Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

BSOD and i cant get in safe mode [Closed]

Started by Zegii , Nov 03 2012 11:09 AM

  • This topic is locked This topic is locked

#1
Zegii
Posted 03 November 2012 - 11:09 AM

Zegii

    New Member

  • Member
  • Pip
  • 2 posts
Hello guys i created this topic cuz of my problem with bsod,even that i cant go in safe mode and fix that so guys please help me!My OS is Windows 7 Ultimate 64 bit,o yea i did the thing with the program so here is the text

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
Ran by SYSTEM at 03-11-2012 16:51:44
Running from G:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [VDownloader] "C:\Program Files\VDownloader\VDownloader.exe" /silent [881664 2012-07-17] (Vitzo)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [1111432 2012-10-16] (Spigot, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536 2012-07-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup [1501080 2010-09-14] (Affinegy, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-02] (Sun Microsystems, Inc.)
HKU\ZEGARAC\...\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe /A [2158592 2010-09-02] ()
HKU\ZEGARAC\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [152872 2007-06-27] (Nero AG)
HKU\ZEGARAC\...\Run: [Google Update] "C:\Users\ZEGARAC\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-02-19] (Google Inc.)
HKU\ZEGARAC\...\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" [495616 2007-09-02] ()
HKU\ZEGARAC\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\ZEGARAC\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3481408 2012-02-13] (DT Soft Ltd)
HKU\ZEGARAC\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)
HKU\ZEGARAC\...\Run: [BitTorrent] "C:\Users\ZEGARAC\Desktop\Programi\BitTorrent.exe" /MINIMIZED [1398680 2012-10-17] (BitTorrent, Inc.)
HKU\ZEGARAC\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-07-02] ()
HKU\ZEGARAC\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [975288 2012-07-02] (Samsung)
HKU\ZEGARAC\...\Run: [Clock Widget (HTC Home)] "C:\Program Files (x86)\HTC Home\Clock.exe" [2036736 2011-11-28] ()
HKU\ZEGARAC\...\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart [490880 2012-09-24] (IObit)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

