Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

i think i may have a virus /comp redirected to amazon [Solved]

Started by snowysdad43 , Sep 28 2012 05:26 PM

  • This topic is locked This topic is locked

#76
Essexboy
Posted 31 October 2012 - 02:58 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Wintoboot will make the USB bootable with the windows 7 iso
  • 0

Advertisements

#77
snowysdad43
Posted 31 October 2012 - 05:12 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
Thx E

here is the log

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
Ran by SYSTEM at 31-10-2012 19:04:09
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet002

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM\...\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1926928 2009-09-21] (Intel® Corporation)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1289704 2012-09-12] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [140520 2009-12-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [498160 2009-12-15] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\a-1 interiors todd\...\Run: [CAHeadless] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\a-1 interiors todd\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\a-1 interiors todd\...\Run: [AOL Fast Start] "C:\PROGRA~2\AOL9~1.5\AOL.EXE" -b [29520 2010-03-23] (AOL Inc.)
HKU\todd\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\todd\...\Run: [PhotoshopElements8SyncAgent] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe [1893728 2009-09-18] (Adobe Systems Incorporated)
HKU\todd\...\Run: [CAHeadless] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\todd\...\Run: [Google Update] "C:\Users\todd\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-09-08] (Google Inc.)
HKU\todd\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5626752 2012-10-04] (SUPERAntiSpyware.com)
HKU\todd\...\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background [306688 2012-03-25] (FileHippo.com)
HKU\todd\...\Run: [AOL Fast Start] "C:\PROGRA~2\AOL9~1.5\AOL.EXE" -b [29520 2010-03-23] (AOL Inc.)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Startup: C:\Users\a-1 interiors todd\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\todd\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Services (Whitelisted) ===================

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [140672 2012-07-11] (SUPERAntiSpyware.com)
2 0069331330628588mcinstcleanup; C:\Users\todd\AppData\Local\Temp\006933~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [1240 2012-03-01] ()
2 atashost; "C:\Windows\SysWOW64\atashost.exe" [20376 2010-04-24] (WebEx Communications, Inc.)
2 IHA_MessageCenter; "C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe" [352248 2012-08-03] (Verizon)
2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] ()
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-09-02] (Lavasoft Limited)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22072 2012-09-12] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2009-09-21] ()
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [368896 2012-09-12] (Microsoft Corporation)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)

==================== Drivers (Whitelisted) =====================

3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-05-08] ()
0 Lbd; C:\Windows\System32\Drivers\Lbd.sys [69152 2010-08-12] (Lavasoft AB)
0 MpFilter; C:\Windows\System32\Drivers\MpFilter.sys [228768 2012-08-30] (Microsoft Corporation)
2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [128456 2012-08-30] (Microsoft Corporation)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-10-31 09:02 - 2012-10-31 09:18 - 00283600 ____A C:\Windows\Minidump\103112-152974-01.dmp
2012-10-31 08:18 - 2012-10-31 08:18 - 00000000 ____A C:\Windows\Minidump\103112-23540-01.dmp
2012-10-30 08:44 - 2012-10-30 08:44 - 00271280 ____A C:\Windows\Minidump\103012-27721-01.dmp
2012-10-27 06:05 - 2012-10-27 06:05 - 00000081 ____A C:\Users\todd\CTX.DAT
2012-10-27 06:05 - 2012-10-27 06:05 - 00000000 ____D C:\Users\todd\Citrix
2012-10-26 13:29 - 2012-10-26 13:29 - 37868688 ____A (Adobe Systems Incorporated) C:\Users\todd\Downloads\AdbeRdr11000_en_US.exe
2012-10-26 13:28 - 2012-10-26 13:28 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-10-26 13:28 - 2012-10-26 13:28 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-26 13:26 - 2012-10-26 13:26 - 32699368 ____A (Oracle Corporation) C:\Users\todd\Downloads\jre-7u9-windows-x64.exe
2012-10-26 13:25 - 2012-10-26 13:25 - 00001975 ____A C:\Users\todd\Desktop\Update Checker.lnk
2012-10-26 13:24 - 2012-10-26 13:25 - 00264271 ____A C:\Users\todd\Downloads\FHSetup (3).exe
2012-10-26 13:24 - 2012-10-26 13:24 - 00264271 ____A C:\Users\todd\Downloads\FHSetup (2).exe
2012-10-12 16:45 - 2012-10-12 16:45 - 00000000 ____D C:\Users\todd\AppData\Roaming\HeadRightGames
2012-10-11 16:19 - 2012-10-11 16:19 - 00000000 ____D C:\Users\todd\Documents\my text
2012-10-10 00:04 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 00:04 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 00:04 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 00:04 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 00:04 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 00:04 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 00:04 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 00:04 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-10 00:04 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-10 00:04 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 00:04 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-10 00:04 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-10 00:04 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-10 00:04 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-10 00:04 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-10 00:04 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-10 00:04 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 00:04 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 00:04 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 00:04 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 00:04 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 00:04 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 00:04 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 00:04 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 00:03 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 00:03 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-09 10:38 - 2012-10-09 10:41 - 00000000 ____D C:\Users\todd\AppData\Roaming\ImgBurn
2012-10-08 09:29 - 2012-10-08 09:29 - 00001871 ____A C:\Users\Public\Desktop\ImgBurn.lnk
2012-10-08 09:29 - 2012-10-08 09:29 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2012-10-08 09:28 - 2012-10-08 09:28 - 06118990 ____A (LIGHTNING UK!) C:\Users\todd\Downloads\SetupImgBurn_2.5.7.0.exe
2012-10-08 09:20 - 2012-10-08 09:32 - 201799680 ____A C:\Users\todd\Downloads\drweb-livecd-600.iso
2012-10-07 19:09 - 2012-10-07 19:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2012-10-07 19:08 - 2012-10-07 19:08 - 20922968 ____A (SUPERAntiSpyware.com) C:\Users\todd\Downloads\SUPERAntiSpyware (1).exe
2012-10-06 16:02 - 2012-10-06 16:03 - 32693736 ____A (Oracle Corporation) C:\Users\todd\Downloads\jre-7u7-windows-x64.exe
2012-10-05 02:37 - 2012-10-05 02:37 - 00000000 ____D C:\Users\todd\AppData\Roaming\PlayWay
2012-10-03 01:25 - 2012-10-03 01:25 - 00000000 ____D C:\Users\todd\AppData\Roaming\Amaranth Games
2012-10-02 23:56 - 2012-10-02 23:56 - 00000000 ____D C:\Users\All Users\RVLGames


