Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 7 Bsod related to a Win 32 Ainslot A worm


  • Please log in to reply

#1
jkm03

jkm03

    New Member

  • Member
  • Pip
  • 1 posts
I m getting Blue screen of death once every 10-20 minutes due to this worm. My hardware is fine. When MSE tries to remove this worm, automatic bsod. Bsod also after a certain time. Last night, some how a malcious program tricked some windows check into thinking I was not running a genunie copy of windows. Eventually I was forced to enter my product key. No problems with a "windows not genunie" message since then but... ugh.
I ve battling it for over a day and I m still losing. Avg recovery disk, Malware bytes... scan and delete scan and delete.. over a day this Win 32 ainslot A has been showing up on MSE.
Safe modes, with and without networking, work fine, 100%. I ve download OTL and have a log.


TL by OldTimer - Version 3.2.24.1 Folder = C:\Users\JohnReddan\Downloads
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 52.28% Memory free
8.00 Gb Paging File | 5.88 Gb Available in Paging File | 73.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 911.77 Gb Total Space | 163.22 Gb Free Space | 17.90% Space Free | Partition Type: NTFS
Drive F: | 19.74 Gb Total Space | 16.64 Gb Free Space | 84.28% Space Free | Partition Type: NTFS

Computer Name: VERSION2 | User Name: JohnReddan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/19 00:46:23 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\JohnReddan\Downloads\OTL.exe
PRC - [2011/06/15 03:29:08 | 000,942,080 | -H-- | M] (Microsoft) -- C:\Users\JohnReddan\AppData\Roaming\Divx.exe
PRC - [2011/05/17 13:29:46 | 000,395,144 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/04/27 08:53:38 | 000,742,944 | ---- | M] (EnTech Taiwan) -- C:\Program Files (x86)\PowerStrip\PStrip.exe
PRC - [2011/04/08 01:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/06 23:12:08 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2010/11/29 00:32:52 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/11/17 02:01:10 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2010/11/10 19:38:40 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Launchy\Launchy.exe
PRC - [2010/10/06 16:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
PRC - [2010/09/16 16:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/06/17 13:01:42 | 000,923,648 | ---- | M] () -- C:\Program Files (x86)\SensorsViewPro41\svservice.exe
PRC - [2010/05/07 18:47:32 | 000,114,008 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/04/01 05:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/18 19:17:48 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CtHelper.exe
PRC - [2009/05/18 13:29:16 | 003,866,624 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2008/06/24 20:06:22 | 000,904,768 | ---- | M] (Acronis) -- C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2008/06/24 19:56:52 | 000,136,472 | ---- | M] (Seagate) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2008/06/24 19:52:18 | 001,325,848 | ---- | M] (Seagate) -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe


========== Modules (SafeList) ==========

MOD - [2011/06/19 00:46:23 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\JohnReddan\Downloads\OTL.exe
MOD - [2010/11/20 07:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010/10/04 13:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
MOD - [2008/07/09 17:23:30 | 000,021,752 | ---- | M] (EnTech Taiwan) -- C:\Program Files (x86)\PowerStrip\PShook.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/11/11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010/11/11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/06/05 17:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/08 01:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/04/07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/11/29 00:32:52 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/06/17 13:01:42 | 000,923,648 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SensorsViewPro41\svservice.exe -- (SensorsVService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/23 13:31:44 | 000,401,920 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/24 19:57:28 | 000,605,464 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/06/18 10:31:37 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/06/02 15:05:14 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/06/02 15:05:14 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2011/06/02 15:05:09 | 000,235,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2011/06/02 15:05:06 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/03/24 10:57:54 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/03/24 10:57:54 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/03 11:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/02/09 09:34:44 | 000,181,040 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2011/01/07 16:03:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/11/25 07:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
DRV:64bit: - [2010/11/20 09:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 09:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 07:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/10 03:45:54 | 004,162,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 120(UVC)
DRV:64bit: - [2010/10/24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010/10/11 20:08:13 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/07/22 11:19:41 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010/04/27 17:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/27 17:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 15:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 15:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2010/04/07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WMP54Gv41x64.sys -- (rt61x64)
DRV:64bit: - [2010/03/18 20:52:18 | 000,295,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP17v2k.sys -- (hap17v2k)
DRV:64bit: - [2010/03/18 20:52:10 | 000,259,672 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\haP16v2k.sys -- (hap16v2k)
DRV:64bit: - [2010/03/18 20:52:02 | 001,360,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV:64bit: - [2010/03/18 20:51:50 | 000,147,544 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/03/18 20:51:34 | 000,290,392 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/03/18 20:51:26 | 000,016,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/03/18 20:51:18 | 000,221,272 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/03/18 20:50:52 | 000,866,264 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010/03/18 20:50:42 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/03/18 20:40:10 | 000,141,912 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV:64bit: - [2010/03/18 20:40:02 | 000,681,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV:64bit: - [2010/03/18 20:39:54 | 000,706,648 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV:64bit: - [2010/03/18 20:39:44 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\COMMONFX.sys -- (COMMONFX)
DRV:64bit: - [2009/11/04 10:11:24 | 001,557,376 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI)
DRV:64bit: - [2009/09/28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 17:42:04 | 000,475,136 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2008/12/19 05:55:34 | 000,122,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PciSPorts.sys -- (PciSPorts)
DRV:64bit: - [2007/05/03 11:19:38 | 000,014,032 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\se64a.sys -- (se64a)
DRV:64bit: - [2007/04/12 08:10:28 | 000,151,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\COMMONFX.DLL -- (COMMONFX.DLL)
DRV:64bit: - [2007/04/10 04:17:22 | 000,123,688 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV:64bit: - [2007/04/10 04:17:00 | 000,252,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CT20XUT.DLL -- (CT20XUT.DLL)
DRV:64bit: - [2007/04/10 04:16:20 | 001,571,112 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV:64bit: - [2007/04/10 04:15:44 | 000,363,304 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV:64bit: - [2007/04/10 04:15:10 | 000,190,248 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV:64bit: - [2007/04/10 04:14:28 | 000,142,120 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV:64bit: - [2007/04/10 04:13:38 | 000,321,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV:64bit: - [2007/04/10 04:13:08 | 000,219,432 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV:64bit: - [2007/04/10 04:12:22 | 000,681,256 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV:64bit: - [2007/04/10 04:11:46 | 000,700,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV:64bit: - [2007/01/17 14:32:00 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder2.sys -- (Spyder2)
DRV:64bit: - [2007/01/15 14:36:18 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006/09/30 05:36:14 | 000,013,008 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pstrip64.sys -- (PStrip64)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2011/03/24 10:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/03/24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2008/07/26 14:30:36 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | System | Running] -- C:\Program Files (x86)\SensorsViewPro41\drv\sensorsview32_64.sys -- (sensorsview)
DRV - [2007/05/03 11:19:38 | 000,014,032 | ---- | M] (EnTech Taiwan) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\se64a.sys -- (se64a)
DRV - [2007/02/07 14:27:46 | 000,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2002/07/17 17:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (ASPI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.freemusiczilla.com
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fmz.qiwa.com"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.1
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: [email protected]:0.7.2.6
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..keyword.URL: "http://websearch.ask...=YYYYYYB3US&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/06 23:12:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/04/24 18:24:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/24 18:24:59 | 000,000,000 | ---D | M]

[2010/06/23 23:41:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Extensions
[2011/05/28 15:53:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions
[2011/01/10 14:13:54 | 000,000,000 | ---D | M] (Screengrab) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2011/04/19 12:56:42 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/01/10 14:13:54 | 000,000,000 | ---D | M] (Read It Later) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions\[email protected]
[2011/03/26 17:04:49 | 000,000,000 | ---D | M] ("AmazonAssist") -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions\[email protected]
[2011/05/29 21:05:29 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\extensions\[email protected]
[2011/05/29 20:02:46 | 000,002,395 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\searchplugins\askcom.xml
[2010/07/13 14:04:21 | 000,002,059 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\Mozilla\Firefox\Profiles\4vrdiasc.default\searchplugins\daemon-search.xml
[2011/05/14 00:13:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/06/12 10:46:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/11/30 00:45:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/10 13:59:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/10 16:24:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2011/04/06 23:12:33 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\JOHNREDDAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4VRDIASC.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2011/03/18 13:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/07/22 13:35:34 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