==================== Services (Whitelisted) ===================

2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [1026432 2012-10-12] (IObit)
3 AeLookupSvc; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 AeLookupSvc; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 AffinegyService; "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe" [571288 2010-09-14] (Affinegy, Inc.)
3 AppIDSvc; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 AudioEndpointBuilder; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 AudioSrv; C:\Windows\SysWow64\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 avgfws; "C:\Program Files (x86)\AVG\AVG2012\avgfws.exe" [2321560 2012-06-12] (AVG Technologies CZ, s.r.o.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [5167736 2012-08-12] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-13] (AVG Technologies CZ, s.r.o.)
3 AxInstSV; C:\Windows\System32\svchost.exe -k AxInstSVGroup [27136 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\SysWow64\svchost.exe -k AxInstSVGroup [20992 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [27136 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\SysWow64\svchost.exe -k LocalServiceNoNetwork [20992 2009-07-13] (Microsoft Corporation)
3 Browser; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 Browser; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\svchost.exe -k bthsvcs [27136 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\SysWow64\svchost.exe -k bthsvcs [20992 2009-07-13] (Microsoft Corporation)
4 CertPropSvc; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
4 CertPropSvc; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 CscService; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 CscService; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\svchost.exe -k NetworkService [27136 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\SysWow64\svchost.exe -k NetworkService [20992 2009-07-13] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 dot3svc; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
3 FDResPub; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 FDResPub; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
2 FontCache; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 IKEEXT; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 IKEEXT; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
4 iphlpsvc; C:\Windows\System32\svchost.exe -k NetSvcs [27136 2009-07-13] (Microsoft Corporation)
4 iphlpsvc; C:\Windows\SysWow64\svchost.exe -k NetSvcs [20992 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 KtmRm; C:\Windows\SysWow64\svchost.exe -k NetworkServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\svchost.exe -k NetworkService [27136 2009-07-13] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\SysWow64\svchost.exe -k NetworkService [20992 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\SysWow64\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-07] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-07] (Malwarebytes Corporation)
4 Mcx2Svc; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
4 Mcx2Svc; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 MMCSS; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [27136 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\SysWow64\svchost.exe -k LocalServiceNoNetwork [20992 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 NitroReaderDriverReadSpool2; "C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe" [341296 2011-06-21] (Nitro PDF Software)
2 NlaSvc; C:\Windows\System32\svchost.exe -k NetworkService [27136 2009-07-13] (Microsoft Corporation)
2 NlaSvc; C:\Windows\SysWow64\svchost.exe -k NetworkService [20992 2009-07-13] (Microsoft Corporation)
3 NMIndexingService; "C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe" [279848 2007-06-27] (Nero AG)
2 nsi; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 PcaSvc; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 PeerDistSvc; C:\Windows\System32\svchost.exe -k PeerDist [27136 2009-07-13] (Microsoft Corporation)
3 PeerDistSvc; C:\Windows\SysWow64\svchost.exe -k PeerDist [20992 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\svchost.exe -k DcomLaunch [27136 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\SysWow64\svchost.exe -k DcomLaunch [20992 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\svchost.exe -k LocalServicePeerNet [27136 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\SysWow64\svchost.exe -k LocalServicePeerNet [20992 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\svchost.exe -k NetworkServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\SysWow64\svchost.exe -k NetworkServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\svchost.exe -k DcomLaunch [27136 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\SysWow64\svchost.exe -k DcomLaunch [20992 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 ProfSvc; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\svchost.exe -k regsvc [27136 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\SysWow64\svchost.exe -k regsvc [20992 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\svchost.exe -k RPCSS [27136 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\SysWow64\svchost.exe -k RPCSS [20992 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 SCardSvr; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
4 seclogon; C:\Windows\system32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
4 seclogon; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [27136 2009-07-13] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\SysWow64\svchost.exe -k LocalServiceAndNoImpersonation [20992 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\System32\svchost.exe -k imgsvc [27136 2009-07-13] (Microsoft Corporation)
2 stisvc; C:\Windows\SysWow64\svchost.exe -k imgsvc [20992 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\svchost.exe -k swprv [27136 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\SysWow64\svchost.exe -k swprv [20992 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
4 TabletInputService; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
4 TabletInputService; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\svchost.exe -k NetworkService [27136 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\SysWow64\svchost.exe -k NetworkService [20992 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
3 UmRdpService; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 UmRdpService; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\svchost.exe -k LocalService [27136 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\SysWow64\svchost.exe -k LocalService [20992 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\svchost.exe -k WbioSvcGroup [27136 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\SysWow64\svchost.exe -k WbioSvcGroup [20992 2009-07-13] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\svchost.exe -k NetworkService [27136 2009-07-13] (Microsoft Corporation)
3 Wecsvc; C:\Windows\SysWow64\svchost.exe -k NetworkService [20992 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 Winmgmt; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\SysWow64\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\svchost.exe -k netsvcs [27136 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\SysWow64\svchost.exe -k netsvcs [20992 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [27136 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\SysWow64\svchost.exe -k LocalSystemNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [27136 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\SysWow64\svchost.exe -k LocalServiceNoNetwork [20992 2009-07-13] (Microsoft Corporation)

