[rock777]

Hello good folks, I'm on windows 7 64 bit and this just happened out of the blue its been about 2 weeks now. I found a thread on here from last year regarding this same issue and tried to complete step one of burning OTLPEStd.exe program to a cd. I got as far as the desktop but when I go to scan my hard drive to get the txt file the program says something about windows 2000 or newer. Is there a different version for OTLPEStd.exe that I need for windows 7 64. thanks.

[Advertisements]

Hi, and welcome.

Lets give it a try. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Click on Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

[JSntgRvr]

Hi, and welcome.

Lets give it a try. You will need a USB (Flash) pendrive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Click on Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

[rock777]

here it is:

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.2
Ran by SYSTEM at 2012-01-16 20:39:13
Running from F:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe" [3432448 2010-03-17] (Alcatel-Lucent)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [104408 2010-08-05] (PC Tools)
HKLM-x32\...\Run: [VERIZONDM] "C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM [206120 2011-02-01] (SupportSoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-04-26] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [273528 2011-10-21] (RealNetworks, Inc.)
HKLM-x32\...\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot [1233856 2011-10-24] (Simply Super Software)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [449608 2011-08-31] (Malwarebytes Corporation)
HKU\rock\...\Run: [Google Update] "C:\Users\rock\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-10-17] (Google Inc.)
HKU\rock\...\Run: [RegClean Expert Scheduler] "C:\Program Files (x86)\Registry Clean Expert2\RCHelper.exe" /startup [605056 2011-01-11] (iExpert Software)
HKU\rock\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-12-01] (Google Inc.)
HKU\rock\...\Run: [ftweak_RAMRush] C:\Program Files (x86)\RAMRush\RAMRush.exe [670720 2009-09-17] (FTweak)
HKU\rock\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\rock\...\Run: [CrossRiderPlugin] C:\Program Files (x86)\CrossriderWebApps\Crossrider.exe [478720 2011-05-15] (Crossrider)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 FTSvc; "C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\FantapperUpdateService.exe" [11776 2011-12-12] (Brand Affinity Technologies)
2 IHA_MessageCenter; "C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [118784 2011-03-24] ()
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [366152 2011-08-31] (Malwarebytes Corporation)
2 McciCMService; "C:\Program Files (x86)\Common Files\Motive\McciCMService.exe" [319488 2010-03-17] (Alcatel-Lucent)
2 McciCMService64; "C:\Program Files\Common Files\Motive\McciCMService.exe" [517632 2010-03-17] (Alcatel-Lucent)
2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH)
2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" [2784768 2011-03-25] (PACE Anti-Piracy, Inc.)
2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
2 sprtsvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe /service /p verizondm [206120 2011-02-01] (SupportSoft, Inc.)
2 tgsrvc_verizondm; C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe /p verizondm [185640 2011-02-01] (SupportSoft, Inc.)

========================== Drivers (Whitelisted) =============

2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [65368 2011-09-06] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [601944 2011-09-06] (AVAST Software)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-06-28] (DT Soft Ltd)
1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2011-08-04] (ESET)
3 gbxavs; C:\Windows\System32\Drivers\gbxavs.sys [358480 2011-04-11] (Native Instruments GmbH)
3 gbxavs_x64; C:\Windows\System32\Drivers\gbxavs_x64.sys [45136 2009-10-08] (Native Instruments GmbH)
3 gbxusb_svc; C:\Windows\System32\Drivers\gbxusb.sys [68176 2011-04-11] (Native Instruments GmbH)
3 gbxusb_x64; C:\Windows\System32\Drivers\gbxusb_x64.sys [300624 2009-10-08] (Native Instruments GmbH)
3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25720 2011-05-24] ()
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25416 2011-08-31] (Malwarebytes Corporation)
3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
3 RDID1057; C:\Windows\System32\Drivers\rdwm1057.sys [158592 2009-09-17] (Roland Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-06-28] (Duplex Secure Ltd.)
3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
0 Tpkd; C:\Windows\System32\Drivers\Tpkd.sys [105592 2011-03-24] (PACE Anti-Piracy, Inc.)
2 ATE_PROCMON; \??\C:\Program Files (x86)\Anti Trojan Elite\ATEPMon.sys [x]
3 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [x]
4 Messenger; [x]
3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [x]
3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [x]
0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [x]
3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
0 TFSysMon; C:\Windows\System32\drivers\TfSysMon.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\System32\drivers\afd.sys B9384E03479D2506BC924C16A3DB87BC
C:\Windows\System32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdsata.sys 7A4B413614C055935567CF88A9734D38
C:\Windows\System32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdxata.sys ==> MD5 is legit
C:\Windows\System32\drivers\appid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\system32\drivers\aswMonFlt.sys 230613BE2D3DA8053879BE5ED2848F2D
C:\Windows\System32\Drivers\aswSnx.sys B6FF911C23775CDFDD49612D92637AF4
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 3EFD964D52221360AF0673CD61C2F4F5
C:\Windows\System32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\System32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys 4A6173C2279B498CD8F57CAE504564CB
C:\Windows\System32\Drivers\dfsc.sys 3F1DC527070ACB87E40AFE46EF6DA749
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys EBCE0B0924835F635F620D19F0529DCE
C:\Windows\System32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E097728129E7B79BF1089D7AEF42332B
C:\Windows\System32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfp.sys 710B0442BB2F99278D7B8E02A8849C11
C:\Windows\System32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\Drivers\gbxavs.sys 39FD0B0EB4BFAF5406638B29D1D4DFE8
C:\Windows\System32\Drivers\gbxavs_x64.sys 9562E036C2BC1ECF5399E07C2A6832AE
C:\Windows\System32\Drivers\gbxusb.sys 77D39693A7CFCFC3E2171FC95337D046
C:\Windows\System32\Drivers\gbxusb_x64.sys C5F1BC6397BF3AC3026F9863620E5003
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iLokDrvr.sys F37E4DC8EFC72AEE6CEFEE2DAD00ABD0
C:\Windows\System32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
C:\Windows\System32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\System32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 23A854450DAB5C9B7A42AB9BE6F2E4BD
C:\Windows\System32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS 9BD4DCB5412921864A7AACDEDFBD1923
C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS 07C02C892E8E1A72D6BF35004F0E9C5E
C:\Windows\System32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 767A4C3BCF9410C286CED15A2DB17108
C:\Windows\System32\DRIVERS\mrxsmb10.sys 920EE0FF995FCFDEB08C41605A959E1C
C:\Windows\System32\DRIVERS\mrxsmb20.sys 740D7EA9D72C981510A5292CF6ADC941
C:\Windows\System32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\System32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\Drivers\rdwm1057.sys AE04F7D7B60F27605F9B09DC67B808BB
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys 9706B84DBABFC4B4CA46C5A82B14DFA3
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys BAEFEE35D27A5440D35092CE10267BEC
C:\Windows\System32\DRIVERS\vms3cap.sys 88AF6E02AB19DF7FD07ECDF9C91E9AF6
C:\Windows\System32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF
C:\Windows\System32\DRIVERS\srv.sys DE6F5658DA951C4BC8E498570B5B0D5F
C:\Windows\System32\DRIVERS\srv2.sys 4D33D59C0B930C523D29F9BD40CDA9D2
C:\Windows\System32\DRIVERS\srvnet.sys 5A663FD67049267BC5C3F3279E631FFB
C:\Windows\System32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmstorfl.sys FFD7A6F15B14234B5B0E5D49E7961895
C:\Windows\System32\DRIVERS\storvsc.sys 8FCCBEFC5C440B3C23454656E551B09A
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\synusb64.sys BCB6AA197267D3506BE2535342FC40E0
C:\Windows\System32\drivers\tcpip.sys 90A2D722CF64D911879D6C4A4F802A4D
C:\Windows\System32\DRIVERS\tcpip.sys 90A2D722CF64D911879D6C4A4F802A4D
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Tpkd.sys 832F9D02B20DE69C52E81DBE13599EE1
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 77B01BC848298223A95D4EC23E1785A1
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmbus.sys 1501699D7EDA984ABC4155A7DA5738D1
C:\Windows\System32\DRIVERS\VMBusHID.sys AE10C35761889E65A6F7176937C5592C
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-12-31 05:59 - 2011-12-31 05:59 - 0274264 ____A C:\Windows\Minidump\123111-23618-01.dmp
2011-12-30 08:45 - 2011-12-30 08:45 - 0314136 ____A C:\Windows\Minidump\123011-20295-01.dmp
2011-12-28 11:39 - 2011-12-28 11:39 - 0195584 ____A C:\Users\rock\Downloads\EmploymentApplication.doc
2011-12-28 09:14 - 2011-12-28 09:14 - 0057740 ____A C:\Users\rock\Downloads\Attachments_2011_12_28.zip
2011-12-28 04:31 - 2011-12-28 04:31 - 0314136 ____A C:\Windows\Minidump\122811-25677-01.dmp
2011-12-25 23:03 - 2011-12-28 10:38 - 0004729 ____A C:\Users\rock\Desktop\price.res..rtf
2011-12-25 22:39 - 2011-12-25 22:39 - 0000000 ____D C:\Users\rock\AppData\Local\Microsoft Games
2011-12-23 12:11 - 2011-12-23 12:11 - 0274320 ____A C:\Windows\Minidump\122311-51230-01.dmp
2011-12-22 10:40 - 2011-12-22 10:40 - 0652179 ____A C:\Users\rock\Downloads\OppSchApp-02.pdf
2011-12-22 10:38 - 2011-12-22 10:38 - 0323365 ____A C:\Users\rock\Desktop\sm.pdf
2011-12-21 10:39 - 2011-12-21 10:39 - 1778708 ____A C:\Users\rock\Desktop\StudyGuide21.pdf
2011-12-21 10:32 - 2011-12-21 10:32 - 0012963 ____A C:\Users\rock\Documents\Document db.rtf
2011-12-20 15:16 - 2011-12-20 15:16 - 0005147 ____A C:\Users\rock\Documents\Document bf.rtf
2011-12-19 07:06 - 2011-12-19 07:06 - 0240599 ____A C:\Users\rock\Downloads\New Alternative loan options _v2__Revised(1).pdf
2011-12-19 07:06 - 2011-12-19 07:06 - 0127591 ____A C:\Users\rock\Downloads\2011-2012 SFAC(1).pdf
2011-12-19 07:05 - 2011-12-19 07:05 - 0312039 ____A C:\Users\rock\Downloads\Loan Application Tip Sheet 11_11_11(2).pdf