Hosts file not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AsioReg] File not found
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [avast5] File not found
O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DivxUpdater] C:\Users\JohnReddan\AppData\Roaming\Divx.exe (Microsoft)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Desura] File not found
O4 - HKCU..\Run: [DivxUpdater] C:\Users\JohnReddan\AppData\Roaming\Divx.exe (Microsoft)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe ()
O4 - Startup: C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk = C:\Program Files (x86)\PowerStrip\PStrip.exe (EnTech Taiwan)
O4 - Startup: C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run: DivxUpdater = C:\Users\JohnReddan\AppData\Roaming\Divx.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/10/18 21:48:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{34518d45-8ec7-11df-933f-0026186811a4}\Shell - "" = AutoRun
O33 - MountPoints2\{34518d45-8ec7-11df-933f-0026186811a4}\Shell\AutoRun\command - "" = E:\Razor1911_Installer.exe
O33 - MountPoints2\{6e323044-41fd-11e0-8f43-c8626f7c4c70}\Shell - "" = AutoRun
O33 - MountPoints2\{6e323044-41fd-11e0-8f43-c8626f7c4c70}\Shell\AutoRun\command - "" = F:\TLBootstrap_WPP.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/19 00:39:21 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/18 13:54:22 | 000,000,000 | ---D | C] -- C:\t
[2011/06/18 10:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2011/06/18 10:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[email protected] ISO Burner
[2011/06/18 02:40:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/06/18 02:12:20 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\Malwarebytes
[2011/06/18 02:12:02 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/18 02:12:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/18 02:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/18 02:11:58 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/06/18 02:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/18 01:26:18 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/06/17 22:31:42 | 000,942,080 | -H-- | C] (Microsoft) -- C:\Users\JohnReddan\AppData\Roaming\Divx.exe
[2011/06/17 22:00:35 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\Documents\Duke Nukem Forever
[2011/06/17 21:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razor 1911
[2011/06/17 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\Desktop\duke 3d
[2011/06/17 03:02:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/17 03:02:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/17 03:02:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/17 03:02:52 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/06/17 03:02:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/17 03:02:51 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011/06/17 03:02:51 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/06/17 03:02:51 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/06/16 18:52:42 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/15 00:16:21 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\FatShark
[2011/06/15 00:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011/06/14 20:01:23 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\Desktop\to use
[2011/06/14 16:10:18 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Local\Origin
[2011/06/14 16:09:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011/06/14 16:09:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011/06/14 16:09:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011/06/14 16:09:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2011/06/13 15:43:53 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\Desktop\Disc 2 mp3
[2011/06/13 15:43:51 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\Desktop\Disc 1 mp3
[2011/06/13 01:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Logs
[2011/06/09 10:51:18 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011/06/06 17:27:36 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Another World
[2011/06/06 17:27:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another World
[2011/06/06 17:27:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Another World
[2011/06/06 14:44:29 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Local\3DMGAME
[2011/06/03 10:42:05 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MonInfo
