Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 ([color=red]ATTENTION: ====> FRST version is 9 days old and could be outdated[/color]) Ran by SYSTEM on MININT-5AQLS7E on 04-08-2014 01:44:30 Running from G:\BleepingComp Platform: Windows 7 Ultimate (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery The current controlset is ControlSet004 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NVRaidService] => C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [291944 2010-04-08] (NVIDIA Corporation) HKLM\...\Run: [Zune Launcher] => "C:\Program Files\Zune\ZuneLauncher.exe" HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1911808 2012-09-08] (Dominik Reichl) HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MSI) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-06-14] (Citrix Systems, Inc.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-06-14] (Citrix Systems, Inc.) HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [SBAMTray] => C:\Program Files (x86)\VIPRE\SBAMTray.exe [3216272 2013-09-05] (ThreatTrack Security, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\RunOnce: [*Restore] => C:\Windows\system32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation) Winlogon\Notify\CSEWLPackage-x32: C:\Program Files (x86)\ScriptLogic Corporation\Privilege Authority\GPEExtensionsProxy.dll (ScriptLogic Corporation) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoNetworkConnections] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 1 HKU\Administrator\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Administrator\...\Run: [NVIDIA nTune] => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile HKU\Administrator\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-25] (FileHippo.com) HKU\Administrator\...\Run: [SolarWinds SRTM] => "C:\Program Files (x86)\SolarWinds\StorageResponseTimeMonitor\SRTM.exe" HKU\Administrator\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\Administrator\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\Administrator\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Administrator\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Administrator\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\Administrator\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Administrator\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Administrator\...\Policies\Explorer: [NoNetHood] 0 HKU\Administrator\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Administrator\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Administrator\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Administrator\...\Policies\Explorer: [NoSecConsole] 0 HKU\Administrator\...\Policies\Explorer: [NoSecurityTab] 0 HKU\Administrator\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Administrator\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Administrator\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Administrator\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 HKU\Administrator\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\Administrator\...\Policies\Explorer: [NoAddPrinter] 0 HKU\Administrator\...\Policies\Explorer: [NoBandCustomize] 0 HKU\Administrator\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\Administrator\...\Policies\Explorer: [NoCommonGroups] 0 HKU\Administrator\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\Administrator\...\Policies\Explorer: [NoDFSTab] 0 HKU\Administrator\...\Policies\Explorer: [NoFileMenu] 0 HKU\Administrator\...\Policies\Explorer: [NoHardwareTab] 0 HKU\Administrator\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\Administrator\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\Administrator\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\Administrator\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\Administrator.Argonne7-64\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Administrator.Argonne7-64\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-25] (FileHippo.com) HKU\Administrator.Argonne7-64\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1342520 2012-03-28] (Hobbyist Software) HKU\Administrator.Argonne7-64\...\Run: [SUMo] => C:\Program Files (x86)\KC Softwares\SUMo\SUMo.exe [1431552 2012-03-30] (KC Softwares) HKU\Administrator.Argonne7-64\...\Run: [SolarWinds SRTM] => "C:\Program Files (x86)\SolarWinds\StorageResponseTimeMonitor\SRTM.exe" HKU\Administrator.Argonne7-64\...\Run: [NVIDIA nTune] => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile HKU\Administrator.Argonne7-64\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-10-26] (AMD) HKU\Administrator.Argonne7-64\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoAddPrinter] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoBandCustomize] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoCommonGroups] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoDFSTab] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoFileMenu] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoHardwareTab] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetHood] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSecConsole] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\Administrator.Argonne7-64\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\Dave\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\Dave\...\Run: [CTRegRun] => C:\Windows\CTRegRun.EXE [53248 2006-10-06] (Creative Technology Ltd ) HKU\Dave\...\Run: [StartUp This] => C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe [251184 2009-10-02] (Laplink Software, Inc.) HKU\Dave\...\Run: [TranscodeServer] => C:\Program Files (x86)\Realtek\Transcode Server\TranscodeServer.exe [1163351 2009-02-13] () HKU\Dave\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Dave\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\Dave\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\Dave\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\Dave\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\Dave\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\Dave\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\Dave\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\Dave\...\Policies\Explorer: [NoNetHood] 0 HKU\Dave\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\Dave\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\Dave\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\Dave\...\Policies\Explorer: [NoSecConsole] 0 HKU\Dave\...\Policies\Explorer: [NoSecurityTab] 0 HKU\Dave\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\Dave\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\Dave\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\Dave\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\dnilson\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\dnilson\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-10-26] (AMD) HKU\dnilson\...\Policies\Explorer: [AlwaysShowClassicMenu] 1 HKU\dnilson\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\dnilson\...\Policies\Explorer: [NoAddPrinter] 0 HKU\dnilson\...\Policies\Explorer: [NoBandCustomize] 0 HKU\dnilson\...\Policies\Explorer: [NoChangeAnimation] 0 HKU\dnilson\...\Policies\Explorer: [NoCommonGroups] 0 HKU\dnilson\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\dnilson\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\dnilson\...\Policies\Explorer: [NoDFSTab] 0 HKU\dnilson\...\Policies\Explorer: [NoFileMenu] 0 HKU\dnilson\...\Policies\Explorer: [NoHardwareTab] 0 HKU\dnilson\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\dnilson\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\dnilson\...\Policies\Explorer: [NoNetHood] 0 HKU\dnilson\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\dnilson\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\dnilson\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\dnilson\...\Policies\Explorer: [NoSecConsole] 0 HKU\dnilson\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\dnilson\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\dnilson\...\Policies\Explorer: [NoSimpleStartMenu] 0 HKU\dnilson\...\Policies\Explorer: [NoStartMenuMyGames] 0 HKU\dnilson\...\Policies\Explorer: [NoStartMenuNetworkPlaces] 0 HKU\dnilson\...\Policies\Explorer: [NoResolveSearch] 1 HKU\dnilson\...\Policies\Explorer: [NoSMBalloonTip] 1 HKU\dnilson.NILSON\...\Run: [StartUp This] => C:\Program Files (x86)\Laplink\PCmover\LaunchSt.exe [251184 2009-10-02] (Laplink Software, Inc.) HKU\dnilson.NILSON\...\Run: [CachemanTray] => C:\Program Files (x86)\Cacheman\CachemanTray.exe [414280 2014-06-04] (Outertech) HKU\dnilson.NILSON\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation) HKU\dnilson.NILSON\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation) HKU\dnilson.NILSON\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [623416 2009-06-19] (Creative Technology Ltd) HKU\dnilson.NILSON\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\dnilson.NILSON\...\Policies\Explorer: [NoDrives] 0x02000000 HKU\dnilson.NILSON\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetConnectDisconnect] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetHood] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoNetworkConnections] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoPropertiesMyDocuments] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoPropertiesRecycleBin] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSecConsole] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSecurityTab] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSharedDocuments] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoSMMyDocs] 0 HKU\dnilson.NILSON\...\Policies\Explorer: [NoStrCmpLogical] 0x00000000 Startup: C:\Users\dnilson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> (No File) Startup: C:\Users\dnilson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL) SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll (Microsoft Corporation) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - No File SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - No File BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S2 CachemanService; C:\Program Files (x86)\Cacheman\CachemanServ.exe [238152 2013-05-14] (Outertech) S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60552 2011-10-21] (CHENGDU YIWO Tech Development Co., Ltd) S2 gfi_lanss11_attservice; C:\Program Files (x86)\GFI\LanGuard 11 Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.) S3 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23176 2011-10-21] (CHENGDU YIWO Tech Development Co., Ltd) S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit) S2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation) S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit) S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [375176 2012-02-07] (LogMeIn, Inc.) S3 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147336 2012-02-07] (LogMeIn, Inc.) S3 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.) S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI) S3 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) S2 SBAMSvc; C:\Program Files (x86)\VIPRE\SBAMSvc.exe [3937472 2013-09-05] (ThreatTrack Security, Inc.) S2 SBPIMSvc; C:\Program Files (x86)\VIPRE\SBPIMSvc.exe [176016 2013-09-05] (ThreatTrack Security, Inc.) S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation) S2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation) S3 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.) S2 WMPNetworkSvc; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe [913408 2006-10-18] (Microsoft Corporation) S2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.exe [X] S3 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [X] S3 Rsync; E:\Cygwin\bin\cygrunsrv.exe [X] S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X] S3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X] S3 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) S3 DIRECTIO; C:\Program Files (x86)\PerformanceTest\DirectIo.sys [21056 2010-06-30] () S4 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () S4 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [50312 2011-10-21] () S4 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () S4 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () S1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [266688 2008-01-20] (Stephan Schreiber) S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security) S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security) S3 hcwhdpvr; C:\Windows\System32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.) S1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [78272 2007-12-29] (Stephan Schreiber) S2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [85008 2012-05-22] () S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider) S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2010-01-27] (LogMeIn, Inc.) S4 LMIRfsClientNP; No ImagePath S3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation) S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI) S3 NVR0Dev; C:\Windows\nvoclk64.sys [40480 2008-06-06] (NVidia Corp.) S2 NVR0FLASHDev; C:\Windows\nvflsh64.sys [40480 2008-05-23] (NVidia Corp.) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) S3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-13] (Microsoft Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2011-09-02] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] () S3 QGPEFlt; C:\Program Files (x86)\ScriptLogic Corporation\Privilege Authority\Driver\QGPEFlt.sys [38424 2008-04-04] (Quest Software Corporation) S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com) S3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation) S2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-06-18] (ThreatTrack Security, Inc.) S0 Si3531; C:\Windows\System32\drivers\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc) S0 SiFilter; C:\Windows\System32\drivers\SiWinAcc.sys [22568 2009-02-09] (Silicon Image, Inc.) S0 SiRemFil; C:\Windows\System32\drivers\SiRemFil.sys [16936 2009-02-09] (Silicon Image, Inc.) S0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-10-17] (Duplex Secure Ltd.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-07-12] () S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com) S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation) S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity) S3 ndfs; \??\C:\Program Files\NetDrive\ndfs.sys [X] S4 VirtualDK; \??\E:\DEV\Winbuilder80\Projects\Tools\vdk\vdk.sys [X] ========================== Drivers MD5 ======================= C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\SysWow64\drivers\Afc.sys 0D0E5281784C2C526BA43C2ECD374288 C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atikmdag.sys FBB35875FEFE53D4280259842069ED72 C:\Windows\System32\DRIVERS\atikmpag.sys A32BCAD9377E3B75D034CAFBA463A0AE C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\drivers\AtihdW76.sys 770A3B0D78232B0C1054495392A1FBA3 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cbfs3.sys 555FA105C22B1616094EDAD1CBFB0551 C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ctxusbm.sys 48D4184201452D112577C3649B591C1F C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Program Files (x86)\PerformanceTest\DirectIo.sys E28DF8F180BC3DAD072C4B01CE632ED7 C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52 C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\epmntdrv.sys 9EAFB3B3B60B8AD958985152A9309ACA C:\Windows\SysWOW64\epmntdrv.sys 539CA34FBC74EC366A0D751028C32A08 C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\drivers\eubakup.sys AFB8764E629E81E6F4BDD9252B67AEF3 C:\Windows\System32\drivers\EUBKMON.sys 4DC80FC28D27053497ABC7B1C423CAA7 C:\Windows\system32\drivers\eudskacs.sys 962150F74FF131A330B9C9DD502526AC C:\Windows\system32\drivers\EuFdDisk.sys 1B55D6F38343904F0D26A5B0744B6BD8 C:\Windows\system32\EuGdiDrv.sys FB949ED2C93C878A189039F3D7730942 C:\Windows\SysWOW64\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013 C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ext2fs.sys BC50CE4192A8228B582EA523419472B6 C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys D409D4A4517865131999FAC96D366CBF C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F C:\Windows\System32\drivers\gfiark.sys 4EA5458FCA8518344686C543749365B1 C:\Windows\System32\drivers\gfiutil.sys 16A23FF8621929ADC5B18DCCD5E206EE C:\Windows\System32\DRIVERS\hcwhdpvr.sys 06B60A20C7843DA78F28CD77A58548C9 C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\System32\DRIVERS\ifsmount.sys ACB1E6A89CA8B8D66AC4425755EFC77A C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\IntelHaxm.sys 919C0E53CA61AF1181430CE31E08754D C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys EFB79287207C8FBFE96BE1CE81CDD94E C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys 0317335B15FF3BDA8E10197E3434CFC0 C:\Windows\System32\DRIVERS\lmimirr.sys 413ECDCFAD9A82804D3674C8D7EEC24E C:\Windows\system32\drivers\LMIRfsDriver.sys C57D3FAA50E6F395759FFB7C709BD944 C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mcdbus.sys 79D51E7F5926E8CE1B3EBECEBAE28CFF C:\Windows\SysWOW64\DRIVERS\mcdbus.sys 79D51E7F5926E8CE1B3EBECEBAE28CFF C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\drivers\nfsrdr.sys 255B989D47B063E00F89FF6446511DDB C:\Windows\System32\drivers\npf.sys DE7FCC77F4A503AF4CA6A47D49B3713D C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys 3F39F013168428C8E505A7B9E6CBA8A2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nvm62x64.sys A85B4F2EF3A7304A5399EF0526423040 C:\Windows\System32\DRIVERS\nvlddmkm.sys 757ACE4D4C9FF0571F86AA5D586B45E8 C:\Windows\System32\DRIVERS\nvmf6264.sys C42C32BF90A78D72D4B7C144FF907FB6 C:\Windows\nvoclk64.sys D710BC7AB8CDE4BEE9F096C49A6D9945 C:\Windows\nvflsh64.sys 549256FD69B5833490CC530BD909CA4A C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\System32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\System32\drivers\nvstor64.sys 71B6ECD3C56FBF12FB1968DA3953B703 C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\point64.sys 4F0878FD62D5F7444C5F1C4C66D9D293 C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\psi_mf_amd64.sys DD3FD48D69F5FBBB21D46D1514C1C2DB C:\Windows\system32\Drivers\pssdk42.sys CD33CB6FECF65520466F95AB89CC4AF5 C:\Windows\System32\drivers\psxdrv.sys FDA6EFB7014E8C4524CB6B5B885E8A95 C:\Windows\system32\pwdrvio.sys 595A22C4CCE855E72D475835F3DF2D53 C:\Windows\system32\pwdspio.sys 70EB529F6FEDAC79D0A8E3BB79999277 C:\Program Files (x86)\ScriptLogic Corporation\Privilege Authority\Driver\QGPEFlt.sys 50057B2F6020F39FE33D4793907BB920 C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpdispm.sys BDF2DB2F19945AFAF102A2C03062EFB1 C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys 5623E2CC4F1F6DE24BE9DB3319E42D23 C:\Windows\System32\drivers\rpcxdr.sys 4AFDE1E8925A06BA253DAB6541701F5C C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\drivers\RtHDMIVX.sys C435AC77704EB16E85C9D630F4D4B4F7 C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\sbapifs.sys 7B7505F8674AC9C8418B55F807A06F1D C:\Windows\System32\drivers\SbFw.sys 1B1AE5F447175D4B0B32B959B1ADB287 C:\Windows\System32\DRIVERS\sbfwim.sys 9AEF0F267553FD9C900E9449B61586B7 C:\Windows\System32\DRIVERS\SBFWIM.sys 9AEF0F267553FD9C900E9449B61586B7 C:\Windows\System32\drivers\sbhips.sys 4A5F19B271F147D93A596A920DB267D2 C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\sbwtis.sys 97ECCE37DBAA0A871B4504CEF53EE76B C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\System32\drivers\Si3531.sys 1B731AE02FC0C1CCDC4B7D32FCC95660 C:\Windows\System32\drivers\SiWinAcc.sys 8574809375C8147CC9B6A62822018FD6 C:\Windows\System32\drivers\SiRemFil.sys E7B586131C8C417691E303C511C3563B C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\Drivers\SmartDefragDriver.sys E77CB3736A702D46A6FB15FB4A9894E3 C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\snapman.sys 494B66CE489250CA957C94F904E00239 C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys 602884696850C86434530790B110E8EB C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\SWDUMon.sys 9CFEFD62D86DABFAC12D1C5ED72BA6A4 C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78 C:\Windows\System32\drivers\t3.sys 6B153E518DBE6EF59191152E1ECF7ED4 C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D C:\Windows\System32\DRIVERS\timntr.sys FB4AE448F658FD45F9E2458E39B01B3C C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426 C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07 C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys 893A6B67C8AA502648AD946CF50DDFD1 C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240 C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\System32\DRIVERS\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\DRIVERS\VBoxDrv.sys 8DB40EB504AE9C10558675035B4B4A4A C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 9C24F61B36E7305AC42DC41881A2C97C C:\Windows\System32\DRIVERS\VBoxNetFlt.sys 4B3B9912BBA05473BE94E61334971858 C:\Windows\System32\DRIVERS\VBoxUSBMon.sys DD8F22BA8DD0F2A9A1D5D93023441FE0 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wimfltr.sys 52DED146E4797E6CCF94799E8E22BB2A C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\drivers\windrvr6.sys 36BD0A7D75640435C26FDF77E308D4F9 C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-03 17:11 - 2014-08-03 21:34 - 00001179 _____ () C:\Windows\DtcInstall.log 2014-08-03 17:11 - 2014-08-03 17:11 - 00000000 ____D () C:\Windows\CSC 2014-07-27 12:38 - 2014-08-04 01:44 - 00000000 ____D () C:\FRST 2014-07-27 12:04 - 2014-08-03 00:43 - 00000000 ____D () C:\Windows\Microsoft Antimalware 2014-07-26 15:34 - 2014-07-26 15:38 - 00000000 ____D () C:\first.FRST.dan 2014-07-26 10:53 - 2014-07-27 13:50 - 00000000 ____D () C:\BleepingComp 2014-07-18 00:00 - 2014-07-18 00:00 - 00000000 _____ () C:\Windows\System32\SBRC.dat 2014-07-13 15:17 - 2014-07-15 17:41 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-13 15:17 - 2014-03-04 03:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-07-13 15:16 - 2014-03-04 05:06 - 06714312 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll 2014-07-13 15:16 - 2014-03-04 05:06 - 03497816 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 02558808 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 00922968 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe 2014-07-13 15:16 - 2014-03-04 05:05 - 00386336 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll 2014-07-13 15:16 - 2014-03-04 05:05 - 00064968 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll 2014-07-13 10:22 - 2014-07-13 10:22 - 00000000 ____D () C:\found.000 2014-07-12 13:36 - 2014-07-12 13:36 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FastStone 2014-07-12 13:35 - 2014-07-12 13:35 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FreeCommander 2014-07-12 13:05 - 2014-07-12 13:06 - 00000393 _____ () C:\Windows\SecuniaPackage.log 2014-07-12 13:05 - 2014-07-12 13:05 - 00001811 _____ () C:\Users\Public\Desktop\ImgBurn.lnk 2014-07-12 13:05 - 2014-07-12 13:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn 2014-07-12 12:58 - 2014-07-12 12:58 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2014-07-12 12:49 - 2014-08-03 21:34 - 00003384 _____ () C:\Windows\setupact.log 2014-07-12 12:49 - 2014-07-12 15:10 - 00004384 _____ () C:\Windows\PFRO.log 2014-07-12 12:49 - 2014-07-12 12:49 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-12 11:33 - 2014-07-12 11:33 - 00003804 _____ () C:\Users\dnilson\Documents\cc_20140712_153320.reg 2014-07-12 11:31 - 2014-07-12 11:32 - 00085804 _____ () C:\Users\dnilson\Documents\cc_20140712_153145.reg 2014-07-12 11:02 - 2014-07-12 11:02 - 00000975 _____ () C:\Users\dnilson\Desktop\ExactFile.lnk 2014-07-12 11:02 - 2014-07-12 11:02 - 00000000 ____D () C:\Program Files (x86)\ExactFile 2014-07-12 08:54 - 2014-07-12 13:34 - 00000000 ____D () C:\ComboFix 2014-07-12 08:54 - 2014-07-12 08:22 - 05218570 ____R (Swearware) C:\ComboFix.exe 2014-07-12 08:54 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-12 08:54 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-12 08:54 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-12 08:54 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-12 08:19 - 2014-07-12 08:19 - 00000000 ____D () C:\Windows\ERUNT 2014-07-12 08:15 - 2014-07-12 08:19 - 00002092 _____ () C:\Users\dnilson\Desktop\Rkill.txt 2014-07-11 18:06 - 2014-07-11 18:55 - 00000000 ____D () C:\AdwCleaner 2014-07-09 18:21 - 2014-06-29 18:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll 2014-07-09 18:21 - 2014-06-29 18:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll 2014-07-09 18:21 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe 2014-07-09 18:21 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 18:21 - 2014-06-17 17:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2014-07-09 18:21 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll 2014-07-09 18:21 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 18:21 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys 2014-07-09 18:20 - 2014-06-20 12:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2014-07-09 18:20 - 2014-06-20 11:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 18:20 - 2014-06-18 17:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2014-07-09 18:20 - 2014-06-18 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2014-07-09 18:20 - 2014-06-18 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll 2014-07-09 18:20 - 2014-06-18 16:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2014-07-09 18:20 - 2014-06-18 16:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2014-07-09 18:20 - 2014-06-18 16:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2014-07-09 18:20 - 2014-06-18 16:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll 2014-07-09 18:20 - 2014-06-18 16:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll 2014-07-09 18:20 - 2014-06-18 16:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2014-07-09 18:20 - 2014-06-18 16:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2014-07-09 18:20 - 2014-06-18 16:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2014-07-09 18:20 - 2014-06-18 16:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2014-07-09 18:20 - 2014-06-18 16:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe 2014-07-09 18:20 - 2014-06-18 16:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2014-07-09 18:20 - 2014-06-18 16:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 18:20 - 2014-06-18 16:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2014-07-09 18:20 - 2014-06-18 16:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2014-07-09 18:20 - 2014-06-18 15:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-07-09 18:20 - 2014-06-18 15:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 18:20 - 2014-06-18 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll 2014-07-09 18:20 - 2014-06-18 15:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2014-07-09 18:20 - 2014-06-18 15:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2014-07-09 18:20 - 2014-06-18 15:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2014-07-09 18:20 - 2014-06-18 15:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2014-07-09 18:20 - 2014-06-18 15:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 18:20 - 2014-06-18 15:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 18:20 - 2014-06-18 15:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 18:20 - 2014-06-18 15:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 18:20 - 2014-06-18 15:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2014-07-09 18:20 - 2014-06-18 15:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 18:20 - 2014-06-18 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 18:20 - 2014-06-18 15:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 18:20 - 2014-06-18 15:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2014-07-09 18:20 - 2014-06-18 15:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2014-07-09 18:20 - 2014-06-18 15:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 18:20 - 2014-06-18 15:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 18:20 - 2014-06-18 15:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 18:20 - 2014-06-18 15:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 18:20 - 2014-06-18 15:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 18:20 - 2014-06-18 15:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 18:20 - 2014-06-18 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 18:20 - 2014-06-18 14:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2014-07-09 18:20 - 2014-06-18 14:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 18:20 - 2014-06-18 14:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 18:20 - 2014-06-18 14:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2014-07-09 18:20 - 2014-06-18 14:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 18:20 - 2014-06-18 14:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 18:20 - 2014-06-18 14:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 18:20 - 2014-06-18 14:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 18:20 - 2014-06-18 14:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2014-07-09 18:20 - 2014-06-18 14:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2014-07-09 18:20 - 2014-06-18 14:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 18:20 - 2014-06-18 14:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 18:20 - 2014-06-18 14:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll 2014-07-09 18:20 - 2014-05-30 00:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 18:20 - 2014-05-29 23:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 18:19 - 2014-06-05 06:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2014-07-09 18:19 - 2014-06-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 18:19 - 2014-06-05 06:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-07 19:37 - 2014-07-07 19:37 - 00000000 ____D () C:\Users\dnilson\AppData\Local\Adobe 2014-07-07 17:33 - 2014-07-07 17:33 - 00001001 _____ () C:\Users\Public\Desktop\AllDup.lnk 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\ProgramData\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Program Files (x86)\AllDup 2014-07-07 17:33 - 2010-06-11 06:50 - 00089888 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtFrame.ocx 2014-07-07 17:33 - 2009-10-12 20:01 - 00077504 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtScrollContainer.ocx 2014-07-07 17:33 - 2008-01-29 03:57 - 00450560 _____ (LogicNP Software (http://www.ssware.com)) C:\Windows\SysWOW64\fldrvw90.ocx 2014-07-07 17:31 - 2014-07-07 18:26 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\GetFoldersize 2014-07-07 17:31 - 2014-07-07 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GetFoldersize.lnk 2014-07-07 17:31 - 2014-07-07 17:31 - 00000000 ____D () C:\Program Files (x86)\GetFoldersize 2014-07-07 17:31 - 2010-10-13 02:42 - 02369456 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.4.2.ocx 2014-07-07 17:31 - 2010-08-20 17:53 - 00086016 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSplitter.ocx 2014-07-07 17:31 - 2010-06-01 10:45 - 01005088 _____ (Bennet-Tec Information Systems, Inc) C:\Windows\SysWOW64\TList8.ocx 2014-07-07 17:31 - 2010-03-25 06:33 - 00171752 