============ 3 Months Modified Files and Folders =============

2012-01-16 20:39 - 2012-01-16 20:08 - 0000000 ____D C:\FRST
2011-12-31 10:02 - 2011-11-25 17:10 - 0002096 ____A C:\Users\rock\Desktop\TreeSize Free.lnk
2011-12-31 10:02 - 2011-09-24 15:34 - 0002015 ____A C:\Users\rock\Desktop\SpyZooka.lnk
2011-12-31 10:02 - 2011-06-16 09:37 - 0002117 ____A C:\Users\rock\Desktop\Strobe.lnk
2011-12-31 10:02 - 2011-02-28 04:55 - 0003447 ____A C:\Users\rock\Desktop\Vz In-Home Agent.lnk
2011-12-31 10:02 - 2010-12-03 05:49 - 0002090 ____A C:\Users\rock\Desktop\Studio One.lnk
2011-12-31 10:01 - 2011-12-13 00:43 - 0002008 ____A C:\Users\rock\Desktop\Free File Opener.lnk
2011-12-31 10:01 - 2011-10-14 16:34 - 0002074 ____A C:\Users\rock\Desktop\Rhino2 - Shortcut.lnk
2011-12-31 10:01 - 2011-06-17 04:51 - 0002069 ____A C:\Users\rock\Desktop\Geist - 64 BIT.lnk
2011-12-31 10:01 - 2011-06-16 09:37 - 0002117 ____A C:\Users\rock\Desktop\Cypher.lnk
2011-12-31 10:01 - 2011-06-16 09:37 - 0002100 ____A C:\Users\rock\Desktop\Fusor.lnk
2011-12-31 10:01 - 2011-06-16 09:00 - 0002069 ____A C:\Users\rock\Desktop\Geist - Shortcut.lnk
2011-12-31 10:01 - 2011-05-13 09:18 - 0002151 ____A C:\Users\rock\Desktop\Resume FiOS Activation.lnk
2011-12-31 10:01 - 2011-05-13 09:11 - 0002369 ____A C:\Users\rock\Desktop\Install Verizon Media Manager.lnk
2011-12-31 10:01 - 2011-04-09 06:57 - 0002109 ____A C:\Users\rock\Desktop\Forge90 - Shortcut.lnk
2011-12-31 10:01 - 2011-03-23 11:29 - 0002196 ____A C:\Users\rock\Desktop\Maschine - Shortcut.lnk
2011-12-31 10:01 - 2011-03-07 02:24 - 0001907 ____A C:\Users\rock\Desktop\RAMRush.lnk
2011-12-31 10:01 - 2011-02-23 15:18 - 0002172 ____A C:\Users\rock\Desktop\Maschine - 64.lnk
2011-12-31 10:01 - 2010-12-27 14:14 - 0002124 ____A C:\Users\rock\Desktop\Safari - Shortcut.lnk
2011-12-31 10:01 - 2010-11-02 23:21 - 0002693 ____A C:\Users\rock\Desktop\Rosetta Stone Version 3.lnk
2011-12-31 10:01 - 2010-11-02 02:52 - 0002005 ____A C:\Users\rock\Desktop\Mozilla Firefox.lnk
2011-12-31 10:01 - 2010-10-20 14:41 - 0002011 ____A C:\Users\rock\Desktop\Kontakt 4.lnk
2011-12-31 10:01 - 2010-10-18 11:43 - 0002161 ____A C:\Users\rock\Desktop\Kontakt 3 - Shortcut (2).lnk
2011-12-31 10:01 - 2010-10-18 11:43 - 0002133 ____A C:\Users\rock\Desktop\Massive - Shortcut.lnk
2011-12-31 10:01 - 2010-10-18 11:43 - 0002120 ____A C:\Users\rock\Desktop\Pro-53 - Shortcut.lnk
2011-12-31 10:01 - 2010-10-18 11:42 - 0002278 ____A C:\Users\rock\Desktop\Elektrik Piano 1.5 - Shortcut.lnk
2011-12-31 10:01 - 2010-10-18 11:42 - 0002077 ____A C:\Users\rock\Desktop\FM8 - Shortcut.lnk
2011-12-31 10:01 - 2010-10-17 05:49 - 0002242 ____A C:\Users\rock\Desktop\Google Chrome.lnk
2011-12-31 10:01 - 2010-10-15 11:36 - 0002012 ____A C:\Users\rock\Desktop\Live 8.1.1.lnk
2011-12-31 10:01 - 2010-10-13 08:58 - 0002162 ____A C:\Users\rock\Desktop\Live 8.0.8 - Shortcut.lnk
2011-12-31 10:00 - 2011-06-16 09:37 - 0002100 ____A C:\Users\rock\Desktop\Amber.lnk
2011-12-31 10:00 - 2011-04-09 16:04 - 0001998 ____A C:\Users\rock\Desktop\Audacity 1.3 Beta (Unicode).lnk
2011-12-31 10:00 - 2011-03-06 08:43 - 0001990 ____A C:\Users\rock\Desktop\Click for Verizon Wi-Fi Setup.lnk
2011-12-31 10:00 - 2010-10-18 11:41 - 0002217 ____A C:\Users\rock\Desktop\AkoustikPiano - Shortcut.lnk
2011-12-31 10:00 - 2010-10-18 11:41 - 0002161 ____A C:\Users\rock\Desktop\Absynth 4 - Shortcut.lnk
2011-12-31 10:00 - 2010-10-18 11:41 - 0002107 ____A C:\Users\rock\Desktop\B4 II - Shortcut.lnk
2011-12-31 10:00 - 2010-10-15 11:58 - 0001871 ____A C:\Users\rock\Desktop\BPM x64.lnk
2011-12-31 10:00 - 2010-10-13 19:32 - 0002111 ____A C:\Users\rock\Desktop\Cubase 5.lnk
2011-12-31 10:00 - 2010-10-13 19:19 - 0002111 ____A C:\Users\rock\Desktop\Cubase 5 64bit.lnk
2011-12-31 09:29 - 2010-12-01 20:59 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-12-31 09:19 - 2010-10-17 05:48 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2516867963-2648758587-1645850128-1001UA.job
2011-12-31 08:48 - 2007-12-31 21:07 - 1967680 ____A C:\Windows\WindowsUpdate.log
2011-12-31 08:23 - 2009-07-13 20:45 - 0018720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-12-31 08:23 - 2009-07-13 20:45 - 0018720 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-12-31 08:20 - 2009-07-13 21:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI
2011-12-31 08:16 - 2010-12-01 20:59 - 0000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-12-31 08:16 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-12-31 08:16 - 2009-07-13 20:51 - 41296365 ____A C:\Windows\setupact.log
2011-12-31 08:16 - 2007-12-31 21:00 - 2146295808 __ASH C:\hiberfil.sys
2011-12-31 05:59 - 2011-12-31 05:59 - 0274264 ____A C:\Windows\Minidump\123111-23618-01.dmp
2011-12-31 05:59 - 2009-01-26 17:24 - 0000000 ____D C:\Windows\Minidump
2011-12-30 17:19 - 2010-10-17 05:48 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2516867963-2648758587-1645850128-1001Core.job
2011-12-30 14:10 - 2010-10-30 16:58 - 0000496 ___AH C:\Windows\Tasks\Norton Security Scan for rock.job
2011-12-30 08:45 - 2011-12-30 08:45 - 0314136 ____A C:\Windows\Minidump\123011-20295-01.dmp
2011-12-28 11:39 - 2011-12-28 11:39 - 0195584 ____A C:\Users\rock\Downloads\EmploymentApplication.doc
2011-12-28 10:38 - 2011-12-25 23:03 - 0004729 ____A C:\Users\rock\Desktop\price.res..rtf
2011-12-28 09:14 - 2011-12-28 09:14 - 0057740 ____A C:\Users\rock\Downloads\Attachments_2011_12_28.zip
2011-12-28 04:31 - 2011-12-28 04:31 - 0314136 ____A C:\Windows\Minidump\122811-25677-01.dmp
2011-12-25 22:39 - 2011-12-25 22:39 - 0000000 ____D C:\Users\rock\AppData\Local\Microsoft Games
2011-12-25 17:21 - 2011-12-13 00:43 - 0000000 ____D C:\Users\rock\AppData\Local\Free File Opener
2011-12-25 17:18 - 2010-10-12 09:32 - 0000000 ____D C:\Users\rock\AppData\Roaming\Azureus
2011-12-25 06:52 - 2010-10-19 22:56 - 0000000 ____D C:\Users\rock\AppData\Roaming\BPM
2011-12-25 06:23 - 2011-11-26 23:17 - 0000000 ____D C:\Users\rock\AppData\Local\WinZip
2011-12-25 06:07 - 2010-10-12 09:34 - 0000000 ____D C:\Users\rock\Documents\Vuze Downloads
2011-12-23 12:11 - 2011-12-23 12:11 - 0274320 ____A C:\Windows\Minidump\122311-51230-01.dmp
2011-12-22 10:40 - 2011-12-22 10:40 - 0652179 ____A C:\Users\rock\Downloads\OppSchApp-02.pdf
2011-12-22 10:38 - 2011-12-22 10:38 - 0323365 ____A C:\Users\rock\Desktop\sm.pdf
2011-12-22 10:14 - 2011-12-13 00:43 - 0000000 ____D C:\Users\All Users\Free File Opener
2011-12-22 10:14 - 2011-12-13 00:43 - 0000000 ____D C:\ProgramData\Free File Opener
2011-12-21 18:35 - 2010-10-17 05:47 - 0000000 ____D C:\Users\rock\AppData\Local\Google
2011-12-21 10:39 - 2011-12-21 10:39 - 1778708 ____A C:\Users\rock\Desktop\StudyGuide21.pdf
2011-12-21 10:32 - 2011-12-21 10:32 - 0012963 ____A C:\Users\rock\Documents\Document db.rtf
2011-12-21 08:36 - 2010-10-16 06:18 - 0000362 _RASH C:\Users\All Users\ntuser.pol
2011-12-21 08:36 - 2010-10-16 06:18 - 0000362 _RASH C:\ProgramData\ntuser.pol
2011-12-20 15:16 - 2011-12-20 15:16 - 0005147 ____A C:\Users\rock\Documents\Document bf.rtf
2011-12-19 07:06 - 2011-12-19 07:06 - 0240599 ____A C:\Users\rock\Downloads\New Alternative loan options _v2__Revised(1).pdf
2011-12-19 07:06 - 2011-12-19 07:06 - 0127591 ____A C:\Users\rock\Downloads\2011-2012 SFAC(1).pdf
2011-12-19 07:05 - 2011-12-19 07:05 - 0312039 ____A C:\Users\rock\Downloads\Loan Application Tip Sheet 11_11_11(2).pdf
2011-12-19 02:03 - 2010-10-20 18:48 - 0000000 ____D C:\Users\rock\Documents\Cubase Projects
2011-12-16 21:48 - 2011-11-16 07:34 - 0000000 ____D C:\Users\rock\Desktop\NEW MP3s
2011-12-16 21:46 - 2011-12-16 21:46 - 0000000 ____D C:\Users\rock\Desktop\New folder (2)
2011-12-16 21:44 - 2011-11-12 16:30 - 0000000 ____D C:\Users\rock\Desktop\NEW SOUND FORGE PROJECTS
2011-12-16 17:45 - 2011-09-23 01:07 - 0000000 ____D C:\Users\rock\Desktop\CUBASE PRO MIXDOWNZ
2011-12-15 16:49 - 2011-12-15 16:47 - 67881136 ____A C:\Users\rock\Downloads\Predator_1_6_2_32Bits_Installer.zip
2011-12-15 16:48 - 2011-12-15 16:47 - 50126152 ____A C:\Users\rock\Downloads\Predator_1_6_2_64Bits_Installer.zip
2011-12-15 15:44 - 2011-12-15 15:44 - 0000000 ____D C:\Users\All Users\Camel Audio
2011-12-15 15:44 - 2011-12-15 15:44 - 0000000 ____D C:\ProgramData\Camel Audio
2011-12-15 15:44 - 2011-12-15 15:44 - 0000000 ____D C:\Program Files (x86)\Camel Audio
2011-12-15 08:06 - 2011-12-15 08:06 - 0240599 ____A C:\Users\rock\Downloads\New Alternative loan options _v2__Revised (1).pdf
2011-12-15 08:06 - 2011-12-15 08:06 - 0168910 ____A C:\Users\rock\Downloads\Award Cover Letter2010 (1).pdf
2011-12-15 08:06 - 2011-12-15 08:06 - 0127591 ____A C:\Users\rock\Downloads\2011-2012 SFAC (1).pdf
2011-12-15 08:06 - 2011-12-15 08:06 - 0017128 ____A C:\Users\rock\Downloads\Price, Rahman.xlsx
2011-12-15 07:31 - 2011-12-15 07:31 - 0312039 ____A C:\Users\rock\Downloads\Loan Application Tip Sheet 11_11_11 (1).pdf
2011-12-15 07:18 - 2011-12-15 07:18 - 0312039 ____A C:\Users\rock\Downloads\Loan Application Tip Sheet 11_11_11(1).pdf
2011-12-14 12:58 - 2011-12-14 12:58 - 0000617 ____A C:\Users\rock\Documents\audiosparks.rtf
2011-12-13 18:00 - 2011-08-04 15:02 - 0000000 ____D C:\Users\rock\Desktop\CURRENT CUBASE PROJECTZ
2011-12-13 00:50 - 2011-12-13 00:50 - 0240599 ____A C:\Users\rock\Downloads\New Alternative loan options _v2__Revised.pdf
2011-12-13 00:49 - 2011-12-13 00:49 - 0312039 ____A C:\Users\rock\Downloads\Loan Application Tip Sheet 11_11_11.pdf
2011-12-13 00:43 - 2011-12-13 00:43 - 0001942 ____A C:\Users\rock\Desktop\Free Music Downloads.lnk
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 __HDC C:\Users\All Users\{69F3C55D-7771-43B8-8292-3101E6B7C10B}
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 __HDC C:\ProgramData\{69F3C55D-7771-43B8-8292-3101E6B7C10B}
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 ____D C:\Users\All Users\WeCareReminder
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 ____D C:\ProgramData\WeCareReminder
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 ____D C:\Program Files (x86)\Free Offers from Freeze.com
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 ____D C:\Program Files (x86)\Free File Opener
2011-12-13 00:43 - 2011-12-13 00:43 - 0000000 ____D C:\Program Files (x86)\Brand Affinity Technologies
2011-12-13 00:42 - 2011-12-13 00:42 - 1631424 ____A (W3i, LLC) C:\Users\rock\Downloads\installfreefileopener_553.exe
2011-12-13 00:42 - 2010-10-12 09:18 - 0000000 ____D C:\Users\rock\AppData\LocalLow
2011-12-13 00:41 - 2011-12-13 00:41 - 7253152 ____A (Uniblue Systems Ltd ) C:\Users\rock\Downloads\registrybooster.exe
2011-12-13 00:40 - 2011-12-13 00:40 - 0168910 ____A C:\Users\rock\Downloads\Award Cover Letter2010.pdf
2011-12-13 00:39 - 2011-12-13 00:39 - 0127591 ____A C:\Users\rock\Downloads\2011-2012 SFAC.pdf
2011-12-13 00:38 - 2011-12-13 00:38 - 0017128 ____A C:\Users\rock\Desktop\Price, Rahman.xlsx
2011-12-11 22:12 - 2010-10-12 10:41 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-12-11 22:02 - 2011-10-06 12:35 - 0000000 ____D C:\Program Files (x86)\Citrix
2011-12-10 23:01 - 2011-04-09 06:36 - 0000000 ____D C:\Program Files (x86)\Vstplugins
2011-12-10 20:15 - 2011-12-10 20:15 - 8719775 ____A C:\Users\rock\Downloads\Diva467Win.zip
2011-12-09 16:10 - 2011-12-09 16:10 - 8338942 ____A C:\Users\rock\Downloads\Diva360Win.zip
2011-12-09 10:17 - 2011-12-09 10:17 - 0277950 ____A C:\Users\rock\Desktop\ReviewCM s1.pdf
2011-12-09 09:34 - 2007-12-31 21:34 - 0148140 ____A C:\Windows\PFRO.log
2011-12-08 16:19 - 2011-12-08 16:19 - 0000000 ____D C:\Users\All Users\CodecCheck
2011-12-08 16:19 - 2011-12-08 16:19 - 0000000 ____D C:\ProgramData\CodecCheck
2011-12-08 16:19 - 2011-12-08 16:19 - 0000000 ____D C:\Program Files (x86)\CrossriderWebApps
2011-12-08 16:19 - 2011-12-08 16:19 - 0000000 ____D C:\codec-info
2011-12-08 16:19 - 2011-12-08 16:18 - 0000000 ____D C:\Users\All Users\InstallMate
2011-12-08 16:19 - 2011-12-08 16:18 - 0000000 ____D C:\ProgramData\InstallMate
2011-12-08 16:18 - 2011-12-08 16:18 - 0000000 ____D C:\Users\All Users\Premium
2011-12-08 16:18 - 2011-12-08 16:18 - 0000000 ____D C:\ProgramData\Premium
2011-12-07 22:21 - 2011-06-16 09:11 - 0318464 ____A (Propellerhead Software AB) C:\Windows\System32\REX Shared Library.dll
2011-12-07 22:21 - 2010-10-13 07:38 - 0275968 ____A (Propellerhead Software AB) C:\Windows\SysWOW64\REX Shared Library.dll
2011-12-07 22:19 - 2011-12-07 22:18 - 55575093 ____A C:\Users\rock\Downloads\Geist_1_0_5_5_Universal.exe
2011-12-07 22:09 - 2011-12-07 22:09 - 49627704 ____A C:\Users\rock\Downloads\Scriptorium-Videos.zip
2011-12-07 13:43 - 2011-12-07 13:43 - 121783813 ____A C:\Users\rock\Downloads\BPM_1.5.1_Update_Win32.zip
2011-12-07 13:33 - 2011-12-07 13:32 - 124396447 ____A C:\Users\rock\Downloads\BPM_1.5.1_Update_Win64.zip
2011-12-07 12:31 - 2011-12-07 12:31 - 2244391 ____A C:\Users\rock\Downloads\CamelPhatWin-3-50-0-x64.exe
2011-12-07 12:30 - 2011-12-07 12:30 - 4027199 ____A C:\Users\rock\Downloads\CamelSpaceWin-1-50-0-x32.exe
2011-12-07 12:30 - 2011-12-07 12:30 - 3240435 ____A C:\Users\rock\Downloads\CamelSpaceWin-1-50-0-x64.exe
2011-12-07 12:30 - 2011-12-07 12:30 - 3005044 ____A C:\Users\rock\Downloads\CamelPhatWin-3-50-0-x32.exe
2011-12-04 19:41 - 2011-12-04 19:41 - 5233700 ____A C:\Users\rock\Desktop\THAT ISLAND FEEL.mp3
2011-12-04 07:00 - 2011-12-04 07:00 - 0693776 ____A C:\Users\rock\Downloads\SlotSetup_IE.exe
2011-12-01 12:52 - 2011-12-01 12:52 - 1473430 ____A C:\Users\rock\Downloads\Arto Vaarala - Kirnu_1.2_Win64(1).zip
2011-12-01 12:52 - 2011-12-01 12:52 - 1332937 ____A C:\Users\rock\Downloads\Arto Vaarala - Kirnu_1.2_Win32(1).zip
2011-12-01 12:24 - 2011-12-01 11:46 - 0000000 ____D C:\Night Wish Patches
2011-12-01 09:40 - 2010-11-09 18:54 - 0000000 ____D C:\Users\rock\AppData\Roaming\vlc
2011-11-30 00:42 - 2011-11-26 23:17 - 0000000 ____D C:\Users\rock\AppData\Local\Conduit
2011-11-28 17:30 - 2010-10-23 12:39 - 0000000 ____D C:\Users\rock\Desktop\REAL HIP-HOP DRUMZ & SAMPLEZ
2011-11-27 06:28 - 2010-04-30 05:29 - 0000000 __AHD C:\Users\rock\AppData\Local\pfT361jc
2011-11-27 06:26 - 2011-03-30 09:02 - 0000000 ____D C:\Users\rock\Documents\Jamstix3
2011-11-26 23:33 - 2011-11-26 23:27 - 252984113 ____A C:\Users\rock\Downloads\r-loops-free-kits.zip
2011-11-26 23:28 - 2011-11-26 23:27 - 33263583 ____A C:\Users\rock\Downloads\thats-whats-poppin-vol-1_04-120-cm.zip
2011-11-26 23:18 - 2011-11-26 23:17 - 0000000 ____D C:\Users\rock\Downloads\hr
2011-11-26 23:17 - 2011-11-26 23:17 - 0000000 ____D C:\Program Files (x86)\Conduit
2011-11-26 23:17 - 2011-11-26 23:16 - 0000000 ____D C:\Users\All Users\WinZip
2011-11-26 23:17 - 2011-11-26 23:16 - 0000000 ____D C:\ProgramData\WinZip