[2011/06/03 10:41:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonInfo
[2011/06/03 10:41:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\softMCCS
[2011/06/03 10:41:51 | 000,014,032 | ---- | C] (EnTech Taiwan) -- C:\Windows\SysNative\drivers\se64a.sys
[2011/06/03 10:41:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softMCCS
[2011/06/03 09:04:28 | 000,000,000 | ---D | C] -- C:\dell
[2011/06/02 21:29:33 | 000,000,000 | ---D | C] -- C:\NST
[2011/06/02 21:28:07 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Local\NeoSmart_Technologies
[2011/06/02 21:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
[2011/06/02 21:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeoSmart Technologies
[2011/06/02 18:57:18 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerStrip
[2011/06/02 18:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerStrip
[2011/06/02 16:39:58 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\ImgBurn
[2011/06/02 16:32:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/06/02 16:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2011/06/02 15:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EASEUS Partition Master 8.0.1 Home Edition
[2011/06/02 15:18:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS
[2011/06/02 15:05:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2011/06/02 15:05:14 | 000,711,712 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/06/02 15:05:14 | 000,081,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys
[2011/06/02 15:05:11 | 000,011,264 | ---- | C] (Acronis) -- C:\Windows\SysNative\relog_ap.dll
[2011/06/02 15:05:08 | 000,235,040 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/06/02 15:05:06 | 000,593,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2011/06/02 15:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2011/06/02 15:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Seagate
[2011/06/02 15:04:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2011/06/02 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDAS
[2011/06/02 14:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDAS
[2011/06/02 14:02:26 | 000,000,000 | ---D | C] -- C:\WinDAS
[2011/06/02 14:02:15 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\Users\JohnReddan\Desktop\mfc42.dll
[2011/06/02 14:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\MOSCHIP
[2011/05/30 12:24:43 | 020,700,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011/05/30 12:24:43 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011/05/30 12:24:43 | 008,411,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011/05/30 12:24:43 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011/05/30 12:24:43 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011/05/30 12:24:43 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011/05/30 12:24:42 | 018,578,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011/05/30 12:24:42 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011/05/30 12:24:42 | 012,934,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011/05/30 12:24:42 | 006,974,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011/05/30 12:24:42 | 005,183,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011/05/30 12:24:42 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011/05/30 12:24:42 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011/05/30 12:24:42 | 002,204,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011/05/30 12:24:42 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011/05/30 12:24:42 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011/05/29 00:24:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Codemasters
[2011/05/25 11:20:30 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010/03/18 19:18:32 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010/03/18 18:59:50 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/19 01:14:45 | 000,001,331 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\data.dat
[2011/06/19 01:12:15 | 000,883,078 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/19 01:12:15 | 000,196,620 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/19 01:12:15 | 000,006,382 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/19 01:06:34 | 000,000,393 | ---- | M] () -- C:\Windows\SysWow64\mail.dat
[2011/06/19 01:05:49 | 000,000,257 | ---- | M] () -- C:\Windows\SysWow64\mess.dat
[2011/06/19 01:05:40 | 000,011,366 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.ini