==================== 3 Months Modified Files ==================

2012-10-31 14:51 - 2010-08-27 21:36 - 00512655 ____A C:\aaw7boot.log
2012-10-31 09:18 - 2012-10-31 09:02 - 00283600 ____A C:\Windows\Minidump\103112-152974-01.dmp
2012-10-31 09:02 - 2009-07-13 20:51 - 00194846 ____A C:\Windows\setupact.log
2012-10-31 09:01 - 2010-06-30 20:13 - 389861046 ____A C:\Windows\MEMORY.DMP
2012-10-31 08:18 - 2012-10-31 08:18 - 00000000 ____A C:\Windows\Minidump\103112-23540-01.dmp
2012-10-30 08:44 - 2012-10-30 08:44 - 00271280 ____A C:\Windows\Minidump\103012-27721-01.dmp
2012-10-30 08:01 - 2009-07-13 21:10 - 01059645 ____A C:\Windows\WindowsUpdate.log
2012-10-29 22:07 - 2012-05-12 12:34 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-29 21:56 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-29 21:56 - 2009-07-13 20:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-29 21:52 - 2011-08-15 19:50 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-29 21:49 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-29 19:30 - 2011-08-15 19:50 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-29 19:29 - 2011-10-12 14:46 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4288711922-4026222575-1276435178-1000UA.job
2012-10-29 18:31 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-29 18:29 - 2011-10-12 14:46 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4288711922-4026222575-1276435178-1000Core.job
2012-10-29 10:01 - 2011-01-14 18:12 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job
2012-10-28 09:00 - 2011-05-08 12:56 - 00000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2012-10-28 09:00 - 2011-05-08 12:56 - 00000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2012-10-27 06:05 - 2012-10-27 06:05 - 00000081 ____A C:\Users\todd\CTX.DAT
2012-10-26 13:33 - 2010-04-13 01:12 - 00560166 ____A C:\Windows\PFRO.log
2012-10-26 13:29 - 2012-10-26 13:29 - 37868688 ____A (Adobe Systems Incorporated) C:\Users\todd\Downloads\AdbeRdr11000_en_US.exe
2012-10-26 13:28 - 2012-10-26 13:28 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-10-26 13:28 - 2012-10-26 13:28 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-26 13:28 - 2012-08-15 20:44 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-10-26 13:28 - 2012-08-15 20:44 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-10-26 13:28 - 2012-06-03 07:28 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-10-26 13:28 - 2011-02-25 15:17 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-10-26 13:26 - 2012-10-26 13:26 - 32699368 ____A (Oracle Corporation) C:\Users\todd\Downloads\jre-7u9-windows-x64.exe
2012-10-26 13:25 - 2012-10-26 13:25 - 00001975 ____A C:\Users\todd\Desktop\Update Checker.lnk
2012-10-26 13:25 - 2012-10-26 13:24 - 00264271 ____A C:\Users\todd\Downloads\FHSetup (3).exe
2012-10-26 13:24 - 2012-10-26 13:24 - 00264271 ____A C:\Users\todd\Downloads\FHSetup (2).exe
2012-10-10 16:31 - 2012-02-29 06:04 - 00002484 ____A C:\Users\todd\Desktop\Google Chrome.lnk
2012-10-10 05:33 - 2010-04-24 04:59 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-08 13:36 - 2012-05-12 12:33 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-08 13:36 - 2011-07-11 03:23 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-08 09:32 - 2012-10-08 09:20 - 201799680 ____A C:\Users\todd\Downloads\drweb-livecd-600.iso
2012-10-08 09:29 - 2012-10-08 09:29 - 00001871 ____A C:\Users\Public\Desktop\ImgBurn.lnk
2012-10-08 09:28 - 2012-10-08 09:28 - 06118990 ____A (LIGHTNING UK!) C:\Users\todd\Downloads\SetupImgBurn_2.5.7.0.exe
2012-10-07 19:09 - 2012-07-05 07:03 - 00001810 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2012-10-07 19:08 - 2012-10-07 19:08 - 20922968 ____A (SUPERAntiSpyware.com) C:\Users\todd\Downloads\SUPERAntiSpyware (1).exe
2012-10-07 12:49 - 2009-07-13 21:08 - 00032616 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-10-06 16:03 - 2012-10-06 16:02 - 32693736 ____A (Oracle Corporation) C:\Users\todd\Downloads\jre-7u7-windows-x64.exe
2012-10-02 12:22 - 2012-03-01 11:10 - 00001945 ____A C:\Windows\epplauncher.mif
2012-09-27 18:08 - 2012-09-27 18:08 - 10524080 ____A (Malwarebytes Corporation ) C:\Users\todd\Downloads\mbam-setup-1.65.0.1400.exe
2012-09-26 23:35 - 2012-03-01 15:35 - 00001115 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-26 04:16 - 2012-09-26 04:15 - 00894952 ____A (Oracle Corporation) C:\Users\todd\Downloads\chromeinstall-7u7 (2).exe
2012-09-26 04:14 - 2012-09-26 04:13 - 00894952 ____A (Oracle Corporation) C:\Users\todd\Downloads\chromeinstall-7u7 (1).exe
2012-09-26 04:13 - 2012-09-26 04:12 - 00894952 ____A (Oracle Corporation) C:\Users\todd\Downloads\chromeinstall-7u7.exe
2012-09-14 11:19 - 2012-10-10 00:04 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-10 00:04 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-07 13:04 - 2010-09-04 18:59 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-08-31 21:59 - 2011-01-14 18:12 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2012-08-31 10:19 - 2012-10-10 00:04 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 18:03 - 2012-08-30 18:03 - 00228768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-08-30 18:03 - 2011-04-27 12:25 - 00128456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
2012-08-30 10:03 - 2012-10-10 00:04 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-10 00:04 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-10 00:04 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-27 20:16 - 2012-08-27 20:16 - 06717808 ____A (Support.com ) C:\Users\todd\Downloads\ARO2012_tbt.exe
2012-08-24 10:05 - 2012-10-10 00:04 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-10 00:04 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 03:15 - 2012-09-22 07:46 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-22 07:46 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-22 07:46 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-22 07:46 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-22 07:46 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-22 07:46 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-22 07:46 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-22 07:46 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-22 07:46 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-22 07:46 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-22 07:46 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-22 07:46 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-22 07:46 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-22 07:46 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-22 07:46 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-22 07:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 23:27 - 2012-09-22 07:46 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-22 07:46 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-22 07:46 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-22 07:46 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-22 07:46 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-22 07:46 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-22 07:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-22 07:46 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-22 07:46 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-22 07:46 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-22 07:46 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-22 07:46 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-22 07:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-22 07:46 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-22 07:46 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-22 07:46 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-22 10:12 - 2012-09-11 22:15 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-11 22:15 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-11 22:15 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-11 22:15 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:01 - 2012-09-25 15:48 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-20 10:48 - 2012-10-10 00:04 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 10:48 - 2012-10-10 00:04 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 10:46 - 2012-10-10 00:04 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:38 - 2012-10-10 00:04 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 09:40 - 2012-10-10 00:04 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 09:38 - 2012-10-10 00:04 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 09:37 - 2012-10-10 00:04 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 09:37 - 2012-10-10 00:04 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 09:37 - 2012-10-10 00:04 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 07:38 - 2012-10-10 00:04 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 07:38 - 2012-10-10 00:04 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 07:33 - 2012-10-10 00:04 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 00:04 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 00:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 00:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-17 00:14 - 2012-08-17 00:14 - 04587128 ____A (Lavasoft Limited) C:\Users\todd\Downloads\Adaware_Installer.exe
2012-08-15 20:42 - 2012-08-15 20:41 - 32690664 ____A (Oracle Corporation) C:\Users\todd\Downloads\jre-7u6-windows-x64.exe
2012-08-14 21:38 - 2009-07-13 20:45 - 00311440 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-10 16:56 - 2012-10-10 00:04 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-10 00:04 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-08 15:54 - 2011-05-08 12:53 - 00055384 ____A (Sunbelt Software) C:\Windows\System32\Drivers\SBREDrv.sys
2012-08-07 22:24 - 2012-08-07 22:24 - 00000052 ____A C:\Users\todd\AppData\Roaming\mbam.context.scan
2012-08-07 14:43 - 2012-08-07 14:43 - 00082020 ____A C:\Users\todd\Downloads\Extras.Txt
2012-08-07 14:42 - 2012-08-07 14:42 - 00093296 ____A C:\Users\todd\Downloads\OTL.Txt
2012-08-07 14:34 - 2012-08-07 14:34 - 00596480 ____A (OldTimer Tools) C:\Users\todd\Downloads\OTL.exe

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-09 16:33:24
Restore point made on: 2012-10-10 05:29:41
Restore point made on: 2012-10-14 07:52:03
Restore point made on: 2012-10-18 01:43:40
Restore point made on: 2012-10-22 05:17:27
Restore point made on: 2012-10-25 12:07:48
Restore point made on: 2012-10-26 13:27:35
Restore point made on: 2012-10-26 13:30:04
Restore point made on: 2012-10-28 18:35:19

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3892.52 MB
Available physical RAM: 3266.55 MB
Total Pagefile: 3890.67 MB
Available Pagefile: 3265.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:384.81 GB) NTFS
3 Drive f: () (Removable) (Total:3.61 GB) (Free:3.4 GB) NTFS
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 3700 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 14 GB 39 MB
Partition 3 Primary 451 GB 14 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y RECOVERY NTFS Partition 14 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 451 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3696 MB 4032 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F NTFS Removable 3696 MB Healthy

=========================================================

Last Boot: 2012-10-26 10:36

==================== End Of Log =============================
  • 0

#78
Essexboy
Posted 01 November 2012 - 08:17 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK first the good news.. There is no apparent malware

Next we need to get the bootloader working

First we will run a checkdisc on the hard drive .. All of these tasks will be done from the Recovery Console Command prompt :

First run this command and then try to reboot.. If it works then great, if not proceed to step 2. If neither work then we will rebuild the BCD

Step 1

At the command prompt type the following and press enter :

chkdsk c: /f/r

It may take a while to run

Step 2

At the command prompt type the following and press enter after each line :

bootrec /FixMbr
bootrec /FixBoot
  • 0

#79
snowysdad43
Posted 01 November 2012 - 09:58 AM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
will the chkdsk close on its own ? it ran then one line (last in a paragraph) says failed to transfer logged messahes to the eventlog with status 50
then the next and current line reads x:\windows\system32> and the line after that is still blinking . is this still runnung it has been like this for half hour now ?
also the name on top of the cmd box is administrator:x:\windows\system32\cmd.exe

so i am just not sure if this is still runing or stalled

edit it has now been like this for 2 hours no changes
2nd edit windows x cannot be checked as it is write protected
i think i will try step 2 as i dont know what to do at this point chkdsk has stopped at the last line specified above

Edited by snowysdad43, 01 November 2012 - 11:55 AM.

  • 0

#80
Essexboy
Posted 01 November 2012 - 12:14 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That could indicate a bad Hard drive, I will look for confirmation on that

Meanwhile try step 2

Is there data on this laptop that you need to recover ?
  • 0

#81
snowysdad43
Posted 01 November 2012 - 12:21 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
no at this point i dont care about data at this point , this laptop is onlt about 2 years old and about 1100 dollars i hope its not fried
i was running the self diagnostic pre boot system assesment option and it gave a error code 0142 hard drive 0 self test unsuccesfull status 79 msg error code 2000-0142 but it gave the option to continue testing so i chose yes ni dont know if this self test will be beneficial to us or not i lewt it run but can abort if you think it wont help us
  • 0

#82
snowysdad43
Posted 01 November 2012 - 12:31 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ok aborted sel test ran cmd 2 and both said succesfull so tring normal bot now god willing it will work
  • 0

#83
Essexboy
Posted 01 November 2012 - 12:33 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No run the diagnostic, I was looking for the tool for that. But, as you allready have it then let it run
  • 0

#84
snowysdad43
Posted 01 November 2012 - 12:36 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ok sorry cross posted will start it again
normal boot seems to be taking forever
  • 0

#85
Essexboy
Posted 01 November 2012 - 01:27 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you still getting the same error as before ?
  • 0

Advertisements

#86
snowysdad43
Posted 01 November 2012 - 02:01 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
i recieved another error 2000-0146

also had another error dst self test read error 0f00 065 d

this thing has a bunch of testing options now it is doing a quick test specific to boot os will advise asap
edit 2
ok so far this test says no problems found but is continuing for more intensive testing will asvise
edit 3
i think the hard drive is bad i recieve code of00-0132 and that i believe is a bad drive
edit4
well i have nothing to lose so i am trying the dell backup from a year ago not sure if disk is bad or corrupt files causing errors again i feel i have nothing to lose at this point
thank you for all your help E will advise

Edited by snowysdad43, 01 November 2012 - 03:09 PM.

  • 0

#87
Essexboy
Posted 01 November 2012 - 04:23 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Oops sorry I did not see the edit.

My next option would have been to do a system restore. We could use either the recovery console for that or I could invoke one from FRST
However, the error code produced this little snippeet

I found this thread searching 2000-0146 error code, i went into my bios and saw i too was set to ahci vs ata, i have a new wd hd due to dell diagnostics telling me the original hd was bad (same error code), and yet the brand new drive gives same error code in dell diagnostics!



So decided to search a bit, found this thread, and saw the talk about the settings of ahci to ata in bios.



Went in and changed mine to ata - saved/exited and am going to now delete the partition, reinstall vista and drivers and see if this works, will also re run the diagnostic tests too to see if it still gives me that same code again.

Interestingly i took the new drive out and hooked it upto my main pc, installed the western digital lifeguard diagnostics and ran it for 6 hrs extended test, drive shows as pass and healthy, so makes me wonder why dell diag is showing it as error 2000-0146, maybe it is that bios settting - sure hope so will report back once i get the reinstall and re testing done...

Man i hope this fixes it...


I had to restart and then go back to BIOS setting {which can be accessed by pressing F 2} and had to once again change it from ATA to AHCI. Then restart once more and wah-lah I could access Windows.


So go to the BIOS and check that the HDD is set to ATA (or AHCI depending on what the current setting is )
  • 0

#88
snowysdad43
Posted 01 November 2012 - 05:48 PM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ohh bummer i did not see this in time brother oh well i may have been able to save some data but hats ok i am just greatfull all is not lost :)
I did the dell datasafe backup and restored my comp to about just about new status :) thank god its not fried
anyway i am on the laptop posting this now (wired ) :) :) :) i am having some wireless issues with the router but should resolve tonight
hopefully will be good by tommorow :) and i guess we can try to protect this bad boy then
thanks for all your hard work again E

edit 3 minutes after this origional windows network diagostic reset my wireless adapter and wahhh laaaaa i am wireless brother woohhoooo halalujah !!!! talk to ya tomorow Essex boy :)

Edited by snowysdad43, 01 November 2012 - 05:54 PM.

  • 0

#89
Essexboy
Posted 02 November 2012 - 07:38 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
The main thing is that you have it working now.. What is the current security set up on this system ?
  • 0

#90
snowysdad43
Posted 02 November 2012 - 11:12 AM

snowysdad43

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 233 posts
ok i have the avast program you refered (trial version now and i will get the paid version if you think it is a worthy all in one security suite)
I also Have T f c to be run once a seek or so

what else do you think i should get or do
I have done auto updates several times for security updates and will continue to do so .

I have recieved a message thta dell data safe "bachups" has had a problem and can only backup files and folders but not the partition so should i set up the paragon backup on this machine also ?

ok enough questions for now :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP