Virus Hater
2012-05-28, 09:48
I just got a new computer about 6 months ago, the laptop was running fine until about a week ago, it started going slow, so I nuked the drive just to cover all basis using boot and nuke 1 PRNG pass.
Anyway everything seemed fine after reinstalling windows, but after a little bit the computer starts to lag and eventually freezes up.
Plus now when I boot the computer it goes to a black screen for about 5 seconds and then pulls the desktop up. Dunno if I still didn't get rid of a nasty virus, but here is my log, I disabled Internet Explorer cause I use Chrome, and I also disabled avast for the test because it wanted to open in sandbox.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Azarithe at 2:40:55 on 2012-05-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8086.5734 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Eraser\Eraser.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Azarithe\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Azarithe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6F593C45-8257-438A-B57D-9ABB08A9DD92} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{97BCC3CC-AB8C-4D74-ABC7-CAF5106324DE} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{97BCC3CC-AB8C-4D74-ABC7-CAF5106324DE}\14E64627F696464556478656272516 : DhcpNameServer = 192.168.2.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-5-21 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-21 44768]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-20 13336]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-5-21 1153368]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-20 276248]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-05-28 06:32:16 -------- d-----w- C:\Program Files\Eraser
2012-05-28 06:00:01 -------- d-----w- C:\Program Files (x86)\TagRename
2012-05-28 05:32:12 -------- d-----w- C:\Users\Azarithe\AppData\Local\Sony
2012-05-28 05:32:12 -------- d-----w- C:\Program Files\Sony
2012-05-28 05:32:12 -------- d-----w- C:\Program Files (x86)\Sony
2012-05-27 07:32:52 -------- d-----w- C:\Program Files (x86)\MagicISO
2012-05-27 07:12:17 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll
2012-05-27 07:12:16 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx
2012-05-27 07:12:16 -------- d-----w- C:\Program Files (x86)\DVD Flick
2012-05-27 07:11:13 -------- d-----w- C:\Windows\System32\appmgmt
2012-05-26 06:29:14 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6DD2B73A-A0F0-4E07-8F4F-66E08D5810C8}\mpengine.dll
2012-05-25 11:13:06 -------- d-----w- C:\ProgramData\Nero
2012-05-25 10:28:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2012-05-25 10:26:57 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-05-25 10:25:35 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2012-05-25 10:24:18 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-05-25 10:23:01 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2012-05-25 10:21:45 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2012-05-25 10:20:26 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2012-05-25 10:19:09 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll
2012-05-25 10:17:50 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2012-05-25 10:16:34 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2012-05-24 12:53:11 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\.minecraft
2012-05-24 12:13:15 -------- d-----w- C:\Program Files (x86)\Oracle
2012-05-24 12:12:26 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-24 12:12:25 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-24 10:43:05 -------- d-----w- C:\Program Files (x86)\RapidShareManager
2012-05-23 10:01:53 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-05-23 10:01:35 -------- d-----w- C:\Windows\PCHEALTH
2012-05-23 10:01:35 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-05-23 10:00:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-05-23 09:59:25 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-05-23 09:58:59 -------- d-----w- C:\Users\Azarithe\AppData\Local\Microsoft Help
2012-05-23 08:52:04 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-05-23 08:52:02 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2012-05-23 08:51:30 -------- d-----w- C:\Users\Azarithe\AppData\Local\Adobe
2012-05-23 03:35:44 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-05-23 03:14:24 -------- d-----w- C:\Users\Azarithe\AppData\Local\XboxMB
2012-05-23 03:14:17 -------- d-----w- C:\Windows\XSxS
2012-05-23 03:14:17 -------- d-----w- C:\Users\Azarithe\AppData\Local\Xenocode
2012-05-23 03:14:17 -------- d-----w- C:\Program Files (x86)\Xenocode
2012-05-23 03:08:13 -------- d-----w- C:\Program Files (x86)\Ventrilo
2012-05-23 02:33:59 -------- d-----w- C:\Users\Azarithe\AppData\Local\NeoSmart_Technologies
2012-05-23 02:31:21 -------- d-----w- C:\Program Files (x86)\NeoSmart Technologies
2012-05-22 22:58:47 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-05-22 22:58:47 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-05-21 11:06:25 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\IrfanView
2012-05-21 11:06:25 -------- d-----w- C:\Program Files (x86)\IrfanView
2012-05-21 09:09:35 -------- d-----w- C:\Users\Azarithe\AppData\Local\Apple Computer
2012-05-21 09:09:13 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-05-21 09:09:13 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-05-21 09:09:13 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-05-21 09:08:37 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-05-21 09:08:37 -------- d-----w- C:\Program Files\iTunes
2012-05-21 09:08:37 -------- d-----w- C:\Program Files\iPod
2012-05-21 09:08:37 -------- d-----w- C:\Program Files (x86)\iTunes
2012-05-21 09:08:18 -------- d-----w- C:\Users\Azarithe\AppData\Local\Apple
2012-05-21 09:08:01 -------- d-----w- C:\Program Files\Bonjour
2012-05-21 09:08:01 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-05-21 09:06:10 -------- d-----w- C:\Windows\xxclone.arc
2012-05-21 09:06:04 -------- d-----w- C:\Program Files\XXCLONE
2012-05-21 09:00:10 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-21 09:00:09 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-21 09:00:05 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-21 08:58:59 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-21 08:58:50 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-21 08:58:50 -------- d-----w- C:\Program Files\AVAST Software
2012-05-21 08:57:37 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Malwarebytes
2012-05-21 08:56:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-21 08:56:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-21 08:55:36 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-21 08:55:36 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-21 08:55:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-21 08:51:57 -------- d-----w- C:\Program Files (x86)\Lavasoft
2012-05-21 08:27:26 -------- d-----w- C:\Program Files\CCleaner
2012-05-21 08:24:43 -------- d-----w- C:\Windows\System32\SPReview
2012-05-21 08:24:20 -------- d-----w- C:\Windows\System32\EventProviders
2012-05-21 08:15:06 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2012-05-21 08:15:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-05-21 08:15:01 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-05-21 08:13:59 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-05-21 08:12:59 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2012-05-21 08:11:40 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-05-21 07:59:03 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2012-05-21 07:59:03 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-05-21 07:59:03 229376 ----a-w- C:\Windows\System32\fsquirt.exe
2012-05-21 07:42:41 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Intel Corporation
2012-05-21 06:34:59 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-05-21 04:39:47 -------- d-----w- C:\Windows\SysWow64\sda
2012-05-21 04:39:42 9888360 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
2012-05-21 04:39:42 422504 ----a-w- C:\Windows\System32\RtsUStor.dll
2012-05-21 04:39:42 250984 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2012-05-21 04:12:00 -------- d-----w- C:\Program Files\Dell
2012-05-21 04:10:50 -------- d-----w- C:\Program Files\DellTPad
2012-05-21 04:10:45 113224 ----a-w- C:\Windows\System32\Vxdif.dll
2012-05-21 04:10:44 363856 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2012-05-21 04:05:34 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-05-21 04:05:34 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-21 04:05:34 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-21 04:05:34 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-21 04:05:33 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-05-21 04:05:33 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-05-21 04:05:33 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-05-21 04:02:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-21 04:02:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-05-21 04:02:13 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-05-21 04:02:12 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-21 04:02:11 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-21 04:02:11 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-21 04:00:59 2315776 ----a-w- C:\Windows\System32\tquery.dll
2012-05-21 03:59:57 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-05-21 03:55:52 -------- dc----w- C:\Users\Azarithe\AppData\Local\MigWiz
2012-05-21 03:46:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-05-21 03:46:56 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-05-21 03:45:47 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-05-21 03:37:37 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-05-21 03:37:02 -------- d-----w- C:\Intel
2012-05-21 03:32:14 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-05-21 03:32:11 -------- d-----w- C:\Program Files (x86)\Realtek
2012-05-21 03:31:33 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-21 03:25:33 -------- d-----w- C:\Users\Azarithe\AppData\Local\Google
2012-05-21 03:19:48 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-05-21 03:19:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-05-21 03:19:47 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-05-21 03:19:47 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-05-21 03:19:47 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-05-21 03:19:47 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2012-05-21 03:19:47 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-05-21 03:19:47 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-05-21 03:16:13 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Intel
2012-05-21 03:16:03 -------- d-----w- C:\Users\Azarithe\Roaming
2012-05-21 03:16:03 -------- d-----w- C:\ProgramData\Roaming
2012-05-21 03:14:56 -------- d-----w- C:\Program Files\Common Files\Intel
2012-05-21 03:14:56 -------- d-----w- C:\Program Files (x86)\Cisco
2012-05-21 02:05:50 -------- d-----w- C:\Windows\Panther
2012-05-21 01:12:57 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-05-21 08:37:33 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-05-21 08:37:32 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-20 06:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe
2012-03-20 06:44:20 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe
2012-03-20 06:44:20 439064 ----a-w- C:\Windows\System32\igfxpers.exe
2012-03-20 06:44:20 398616 ----a-w- C:\Windows\System32\hkcmd.exe
2012-03-20 06:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2012-03-20 06:44:20 250136 ----a-w- C:\Windows\System32\igfxext.exe
2012-03-20 06:44:20 184600 ----a-w- C:\Windows\System32\difx64.exe
2012-03-20 06:44:20 170264 ----a-w- C:\Windows\System32\igfxtray.exe
2012-03-20 06:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll
2012-03-20 06:32:04 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2012-03-20 06:31:56 8087040 ----a-w- C:\Windows\System32\igdumd64.dll
2012-03-20 06:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2012-03-20 06:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin
2012-03-20 06:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2012-03-20 06:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin
2012-03-20 06:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll
2012-03-20 06:26:56 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2012-03-20 06:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll
2012-03-20 06:22:10 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll
2012-03-20 06:11:38 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2012-03-20 05:31:14 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll
2012-03-20 05:21:14 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2012-03-20 05:17:56 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2012-03-20 05:17:46 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll
2012-03-20 05:17:22 110592 ----a-w- C:\Windows\System32\hccutils.dll
2012-03-20 05:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2012-03-20 05:17:14 434688 ----a-w- C:\Windows\System32\igfxdev.dll
2012-03-20 05:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll
2012-03-20 05:16:40 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc
2012-03-20 05:16:38 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2012-03-20 05:16:36 9007616 ----a-w- C:\Windows\System32\igfxress.dll
2012-03-20 05:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2012-03-20 05:11:22 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2012-03-20 05:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll
2012-03-20 05:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2012-03-20 05:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll
2012-03-20 05:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2012-03-20 05:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
2012-03-20 05:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll
2012-03-20 05:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2012-03-20 05:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2012-03-19 02:00:00 1338752 ----a-w- C:\Windows\System32\xxclone.exe
2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-03 06:35:38 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-03 05:31:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
.
============= FINISH: 2:42:24.72 ===============