[2011/06/19 01:05:34 | 000,011,366 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bak
[2011/06/19 01:04:42 | 686,423,972 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/19 01:04:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/19 01:04:36 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/19 01:00:19 | 000,006,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 01:00:19 | 000,006,432 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/19 00:52:21 | 000,011,366 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bk!
[2011/06/19 00:29:57 | 000,011,361 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bko
[2011/06/19 00:29:11 | 000,300,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/18 13:17:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-439991216-2356958773-2533057626-1000UA.job
[2011/06/18 10:31:37 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/06/18 02:12:02 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/18 01:26:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/17 19:59:08 | 000,002,083 | ---- | M] () -- C:\Users\Public\Desktop\Duke Nukem 3D.lnk
[2011/06/17 15:15:08 | 000,002,880 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/06/17 10:08:50 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2011/06/17 01:17:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-439991216-2356958773-2533057626-1000Core.job
[2011/06/16 20:41:29 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2011/06/16 20:41:21 | 000,004,179 | ---- | M] () -- C:\Users\JohnReddan\Desktop\John Reddan Resume (5).rtf
[2011/06/16 20:31:32 | 000,007,334 | ---- | M] () -- C:\Users\JohnReddan\Desktop\New OpenDocument Text.odt
[2011/06/15 03:29:08 | 000,942,080 | -H-- | M] (Microsoft) -- C:\Users\JohnReddan\AppData\Roaming\Divx.exe
[2011/06/14 22:55:06 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/06/14 22:55:06 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/06/14 20:06:20 | 000,008,260 | ---- | M] () -- C:\Users\JohnReddan\.recently-used.xbel
[2011/06/13 15:55:42 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011/06/12 10:44:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/10 19:55:09 | 000,000,972 | ---- | M] () -- C:\Users\JohnReddan\Desktop\Doom3.lnk
[2011/06/06 17:28:11 | 000,002,376 | ---- | M] () -- C:\Users\JohnReddan\Desktop\Making Of Another World.lnk
[2011/06/06 17:27:36 | 000,001,067 | ---- | M] () -- C:\Users\JohnReddan\Desktop\Another World.lnk
[2011/06/03 10:42:05 | 000,000,929 | ---- | M] () -- C:\Users\JohnReddan\Desktop\MonInfo.lnk
[2011/06/03 10:41:52 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\softMCCS.lnk
[2011/06/02 21:25:59 | 000,047,772 | RHS- | M] () -- C:\NTDETECT.COM
[2011/06/02 21:25:59 | 000,000,345 | RHS- | M] () -- C:\boot.ini
[2011/06/02 21:23:52 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.0.lnk
[2011/06/02 19:03:43 | 000,000,716 | ---- | M] () -- C:\Windows\SysWow64\ps_mon1.inf
[2011/06/02 19:01:38 | 000,001,482 | ---- | M] () -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2011/06/02 18:57:21 | 000,000,065 | ---- | M] () -- C:\Windows\wininit.ini
[2011/06/02 16:32:47 | 000,001,865 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/06/02 15:51:34 | 000,000,771 | -H-- | M] () -- C:\Windows\EPMBatch.ept
[2011/06/02 15:19:03 | 000,001,430 | ---- | M] () -- C:\Users\Public\Desktop\EASEUS Partition Master 8.0.1 Home Edition.lnk
[2011/06/02 15:13:28 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2011/06/02 15:05:14 | 000,711,712 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2011/06/02 15:05:14 | 000,081,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys
[2011/06/02 15:05:09 | 000,235,040 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2011/06/02 15:05:06 | 000,593,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2011/06/02 15:05:05 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk
[2011/06/02 14:04:17 | 000,000,000 | ---- | M] () -- C:\Users\JohnReddan\Documents\hjhh.dat
[2011/06/02 14:03:00 | 000,000,048 | ---- | M] () -- C:\Users\JohnReddan\Documents\first.dat
[2011/06/02 14:02:28 | 000,000,578 | ---- | M] () -- C:\Users\JohnReddan\Desktop\WinDAS.lnk
[2011/06/02 13:18:18 | 000,000,048 | ---- | M] () -- C:\Users\JohnReddan\Documents\second.dat
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/27 01:39:29 | 000,000,702 | ---- | M] () -- C:\Users\JohnReddan\Documents\JohnReddan - Shortcut.lnk
[7 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/19 00:30:03 | 000,001,007 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\data.dat
[2011/06/18 02:12:02 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/18 01:08:15 | 000,006,432 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/18 01:08:15 | 000,006,432 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/18 00:33:04 | 000,000,393 | ---- | C] () -- C:\Windows\SysWow64\mail.dat
[2011/06/18 00:32:39 | 000,000,257 | ---- | C] () -- C:\Windows\SysWow64\mess.dat
[2011/06/17 19:59:07 | 000,002,083 | ---- | C] () -- C:\Users\Public\Desktop\Duke Nukem 3D.lnk
[2011/06/16 20:31:32 | 000,007,334 | ---- | C] () -- C:\Users\JohnReddan\Desktop\New OpenDocument Text.odt
[2011/06/16 20:22:50 | 000,004,179 | ---- | C] () -- C:\Users\JohnReddan\Desktop\John Reddan Resume (5).rtf
[2011/06/14 20:06:20 | 000,008,260 | ---- | C] () -- C:\Users\JohnReddan\.recently-used.xbel
[2011/06/14 16:09:58 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2011/06/14 11:28:30 | 000,294,432 | ---- | C] () -- C:\Users\JohnReddan\Desktop\100_4375.JPG
[2011/06/10 19:55:09 | 000,000,972 | ---- | C] () -- C:\Users\JohnReddan\Desktop\Doom3.lnk
[2011/06/06 17:28:11 | 000,002,376 | ---- | C] () -- C:\Users\JohnReddan\Desktop\Making Of Another World.lnk
[2011/06/06 17:27:36 | 000,001,067 | ---- | C] () -- C:\Users\JohnReddan\Desktop\Another World.lnk
[2011/06/03 10:42:05 | 000,000,929 | ---- | C] () -- C:\Users\JohnReddan\Desktop\MonInfo.lnk
[2011/06/03 10:41:52 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\softMCCS.lnk
[2011/06/03 10:36:50 | 000,001,880 | ---- | C] () -- C:\Windows\SysNative\drivers\monitor.sys.inf
[2011/06/03 09:13:52 | 000,007,888 | ---- | C] () -- C:\Windows\SysNative\p1130.cat
[2011/06/03 09:13:52 | 000,001,880 | ---- | C] () -- C:\Windows\SysNative\P1130.inf
[2011/06/03 09:13:52 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\P1130.icm
[2011/06/03 09:13:26 | 000,120,720 | ---- | C] () -- C:\Windows\SysNative\monitor5.PNF
[2011/06/03 09:13:26 | 000,112,360 | ---- | C] () -- C:\Windows\SysNative\monitor8.PNF
[2011/06/03 09:13:26 | 000,101,148 | ---- | C] () -- C:\Windows\SysNative\monitor2.PNF
[2011/06/03 09:13:26 | 000,094,204 | ---- | C] () -- C:\Windows\SysNative\monitor6.PNF
[2011/06/03 09:13:26 | 000,089,128 | ---- | C] () -- C:\Windows\SysNative\monitor3.PNF
[2011/06/03 09:13:26 | 000,088,208 | ---- | C] () -- C:\Windows\SysNative\monitor7.PNF
[2011/06/03 09:13:26 | 000,086,836 | ---- | C] () -- C:\Windows\SysNative\monitor4.PNF
[2011/06/03 09:13:26 | 000,060,593 | ---- | C] () -- C:\Windows\SysNative\monitor5.inf
[2011/06/03 09:13:26 | 000,052,670 | ---- | C] () -- C:\Windows\SysNative\monitor8.inf
[2011/06/03 09:13:26 | 000,052,117 | ---- | C] () -- C:\Windows\SysNative\monitor.inf
[2011/06/03 09:13:26 | 000,047,730 | ---- | C] () -- C:\Windows\SysNative\monitor2.inf
[2011/06/03 09:13:26 | 000,045,673 | ---- | C] () -- C:\Windows\SysNative\monitor6.inf
[2011/06/03 09:13:26 | 000,041,883 | ---- | C] () -- C:\Windows\SysNative\monitor3.inf
[2011/06/03 09:13:26 | 000,040,439 | ---- | C] () -- C:\Windows\SysNative\monitor7.inf
[2011/06/03 09:13:26 | 000,040,054 | ---- | C] () -- C:\Windows\SysNative\monitor4.inf
[2011/06/03 09:07:22 | 000,002,933 | ---- | C] () -- C:\Users\JohnReddan\Desktop\README
[2011/06/02 21:23:52 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.0.lnk
[2011/06/02 21:18:46 | 000,011,361 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bko
[2011/06/02 21:11:03 | 000,011,366 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bk!
[2011/06/02 21:10:43 | 000,011,366 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.bak
[2011/06/02 19:03:43 | 000,000,716 | ---- | C] () -- C:\Windows\SysWow64\ps_mon1.inf
[2011/06/02 19:01:31 | 000,001,482 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
[2011/06/02 19:01:27 | 000,011,366 | ---- | C] () -- C:\Users\JohnReddan\AppData\Roaming\PStrip.ini
[2011/06/02 18:57:21 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2011/06/02 18:57:13 | 000,013,008 | ---- | C] () -- C:\Windows\SysNative\drivers\pstrip64.sys
[2011/06/02 16:32:47 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011/06/02 16:32:46 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2011/06/02 15:23:03 | 000,000,771 | -H-- | C] () -- C:\Windows\EPMBatch.ept
[2011/06/02 15:19:03 | 000,001,430 | ---- | C] () -- C:\Users\Public\Desktop\EASEUS Partition Master 8.0.1 Home Edition.lnk
[2011/06/02 15:19:02 | 002,926,208 | ---- | C] () -- C:\Windows\SysNative\BootMan.exe
[2011/06/02 15:19:02 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011/06/02 15:19:02 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\EuEpmGdi.dll
[2011/06/02 15:19:01 | 002,340,992 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011/06/02 15:19:01 | 000,100,232 | ---- | C] () -- C:\Windows\SysNative\setupempdrvx64.exe
[2011/06/02 15:19:01 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011/06/02 15:19:01 | 000,016,776 | ---- | C] () -- C:\Windows\SysNative\epmntdrv.sys
[2011/06/02 15:19:01 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011/06/02 15:19:01 | 000,009,096 | ---- | C] () -- C:\Windows\SysNative\EuGdiDrv.sys
[2011/06/02 15:19:01 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011/06/02 15:13:57 | 000,792,882 | ---- | C] () -- C:\Users\JohnReddan\Desktop\SATA_guide.en.pdf
[2011/06/02 15:13:28 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2011/06/02 15:05:05 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk
[2011/06/02 14:04:16 | 000,000,000 | ---- | C] () -- C:\Users\JohnReddan\Documents\hjhh.dat
[2011/06/02 14:02:28 | 000,000,578 | ---- | C] () -- C:\Users\JohnReddan\Desktop\WinDAS.lnk
[2011/06/02 14:02:15 | 001,439,352 | ---- | C] () -- C:\Users\JohnReddan\Desktop\WinDASInstall.exe
[2011/06/02 14:00:58 | 000,339,968 | ---- | C] () -- C:\Windows\SysNative\MOSCHIP_PciUninst.exe
[2011/06/02 13:18:16 | 000,000,048 | ---- | C] () -- C:\Users\JohnReddan\Documents\second.dat
[2011/06/02 13:02:16 | 000,000,345 | RHS- | C] () -- C:\boot.ini
[2011/06/02 12:53:39 | 000,000,048 | ---- | C] () -- C:\Users\JohnReddan\Documents\first.dat
[2011/05/27 01:39:29 | 000,000,702 | ---- | C] () -- C:\Users\JohnReddan\Documents\JohnReddan - Shortcut.lnk
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/04/02 22:57:36 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2011/01/12 20:04:05 | 000,000,343 | ---- | C] () -- C:\Windows\doom3.ini
[2011/01/12 16:35:44 | 000,000,304 | ---- | C] () -- C:\Windows\thug2.ini
[2010/12/07 16:29:38 | 000,000,040 | ---- | C] () -- C:\Windows\RUNAWAY.INI
[2010/11/29 00:32:57 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/11/29 00:32:52 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/11/29 00:32:52 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010/11/10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/11/10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/09/16 17:19:33 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010/08/30 15:15:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/08/11 03:50:45 | 000,119,296 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2010/08/11 03:50:45 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ADsSecurity.dll
[2010/08/11 03:50:45 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dxinputdll.dll
[2010/08/05 17:25:45 | 000,000,008 | RHS- | C] () -- C:\ProgramData\165A142A2D.sys
[2010/08/05 17:25:44 | 000,002,880 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/07/07 22:03:18 | 000,797,114 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/28 22:44:55 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/03/18 19:59:54 | 000,050,439 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/03/18 19:19:58 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CTBurst.dll
[2010/03/18 19:17:50 | 000,037,888 | ---- | C] () -- C:\Windows\SysWow64\psconv.exe
[2010/03/18 19:07:54 | 000,386,852 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010/03/18 19:07:54 | 000,051,787 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010/03/18 18:59:56 | 000,313,207 | ---- | C] () -- C:\Windows\SysWow64\ctstatic.dat
[2010/03/18 18:59:56 | 000,053,932 | ---- | C] () -- C:\Windows\SysWow64\ctdaught.dat
[2010/03/18 18:59:54 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\ctmmactl.dll
[2007/06/12 11:25:54 | 000,000,920 | ---- | C] () -- C:\Windows\SysWow64\WLAN.INI
[2007/04/12 08:10:28 | 000,105,728 | ---- | C] () -- C:\Windows\SysWow64\APOMgrH.dll
[2007/04/09 12:55:14 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2006/10/02 09:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\SysWow64\kill.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\Windows\SysWow64\zlib.dll:DocumentSummaryInformation

< End of report >

Edited by jkm03, 18 June 2011 - 11:31 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP