-02-13] () HKU\Dave\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Dave\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\Dave\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\Dave\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Dave\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Dave\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Dave\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\Dave\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Dave\...\Policies\Explorer: [NoNetHood] 0 HKU\Dave\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Dave\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Dave\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Dave\...\Policies\Explorer: [NoSecConsole] 0 HKU\Dave\...\Policies\Explorer: [NoSecurityTab] 0 HKU\Dave\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Dave\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Dave\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Dave\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\dnilson\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\dnilson\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-10-26] (AMD) HKU\dnilson\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\dnilson\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\dnilson\...\Policies\Explorer: [NoAddPrinter] 0 HKU\dnilson\...\Policies\Explorer: [NoBandCustomize] 0 HKU\dnilson\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\dnilson\...\Policies\Explorer: [NoCommonGroups] 0 HKU\dnilson\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\dnilson\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\dnilson\...\Policies\Explorer: [NoDFSTab] 0 HKU\dnilson\...\Policies\Explorer: [NoFileMenu] 0 HKU\dnilson\...\Policies\Explorer: [NoHardwareTab] 0 HKU\dnilson\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\dnilson\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\dnilson\...\Policies\Explorer: [NoNetHood] 0 HKU\dnilson\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\dnilson\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\dnilson\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\dnilson\...\Policies\Explorer: [NoSecConsole] 0 HKU\dnilson\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\dnilson\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\dnilson\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\dnilson\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\dnilson\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\dnilson\...\Policies\Explorer: [NoResolveSearch] 1 HKU\dnilson\...\Policies\Explorer: [NoSMBalloonTip] 1 HKU\dnilson.NILSON\...\Run: [StartUp This] => C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe [251184 2009-10-02] (Laplink Software, Inc.) HKU\dnilson.NILSON\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\dnilson.NILSON\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\dnilson.NILSON\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\dnilson.NILSON\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\dnilson.NILSON\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\dnilson.NILSON\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\dnilson.NILSON\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetHood] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSecConsole] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSecurityTab] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 Startup: C:\Users\dnilson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> (No File) Startup: C:\Users\dnilson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - No File SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No File BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S2 CachemanService; C:\Program Files (x86)\Cacheman\CachemanServ.exe [238152 2013-05-14] (Outertech) S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60552 2011-10-21] (CHENGDU YIWO Tech Development Co., Ltd) S2 gfi_lanss11_attservice; C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.) S3 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23176 2011-10-21] (CHENGDU YIWO Tech Development