Anyway everything seemed fine after reinstalling windows, but after a little bit the computer starts to lag and eventually freezes up.
Plus now when I boot the computer it goes to a black screen for about 5 seconds and then pulls the desktop up. Dunno if I still didn't get rid of a nasty virus, but here is my log, I disabled Internet Explorer cause I use Chrome, and I also disabled avast for the test because it wanted to open in sandbox.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Azarithe at 2:40:55 on 2012-05-28
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8086.5734 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Eraser\Eraser.exe
C:\Users\Azarithe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Azarithe\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\Users\Azarithe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6F593C45-8257-438A-B57D-9ABB08A9DD92} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{97BCC3CC-AB8C-4D74-ABC7-CAF5106324DE} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{97BCC3CC-AB8C-4D74-ABC7-CAF5106324DE}\14E64627F696464556478656272516 : DhcpNameServer = 192.168.2.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-5-21 98208]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-8-8 1166848]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-21 44768]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-5-20 13336]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-5-21 1153368]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-20 276248]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-27 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-05-28 06:32:16 -------- d-----w- C:\Program Files\Eraser
2012-05-28 06:00:01 -------- d-----w- C:\Program Files (x86)\TagRename
2012-05-28 05:32:12 -------- d-----w- C:\Users\Azarithe\AppData\Local\Sony
2012-05-28 05:32:12 -------- d-----w- C:\Program Files\Sony
2012-05-28 05:32:12 -------- d-----w- C:\Program Files (x86)\Sony
2012-05-27 07:32:52 -------- d-----w- C:\Program Files (x86)\MagicISO
2012-05-27 07:12:17 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll
2012-05-27 07:12:16 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx
2012-05-27 07:12:16 -------- d-----w- C:\Program Files (x86)\DVD Flick
2012-05-27 07:11:13 -------- d-----w- C:\Windows\System32\appmgmt
2012-05-26 06:29:14 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6DD2B73A-A0F0-4E07-8F4F-66E08D5810C8}\mpengine.dll
2012-05-25 11:13:06 -------- d-----w- C:\ProgramData\Nero
2012-05-25 10:28:14 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2012-05-25 10:26:57 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2012-05-25 10:25:35 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2012-05-25 10:24:18 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll
2012-05-25 10:23:01 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2012-05-25 10:21:45 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2012-05-25 10:20:26 1868128 ----a-w- C:\Windows\SysWow64\d3dcsx_43.dll
2012-05-25 10:19:09 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll
2012-05-25 10:17:50 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
2012-05-25 10:16:34 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2012-05-24 12:53:11 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\.minecraft
2012-05-24 12:13:15 -------- d-----w- C:\Program Files (x86)\Oracle
2012-05-24 12:12:26 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-05-24 12:12:25 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-24 10:43:05 -------- d-----w- C:\Program Files (x86)\RapidShareManager
2012-05-23 10:01:53 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2012-05-23 10:01:35 -------- d-----w- C:\Windows\PCHEALTH
2012-05-23 10:01:35 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-05-23 10:00:11 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-05-23 09:59:25 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2012-05-23 09:58:59 -------- d-----w- C:\Users\Azarithe\AppData\Local\Microsoft Help
2012-05-23 08:52:04 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-05-23 08:52:02 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant
2012-05-23 08:51:30 -------- d-----w- C:\Users\Azarithe\AppData\Local\Adobe
2012-05-23 03:35:44 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-05-23 03:14:24 -------- d-----w- C:\Users\Azarithe\AppData\Local\XboxMB
2012-05-23 03:14:17 -------- d-----w- C:\Windows\XSxS
2012-05-23 03:14:17 -------- d-----w- C:\Users\Azarithe\AppData\Local\Xenocode
2012-05-23 03:14:17 -------- d-----w- C:\Program Files (x86)\Xenocode
2012-05-23 03:08:13 -------- d-----w- C:\Program Files (x86)\Ventrilo
2012-05-23 02:33:59 -------- d-----w- C:\Users\Azarithe\AppData\Local\NeoSmart_Technologies
2012-05-23 02:31:21 -------- d-----w- C:\Program Files (x86)\NeoSmart Technologies
2012-05-22 22:58:47 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-05-22 22:58:47 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-05-21 11:06:25 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\IrfanView
2012-05-21 11:06:25 -------- d-----w- C:\Program Files (x86)\IrfanView
2012-05-21 09:09:35 -------- d-----w- C:\Users\Azarithe\AppData\Local\Apple Computer
2012-05-21 09:09:13 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-05-21 09:09:13 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-05-21 09:09:13 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-05-21 09:08:37 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-05-21 09:08:37 -------- d-----w- C:\Program Files\iTunes
2012-05-21 09:08:37 -------- d-----w- C:\Program Files\iPod
2012-05-21 09:08:37 -------- d-----w- C:\Program Files (x86)\iTunes
2012-05-21 09:08:18 -------- d-----w- C:\Users\Azarithe\AppData\Local\Apple
2012-05-21 09:08:01 -------- d-----w- C:\Program Files\Bonjour
2012-05-21 09:08:01 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-05-21 09:06:10 -------- d-----w- C:\Windows\xxclone.arc
2012-05-21 09:06:04 -------- d-----w- C:\Program Files\XXCLONE
2012-05-21 09:00:10 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-21 09:00:09 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-21 09:00:05 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-21 08:58:59 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-21 08:58:50 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-21 08:58:50 -------- d-----w- C:\Program Files\AVAST Software
2012-05-21 08:57:37 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Malwarebytes
2012-05-21 08:56:35 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-21 08:56:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-21 08:55:36 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-21 08:55:36 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-21 08:55:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-21 08:51:57 -------- d-----w- C:\Program Files (x86)\Lavasoft
2012-05-21 08:27:26 -------- d-----w- C:\Program Files\CCleaner
2012-05-21 08:24:43 -------- d-----w- C:\Windows\System32\SPReview
2012-05-21 08:24:20 -------- d-----w- C:\Windows\System32\EventProviders
2012-05-21 08:15:06 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2012-05-21 08:15:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-05-21 08:15:01 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-05-21 08:13:59 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-05-21 08:12:59 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2012-05-21 08:11:40 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-05-21 07:59:03 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2012-05-21 07:59:03 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2012-05-21 07:59:03 229376 ----a-w- C:\Windows\System32\fsquirt.exe
2012-05-21 07:42:41 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Intel Corporation
2012-05-21 06:34:59 -------- d-----w- C:\Program Files (x86)\VideoLAN
2012-05-21 04:39:47 -------- d-----w- C:\Windows\SysWow64\sda
2012-05-21 04:39:42 9888360 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll
2012-05-21 04:39:42 422504 ----a-w- C:\Windows\System32\RtsUStor.dll
2012-05-21 04:39:42 250984 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys
2012-05-21 04:12:00 -------- d-----w- C:\Program Files\Dell
2012-05-21 04:10:50 -------- d-----w- C:\Program Files\DellTPad
2012-05-21 04:10:45 113224 ----a-w- C:\Windows\System32\Vxdif.dll
2012-05-21 04:10:44 363856 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2012-05-21 04:05:34 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-05-21 04:05:34 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-21 04:05:34 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-21 04:05:34 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-21 04:05:33 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-05-21 04:05:33 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-05-21 04:05:33 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-05-21 04:02:13 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-21 04:02:13 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-05-21 04:02:13 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-05-21 04:02:12 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-21 04:02:11 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-21 04:02:11 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-21 04:00:59 2315776 ----a-w- C:\Windows\System32\tquery.dll
2012-05-21 03:59:57 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-05-21 03:55:52 -------- dc----w- C:\Users\Azarithe\AppData\Local\MigWiz
2012-05-21 03:46:56 77312 ----a-w- C:\Windows\System32\packager.dll
2012-05-21 03:46:56 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-05-21 03:45:47 439320 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-05-21 03:37:37 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-05-21 03:37:02 -------- d-----w- C:\Intel
2012-05-21 03:32:14 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-05-21 03:32:11 -------- d-----w- C:\Program Files (x86)\Realtek
2012-05-21 03:31:33 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-21 03:25:33 -------- d-----w- C:\Users\Azarithe\AppData\Local\Google
2012-05-21 03:19:48 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-05-21 03:19:47 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-05-21 03:19:47 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-05-21 03:19:47 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-05-21 03:19:47 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2012-05-21 03:19:47 162816 ----a-w- C:\Windows\System32\rdpudd.dll
2012-05-21 03:19:47 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-05-21 03:19:47 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-05-21 03:16:13 -------- d-----w- C:\Users\Azarithe\AppData\Roaming\Intel
2012-05-21 03:16:03 -------- d-----w- C:\Users\Azarithe\Roaming
2012-05-21 03:16:03 -------- d-----w- C:\ProgramData\Roaming
2012-05-21 03:14:56 -------- d-----w- C:\Program Files\Common Files\Intel
2012-05-21 03:14:56 -------- d-----w- C:\Program Files (x86)\Cisco
2012-05-21 02:05:50 -------- d-----w- C:\Windows\Panther
2012-05-21 01:12:57 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-05-21 08:37:33 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-05-21 08:37:32 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-04-19 03:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 03:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-20 06:44:20 5888792 ----a-w- C:\Windows\System32\GfxUI.exe
2012-03-20 06:44:20 509720 ----a-w- C:\Windows\System32\igfxsrvc.exe
2012-03-20 06:44:20 439064 ----a-w- C:\Windows\System32\igfxpers.exe
2012-03-20 06:44:20 398616 ----a-w- C:\Windows\System32\hkcmd.exe
2012-03-20 06:44:20 276248 ----a-w- C:\Windows\SysWow64\IntelCpHeciSvc.exe
2012-03-20 06:44:20 250136 ----a-w- C:\Windows\System32\igfxext.exe
2012-03-20 06:44:20 184600 ----a-w- C:\Windows\System32\difx64.exe
2012-03-20 06:44:20 170264 ----a-w- C:\Windows\System32\igfxtray.exe
2012-03-20 06:42:08 90112 ----a-w- C:\Windows\System32\igfxCoIn_v2696.dll
2012-03-20 06:32:04 14745600 ----a-w- C:\Windows\System32\drivers\igdkmd64.sys
2012-03-20 06:31:56 8087040 ----a-w- C:\Windows\System32\igdumd64.dll
2012-03-20 06:31:16 963912 ----a-w- C:\Windows\SysWow64\igkrng600.bin
2012-03-20 06:31:16 963912 ----a-w- C:\Windows\System32\igkrng600.bin
2012-03-20 06:31:16 261208 ----a-w- C:\Windows\SysWow64\igfcg600m.bin
2012-03-20 06:31:16 261208 ----a-w- C:\Windows\System32\igfcg600m.bin
2012-03-20 06:31:14 79360 ----a-w- C:\Windows\System32\igdde64.dll
2012-03-20 06:26:56 6120960 ----a-w- C:\Windows\SysWow64\igdumd32.dll
2012-03-20 06:25:58 58880 ----a-w- C:\Windows\SysWow64\igdde32.dll
2012-03-20 06:22:10 9605632 ----a-w- C:\Windows\System32\igd10umd64.dll
2012-03-20 06:11:38 7795200 ----a-w- C:\Windows\SysWow64\igd10umd32.dll
2012-03-20 05:31:14 18137088 ----a-w- C:\Windows\System32\ig4icd64.dll
2012-03-20 05:21:14 13212672 ----a-w- C:\Windows\SysWow64\ig4icd32.dll
2012-03-20 05:17:56 28672 ----a-w- C:\Windows\System32\igfxexps.dll
2012-03-20 05:17:46 63488 ----a-w- C:\Windows\System32\igfxsrvc.dll
2012-03-20 05:17:22 110592 ----a-w- C:\Windows\System32\hccutils.dll
2012-03-20 05:17:14 9216 ----a-w- C:\Windows\System32\IGFXDEVLib.dll
2012-03-20 05:17:14 434688 ----a-w- C:\Windows\System32\igfxdev.dll
2012-03-20 05:17:14 172032 ----a-w- C:\Windows\System32\gfxSrvc.dll
2012-03-20 05:16:40 286208 ----a-w- C:\Windows\System32\igfxrenu.lrc
2012-03-20 05:16:38 142336 ----a-w- C:\Windows\System32\igfxdo.dll
2012-03-20 05:16:36 9007616 ----a-w- C:\Windows\System32\igfxress.dll
2012-03-20 05:12:06 25088 ----a-w- C:\Windows\SysWow64\igfxexps32.dll
2012-03-20 05:11:22 325120 ----a-w- C:\Windows\SysWow64\igfxdv32.dll
2012-03-20 05:09:08 524800 ----a-w- C:\Windows\System32\iglhsip64.dll
2012-03-20 05:09:08 519680 ----a-w- C:\Windows\SysWow64\iglhsip32.dll
2012-03-20 05:09:08 2967040 ----a-w- C:\Windows\System32\igfxcmjit64.dll
2012-03-20 05:09:08 237056 ----a-w- C:\Windows\SysWow64\igfxcmrt32.dll
2012-03-20 05:09:08 2321408 ----a-w- C:\Windows\SysWow64\igfxcmjit32.dll
2012-03-20 05:09:08 213504 ----a-w- C:\Windows\System32\iglhcp64.dll
2012-03-20 05:09:08 193024 ----a-w- C:\Windows\System32\igfxcmrt64.dll
2012-03-20 05:09:08 177152 ----a-w- C:\Windows\SysWow64\iglhcp32.dll
2012-03-19 02:00:00 1338752 ----a-w- C:\Windows\System32\xxclone.exe
2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-03 06:35:38 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-03 05:31:19 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
.
============= FINISH: 2:42:24.72 ===============