2011-11-26 23:16 - 2011-11-26 23:16 - 0002205 ____A C:\Users\Public\Desktop\WinZip.lnk
2011-11-26 23:16 - 2011-11-26 23:16 - 0000000 ____D C:\Program Files\WinZip
2011-11-26 23:16 - 2007-12-31 21:04 - 0000000 ____D C:\users\rock
2011-11-26 23:15 - 2011-11-26 23:14 - 54793544 ____A C:\Users\rock\Downloads\winzip160.exe
2011-11-26 23:08 - 2011-11-26 23:03 - 0000000 ____D C:\Users\rock\Downloads\Heavy Rotation Pop Bangaz
2011-11-26 23:02 - 2011-11-26 23:02 - 0000000 ____D C:\Program Files\7-Zip
2011-11-26 22:56 - 2011-11-26 22:56 - 1376768 ____A C:\Users\rock\Downloads\7z920-x64.msi
2011-11-26 22:25 - 2011-11-26 22:11 - 559765268 ____A C:\Users\rock\Downloads\heavy-rotation-pop-bangaz-edition.zip
2011-11-26 22:03 - 2011-11-26 22:03 - 0000000 ____D C:\Users\rock\Desktop\Heavy Rotation Pop Bangaz
2011-11-26 21:49 - 2011-11-26 21:49 - 0000000 ____D C:\Users\rock\Documents\heavy-rotation-pop-bangaz-edition
2011-11-26 21:45 - 2011-11-26 21:44 - 0000000 ____D C:\Users\rock\Downloads\heavy-rotation-pop-bangaz-edition
2011-11-26 11:18 - 2010-10-20 18:48 - 0000000 ____D C:\Users\rock\Documents\VST3 Presets
2011-11-26 07:13 - 2010-11-03 02:05 - 0000000 ____D C:\Users\rock\AppData\Local\ElevatedDiagnostics
2011-11-25 20:14 - 2011-11-25 20:13 - 2108817 ____A C:\Users\rock\Downloads\aim-journal-no-10-autumn-2011(1).pdf
2011-11-25 18:37 - 2011-11-25 17:33 - 1627937959 ____A C:\Users\rock\Downloads\atmospheric-dub.zip
2011-11-25 18:35 - 2011-11-25 17:33 - 1559116498 ____A C:\Users\rock\Downloads\monsta.zip
2011-11-25 18:26 - 2011-11-25 17:33 - 1177266526 ____A C:\Users\rock\Downloads\emotions.zip
2011-11-25 18:22 - 2011-11-25 17:33 - 987145333 ____A C:\Users\rock\Downloads\screamin-synth-leads.zip
2011-11-25 18:17 - 2011-11-25 17:33 - 826964790 ____A C:\Users\rock\Downloads\money-comin-fast-dirty-south-anthems.zip
2011-11-25 18:16 - 2011-11-25 17:33 - 787530373 ____A C:\Users\rock\Downloads\dirty-south-rockstar-guitar-loops.zip
2011-11-25 18:16 - 2011-11-25 17:32 - 796050070 ____A C:\Users\rock\Downloads\chartbreakers-afrodutch-anthems.zip
2011-11-25 18:06 - 2011-11-26 21:46 - 559765268 ____A C:\Users\rock\Documents\heavy-rotation-pop-bangaz-edition.zip
2011-11-25 18:03 - 2011-11-25 17:33 - 508277315 ____A C:\Users\rock\Downloads\electro-dream-builder.zip
2011-11-25 17:12 - 2011-11-25 17:12 - 0000355 ____A C:\Users\rock\Desktop\Computer - Shortcut (2).lnk
2011-11-25 17:10 - 2011-11-25 17:10 - 0000000 ____D C:\Users\rock\AppData\Roaming\JAM Software
2011-11-25 17:10 - 2011-11-25 17:10 - 0000000 ____D C:\Program Files (x86)\JAM Software
2011-11-25 17:09 - 2011-11-25 17:09 - 3013088 ____A (JAM Software ) C:\Users\rock\Downloads\TreeSizeFreeSetup.exe
2011-11-25 16:40 - 2011-11-25 16:40 - 0274320 ____A C:\Windows\Minidump\112511-69607-01.dmp
2011-11-25 01:40 - 2011-11-25 00:26 - 2439614571 ____A C:\Users\rock\Downloads\blaze.zip
2011-11-25 01:37 - 2011-11-25 00:26 - 2293797537 ____A C:\Users\rock\Downloads\battle-beats-vol-1.zip
2011-11-25 01:13 - 2011-11-25 00:26 - 1345645901 ____A C:\Users\rock\Downloads\blowin-money.zip
2011-11-25 01:05 - 2011-11-25 00:26 - 1026732224 ____A C:\Users\rock\Downloads\champagne-musik-2.zip
2011-11-25 01:01 - 2011-11-25 00:25 - 942385780 ____A C:\Users\rock\Downloads\urban-royalty.zip
2011-11-24 21:42 - 2011-11-24 21:42 - 22485938 ____A C:\Users\rock\Downloads\Felony Music Sample Pack.zip
2011-11-24 20:19 - 2011-11-24 20:15 - 128964818 ____A C:\Users\rock\Downloads\186_freesample.zip
2011-11-24 01:45 - 2011-11-24 01:45 - 0274320 ____A C:\Windows\Minidump\112411-66596-01.dmp
2011-11-23 18:22 - 2011-11-23 18:22 - 0274320 ____A C:\Windows\Minidump\112311-83881-01.dmp
2011-11-23 10:12 - 2011-11-23 10:12 - 0274320 ____A C:\Windows\Minidump\112311-100495-01.dmp
2011-11-23 08:46 - 2011-11-23 08:46 - 0274320 ____A C:\Windows\Minidump\112311-53945-01.dmp
2011-11-22 12:53 - 2011-11-22 12:53 - 0274320 ____A C:\Windows\Minidump\112211-112476-01.dmp
2011-11-22 04:53 - 2011-11-22 04:53 - 0274320 ____A C:\Windows\Minidump\112211-58188-01.dmp
2011-11-21 17:10 - 2011-11-21 17:10 - 5714853 ____A C:\Users\rock\Desktop\148974-What-Makes-a-Sponsorship-Great-White-Paper.pdf
2011-11-20 02:06 - 2011-11-20 02:03 - 521011200 ____A C:\Users\rock\Downloads\UFC.139.ESPN.HDTV.XviD-FreaK.pt3.Fight-BB.avi
2011-11-20 01:51 - 2011-11-20 01:48 - 388900864 ____A C:\Users\rock\Downloads\UFC.139.ESPN.HDTV.XviD-FreaK.pt2.Fight-BB.avi
2011-11-19 15:37 - 2011-11-19 15:37 - 0274320 ____A C:\Windows\Minidump\111911-186561-01.dmp
2011-11-19 09:24 - 2011-11-19 09:24 - 11377018 ____A C:\Users\rock\Downloads\eg_grant_guide.pdf
2011-11-19 05:59 - 2011-11-19 05:59 - 2108817 ____A C:\Users\rock\Downloads\aim-journal-no-10-autumn-2011.pdf
2011-11-18 02:46 - 2011-11-18 02:46 - 0001417 ____A C:\Users\rock\Downloads\file(1).pdf
2011-11-18 02:42 - 2011-11-18 02:42 - 0001398 ____A C:\Users\rock\Downloads\file.pdf
2011-11-17 18:36 - 2011-11-17 18:35 - 0000000 ____D C:\MY MASCHINE R 808
2011-11-17 06:57 - 2011-02-14 14:32 - 0000000 ____D C:\Program Files\EastWest
2011-11-17 06:41 - 2011-02-19 16:26 - 0000000 ____D C:\Program Files\Common Files\East West
2011-11-17 06:41 - 2011-02-14 12:43 - 0000000 ____D C:\Program Files (x86)\EastWest
2011-11-17 06:41 - 2010-10-22 17:42 - 0000000 ____D C:\Users\All Users\East West
2011-11-17 06:41 - 2010-10-22 17:42 - 0000000 ____D C:\ProgramData\East West
2011-11-17 06:41 - 2010-10-13 19:22 - 0000000 ____D C:\Program Files\Common Files\Steinberg
2011-11-17 06:36 - 2011-11-17 06:36 - 0000000 ____D C:\Users\rock\Downloads\Play_Update_3.0.25_64_bit
2011-11-17 06:32 - 2011-10-06 09:29 - 0105472 ____A C:\Users\rock\Desktop\Play Update 3.0.25 64 Bit Installer.exe
2011-11-17 02:49 - 2011-11-17 02:44 - 409332929 ____A C:\Users\rock\Downloads\Play_Update_3.0.25_64_bit.zip
2011-11-17 02:48 - 2011-11-17 02:44 - 324095055 ____A C:\Users\rock\Downloads\Play_Update_3.0.25_32_bit.zip
2011-11-16 12:11 - 2011-11-16 12:11 - 0150464 ____A C:\Users\rock\Downloads\invoice_GP1041675(2).pdf
2011-11-16 12:10 - 2011-11-16 12:10 - 0150103 ____A C:\Users\rock\Downloads\invoice_GP1041675(1).pdf
2011-11-15 11:29 - 2010-10-12 09:40 - 0270720 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2011-11-15 04:12 - 2011-11-15 04:11 - 13420661 ____A C:\Users\rock\Downloads\Chill-Moody-The-Gam3Plan-Stage-TWO-ft-JoeLogic.zip
2011-11-14 10:15 - 2011-11-14 10:15 - 0092736 ____A C:\Users\rock\Downloads\Financial Aid Welcome Letter (GN)(1).pdf
2011-11-14 08:09 - 2011-11-14 07:12 - 0003436 ____A C:\Users\rock\Documents\d essay2.docx
2011-11-14 07:11 - 2011-11-13 11:19 - 0003396 ____A C:\Users\rock\Documents\d essay.docx
2011-11-12 16:53 - 2011-05-30 19:44 - 0000000 ____D C:\Users\rock\Desktop\WHAT HORROR LURKS MP3
2011-11-12 13:52 - 2011-11-12 13:52 - 0056423 ____A C:\Users\rock\Desktop\Hardship_Scholarship_Application.pdf
2011-11-12 13:51 - 2011-11-12 13:51 - 0231058 ____A C:\Users\rock\Desktop\MI_Development_Scholarship_Application.pdf
2011-11-11 16:57 - 2011-11-11 16:57 - 0154751 ____A C:\Users\rock\Desktop\Kirnu v1.2 Manual.pdf
2011-11-11 16:56 - 2011-11-11 16:56 - 1473555 ____A C:\Users\rock\Downloads\Arto Vaarala - Kirnu_1.2_Win64.zip
2011-11-11 16:56 - 2011-11-11 16:56 - 1335267 ____A C:\Users\rock\Downloads\Arto Vaarala - Kirnu_1.2_Win32.zip
2011-11-11 15:55 - 2011-11-11 15:55 - 0407711 ____A C:\Users\rock\Desktop\StateGrantForm[1].pdf
2011-11-11 15:00 - 2011-11-11 15:00 - 0092736 ____A C:\Users\rock\Downloads\Financial Aid Welcome Letter (GN).pdf
2011-11-11 10:09 - 2011-11-11 10:09 - 0000645 ____A C:\Users\rock\Desktop\Rahman Price_Recommendation.rtf
2011-11-10 16:21 - 2011-11-10 16:21 - 0218737 ____A C:\Users\rock\Downloads\Financial Aid Welcome Letter 2011-2012GN_V_2.pdf
2011-11-10 16:21 - 2011-11-10 16:21 - 0218737 ____A C:\Users\rock\Downloads\Financial Aid Welcome Letter 2011-2012GN_V_2(1).pdf
2011-11-09 09:41 - 2011-11-09 09:38 - 0000655 ____A C:\Users\rock\Documents\Please Read!.rtf
2011-11-08 14:41 - 2011-11-08 08:23 - 0000000 ____D C:\Users\rock\Desktop\MI MP3s
2011-11-08 14:32 - 2011-11-08 07:17 - 0000000 ____D C:\Users\rock\Desktop\MI STUFF
2011-11-08 13:02 - 2011-11-08 13:02 - 0770384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100.dll
2011-11-08 13:02 - 2011-11-08 13:02 - 0421200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2011-11-08 13:02 - 2011-11-08 13:02 - 0138056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\atl100.dll
2011-11-08 11:35 - 2011-11-08 11:35 - 6389612 ____A C:\Users\rock\Downloads\Industy-Standard-Drums-Demo.zip
2011-11-08 09:46 - 2011-11-06 06:28 - 0000723 ____A C:\Users\rock\Documents\mi goals.rtf
2011-11-08 02:29 - 2011-11-08 02:28 - 121129159 ____A C:\Users\rock\Downloads\beatage_free.zip
2011-11-07 17:18 - 2011-11-07 17:08 - 0000000 ____D C:\Users\rock\Desktop\DEPROK CHOPRA
2011-11-07 04:55 - 2011-11-06 19:25 - 0001334 ____A C:\Users\rock\Documents\mi why i love music.rtf
2011-11-07 04:46 - 2011-11-06 05:38 - 0001551 ____A C:\Users\rock\Documents\mi my history..rtf
2011-11-07 03:35 - 2011-11-07 03:33 - 53954794 ____A C:\Users\rock\Downloads\RP-Delay_1_0_1_32Bits_Installer.zip
2011-11-07 03:35 - 2011-11-07 03:33 - 49881193 ____A C:\Users\rock\Downloads\RP-Delay_1_0_1_64Bits_Installer.zip
2011-11-07 03:34 - 2011-11-07 03:34 - 14088419 ____A C:\Users\rock\Downloads\RP-Distort_1_0_0a_Installer.zip
2011-11-02 20:03 - 2011-11-01 06:55 - 0000000 ____D C:\Users\All Users\AVG2012
2011-11-02 20:03 - 2011-11-01 06:55 - 0000000 ____D C:\ProgramData\AVG2012
2011-11-01 07:40 - 2011-11-01 07:40 - 0000000 ____D C:\Windows\System32\Macromed
2011-11-01 07:40 - 2011-09-01 22:14 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-11-01 07:22 - 2011-03-02 14:18 - 0000000 ____D C:\Program Files (x86)\PC Tools Security
2011-11-01 07:20 - 2011-03-02 14:18 - 0000000 ____D C:\Users\All Users\PC Tools
2011-11-01 07:20 - 2011-03-02 14:18 - 0000000 ____D C:\ProgramData\PC Tools
2011-11-01 07:00 - 2011-11-01 07:00 - 0000000 ____D C:\Users\rock\AppData\Roaming\AVG2012
2011-11-01 06:56 - 2011-03-02 14:21 - 0177250 ____A C:\Windows\System32\Drivers\Cat.DB
2011-11-01 04:59 - 2011-11-01 04:55 - 0000000 ____D C:\Users\rock\Desktop\NLP
2011-10-30 00:43 - 2011-10-30 00:43 - 0481705 ____A C:\Users\rock\Desktop\8dio_rhythmic_aura_vol_1_read_me.pdf
2011-10-29 19:11 - 2011-10-29 18:51 - 173064642 ____A C:\Users\rock\Downloads\plex2.zip
2011-10-29 02:06 - 2011-02-23 15:11 - 0000000 ____D C:\Users\rock\Desktop\MASCHINE 1.6 PROJECTZ
2011-10-28 22:03 - 2010-10-13 19:19 - 0000000 ____D C:\Users\rock\AppData\Roaming\Steinberg
2011-10-28 20:01 - 2011-10-28 19:48 - 859096623 ____A C:\Users\rock\Downloads\DopeSouth_24_WAV_Acid.zip
2011-10-28 20:01 - 2011-10-28 19:47 - 858782878 ____A C:\Users\rock\Downloads\DopeSouth_24_AIFF_Apple.zip
2011-10-28 19:58 - 2011-10-28 19:47 - 652383375 ____A C:\Users\rock\Downloads\DopeSouth_REX.zip
2011-10-28 17:09 - 2011-10-28 17:09 - 5556812 ____A C:\Users\rock\Downloads\SF509demo.zip
2011-10-28 00:31 - 2011-10-28 00:22 - 568571650 ____A C:\Users\rock\Downloads\Dope_Loops_Monster_Music_XL_24_WAV_Acid.zip
2011-10-28 00:31 - 2011-10-28 00:22 - 568416154 ____A C:\Users\rock\Downloads\Dope_Loops_Monster_Music_XL_24_AIFF_Apple.zip
2011-10-28 00:28 - 2011-10-28 00:21 - 369811838 ____A C:\Users\rock\Downloads\Dope_Loops_Monster_Music_XL_REX.zip
2011-10-25 16:33 - 2011-10-25 16:33 - 0741793 ____A C:\Users\rock\Downloads\rev_symphobia2.pdf
2011-10-25 16:32 - 2011-10-25 16:32 - 0795581 ____A C:\Users\rock\Downloads\Review_Punch.pdf
2011-10-25 12:12 - 2011-10-11 02:07 - 0000000 ____D C:\Users\rock\Documents\mbam 1.51.2.1300 Final + keygen-Slicer
2011-10-24 16:25 - 2011-06-07 09:33 - 0000000 ____D C:\Users\rock\AppData\Roaming\Sun
2011-10-24 16:12 - 2011-10-24 16:12 - 0001113 ____A C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
2011-10-24 16:12 - 2011-10-24 16:12 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-10-24 16:09 - 2011-10-24 16:09 - 0001113 ____A C:\Users\Public\Desktop\Trojan Remover.lnk
2011-10-24 16:09 - 2011-10-24 16:09 - 0000000 ____D C:\Users\rock\AppData\Roaming\Simply Super Software
2011-10-24 16:09 - 2011-10-24 16:09 - 0000000 ____D C:\Users\All Users\Simply Super Software
2011-10-24 16:09 - 2011-10-24 16:09 - 0000000 ____D C:\ProgramData\Simply Super Software
2011-10-24 16:09 - 2011-10-24 16:09 - 0000000 ____D C:\Program Files (x86)\Trojan Remover
2011-10-22 15:05 - 2011-10-22 15:05 - 0875599 ____A C:\Users\rock\Desktop\SellMoreMusicWithFacebook.pdf
2011-10-21 21:02 - 2009-07-13 21:08 - 0032530 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-10-21 11:16 - 2011-10-21 11:16 - 0000161 ____A C:\Users\rock\Downloads\129.wax
2011-10-21 11:13 - 2011-10-21 11:13 - 0000051 ____A C:\Users\rock\Downloads\warning1 (6).ram
2011-10-21 11:13 - 2011-10-21 11:13 - 0000051 ____A C:\Users\rock\Downloads\warning1 (5).ram
2011-10-21 11:13 - 2011-10-21 11:13 - 0000051 ____A C:\Users\rock\Downloads\warning1 (4).ram
2011-10-21 11:12 - 2011-10-21 11:12 - 0000051 ____A C:\Users\rock\Downloads\warning1 (3).ram
2011-10-21 11:10 - 2011-10-21 11:10 - 0000051 ____A C:\Users\rock\Downloads\warning1 (2).ram
2011-10-21 11:09 - 2011-10-21 11:09 - 0000051 ____A C:\Users\rock\Downloads\warning1 (1).ram
2011-10-21 11:08 - 2011-10-21 11:08 - 0000051 ____A C:\Users\rock\Downloads\warning1.ram
2011-10-21 11:07 - 2011-10-21 11:07 - 0000000 ____D C:\Users\rock\AppData\Local\Real
2011-10-21 11:06 - 2011-10-21 11:06 - 0001046 ____A C:\Users\Public\Desktop\RealPlayer.lnk
2011-10-21 11:06 - 2010-12-01 20:59 - 0198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2011-10-21 11:06 - 2010-12-01 20:58 - 0000000 ____D C:\Users\All Users\Real
2011-10-21 11:06 - 2010-12-01 20:58 - 0000000 ____D C:\ProgramData\Real
2011-10-21 11:06 - 2010-12-01 20:58 - 0000000 ____D C:\Program Files (x86)\Real
2011-10-21 11:05 - 2010-12-01 20:59 - 0272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2011-10-21 11:05 - 2010-12-01 20:59 - 0006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2011-10-21 11:05 - 2010-12-01 20:59 - 0005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2011-10-21 11:05 - 2004-01-11 14:00 - 0348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2011-10-21 11:05 - 2003-03-18 19:14 - 0499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2011-10-21 11:04 - 2011-10-21 11:04 - 0000000 ____D C:\Users\rock\AppData\Local\The Weather Channel
2011-10-20 10:02 - 2011-10-20 10:02 - 8850754 ____A C:\Users\rock\Downloads\DMDSB_Demo.zip
2011-10-20 10:02 - 2011-10-20 10:02 - 0000000 ____D C:\Users\rock\Desktop\DMDSB_Demo
2011-10-19 04:20 - 2011-10-19 04:20 - 0000000 ____D C:\Users\rock\Desktop\my mixes

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 10%
Total physical RAM: 8190.49 MB
Available physical RAM: 7302.38 MB
Total Pagefile: 8188.64 MB
Available Pagefile: 7294.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:19.26 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:566.76 GB) NTFS
3 Drive f: (Jan 16 2012) (CDROM) (Total:0.69 GB) (Free:0.65 GB) UDF
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 931 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 931 GB 101 MB

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 931 GB Healthy

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D New Volume NTFS Partition 931 GB Healthy

==========================================================

Last Boot: 2011-12-30 05:32

======================= End Of Log ==========================

[JSntgRvr]

Download the enclosed file. [attachment=55432:fixlist.txt]

Save it in the USB drive.

Run FRST as you did before, except that this time around, click on the Fix button and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

If successful, boot in Normal Mode and run Combofix as follows:


Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Please, never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  

  -----------------------------------------------------------

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    
    

    -----------------------------------------------------------

  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

  -----------------------------------------------------------

• Double click on combofix.exe & follow the prompts.
• Install the Recovery Console if prompted.
• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

[rock777]

Hi JSntgRvr I'm still stuck here is the txt file.


Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.2)
Ran by SYSTEM at 2012-01-17 16:09:43 R:4
Running from F:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows Value was restored.
C:\Users\rock\Downloads\warning1 (6).ram not found.
C:\Users\rock\Downloads\warning1 (5).ram not found.
C:\Users\rock\Downloads\warning1 (4).ram not found.
C:\Users\rock\Downloads\warning1 (3).ram not found.
C:\Users\rock\Downloads\warning1 (2).ram not found.
C:\Users\rock\Downloads\warning1 (1).ram not found.
C:\Users\rock\Downloads\warning1.ram not found.

==== End of Fixlog ====

Edited by rock777, 17 January 2012 - 03:24 PM.

[JSntgRvr]

Download the enclosed file. [attachment=55453:fixlist.txt]

Save it in the USB drive.

Run FRST as you did before, except that this time around, click on the Fix button and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

This wont fix anything. It will give me a report on the Boot Configuration.

[rock777]

I've been unable to use the f8 method because my computer just goes from the bios screen to the verifying dmi pool data... I've been booting from my windows 7 cd. Also I've been using a cd to run the fix software and save the txt files. I know you said I'd need a usb pen drive. Can I do this from a cd or is it a must that I get the pen drive?

[JSntgRvr]

Run it as you did before or in any way you can as long as the text file is produced.

[rock777]

here it tis. you will see info about the vista drive. Its not normally there. its in place of my data drive so I didn't have to turn off the computer and plug in the vista drive to access the internet. I hope that didn't mess things up.

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.2)
Ran by SYSTEM at 2008-01-01 10:09:56 R:1
Running from F:\

==============================================


========= bcdedit /enum all /v =========


Windows Boot Manager
--------------------
identifier {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device partition=Y:
path \bootmgr
description Windows Boot Manager
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
default {95c5ce93-d644-11df-9ecc-8003724e14f5}
resumeobject {95c5ce92-d644-11df-9ecc-8003724e14f5}
displayorder {95c5ce93-d644-11df-9ecc-8003724e14f5}
{586cc4b7-eacf-11dd-b37c-6cf049060760}
bootsequence {b2721d73-1db4-4c62-bf78-c548a880142d}
toolsdisplayorder {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout 30

Windows Boot Loader
-------------------
identifier {586cc4b5-eacf-11dd-b37c-6cf049060760}
device ramdisk=[E:]\Recovery\586cc4b5-eacf-11dd-b37c-6cf049060760\Winre.wim,{586cc4b6-eacf-11dd-b37c-6cf049060760}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice ramdisk=[E:]\Recovery\586cc4b5-eacf-11dd-b37c-6cf049060760\Winre.wim,{586cc4b6-eacf-11dd-b37c-6cf049060760}
systemroot \windows
nx OptIn
winpe Yes
custom:46000010 Yes

Windows Boot Loader
-------------------
identifier {586cc4b7-eacf-11dd-b37c-6cf049060760}
device partition=C:
path \Windows\system32\winload.exe
description Windows Vista ™ Home Basic (recovered)
locale en-US
osdevice partition=C:
systemroot \Windows

Windows Boot Loader
-------------------
identifier {95c5ce93-d644-11df-9ecc-8003724e14f5}
device partition=E:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence {586cc4b5-eacf-11dd-b37c-6cf049060760}
recoveryenabled Yes
osdevice partition=E:
systemroot \Windows
resumeobject {95c5ce92-d644-11df-9ecc-8003724e14f5}
nx OptIn

Resume from Hibernate
---------------------
identifier {95c5ce92-d644-11df-9ecc-8003724e14f5}
device partition=E:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {1afa9c49-16ab-4a5c-901b-212802da9460}
filedevice partition=E:
filepath \hiberfil.sys
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {b2721d73-1db4-4c62-bf78-c548a880142d}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
badmemoryaccess Yes

EMS Settings
------------
identifier {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
custom:26000022 Yes

Debugger Settings
-----------------
identifier {4636856e-540f-4170-a130-a84776f4c654}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {5189b25c-5558-4bf2-bca4-289b11bd29e2}

Global Settings
---------------
identifier {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
inherit {4636856e-540f-4170-a130-a84776f4c654}
{0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
{5189b25c-5558-4bf2-bca4-289b11bd29e2}

Boot Loader Settings
--------------------
identifier {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
{7ff607e0-4395-11db-b0de-0800200c9a66}

Hypervisor Settings
-------------------
identifier {7ff607e0-4395-11db-b0de-0800200c9a66}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {1afa9c49-16ab-4a5c-901b-212802da9460}
inherit {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}

Device options
--------------
identifier {586cc4b6-eacf-11dd-b37c-6cf049060760}
description Ramdisk Options
ramdisksdidevice partition=E:
ramdisksdipath \Recovery\586cc4b5-eacf-11dd-b37c-6cf049060760\boot.sdi

========= End of CMD: =========


==== End of Fixlog ====

Edited by rock777, 18 January 2012 - 08:52 AM.

[JSntgRvr]

here it tis. you will see info about the vista drive. Its not normally there. its in place of my data drive so I didn't have to turn off the computer and plug in the vista drive to access the internet. I hope that didn't mess things up.

I don't understand your indications. I proceed based on what I see in the report. If the report belongs to the ailing computer, then it will work.

Download the enclosed file. [attachment=55461:fixlist.txt]

Save it in the USB drive or the device holding FRST, overwriting the existing one.

Run FRST as you did before, except that this time around, click on the Fix button and wait.

The tool will make a log on the flashdrive (or the device you are using in its place) (Fixlog.txt) please post it to your reply.

If successful, boot in Normal Mode and run Combofix as previously suggested.

[rock777]

still stuck


Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.3.2)
Ran by SYSTEM at 2008-01-01 15:44:19 R:2
Running from F:\

==============================================


========= bcdedit /deletevalue {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9} custom:26000022 =========

The operation completed successfully.

========= End of CMD: =========


==== End of Fixlog ====

[JSntgRvr]

How are you able to write to a CD_ROM? At this point I will need to obtain a copy of the Master Boot Record for analysis, but as far as I know, you are not able to write to a CD_ROM in the Windows 7 Repair Console, and I will need the product of my request as an attachment instead. How would you be able to do so? Which drive letter will receive the report?

[rock777]

Windows 7 loaded up and running. I've never been so happy to see my icons. many thanks for this. I looked up master boot record and found the command bootrec.exe /fixmbr. it sent windows to a memory scan so I canceled it and up came select f8.

Now as for the ComboFix, how dangerous is it. I've disabled windows real time protection. How do I disable Malwarebytes' Anti-Malware and my other programs. All of my antivirus I've got from "free" sites which seems to have caused more problems then helped, so should I uninstall them all. The main problem I have is from a virus thats been eating of gigabytes of space on my drive I went from 250gigs of free space to 19 in a matter of days. The only I've been able to do is delete things to stop I drive from reaching 0.

Edited by rock777, 18 January 2012 - 03:55 PM.

[JSntgRvr]

I would recommend AVAST as an antivirus. There is no need to disable Malwarebytes. Read the instructions above. I included two (2) links with information on how to disable antivirus programs prior to running Combofix.

[rock777]

I'm all good. Got the avast. Just wanted to say thanks for saving my pc!