Co., Ltd) S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit) S2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit) S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [375176 2012-02-07] (LogMeIn, Inc.) S3 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147336 2012-02-07] (LogMeIn, Inc.) S3 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.) S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI) S3 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) S2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [3937472 2013-09-05] (ThreatTrack Security, Inc.) S2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [176016 2013-09-05] (ThreatTrack Security, Inc.) S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation) S2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation) S3 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.) S2 WMPNetworkSvc; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe [913408 2006-10-18] (Microsoft Corporation) S2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.exe [X] S3 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [X] S3 Rsync; E:\Cygwin\bin\cygrunsrv.exe [X] S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X] S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X] S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) S3 DIRECTIO; C:\Program Files (x86)\PerformanceTest\DirectIo.sys [21056 2010-06-30] () S4 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () S4 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [50312 2011-10-21] () S4 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () S4 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () S1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [266688 2008-01-20] (Stephan Schreiber) S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security) S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.) S1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [78272 2007-12-29] (Stephan Schreiber) S2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [85008 2012-05-22] () S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider) S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2010-01-27] (LogMeIn, Inc.) S4 LMIRfsClientNP; No ImagePath S3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation) S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI) S3 NVR0Dev; C:\Windows\nvoclk64.sys [40480 2008-06-06] (NVidia Corp.) S2 NVR0FLASHDev; C:\Windows\nvflsh64.sys [40480 2008-05-23] (NVidia Corp.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] () S3 QGPEFlt; C:\Program Files (x86)\ScriptLogic Corporation\Privilege Authority\Driver\QGPEFlt.sys [38424 2008-04-04] (Quest Software Corporation) S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com) S3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation) S2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-06-18] (ThreatTrack Security, Inc.) S0 Si3531; C:\Windows\System32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc) S0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2009-02-09] (Silicon Image, Inc.) S0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2009-02-09] (Silicon Image, Inc.) S0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-10-17] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-12] () S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com) S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation) S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity) S3 ndfs; \??\C:\Program Files\NetDrive\ndfs.sys [X] S4 VirtualDK; \??\E:\DEV\Winbuilder80\Projects\Tools\vdk\vdk.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 12:38 - 2014-07-27 12:39 - 00000000 ____D () C:\FRST 2014-07-27 12:04 - 2014-07-27 12:04 - 00000000 ____D () C:\Windows\Microsoft Antimalware 2014-07-26 15:34 - 2014-07-26 15:38 - 00000000 ____D () C:\first.FRST.dan 2014-07-26 10:53 - 2014-07-27 12:39 - 00000000 ____D () C:\BleepingComp 2014-07-18 00:00 - 2014-07-18 00:00 - 00000000 _____ () C:\Windows\System32\SBRC.dat 2014-07-13 20:55 - 2014-07-13 20:55 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-07-13 15:17 - 2014-07-15 17:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-13 15:17 - 2014-03-04 03:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-07-13 15:16 - 2014-03-04 05:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2014-07-13 15:16 - 2014-03-04 05:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2014-07-13 15:16 - 2014-03-04 05:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2014-07-13 10:22 - 2014-07-13 10:22 - 00000000 ____D () C:\found.000 2014-07-12 13:36 - 2014-07-12 13:36 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FastStone 2014-07-12 13:35 - 2014-07-12 13:35 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FreeCommander 2014-07-12 13:05 - 2014-07-12 13:06 - 00000393 _____ () C:\Windows\SecuniaPackage.log 2014-07-12 13:05 - 2014-07-12 13:05 - 00001811 _____ () C:\Users\Public\Desktop\ImgBurn.lnk 2014-07-12 13:05 - 2014-07-12 13:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn 2014-07-12 12:58 - 2014-07-12 12:58 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2014-07-12 12:49 - 2014-07-27 08:27 - 00001512 _____ () C:\Windows\setupact.log 2014-07-12 12:49 - 2014-07-12 15:10 - 00004384 _____ () C:\Windows\PFRO.log 2014-07-12 12:49 - 2014-07-12 12:49 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-12 11:33 - 2014-07-12 11:33 - 00003804 _____ () C:\Users\dnilson\Documents\cc_20140712_153320.reg 2014-07-12 11:31 - 2014-07-12 11:32 - 00085804 _____ () C:\Users\dnilson\Documents\cc_20140712_153145.reg 2014-07-12 11:02 - 2014-07-12 11:02 - 00000975 _____ () C:\Users\dnilson\Desktop\ExactFile.lnk 2014-07-12 11:02 - 2014-07-12 11:02 - 00000000 ____D () C:\Program Files (x86)\ExactFile 2014-07-12 08:54 - 2014-07-12 13:34 - 00000000 ____D () C:\ComboFix 2014-07-12 08:54 - 2014-07-12 08:22 - 05218570 ____R (Swearware) C:\ComboFix.exe 2014-07-12 08:54 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-12 08:54 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-12 08:54 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-12 08:19 - 2014-07-12 08:19 - 00000000 ____D () C:\Windows\ERUNT 2014-07-12 08:15 - 2014-07-12 08:19 - 00002092 _____ () C:\Users\dnilson\Desktop\Rkill.txt 2014-07-11 18:06 - 2014-07-11 18:55 - 00000000 ____D () C:\AdwCleaner 2014-07-09 18:21 - 2014-06-29 18:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-07-09 18:21 - 2014-06-29 18:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-07-09 18:21 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe 2014-07-09 18:21 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 18:21 - 2014-06-17 17:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-07-09 18:21 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2014-07-09 18:21 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 18:21 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2014-07-09 18:20 - 2014-06-20 12:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-07-09 18:20 - 2014-06-20 11:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 18:20 - 2014-06-18 17:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-07-09 18:20 - 2014-06-18 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-07-09 18:20 - 2014-06-18 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-07-09 18:20 - 2014-06-18 16:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-07-09 18:20 - 2014-06-18 16:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-07-09 18:20 - 2014-06-18 16:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-07-09 18:20 - 2014-06-18 16:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-07-09 18:20 - 2014-06-18 16:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-07-09 18:20 - 2014-06-18 16:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-07-09 18:20 - 2014-06-18 16:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-07-09 18:20 - 2014-06-18 16:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-07-09 18:20 - 2014-06-18 16:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-07-09 18:20 - 2014-06-18 16:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-07-09 18:20 - 2014-06-18 16:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-07-09 18:20 - 2014-06-18 16:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 18:20 - 2014-06-18 16:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-09 18:20 - 2014-06-18 16:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-07-09 18:20 - 2014-06-18 15:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-09 18:20 - 2014-06-18 15:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 18:20 - 2014-06-18 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-07-09 18:20 - 2014-06-18 15:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-07-09 18:20 - 2014-06-18 15:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-07-09 18:20 - 2014-06-18 15:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-07-09 18:20 - 2014-06-18 15:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-07-09 18:20 - 2014-06-18 15:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 18:20 - 2014-06-18 15:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 18:20 - 2014-06-18 15:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 18:20 - 2014-06-18 15:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 18:20 - 2014-06-18 15:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-07-09 18:20 - 2014-06-18 15:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 18:20 - 2014-06-18 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 18:20 - 2014-06-18 15:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 18:20 - 2014-06-18 15:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-07-09 18:20 - 2014-06-18 15:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-07-09 18:20 - 2014-06-18 15:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 18:20 - 2014-06-18 15:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 18:20 - 2014-06-18 15:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 18:20 - 2014-06-18 15:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 18:20 - 2014-06-18 15:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 18:20 - 2014-06-18 15:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 18:20 - 2014-06-18 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 18:20 - 2014-06-18 14:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-07-09 18:20 - 2014-06-18 14:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 18:20 - 2014-06-18 14:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 18:20 - 2014-06-18 14:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-07-09 18:20 - 2014-06-18 14:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 18:20 - 2014-06-18 14:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 18:20 - 2014-06-18 14:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 18:20 - 2014-06-18 14:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 18:20 - 2014-06-18 14:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-07-09 18:20 - 2014-06-18 14:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-07-09 18:20 - 2014-06-18 14:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 18:20 - 2014-06-18 14:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 18:20 - 2014-06-18 14:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 18:19 - 2014-06-05 06:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-07-09 18:19 - 2014-06-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 18:19 - 2014-06-05 06:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-07 19:37 - 2014-07-07 19:37 - 00000000 ____D () C:\Users\dnilson\AppData\Local\Adobe 2014-07-07 17:33 - 2014-07-07 17:33 - 00001001 _____ () C:\Users\Public\Desktop\AllDup.lnk 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\ProgramData\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Program Files (x86)\AllDup 2014-07-07 17:33 - 2010-06-11 06:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtFrame.ocx 2014-07-07 17:33 - 2009-10-12 20:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtScrollContainer.ocx 2014-07-07 17:33 - 2008-01-29 03:57 - 00450560 _____ (LogicNP Software (http://www.ssware.com)) C:\Windows\SysWOW64\fldrvw90.ocx 2014-07-07 17:31 - 2014-07-07 18:26 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\GetFoldersize 2014-07-07 17:31 - 2014-07-07 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GetFoldersize.lnk 2014-07-07 17:31 - 2014-07-07 17:31 - 00000000 ____D () C:\Program Files (x86)\GetFoldersize 2014-07-07 17:31 - 2010-10-13 02:42 - 02369456 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.4.2.ocx 2014-07-07 17:31 - 2010-08-20 17:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSplitter.ocx 2014-07-07 17:31 - 2010-06-01 10:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\SysWOW64\TList8.ocx 2014-07-07 17:31 - 2010-03-25 06:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtRTF2.ocx 2014-07-07 17:31 - 2009-10-12 20:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSubclass.dll 2014-07-07 16:20 - 2014-07-07 16:20 - 00000474 _____ () C:\Users\dnilson\Desktop\How to Reduce the Size of Your WinSXS Folder on Windows 7 or 8.website 2014-07-07 15:30 - 2014-07-07 15:30 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup 2014-07-07 15:30 - 2014-07-07 15:30 - 00003168 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update 2014-06-27 10:36 - 2014-07-06 21:59 - 00005994 _____ () C:\Users\dnilson\HACF-wiki.txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-27 12:39 - 2014-07-27 12:38 - 00000000 ____D () C:\FRST 2014-07-27 12:39 - 2014-07-26 10:53 - 00000000 ____D () C:\BleepingComp 2014-07-27 12:04 - 2014-07-27 12:04 - 00000000 ____D () C:\Windows\Microsoft Antimalware 2014-07-27 08:30 - 2011-02-11 20:13 - 00000000 ____D () C:\temp 2014-07-27 08:27 - 2014-07-12 12:49 - 00001512 _____ () C:\Windows\setupact.log 2014-07-27 08:25 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing 2014-07-27 08:22 - 2012-07-04 10:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-27 08:22 - 2012-07-04 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-27 08:22 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-27 06:34 - 2014-05-04 11:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-27 05:34 - 2012-01-02 17:36 - 02083284 _____ () C:\Windows\WindowsUpdate.log 2014-07-26 23:00 - 2011-05-29 09:43 - 00000448 _____ () C:\Windows\Tasks\SyncBack 1-Ins.job 2014-07-26 23:00 - 2011-05-29 09:42 - 00000460 _____ () C:\Windows\Tasks\SyncBack 1-IT-Public.job 2014-07-26 23:00 - 2011-05-29 09:42 - 00000458 _____ () C:\Windows\Tasks\SyncBack 1-Internet.job 2014-07-26 23:00 - 2011-05-29 09:41 - 00000448 _____ () C:\Windows\Tasks\SyncBack Music.job 2014-07-26 16:21 - 2009-07-13 20:45 - 00018192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-26 16:21 - 2009-07-13 20:45 - 00018192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-26 15:38 - 2014-07-26 15:34 - 00000000 ____D () C:\first.FRST.dan 2014-07-18 00:00 - 2014-07-18 00:00 - 00000000 _____ () C:\Windows\System32\SBRC.dat 2014-07-15 17:41 - 2014-07-13 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-14 00:41 - 2012-01-02 16:49 - 00000000 ____D () C:\users\Administrator.Argonne7-64 2014-07-14 00:41 - 2012-01-02 16:49 - 00000000 ____D () C:\users\Administrator 2014-07-14 00:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration 2014-07-13 23:00 - 2012-01-02 16:49 - 00000000 ____D () C:\users\dnilson 2014-07-13 20:55 - 2014-07-13 20:55 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-07-13 15:17 - 2014-05-14 18:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-07-13 15:17 - 2012-01-02 16:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-07-13 15:17 - 2010-07-09 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-07-13 10:22 - 2014-07-13 10:22 - 00000000 ____D () C:\found.000 2014-07-12 15:10 - 2014-07-12 12:49 - 00004384 _____ () C:\Windows\PFRO.log 2014-07-12 15:10 - 2012-12-08 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-12 15:07 - 2009-07-13 18:34 - 45088768 _____ () C:\Windows\System32\config\system.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 196870144 _____ () C:\Windows\System32\config\software.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 06553600 _____ () C:\Windows\System32\config\default.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 00040960 _____ () C:\Windows\System32\config\security.rcbak 2014-07-12 15:00 - 2011-12-26 22:44 - 00000000 ___RD () C:\Users\dnilson\Dropbox 2014-07-12 15:00 - 2011-04-02 18:04 - 00000414 _____ () C:\Windows\Tasks\SlimDrivers Startup.job 2014-07-12 14:59 - 2012-03-18 14:02 - 235143168 _____ () C:\Windows\System32\config\components.rctemp 2014-07-12 13:46 - 2011-11-26 20:54 - 00017785 _____ () C:\JavaRa.log 2014-07-12 13:46 - 2011-04-02 17:32 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-12 13:36 - 2014-07-12 13:36 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FastStone 2014-07-12 13:36 - 2010-10-09 13:40 - 00000000 ___RD () C:\Users\dnilson\Documents\My Bookmark Collections 2014-07-12 13:35 - 2014-07-12 13:35 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FreeCommander 2014-07-12 13:34 - 2014-07-12 08:54 - 00000000 ____D () C:\ComboFix 2014-07-12 13:34 - 2013-12-14 13:48 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-12 13:34 - 2013-04-21 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-12 13:34 - 2010-10-09 13:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-12 13:27 - 2011-05-21 13:31 - 00000000 ____D () C:\Program Files (x86)\CubicExplorer 2014-07-12 13:23 - 2010-10-09 13:12 - 00000000 ____D () C:\Program Files (x86)\CMAK 2014-07-12 13:08 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\A43FileManager 2014-07-12 13:07 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\abcAVI 2014-07-12 13:06 - 2014-07-12 13:05 - 00000393 _____ () C:\Windows\SecuniaPackage.log 2014-07-12 13:05 - 2014-07-12 13:05 - 00001811 _____ () C:\Users\Public\Desktop\ImgBurn.lnk 2014-07-12 13:05 - 2014-07-12 13:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn 2014-07-12 13:05 - 2013-08-10 18:40 - 00000000 ____D () C:\Users\dnilson\AppData\Local\CrashDumps 2014-07-12 13:05 - 2011-07-03 16:01 - 00002032 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-07-12 13:04 - 2013-07-05 12:56 - 00001012 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-07-12 13:02 - 2014-05-13 14:29 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\DropboxMaster 2014-07-12 13:02 - 2011-12-26 22:40 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\Dropbox 2014-07-12 13:02 - 2011-04-02 18:04 - 00016152 _____ () C:\Windows\System32\Drivers\SWDUMon.sys 2014-07-12 13:02 - 2011-04-02 18:04 - 00002844 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup 2014-07-12 12:58 - 2014-07-12 12:58 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2014-07-12 12:49 - 2014-07-12 12:49 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-12 12:29 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Acronis 2014-07-12 11:33 - 2014-07-12 11:33 - 00003804 _____ () C:\Users\dnilson\Documents\cc_20140712_153320.reg 2014-07-12 11:32 - 2014-07-12 11:31 - 00085804 _____ () C:\Users\dnilson\Documents\cc_20140712_153145.reg 2014-07-12 11:30 - 2012-01-03 20:54 - 00000000 ____D () C:\Program Files\ccleaner 2014-07-12 11:30 - 2011-12-12 19:25 - 00000842 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-12 11:12 - 2011-04-20 19:24 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\NetDrive 2014-07-12 11:02 - 2014-07-12 11:02 - 00000975 _____ () C:\Users\dnilson\Desktop\ExactFile.lnk 2014-07-12 11:02 - 2014-07-12 11:02 - 00000000 ____D () C:\Program Files (x86)\ExactFile 2014-07-12 10:18 - 2010-10-09 13:21 - 00000000 ____D () C:\Program Files (x86)\SolarWinds 2014-07-12 10:14 - 2010-08-16 18:50 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-07-12 09:55 - 2013-03-28 16:54 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-07-12 09:50 - 2011-10-23 23:24 - 12857998 _____ () C:\ndsvc.log 2014-07-12 08:54 - 2013-06-22 17:20 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0EEAC82E-539A-4C8F-BFE2-787960AC1DED} 2014-07-12 08:22 - 2014-07-12 08:54 - 05218570 ____R (Swearware) C:\ComboFix.exe 2014-07-12 08:19 - 2014-07-12 08:19 - 00000000 ____D () C:\Windows\ERUNT 2014-07-12 08:19 - 2014-07-12 08:15 - 00002092 _____ () C:\Users\dnilson\Desktop\Rkill.txt 2014-07-12 07:57 - 2014-01-07 16:11 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-11 19:43 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-07-11 19:05 - 2009-07-13 20:45 - 00447816 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-07-11 18:58 - 2014-05-07 23:04 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-07-11 18:58 - 2011-04-12 00:28 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA 2014-07-11 18:55 - 2014-07-11 18:06 - 00000000 ____D () C:\AdwCleaner 2014-07-11 18:02 - 2013-03-12 06:30 - 00438718 _____ () C:\Windows\System32\perfh011.dat 2014-07-11 18:02 - 2013-03-12 06:30 - 00132026 _____ () C:\Windows\System32\perfc011.dat 2014-07-11 18:02 - 2013-03-12 06:10 - 00546682 _____ () C:\Windows\System32\perfh006.dat 2014-07-11 18:02 - 2013-03-12 06:10 - 00111004 _____ () C:\Windows\System32\perfc006.dat 2014-07-11 18:02 - 2013-03-12 05:29 - 00418042 _____ () C:\Windows\System32\prfh0404.dat 2014-07-11 18:02 - 2013-03-12 05:29 - 00125016 _____ () C:\Windows\System32\prfc0404.dat 2014-07-11 18:02 - 2013-03-12 05:14 - 00753072 _____ () C:\Windows\System32\prfh0416.dat 2014-07-11 18:02 - 2013-03-12 05:14 - 00159512 _____ () C:\Windows\System32\prfc0416.dat 2014-07-11 18:02 - 2013-03-10 23:34 - 00769930 _____ () C:\Windows\System32\prfh0816.dat 2014-07-11 18:02 - 2013-03-10 23:34 - 00165064 _____ () C:\Windows\System32\prfc0816.dat 2014-07-11 18:02 - 2013-03-10 23:26 - 00778674 _____ () C:\Windows\System32\perfh015.dat 2014-07-11 18:02 - 2013-03-10 23:26 - 00028844 _____ () C:\Windows\System32\perfc015.dat 2014-07-11 18:02 - 2013-03-10 23:18 - 00692528 _____ () C:\Windows\System32\perfh01F.dat 2014-07-11 18:02 - 2013-03-10 23:18 - 00151914 _____ () C:\Windows\System32\perfc01F.dat 2014-07-11 18:02 - 2013-03-10 23:05 - 00400156 _____ () C:\Windows\System32\prfh0804.dat 2014-07-11 18:02 - 2013-03-10 23:05 - 00128934 _____ () C:\Windows\System32\prfc0804.dat 2014-07-11 18:02 - 2013-03-10 22:39 - 00759896 _____ () C:\Windows\System32\perfh019.dat 2014-07-11 18:02 - 2013-03-10 22:39 - 00164082 _____ () C:\Windows\System32\perfc019.dat 2014-07-11 18:02 - 2013-03-10 22:30 - 00531476 _____ () C:\Windows\System32\perfh014.dat 2014-07-11 18:02 - 2013-03-10 22:30 - 00105826 _____ () C:\Windows\System32\perfc014.dat 2014-07-11 18:02 - 2013-03-10 22:22 - 00648866 _____ () C:\Windows\System32\perfh008.dat 2014-07-11 18:02 - 2013-03-10 22:22 - 00124264 _____ () C:\Windows\System32\perfc008.dat 2014-07-11 18:02 - 2013-03-10 22:14 - 00154414 _____ () C:\Windows\System32\perfc01D.dat 2014-07-11 18:02 - 2013-03-10 22:14 - 00055972 _____ () C:\Windows\System32\perfh01D.dat 2014-07-11 18:02 - 2013-03-10 22:06 - 00449400 _____ () C:\Windows\System32\perfh012.dat 2014-07-11 18:02 - 2013-03-10 22:06 - 00129814 _____ () C:\Windows\System32\perfc012.dat 2014-07-11 18:02 - 2013-03-10 21:56 - 00705144 _____ () C:\Windows\System32\perfh005.dat 2014-07-11 18:02 - 2013-03-10 21:56 - 00153850 _____ () C:\Windows\System32\perfc005.dat 2014-07-11 18:02 - 2013-03-10 21:35 - 00784328 _____ () C:\Windows\System32\perfh013.dat 2014-07-11 18:02 - 2013-03-10 21:35 - 00166192 _____ () C:\Windows\System32\perfc013.dat 2014-07-11 18:02 - 2013-03-10 21:27 - 00518660 _____ () C:\Windows\System32\perfh00B.dat 2014-07-11 18:02 - 2013-03-10 21:27 - 00114612 _____ () C:\Windows\System32\perfc00B.dat 2014-07-11 18:02 - 2013-03-10 21:19 - 00723478 _____ () C:\Windows\System32\perfh00E.dat 2014-07-11 18:02 - 2013-03-10 21:19 - 00185444 _____ () C:\Windows\System32\perfc00E.dat 2014-07-11 18:02 - 2013-03-10 21:06 - 00786448 _____ () C:\Windows\System32\perfh00A.dat 2014-07-11 18:02 - 2013-03-10 21:06 - 00172114 _____ () C:\Windows\System32\perfc00A.dat 2014-07-11 18:02 - 2013-03-10 20:57 - 00422532 _____ () C:\Windows\System32\perfh00D.dat 2014-07-11 18:02 - 2013-03-10 20:57 - 00094684 _____ () C:\Windows\System32\perfc00D.dat 2014-07-11 18:02 - 2013-03-10 20:44 - 00778976 _____ () C:\Windows\System32\perfh010.dat 2014-07-11 18:02 - 2013-03-10 20:44 - 00158532 _____ () C:\Windows\System32\perfc010.dat 2014-07-11 18:02 - 2013-03-10 20:36 - 00785246 _____ () C:\Windows\System32\perfh00C.dat 2014-07-11 18:02 - 2013-03-10 20:36 - 00514038 _____ () C:\Windows\System32\perfh001.dat 2014-07-11 18:02 - 2013-03-10 20:36 - 00162304 _____ () C:\Windows\System32\perfc00C.dat 2014-07-11 18:02 - 2013-03-10 20:36 - 00104698 _____ () C:\Windows\System32\perfc001.dat 2014-07-11 18:02 - 2013-03-10 20:21 - 00737988 _____ () C:\Windows\System32\perfh007.dat 2014-07-11 18:02 - 2013-03-10 20:21 - 00161006 _____ () C:\Windows\System32\perfc007.dat 2014-07-11 18:02 - 2009-07-13 21:13 - 17785838 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-07-09 23:19 - 2010-10-09 13:07 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-09 23:17 - 2013-09-19 20:11 - 00000000 ____D () C:\Windows\System32\MRT 2014-07-09 23:10 - 2012-01-02 19:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-07-09 00:34 - 2014-05-04 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 00:34 - 2014-05-04 11:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 00:34 - 2014-05-04 11:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 18:01 - 2010-10-09 13:42 - 00000000 ____D () C:\Users\dnilson\.VirtualBox 2014-07-08 16:09 - 2010-10-09 13:38 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\TeraCopy 2014-07-07 19:58 - 2010-10-09 13:38 - 00000000 ____D () C:\Users\dnilson\Documents\- Scouts 2014-07-07 19:56 - 2011-01-18 22:52 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\vlc 2014-07-07 19:54 - 2010-09-11 18:59 - 00000000 ____D () C:\Users\dnilson\Desktop\Internet Purchases 2014-07-07 19:37 - 2014-07-07 19:37 - 00000000 ____D () C:\Users\dnilson\AppData\Local\Adobe 2014-07-07 18:43 - 2011-02-25 20:28 - 00000000 ____D () C:\AMD 2014-07-07 18:26 - 2014-07-07 17:31 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\GetFoldersize 2014-07-07 17:33 - 2014-07-07 17:33 - 00001001 _____ () C:\Users\Public\Desktop\AllDup.lnk 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\ProgramData\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Program Files (x86)\AllDup 2014-07-07 17:31 - 2014-07-07 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GetFoldersize.lnk 2014-07-07 17:31 - 2014-07-07 17:31 - 00000000 ____D () C:\Program Files (x86)\GetFoldersize 2014-07-07 16:20 - 2014-07-07 16:20 - 00000474 _____ () C:\Users\dnilson\Desktop\How to Reduce the Size of Your WinSXS Folder on Windows 7 or 8.website 2014-07-07 15:55 - 2012-01-13 21:35 - 00000000 ____D () C:\Windows\Minidump 2014-07-07 15:30 - 2014-07-07 15:30 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup 2014-07-07 15:30 - 2014-07-07 15:30 - 00003168 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update 2014-07-07 15:30 - 2014-02-10 19:01 - 00001192 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk 2014-07-07 15:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF 2014-07-06 21:59 - 2014-06-27 10:36 - 00005994 _____ () C:\Users\dnilson\HACF-wiki.txt 2014-06-29 18:09 - 2014-07-09 18:21 - 00519168 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-06-29 18:04 - 2014-07-09 18:21 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll Some content of TEMP: ==================== C:\Users\dnilson\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprehrey.dll ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= Restore point made on: 2014-07-26 13:49:49 Restore point made on: 2014-07-26 23:04:14 ==================== Memory info =========================== Percentage of memory in use: 12% Total physical RAM: 8191.35 MB Available physical RAM: 7196.9 MB Total Pagefile: 8189.5 MB Available Pagefile: 7185.55 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (C_0_3_NTFS-win7-64) (Fixed) (Total:290.77 GB) (Free:131.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (D_1_0_FAT32) (Fixed) (Total:15.99 GB) (Free:9.74 GB) FAT32 Drive e: (V) (Fixed) (Total:698.63 GB) (Free:691.89 GB) NTFS Drive f: (W) (Fixed) (Total:698.63 GB) (Free:656.53 GB) NTFS Drive g: (E_1_2_NTFS_sata2-p4) (Fixed) (Total:584.98 GB) (Free:307.54 GB) NTFS Drive h: (System Reserved) (Fixed) (Total:0.09 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive i: (C_0_2_NTFS-win7-32) (Fixed) (Total:100 GB) (Free:72.49 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive j: (C_1_1_ntfs_sata2-p4) (Fixed) (Total:97.65 GB) (Free:48.97 GB) NTFS Drive k: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 6BA9FB03) Partition 1: (Not Active) - (Size=94 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=291 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 699 GB) (Disk ID: 909D4CA2) Partition 1: (Active) - (Size=16 GB) - (Type=0B) Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=585 GB) - (Type=05) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 699 GB) (Disk ID: 5B03C344) Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 699 GB) (Disk ID: 1C94C36A) Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS) ======================================================== Disk: 4 (MBR Code: Windows XP) (Size: 16 MB) (Disk ID: ABA47C1E) LastRegBack: 2014-07-17 20:17 ==================== End Of Log ============================