==================== Drivers (Whitelisted) =====================

1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-22] (AVG Technologies CZ, s.r.o.)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-18] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-25] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-30] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-04-01] (DT Soft Ltd)
2 npf; C:\Windows\System32\Drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-12] (Duplex Secure Ltd.)
3 ALG; [x]
3 ALSysIO; [x]
3 EFS; [x]
4 Fax; [x]
3 fsssvc; [x]
3 GGSAFERDriver; [x]
3 GPU-Z; [x]
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [x]
3 KeyIso; [x]
3 MBAMProtector; [x]
3 MBfilt; C:\Windows\System32\drivers\MBfilt64.sys [x]
3 McComponentHostService; [x]
3 MSDTC; [x]
3 MSICDSetup; \??\E:\CDriver64.sys [x]
3 Netlogon; [x]
2 NVSvc; [x]
2 PnkBstrA; [x]
3 ProtectedStorage; [x]
3 RpcLocator; [x]
3 SNMPTRAP; [x]
2 Spooler; [x]
2 sppsvc; [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 TBPanel; [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 UI0Detect; [x]
3 VaultSvc; [x]
3 vds; [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
3 VSS; [x]
3 wbengine; [x]
3 wmiApSrv; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-03 16:51 - 2012-11-03 16:51 - 00000000 ____D C:\FRST
2012-10-31 22:46 - 2012-11-03 00:50 - 256682475 ____A C:\Windows\MEMORY.DMP
2012-10-31 22:34 - 2012-10-31 22:34 - 03347694 ____A C:\Windows\PFRO.log
2012-10-31 13:11 - 2012-10-31 13:11 - 00027049 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]dead.space.2.full.game.nothing.removed.crashes.fixed.torrent
2012-10-31 11:50 - 2012-10-31 11:50 - 00063727 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]prototype.2.pre.load.multi.5.saifulislamj.torrent
2012-10-31 11:22 - 2012-11-01 09:06 - 00000000 ____D C:\Users\All Users\IObit
2012-10-31 11:22 - 2012-10-31 11:42 - 00000000 ____D C:\Users\ZEGARAC\AppData\Roaming\IObit
2012-10-31 11:22 - 2012-10-31 11:23 - 00000000 ____D C:\Program Files (x86)\IObit
2012-10-31 02:19 - 2012-10-31 02:19 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-10-31 02:18 - 2012-10-02 11:51 - 03536817 ____A C:\Windows\System32\nvcoproc.bin
2012-10-31 02:18 - 2012-03-29 23:49 - 00000000 ____D C:\Users\UpdatusUser\Documents\Visual Studio 2010
2012-10-31 02:18 - 2011-04-09 22:34 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2012-10-31 02:18 - 2011-03-20 13:27 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
2012-10-31 02:16 - 2012-10-02 14:21 - 26331496 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 25256296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 19906920 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 17559912 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 13443944 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-10-31 02:16 - 2012-10-02 14:21 - 12501352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 09146728 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 07697768 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 07414632 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 06127464 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 02747240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 02574696 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 02218344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 01867112 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 01760104 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 01482600 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco64.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 00973672 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 00831848 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 00247144 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-10-31 02:16 - 2012-10-02 14:21 - 00202600 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-10-31 02:16 - 2012-07-03 07:25 - 00189288 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-10-31 02:16 - 2012-07-03 07:25 - 00031080 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-10-31 02:16 - 2012-07-02 23:37 - 01472360 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2012-10-31 02:07 - 2012-10-31 03:04 - 00000000 ____D C:\Users\ZEGARAC\Documents\NFSTR
2012-10-30 23:23 - 2012-10-30 23:23 - 00078436 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt (2).torrent
2012-10-30 23:20 - 2012-10-30 23:20 - 00111728 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (5).torrent
2012-10-30 23:10 - 2012-10-30 23:10 - 00000017 ____A C:\Users\ZEGARAC\AppData\Local\resmon.resmoncfg
2012-10-30 23:01 - 2012-10-30 23:01 - 00014349 ____A C:\Users\ZEGARAC\Downloads\[isoHunt] 2304976.torrent
2012-10-30 13:09 - 2012-10-30 13:09 - 00111728 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (4).torrent
2012-10-30 13:07 - 2012-10-30 13:07 - 00138719 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.limited.edition.sc.torrent
2012-10-30 13:07 - 2012-10-30 13:07 - 00028360 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt (1).torrent
2012-10-30 13:06 - 2012-10-30 13:06 - 00018434 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.crack.only.skidrow.torrent
2012-10-30 12:59 - 2012-10-30 12:59 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (3).torrent
2012-10-30 12:46 - 2012-10-30 12:46 - 00017005 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (2).torrent
2012-10-30 12:23 - 2012-10-30 12:23 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (1).torrent
2012-10-30 12:20 - 2012-10-30 12:20 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow.torrent
2012-10-30 09:43 - 2012-10-30 09:43 - 00000000 ____D C:\Users\ZEGARAC\AppData\Local\2K Games
2012-10-29 23:06 - 2012-09-24 14:16 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-29 23:06 - 2012-09-24 14:08 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-29 23:06 - 2012-09-24 14:07 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-29 23:05 - 2012-10-29 23:06 - 00004119 ____A C:\Windows\SysWOW64\jupdate-1.7.0_09-b05.log
2012-10-28 07:22 - 2012-10-28 07:22 - 00000000 __SHD C:\Users\All Users\SecuROM
2012-10-28 04:50 - 2012-10-28 04:50 - 00093867 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]batman.arkham.city.game.of.the.year.edition.skidrow.torrent
2012-10-28 04:39 - 2012-10-28 04:39 - 00395704 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]bus.simulator.2012.jaguar.etgamez.torrent
2012-10-28 04:33 - 2012-10-28 04:34 - 00078506 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt.torrent
2012-10-28 00:05 - 2012-10-28 00:05 - 00011434 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]angry.birds.space.v1.0.0.cracked.theta.torrent
2012-10-28 00:04 - 2012-10-28 00:04 - 00023394 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]gta.san.andreas.completo.crack.tradutor.torrent
2012-10-28 00:02 - 2012-10-28 00:02 - 00069958 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]battlefield.3.reloaded.torrent
2012-10-27 08:00 - 2012-10-27 08:00 - 00000000 ____D C:\Users\All Users\RELOADED
2012-10-27 06:48 - 2012-10-27 07:58 - 00000000 ___AD C:\TCH-TMP
2012-10-27 06:48 - 2012-10-27 06:48 - 00000000 ____D C:\Users\ZEGARAC\Games
2012-10-27 06:47 - 2012-10-27 06:47 - 00011575 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]chivalry.medieval.warfare.2012.pc.hi2u.torrent
2012-10-27 06:45 - 2012-10-27 06:45 - 00076441 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.limited.edition.steam.rip.multi7.p2p.torrent
2012-10-27 06:44 - 2012-10-27 06:44 - 00029237 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]mafia.ii.skidrow.mafia.2.torrent
2012-10-26 22:21 - 2012-10-26 22:21 - 00000000 ____D C:\Users\ZEGARAC\Documents\Flight Simulator X Files
2012-10-26 22:06 - 2012-10-26 22:06 - 00002661 ____A C:\Users\ZEGARAC\Downloads\[isoHunt] download.torrent
2012-10-25 08:20 - 2012-10-25 08:20 - 00000000 ____D C:\Program Files (x86)\Atari
2012-10-24 21:09 - 2012-10-24 21:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2012-10-24 04:58 - 2012-10-30 22:40 - 00000000 ____D C:\Users\ZEGARAC\AppData\Local\vghd
2012-10-24 04:56 - 2012-10-24 04:56 - 00000000 ____D C:\Program Files (x86)\Yontoo
2012-10-24 04:55 - 2012-10-24 05:00 - 00000000 ____D C:\Program Files (x86)\OnlineHD.TV
2012-10-22 01:13 - 2012-10-22 01:17 - 00000000 ____D C:\Users\ZEGARAC\Documents\Adventure Game Files
2012-10-19 19:25 - 2012-10-19 19:25 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2012-10-09 21:02 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-09 21:02 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-09 21:02 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-09 21:02 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-09 21:02 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-09 21:02 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-09 21:02 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-09 21:02 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-09 21:02 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-09 21:02 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-09 21:02 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-09 21:02 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-09 21:02 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-09 21:02 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-09 21:02 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-09 21:02 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-09 21:02 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 21:02 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-09 21:02 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-09 21:02 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-09 21:02 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-09 21:02 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-09 21:02 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-09 21:02 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-09 21:02 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-09 21:02 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