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtRTF2.ocx 2014-07-07 17:31 - 2009-10-12 20:02 - 00044736 _____ (Michael Thummerer Software Design) C:\Windows\SysWOW64\mtSubclass.dll 2014-07-07 16:20 - 2014-07-07 16:20 - 00000474 _____ () C:\Users\dnilson\Desktop\How to Reduce the Size of Your WinSXS Folder on Windows 7 or 8.website 2014-07-07 15:30 - 2014-07-07 15:30 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup 2014-07-07 15:30 - 2014-07-07 15:30 - 00003168 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-04 01:44 - 2014-07-27 12:38 - 00000000 ____D () C:\FRST 2014-08-03 21:35 - 2011-02-11 20:13 - 00000000 ____D () C:\temp 2014-08-03 21:34 - 2014-08-03 17:11 - 00001179 _____ () C:\Windows\DtcInstall.log 2014-08-03 21:34 - 2014-07-12 12:49 - 00003384 _____ () C:\Windows\setupact.log 2014-08-03 21:34 - 2012-01-02 17:36 - 02093734 _____ () C:\Windows\WindowsUpdate.log 2014-08-03 21:34 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-03 17:17 - 2013-03-12 06:30 - 00438718 _____ () C:\Windows\System32\perfh011.dat 2014-08-03 17:17 - 2013-03-12 06:30 - 00132026 _____ () C:\Windows\System32\perfc011.dat 2014-08-03 17:17 - 2013-03-12 06:10 - 00546682 _____ () C:\Windows\System32\perfh006.dat 2014-08-03 17:17 - 2013-03-12 06:10 - 00111004 _____ () C:\Windows\System32\perfc006.dat 2014-08-03 17:17 - 2013-03-12 05:29 - 00418042 _____ () C:\Windows\System32\prfh0404.dat 2014-08-03 17:17 - 2013-03-12 05:29 - 00125016 _____ () C:\Windows\System32\prfc0404.dat 2014-08-03 17:17 - 2013-03-12 05:14 - 00753072 _____ () C:\Windows\System32\prfh0416.dat 2014-08-03 17:17 - 2013-03-12 05:14 - 00159512 _____ () C:\Windows\System32\prfc0416.dat 2014-08-03 17:17 - 2013-03-10 23:34 - 00769930 _____ () C:\Windows\System32\prfh0816.dat 2014-08-03 17:17 - 2013-03-10 23:34 - 00165064 _____ () C:\Windows\System32\prfc0816.dat 2014-08-03 17:17 - 2013-03-10 23:26 - 00778674 _____ () C:\Windows\System32\perfh015.dat 2014-08-03 17:17 - 2013-03-10 23:26 - 00028844 _____ () C:\Windows\System32\perfc015.dat 2014-08-03 17:17 - 2013-03-10 23:18 - 00692528 _____ () C:\Windows\System32\perfh01F.dat 2014-08-03 17:17 - 2013-03-10 23:18 - 00151914 _____ () C:\Windows\System32\perfc01F.dat 2014-08-03 17:17 - 2013-03-10 23:05 - 00400156 _____ () C:\Windows\System32\prfh0804.dat 2014-08-03 17:17 - 2013-03-10 23:05 - 00128934 _____ () C:\Windows\System32\prfc0804.dat 2014-08-03 17:17 - 2013-03-10 22:39 - 00759896 _____ () C:\Windows\System32\perfh019.dat 2014-08-03 17:17 - 2013-03-10 22:39 - 00164082 _____ () C:\Windows\System32\perfc019.dat 2014-08-03 17:17 - 2013-03-10 22:30 - 00531476 _____ () C:\Windows\System32\perfh014.dat 2014-08-03 17:17 - 2013-03-10 22:30 - 00105826 _____ () C:\Windows\System32\perfc014.dat 2014-08-03 17:17 - 2013-03-10 22:22 - 00648866 _____ () C:\Windows\System32\perfh008.dat 2014-08-03 17:17 - 2013-03-10 22:22 - 00124264 _____ () C:\Windows\System32\perfc008.dat 2014-08-03 17:17 - 2013-03-10 22:14 - 00154414 _____ () C:\Windows\System32\perfc01D.dat 2014-08-03 17:17 - 2013-03-10 22:14 - 00055972 _____ () C:\Windows\System32\perfh01D.dat 2014-08-03 17:17 - 2013-03-10 22:06 - 00449400 _____ () C:\Windows\System32\perfh012.dat 2014-08-03 17:17 - 2013-03-10 22:06 - 00129814 _____ () C:\Windows\System32\perfc012.dat 2014-08-03 17:17 - 2013-03-10 21:56 - 00705144 _____ () C:\Windows\System32\perfh005.dat 2014-08-03 17:17 - 2013-03-10 21:56 - 00153850 _____ () C:\Windows\System32\perfc005.dat 2014-08-03 17:17 - 2013-03-10 21:35 - 00784328 _____ () C:\Windows\System32\perfh013.dat 2014-08-03 17:17 - 2013-03-10 21:35 - 00166192 _____ () C:\Windows\System32\perfc013.dat 2014-08-03 17:17 - 2013-03-10 21:27 - 00518660 _____ () C:\Windows\System32\perfh00B.dat 2014-08-03 17:17 - 2013-03-10 21:27 - 00114612 _____ () C:\Windows\System32\perfc00B.dat 2014-08-03 17:17 - 2013-03-10 21:19 - 00723478 _____ () C:\Windows\System32\perfh00E.dat 2014-08-03 17:17 - 2013-03-10 21:19 - 00185444 _____ () C:\Windows\System32\perfc00E.dat 2014-08-03 17:17 - 2013-03-10 21:06 - 00786448 _____ () C:\Windows\System32\perfh00A.dat 2014-08-03 17:17 - 2013-03-10 21:06 - 00172114 _____ () C:\Windows\System32\perfc00A.dat 2014-08-03 17:17 - 2013-03-10 20:57 - 00422532 _____ () C:\Windows\System32\perfh00D.dat 2014-08-03 17:17 - 2013-03-10 20:57 - 00094684 _____ () C:\Windows\System32\perfc00D.dat 2014-08-03 17:17 - 2013-03-10 20:44 - 00778976 _____ () C:\Windows\System32\perfh010.dat 2014-08-03 17:17 - 2013-03-10 20:44 - 00158532 _____ () C:\Windows\System32\perfc010.dat 2014-08-03 17:17 - 2013-03-10 20:36 - 00785246 _____ () C:\Windows\System32\perfh00C.dat 2014-08-03 17:17 - 2013-03-10 20:36 - 00514038 _____ () C:\Windows\System32\perfh001.dat 2014-08-03 17:17 - 2013-03-10 20:36 - 00162304 _____ () C:\Windows\System32\perfc00C.dat 2014-08-03 17:17 - 2013-03-10 20:36 - 00104698 _____ () C:\Windows\System32\perfc001.dat 2014-08-03 17:17 - 2013-03-10 20:21 - 00737988 _____ () C:\Windows\System32\perfh007.dat 2014-08-03 17:17 - 2013-03-10 20:21 - 00161006 _____ () C:\Windows\System32\perfc007.dat 2014-08-03 17:17 - 2009-07-13 21:13 - 17785838 _____ () C:\Windows\System32\PerfStringBackup.INI 2014-08-03 17:11 - 2014-08-03 17:11 - 00000000 ____D () C:\Windows\CSC 2014-08-03 17:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\tracing 2014-08-03 12:15 - 2013-12-14 13:33 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\NirSoft Utilities 2014-08-03 00:43 - 2014-07-27 12:04 - 00000000 ____D () C:\Windows\Microsoft Antimalware 2014-07-27 14:12 - 2009-07-13 20:45 - 00018192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-27 14:12 - 2009-07-13 20:45 - 00018192 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-27 13:50 - 2014-07-26 10:53 - 00000000 ____D () C:\BleepingComp 2014-07-27 08:22 - 2012-07-04 10:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-27 08:22 - 2012-07-04 10:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-27 06:34 - 2014-05-04 11:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-26 23:00 - 2011-05-29 09:43 - 00000448 _____ () C:\Windows\Tasks\SyncBack 1-Ins.job 2014-07-26 23:00 - 2011-05-29 09:42 - 00000460 _____ () C:\Windows\Tasks\SyncBack 1-IT-Public.job 2014-07-26 23:00 - 2011-05-29 09:42 - 00000458 _____ () C:\Windows\Tasks\SyncBack 1-Internet.job 2014-07-26 23:00 - 2011-05-29 09:41 - 00000448 _____ () C:\Windows\Tasks\SyncBack Music.job 2014-07-26 15:38 - 2014-07-26 15:34 - 00000000 ____D () C:\first.FRST.dan 2014-07-18 00:00 - 2014-07-18 00:00 - 00000000 _____ () C:\Windows\System32\SBRC.dat 2014-07-15 17:41 - 2014-07-13 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-14 00:41 - 2012-01-02 16:49 - 00000000 ____D () C:\users\Administrator.Argonne7-64 2014-07-14 00:41 - 2012-01-02 16:49 - 00000000 ____D () C:\users\Administrator 2014-07-14 00:40 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration 2014-07-13 23:00 - 2012-01-02 16:49 - 00000000 ____D () C:\users\dnilson 2014-07-13 15:17 - 2014-05-14 18:56 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-07-13 15:17 - 2012-01-02 16:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-07-13 15:17 - 2010-07-09 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-07-13 10:22 - 2014-07-13 10:22 - 00000000 ____D () C:\found.000 2014-07-12 15:10 - 2014-07-12 12:49 - 00004384 _____ () C:\Windows\PFRO.log 2014-07-12 15:10 - 2012-12-08 19:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-12 15:07 - 2009-07-13 18:34 - 45088768 _____ () C:\Windows\System32\config\system.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 196870144 _____ () C:\Windows\System32\config\software.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 06553600 _____ () C:\Windows\System32\config\default.rcbak 2014-07-12 15:07 - 2009-07-13 18:34 - 00040960 _____ () C:\Windows\System32\config\security.rcbak 2014-07-12 15:00 - 2011-12-26 22:44 - 00000000 ___RD () C:\Users\dnilson\Dropbox 2014-07-12 15:00 - 2011-04-02 18:04 - 00000414 _____ () C:\Windows\Tasks\SlimDrivers Startup.job 2014-07-12 14:59 - 2012-03-18 14:02 - 235143168 _____ () C:\Windows\System32\config\components.rctemp 2014-07-12 13:46 - 2011-11-26 20:54 - 00017785 _____ () C:\JavaRa.log 2014-07-12 13:46 - 2011-04-02 17:32 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-12 13:36 - 2014-07-12 13:36 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FastStone 2014-07-12 13:36 - 2010-10-09 13:40 - 00000000 ___RD () C:\Users\dnilson\Documents\My Bookmark Collections 2014-07-12 13:35 - 2014-07-12 13:35 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\FreeCommander 2014-07-12 13:34 - 2014-07-12 08:54 - 00000000 ____D () C:\ComboFix 2014-07-12 13:34 - 2013-12-14 13:48 - 00000000 ____D () C:\Program Files\Bonjour 2014-07-12 13:34 - 2013-04-21 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-12 13:34 - 2010-10-09 13:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-07-12 13:27 - 2011-05-21 13:31 - 00000000 ____D () C:\Program Files (x86)\CubicExplorer 2014-07-12 13:23 - 2010-10-09 13:12 - 00000000 ____D () C:\Program Files (x86)\CMAK 2014-07-12 13:08 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\A43FileManager 2014-07-12 13:07 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\abcAVI 2014-07-12 13:06 - 2014-07-12 13:05 - 00000393 _____ () C:\Windows\SecuniaPackage.log 2014-07-12 13:05 - 2014-07-12 13:05 - 00001811 _____ () C:\Users\Public\Desktop\ImgBurn.lnk 2014-07-12 13:05 - 2014-07-12 13:05 - 00000000 ____D () C:\Program Files (x86)\ImgBurn 2014-07-12 13:05 - 2013-08-10 18:40 - 00000000 ____D () C:\Users\dnilson\AppData\Local\CrashDumps 2014-07-12 13:05 - 2011-07-03 16:01 - 00002032 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-07-12 13:04 - 2013-07-05 12:56 - 00001012 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-07-12 13:02 - 2014-05-13 14:29 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\DropboxMaster 2014-07-12 13:02 - 2011-12-26 22:40 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\Dropbox 2014-07-12 13:02 - 2011-04-02 18:04 - 00016152 _____ () C:\Windows\System32\Drivers\SWDUMon.sys 2014-07-12 13:02 - 2011-04-02 18:04 - 00002844 _____ () C:\Windows\System32\Tasks\SlimDrivers Startup 2014-07-12 12:58 - 2014-07-12 12:58 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2014-07-12 12:49 - 2014-07-12 12:49 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-12 12:29 - 2010-10-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Acronis 2014-07-12 11:33 - 2014-07-12 11:33 - 00003804 _____ () C:\Users\dnilson\Documents\cc_20140712_153320.reg 2014-07-12 11:32 - 2014-07-12 11:31 - 00085804 _____ () C:\Users\dnilson\Documents\cc_20140712_153145.reg 2014-07-12 11:30 - 2012-01-03 20:54 - 00000000 ____D () C:\Program Files\ccleaner 2014-07-12 11:30 - 2011-12-12 19:25 - 00000842 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-12 11:12 - 2011-04-20 19:24 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\NetDrive 2014-07-12 11:02 - 2014-07-12 11:02 - 00000975 _____ () C:\Users\dnilson\Desktop\ExactFile.lnk 2014-07-12 11:02 - 2014-07-12 11:02 - 00000000 ____D () C:\Program Files (x86)\ExactFile 2014-07-12 10:18 - 2010-10-09 13:21 - 00000000 ____D () C:\Program Files (x86)\SolarWinds 2014-07-12 10:14 - 2010-08-16 18:50 - 00000000 ____D () C:\Program Files (x86)\VMware 2014-07-12 09:55 - 2013-03-28 16:54 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-07-12 09:50 - 2011-10-23 23:24 - 12857998 _____ () C:\ndsvc.log 2014-07-12 08:54 - 2013-06-22 17:20 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0EEAC82E-539A-4C8F-BFE2-787960AC1DED} 2014-07-12 08:22 - 2014-07-12 08:54 - 05218570 ____R (Swearware) C:\ComboFix.exe 2014-07-12 08:19 - 2014-07-12 08:19 - 00000000 ____D () C:\Windows\ERUNT 2014-07-12 08:19 - 2014-07-12 08:15 - 00002092 _____ () C:\Users\dnilson\Desktop\Rkill.txt 2014-07-12 07:57 - 2014-01-07 16:11 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-11 19:43 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache 2014-07-11 19:05 - 2009-07-13 20:45 - 00447816 _____ () C:\Windows\System32\FNTCACHE.DAT 2014-07-11 18:58 - 2014-05-07 23:04 - 00000000 ___SD () C:\Windows\System32\CompatTel 2014-07-11 18:58 - 2011-04-12 00:28 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\tr-TR 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\he-IL 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism 2014-07-11 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\ar-SA 2014-07-11 18:55 - 2014-07-11 18:06 - 00000000 ____D () C:\AdwCleaner 2014-07-09 23:19 - 2010-10-09 13:07 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-09 23:17 - 2013-09-19 20:11 - 00000000 ____D () C:\Windows\System32\MRT 2014-07-09 23:10 - 2012-01-02 19:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2014-07-09 00:34 - 2014-05-04 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 00:34 - 2014-05-04 11:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-09 00:34 - 2014-05-04 11:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 18:01 - 2010-10-09 13:42 - 00000000 ____D () C:\Users\dnilson\.VirtualBox 2014-07-08 16:09 - 2010-10-09 13:38 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\TeraCopy 2014-07-07 19:58 - 2010-10-09 13:38 - 00000000 ____D () C:\Users\dnilson\Documents\- Scouts 2014-07-07 19:56 - 2011-01-18 22:52 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\vlc 2014-07-07 19:54 - 2010-09-11 18:59 - 00000000 ____D () C:\Users\dnilson\Desktop\Internet Purchases 2014-07-07 19:37 - 2014-07-07 19:37 - 00000000 ____D () C:\Users\dnilson\AppData\Local\Adobe 2014-07-07 18:43 - 2011-02-25 20:28 - 00000000 ____D () C:\AMD 2014-07-07 18:26 - 2014-07-07 17:31 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\GetFoldersize 2014-07-07 17:33 - 2014-07-07 17:33 - 00001001 _____ () C:\Users\Public\Desktop\AllDup.lnk 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Users\dnilson\AppData\Roaming\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\ProgramData\AllDup 2014-07-07 17:33 - 2014-07-07 17:33 - 00000000 ____D () C:\Program Files (x86)\AllDup 2014-07-07 17:31 - 2014-07-07 17:31 - 00001089 _____ () C:\Users\Public\Desktop\GetFoldersize.lnk 2014-07-07 17:31 - 2014-07-07 17:31 - 00000000 ____D () C:\Program Files (x86)\GetFoldersize 2014-07-07 16:20 - 2014-07-07 16:20 - 00000474 _____ () C:\Users\dnilson\Desktop\How to Reduce the Size of Your WinSXS Folder on Windows 7 or 8.website 2014-07-07 15:55 - 2012-01-13 21:35 - 00000000 ____D () C:\Windows\Minidump 2014-07-07 15:30 - 2014-07-07 15:30 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup 2014-07-07 15:30 - 2014-07-07 15:30 - 00003168 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update 2014-07-07 15:30 - 2014-02-10 19:01 - 00001192 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk 2014-07-07 15:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\NDF 2014-07-06 21:59 - 2014-06-27 10:36 - 00005994 _____ () C:\Users\dnilson\HACF-wiki.txt Some content of TEMP: ==================== C:\Users\dnilson\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprehrey.dll ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== Restore Points ========================= ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=C: path \bootmgr description Windows Boot Manager locale en-US default {default} displayorder {default} {f035da21-f446-11e3-a0e3-b0e25b28da3d} {f035da25-f446-11e3-a0e3-b0e25b28da3d} timeout 30 displaybootmenu Yes Windows Boot Loader ------------------- identifier {default} device partition=C: path \Windows\system32\winload.exe description Windows 7 Ultimate (recovered) locale en-US osdevice partition=C: systemroot \Windows resumeobject {d9a6efb7-f4ab-11e3-a54f-806e6f6e6963} nx OptIn pae Default sos No debug No Windows Boot Loader ------------------- identifier {f035da21-f446-11e3-a0e3-b0e25b28da3d} device partition=E: path \Windows\system32\winload.exe description Windows 7 Professional (recovered) locale en-US osdevice partition=E: systemroot \Windows resumeobject {aa36f3db-f426-11e3-81cb-806e6f6e6963} Windows Boot Loader ------------------- identifier {f035da22-f446-11e3-a0e3-b0e25b28da3d} device ramdisk=[E:]\Recovery\3af8c4a2-7ac5-11df-86cf-cd11f917cc08\Winre.wim,{f035da23-f446-11e3-a0e3-b0e25b28da3d} path \windows\system32\winload.exe description Windows Recovery Environment (recovered) locale osdevice ramdisk=[E:]\Recovery\3af8c4a2-7ac5-11df-86cf-cd11f917cc08\Winre.wim,{f035da23-f446-11e3-a0e3-b0e25b28da3d} systemroot \windows winpe Yes Windows Boot Loader ------------------- identifier {f035da24-f446-11e3-a0e3-b0e25b28da3d} device partition=E: path \$WINDOWS.~BT\Windows\system32\winload.exe description Windows (TM) Code Name "Longhorn" Preinstallation Environment (recovered) locale en-US osdevice partition=E: systemroot \$WINDOWS.~BT\Windows winpe Yes Resume from Hibernate --------------------- identifier {aa36f3db-f426-11e3-81cb-806e6f6e6963} device partition=E: path \Windows\system32\winresume.exe description Windows 7 Professional (recovered) locale en-US inherit {resumeloadersettings} filedevice partition=E: filepath \hiberfil.sys pae Yes debugoptionenabled No Resume from Hibernate --------------------- identifier {d9a6efb7-f4ab-11e3-a54f-806e6f6e6963} device partition=C: path \Windows\system32\winresume.exe description Windows 7 Ultimate (recovered) locale en-US inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=C: path \boot\memtest.exe description Windows Memory Diagnostic locale en-US Real-mode Boot Sector --------------------- identifier {f035da25-f446-11e3-a0e3-b0e25b28da3d} device boot path \NTLDR description Microsoft Windows XP Device options -------------- identifier {f035da23-f446-11e3-a0e3-b0e25b28da3d} ramdisksdidevice partition=E: ramdisksdipath \Recovery\3af8c4a2-7ac5-11df-86cf-cd11f917cc08\boot.sdi ==================== Memory info =========================== Percentage of memory in use: 11% Total physical RAM: 8191.35 MB Available physical RAM: 7215.87 MB Total Pagefile: 8189.5 MB Available Pagefile: 7218.24 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (C_0_3_NTFS-win7-64) (Fixed) (Total:290.77 GB) (Free:126.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (System Reserved) (Fixed) (Total:0.09 GB) (Free:0.05 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (C_0_2_NTFS-win7-32) (Fixed) (Total:100 GB) (Free:72.33 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF Drive g: (PATRIOT) (Removable) (Total:29.82 GB) (Free:27.52 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 6BA9FB03) Partition 1: (Not Active) - (Size=94 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=291 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 16 MB) (Disk ID: ABA47C1E) ======================================================== Disk: 2 (Size: 30 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=30 GB) - (Type=0C) LastRegBack: 2014-07-17 20:17 ==================== End Of Log ============================