==================== 3 Months Modified Files ==================

2012-11-03 00:50 - 2012-10-31 22:46 - 256682475 ____A C:\Windows\MEMORY.DMP
2012-10-31 22:34 - 2012-10-31 22:34 - 03347694 ____A C:\Windows\PFRO.log
2012-10-31 14:35 - 2011-02-07 02:39 - 01224503 ____A C:\Windows\WindowsUpdate.log
2012-10-31 14:10 - 2011-02-19 08:07 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279168189-2558412265-3364926614-1000UA.job
2012-10-31 13:51 - 2012-04-01 21:29 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-31 13:11 - 2012-10-31 13:11 - 00027049 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]dead.space.2.full.game.nothing.removed.crashes.fixed.torrent
2012-10-31 11:50 - 2012-10-31 11:50 - 00063727 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]prototype.2.pre.load.multi.5.saifulislamj.torrent
2012-10-31 11:10 - 2011-02-19 08:07 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2279168189-2558412265-3364926614-1000Core.job
2012-10-31 06:19 - 2009-07-13 20:45 - 00014192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-31 06:19 - 2009-07-13 20:45 - 00014192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-31 06:14 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-31 02:19 - 2012-10-31 02:19 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-10-30 23:23 - 2012-10-30 23:23 - 00078436 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt (2).torrent
2012-10-30 23:20 - 2012-10-30 23:20 - 00111728 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (5).torrent
2012-10-30 23:10 - 2012-10-30 23:10 - 00000017 ____A C:\Users\ZEGARAC\AppData\Local\resmon.resmoncfg
2012-10-30 23:01 - 2012-10-30 23:01 - 00014349 ____A C:\Users\ZEGARAC\Downloads\[isoHunt] 2304976.torrent
2012-10-30 13:09 - 2012-10-30 13:09 - 00111728 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (4).torrent
2012-10-30 13:07 - 2012-10-30 13:07 - 00138719 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.limited.edition.sc.torrent
2012-10-30 13:07 - 2012-10-30 13:07 - 00028360 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt (1).torrent
2012-10-30 13:06 - 2012-10-30 13:06 - 00018434 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.crack.only.skidrow.torrent
2012-10-30 12:59 - 2012-10-30 12:59 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (3).torrent
2012-10-30 12:46 - 2012-10-30 12:46 - 00017005 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (2).torrent
2012-10-30 12:23 - 2012-10-30 12:23 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow (1).torrent
2012-10-30 12:20 - 2012-10-30 12:20 - 00027988 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]need.for.speed.most.wanted.skidrow.torrent
2012-10-29 23:06 - 2012-10-29 23:05 - 00004119 ____A C:\Windows\SysWOW64\jupdate-1.7.0_09-b05.log
2012-10-28 04:50 - 2012-10-28 04:50 - 00093867 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]batman.arkham.city.game.of.the.year.edition.skidrow.torrent
2012-10-28 04:39 - 2012-10-28 04:39 - 00395704 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]bus.simulator.2012.jaguar.etgamez.torrent
2012-10-28 04:34 - 2012-10-28 04:33 - 00078506 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.flt.torrent
2012-10-28 00:05 - 2012-10-28 00:05 - 00011434 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]angry.birds.space.v1.0.0.cracked.theta.torrent
2012-10-28 00:04 - 2012-10-28 00:04 - 00023394 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]gta.san.andreas.completo.crack.tradutor.torrent
2012-10-28 00:02 - 2012-10-28 00:02 - 00069958 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]battlefield.3.reloaded.torrent
2012-10-27 06:47 - 2012-10-27 06:47 - 00011575 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]chivalry.medieval.warfare.2012.pc.hi2u.torrent
2012-10-27 06:45 - 2012-10-27 06:45 - 00076441 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]medal.of.honor.warfighter.limited.edition.steam.rip.multi7.p2p.torrent
2012-10-27 06:44 - 2012-10-27 06:44 - 00029237 ____A C:\Users\ZEGARAC\Downloads\[kat.ph]mafia.ii.skidrow.mafia.2.torrent
2012-10-26 22:06 - 2012-10-26 22:06 - 00002661 ____A C:\Users\ZEGARAC\Downloads\[isoHunt] download.torrent
2012-10-25 04:51 - 2011-02-07 03:42 - 00112472 ____A C:\Users\ZEGARAC\AppData\Local\GDIPFONTCACHEV1.DAT
2012-10-25 04:50 - 2009-07-13 20:45 - 04977616 ____A C:\Windows\System32\FNTCACHE.DAT
2012-10-14 20:51 - 2009-07-13 21:08 - 00032572 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-10-10 01:19 - 2010-02-09 22:16 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-09 01:51 - 2012-04-01 21:29 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-09 01:51 - 2011-05-24 04:24 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-02 14:21 - 2012-10-31 02:16 - 26331496 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 25256296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 19906920 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 17559912 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 13443944 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-10-02 14:21 - 2012-10-31 02:16 - 12501352 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 09146728 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 07697768 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 07414632 ____A (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 06127464 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 02747240 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 02574696 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 02218344 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 01867112 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 01760104 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 01482600 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco64.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 00973672 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 00831848 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 00247144 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-10-02 14:21 - 2012-10-31 02:16 - 00202600 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-10-02 14:21 - 2011-02-07 02:53 - 18252136 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-10-02 14:21 - 2011-02-07 02:53 - 15309160 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2012-10-02 14:21 - 2011-02-07 02:53 - 14922600 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2012-10-02 14:21 - 2011-02-07 02:53 - 00016127 ____A C:\Windows\System32\nvinfo.pb
2012-10-02 14:21 - 2011-02-07 02:52 - 02731880 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2012-10-02 14:21 - 2011-02-07 02:52 - 02428776 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2012-10-02 11:51 - 2012-10-31 02:18 - 03536817 ____A C:\Windows\System32\nvcoproc.bin
2012-10-02 11:51 - 2011-01-07 10:49 - 06200680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2012-10-02 11:51 - 2011-01-07 10:49 - 03293544 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2012-10-02 11:50 - 2011-01-07 10:48 - 00891240 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2012-10-02 11:50 - 2011-01-07 10:48 - 00118120 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2012-10-02 11:50 - 2010-10-07 17:20 - 00063336 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2012-10-02 04:15 - 2012-10-02 04:15 - 00430952 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2012-09-24 14:16 - 2012-10-29 23:06 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-09-24 14:08 - 2012-10-29 23:06 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-09-24 14:07 - 2012-10-29 23:06 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-09-22 22:15 - 2011-09-06 08:38 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-09-22 22:15 - 2011-03-01 03:57 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-09-22 21:28 - 2011-03-01 03:57 - 00281288 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-09-22 07:13 - 2011-03-01 03:57 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2012-09-15 22:53 - 2011-02-10 09:56 - 00000074 ____A C:\Users\ZEGARAC\AppData\default.pls
2012-09-14 11:19 - 2012-10-09 21:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-09 21:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-08 23:09 - 2012-06-17 12:56 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-09-08 23:09 - 2011-02-09 04:13 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-09-07 07:04 - 2012-05-18 11:05 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-08-31 10:19 - 2012-10-09 21:02 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 10:03 - 2012-10-09 21:02 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-09 21:02 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-09 21:02 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-24 10:05 - 2012-10-09 21:02 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-09 21:02 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 05:43 - 2012-08-24 05:43 - 00384352 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-08-24 03:15 - 2012-09-22 01:19 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-22 01:19 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-22 01:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-22 01:19 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-22 01:19 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-22 01:19 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-22 01:19 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-22 01:19 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-22 01:19 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-22 01:19 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-22 01:19 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-22 01:19 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-22 01:19 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-22 01:19 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-22 01:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-22 01:19 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 23:27 - 2012-09-22 01:19 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-22 01:19 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-22 01:19 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-22 01:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-22 01:19 - 01129472 ____A (Microsoft Corporatio
  • 0

Advertisements

#2
Zegii
Posted 03 November 2012 - 11:17 AM

Zegii

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
oh here is the second part

2012-08-23 22:51 - 2012-09-22 01:19 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-22 01:19 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-22 01:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-22 01:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-22 01:19 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-22 01:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-22 01:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-22 01:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-22 01:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-22 01:19 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-22 01:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-22 01:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-22 10:12 - 2012-09-11 22:02 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-11 22:02 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-11 22:02 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-11 22:02 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:01 - 2012-09-25 19:32 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-20 10:48 - 2012-10-09 21:02 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 10:48 - 2012-10-09 21:02 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 10:46 - 2012-10-09 21:02 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:38 - 2012-10-09 21:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:38 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 09:40 - 2012-10-09 21:02 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 09:38 - 2012-10-09 21:02 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 09:37 - 2012-10-09 21:02 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 09:37 - 2012-10-09 21:02 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 09:37 - 2012-10-09 21:02 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 09:32 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 07:38 - 2012-10-09 21:02 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 07:38 - 2012-10-09 21:02 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 07:33 - 2012-10-09 21:02 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 07:33 - 2012-10-09 21:02 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 07:33 - 2012-10-09 21:02 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 07:33 - 2012-10-09 21:02 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-10 16:56 - 2012-10-09 21:02 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-09 21:02 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-29 23:04:35
Restore point made on: 2012-10-31 00:06:12

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4078.72 MB
Available physical RAM: 3429.76 MB
Total Pagefile: 4076.87 MB
Available Pagefile: 3430.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (SISTEM) (Fixed) (Total:292.87 GB) (Free:145.3 GB) NTFS
2 Drive e: (RADNI) (Fixed) (Total:638.54 GB) (Free:249.53 GB) NTFS
4 Drive g: (NIKOLA ZEGI) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 3830 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 292 GB 101 MB
Partition 3 Primary 638 GB 292 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C SISTEM NTFS Partition 292 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E RADNI NTFS Partition 638 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3826 MB 4096 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G NIKOLA ZEGI FAT32 Removable 3826 MB Healthy

=========================================================

Last Boot: 2012-10-25 21:46

==================== End Of Log =============================
  • 0

#3
Cruise475
Posted 07 November 2012 - 04:51 PM

Cruise475

    Trusted Helper

  • Member
  • PipPipPipPip
  • 1,348 posts
Hello Zegii, welcome to GeeksToGo! My name is Cruise475 and I will be helping you with your malware problems! Please be patient with my responses as I have just recently returned from a extended absence from GeeksToGo. This being said, to protect you and help me keep my sanity, I will be having a resident staff member checking my responses before they get to you!

Before we begin, I would like to mention a few things!

  • Malware removal is not an instantaneous task, researching the logs our tools create can sometimes be a lengthy process. So I ask, please be patient with me!
  • Read each of my posts PRIOR to following the tasks I ask you to perform.
  • Follow the instructions exactly as I have written them, in the order they were written.
  • If you are unsure how to proceed, are unable to perform any tasks, stop what you are doing and ask me for clarification!
  • It is very important that you stay with me until I give you the all clear! A lack of symptoms does not mean the infection is gone.
  • Please do not attach any logs to your posts unless I specifically request it! It makes my job a lot easier if you copy and paste them into your reply!
  • For the time that we are working together, do not run any tools, install or uninstall any program, or make any changes to your system without my direction. This can hinder the cleaning process, and make it hard to clean your computer!

Please give me some time to review your log and I will be back with further instructions as soon as I can!

Thanks
Cruise
  • 0

#4
Cruise475
Posted 09 November 2012 - 08:00 AM

Cruise475

    Trusted Helper

  • Member
  • PipPipPipPip
  • 1,348 posts
Hello Zegii,

Let's give this a shot and see if we can boot!

Step 1:

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the flashdrive as fixlist.txt

Start
Last Boot: 2012-10-25 21:46
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemOn Vista or Windows 7

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait. The tool will make a log on the flashdrive (Fixlog.txt) please post it in your next reply.

Now please try to reboot into Windows (normal mode and safemode) - If you are able to boot, please proceed to the next step - otherwise let me know!


Step 2:

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    nnetsvcs
%SYSTEMDRIVE%\*.exe
%systemroot%\assembly\GAC_32\*.ini
%systemroot%\assembly\GAC_64\*.ini
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.exe
%APPDATA%\*.
/md5start
rsvpsp.dll
pnrpnsp.dll 
nwprovau.dll
nlaapi.dll
napinsp.dll
mswsock.dll
winrnr.dll
wshelper.dll
services.exe
atapi.sys
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
csrss.exe
PrintIsolationHost.exe
consrv.dll
user32.dll
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles 
CREATERESTOREPOINT
  • Please select the Scan All Users checkbox.
  • Change the File Age dropdown list from 30 days to 60 days.
  • Under Extra Registry heading, select Use Safelist.
  • Select LOP Check and Purity Check.
  • Then click the Run Scan button at the top
  • Let the program run unhindered, until it is done
  • Post the log it produces in your next reply.


In your next post please include the following:

  • Fix Log from FRST
  • OTL Log if you were able to get it

Thanks
Cruise
  • 0

#5
Dakeyras
Posted 14 November 2012 - 01:44 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP