Hi,
Please post fresh OTL.txt log. Does redirecting still happen?
Hi,
Please post fresh OTL.txt log. Does redirecting still happen?
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Aye, Problem still present. Also didn't think anything of it last time but upon downloading OTL this time I noticed I had my computer refused to download OTL. Tried many things to work around it and eventually did.
Ran OTL with same settings as last time;
OTL logfile created on: 12/2/2010 9:03:46 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\James
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 47.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 396.46 Gb Free Space | 42.56% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 45.92 Gb Free Space | 9.86% Space Free | Partition Type: NTFS
Computer Name: JAMES-PC | User Name: James | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\James\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\DisplayFusion\DisplayFusionHookx86.exe (Binary Fortress Software)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSMngr.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\NETGEAR\WNDA3100\WNDA3100.exe (NETGEAR)
PRC - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SysMon.Exe (K7 Computing Pvt Ltd)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
========== Modules (SafeList) ==========
MOD - C:\Users\James\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\DisplayFusion\Hooks\DisplayFusionHookx86_da4d2571-b7b6-4286-a5da-bc5a9ae27ffd.dll (Binary Fortress Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7OEPlgn.dll (K7 Computing Pvt Ltd)
MOD - C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSHelp.dll (K7 Computing Pvt Ltd)
MOD - C:\Program Files (x86)\Internet Download Manager\idmmkb.dll (Tonec Inc.)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ZuneWlanCfgSvc) -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV:64bit: - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV:64bit: - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (K7RTScan) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7RTScan.exe (K7 Computing Pvt Ltd)
SRV - (AMD FusionUtility Service) -- C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe (Advanced Micro Devices, Inc.)
SRV - (AMD Reservation Manager) -- C:\Program Files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (K7TSMngr) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSMngr.exe (K7 Computing Pvt Ltd)
SRV - (K7PSSrvc) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7PSSrvc.exe (K7 Computing Pvt Ltd)
SRV - (K7FWSrvc) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7FWSrvc.exe (K7 Computing Pvt Ltd)
SRV - (K7EmlPxy) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7EmlPxy.exe (K7 Computing Pvt Ltd)
SRV - (K7SpmSrc) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SpmSrc.exe (K7 Computing Pvt Ltd)
SRV - (DAUpdaterSvc) -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (jswpsapi) -- C:\Program Files (x86)\NETGEAR\WNDA3100\jswpsapi.exe (Atheros Communications, Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (K7Sentry) -- C:\Windows\SysNative\drivers\K7Sentry.sys (K7 Computing Pvt Ltd)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (WNDA3100) -- C:\Windows\SysNative\drivers\WNDA31w7x.sys (Atheros Communications, Inc.)
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys (Creative Technology Ltd.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (K7FWHlpr) -- C:\Windows\SysNative\drivers\K7FWHlpr.sys (K7 Computing Pvt Ltd)
DRV:64bit: - (K7TdiHlp) -- C:\Windows\SysNative\drivers\K7TdiHlp.sys (K7 Computing Pvt Ltd)
DRV:64bit: - (JSWPSLWF) -- C:\Windows\SysNative\drivers\jswpslwfx.sys (Atheros Communications, Inc.)
DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 45 9D F2 6B 1A 8D CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.2.2
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.6
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.3
FF - prefs.js..extensions.enabledItems: {c8f71e5b-88f8-42a7-98bb-e4c506161de9}:0.4
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.1.4
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6
FF - prefs.js..extensions.enabledItems: {3fb63340-652a-11dd-ad8b-0800200c9a66}:3.5.200
FF - prefs.js..extensions.enabledItems: {239c61a8-e55f-11db-8314-0800200c9a66}:2.1.4
FF - prefs.js..extensions.enabledItems: cfxegreen@Bocan:1.0.2.8
FF - prefs.js..extensions.enabledItems: {989e9382-d540-4189-88d1-fc54a949a387}:0.8.7
FF - prefs.js..extensions.enabledItems: {e06bacc0-d6f8-11de-8a39-0800200c9a66}:3.6
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20101009
FF - prefs.js..extensions.enabledItems: {0471d3b0-a403-11df-981c-0800200c9a66}:0.921
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/11/30 17:58:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/12 19:08:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\components [2010/11/22 15:25:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugins
[2010/10/30 19:22:02 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Extensions
[2010/10/30 21:49:26 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\disutzak.default\extensions
[2010/10/30 21:49:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\disutzak.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/30 21:49:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\disutzak.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/12/02 19:29:31 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions
[2010/11/23 01:34:58 | 000,000,000 | ---D | M] (SmallringFX DARKBlue) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (BlackX) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (AvantGarde Nightlife) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{3fb63340-652a-11dd-ad8b-0800200c9a66}
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] (Softonic-Eng7 Toolbar) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010/10/30 21:49:34 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2010/10/30 21:49:34 | 000,000,000 | ---D | M] (FennecFox) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{989e9382-d540-4189-88d1-fc54a949a387}
[2010/10/30 21:49:34 | 000,000,000 | ---D | M] (Gradient iBlu) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{bf70ba50-e70d-11dd-ba2f-0800200c9a66}
[2010/10/30 21:49:34 | 000,000,000 | ---D | M] (AmbientFox) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
[2010/11/25 20:50:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/10/30 21:49:35 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/10/30 21:49:36 | 000,000,000 | ---D | M] (Firefox Zune) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e06bacc0-d6f8-11de-8a39-0800200c9a66}
[2010/10/30 21:49:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/10/30 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\cfxegreen@Bocan
[2010/10/30 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\DeviceDetection@logitech.com
[2010/10/30 21:49:30 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\DTToolbar@toolbarnet.com
[2010/10/30 21:49:32 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\martin@hoerandl.com
[2010/10/30 22:16:59 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\nasanightlaunch@example.com
[2010/10/30 21:49:32 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\personas@christopher.beard
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\savecomplete@perlprogrammer.com
[2010/10/30 21:49:33 | 000,000,000 | ---D | M] -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010/11/23 01:34:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{0471d3b0-a403-11df-981c-0800200c9a66}\chrome\mozapps\extensions
[2010/10/30 21:49:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e06bacc0-d6f8-11de-8a39-0800200c9a66}\chrome\mac\browser\extensions
[2010/10/30 21:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e06bacc0-d6f8-11de-8a39-0800200c9a66}\chrome\mac\mozapps\extensions
[2010/10/30 21:49:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e06bacc0-d6f8-11de-8a39-0800200c9a66}\chrome\win\browser\extensions
[2010/10/30 21:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\extensions\{e06bacc0-d6f8-11de-8a39-0800200c9a66}\chrome\win\mozapps\extensions
[2010/07/28 22:24:09 | 000,002,059 | ---- | M] () -- C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\w7xt50qv.default\searchplugins\daemon-search.xml
[2010/12/02 19:29:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/11/12 19:08:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/11/12 19:08:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/11/25 21:06:11 | 000,426,015 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14673 more lines...
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [K7TSStart] C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe (K7 Computing Pvt Ltd)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKCU..\Run: [CreativeTaskScheduler] C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysNative\K7WSLsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWow64\K7WSLsp.dll (K7 Computing Pvt Ltd)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d98af0e6-efb0-11df-a1da-002215b670a9}\Shell - "" = AutoRun
O33 - MountPoints2\{d98af0e6-efb0-11df-a1da-002215b670a9}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (K7TSDbg) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2010/12/02 21:02:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\James\OTL.exe
[2010/12/02 00:52:45 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\The walking dead
[2010/12/02 00:49:08 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Malwarebytes
[2010/12/02 00:49:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/12/02 00:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/02 00:48:59 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/12/02 00:48:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/12/02 00:42:18 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\New Folder
[2010/12/01 21:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/11/30 02:08:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUpMedia
[2010/11/30 02:08:23 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\TuneUpMedia
[2010/11/30 02:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUpMedia
[2010/11/30 01:21:13 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\MusicBrainz
[2010/11/30 01:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicBrainz Picard
[2010/11/30 01:12:33 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\tidysongs16
[2010/11/30 01:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/11/30 01:12:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TidySongs
[2010/11/30 01:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/11/30 01:12:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/11/30 01:11:52 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Adobe
[2010/11/29 01:03:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/11/26 19:07:22 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMCT232.OCX
[2010/11/26 19:07:13 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudFile.dll
[2010/11/26 19:07:13 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioInfos.dll
[2010/11/26 19:07:13 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioVisu.dll
[2010/11/26 19:07:13 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudPlayer.dll
[2010/11/26 19:07:13 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudioRecord.dll
[2010/11/26 19:07:13 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDisplay.dll
[2010/11/26 19:07:13 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\WMAFile.dll
[2010/11/26 19:07:12 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\AudDesign.dll
[2010/11/26 19:07:12 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTL32.OCX
[2010/11/26 19:07:12 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010/11/26 19:07:12 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2010/11/26 19:07:12 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6FR.DLL
[2010/11/26 19:07:12 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.OCX
[2010/11/26 19:07:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010/11/26 19:07:12 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscc2fr.dll
[2010/11/26 19:07:12 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CMDLGFR.DLL
[2010/11/26 19:07:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TABCTFR.DLL
[2010/11/26 19:07:12 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetfr.DLL
[2010/11/26 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\FreeAudioPack
[2010/11/25 22:12:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/11/25 22:10:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/11/25 21:30:10 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Program Cracks
[2010/11/25 21:29:26 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Samurai 7
[2010/11/25 21:23:37 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\IceChat
[2010/11/25 21:23:27 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2010/11/25 21:23:27 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswinsck.ocx
[2010/11/25 21:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IceChat7
[2010/11/25 20:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/11/25 20:54:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/11/25 15:37:10 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\IDM
[2010/11/24 23:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Internet Download Manager
[2010/11/23 15:22:35 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\EA KeyGen
[2010/11/23 14:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2010/11/23 14:01:16 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\BioWare
[2010/11/23 13:59:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010/11/23 13:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dragon Age
[2010/11/23 13:47:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010/11/23 01:17:18 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\Downloads
[2010/11/23 00:51:25 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Hardcore
[2010/11/23 00:51:19 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Juce VST Host
[2010/11/22 15:41:43 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2010/11/22 15:41:42 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\Image-Line
[2010/11/22 15:41:29 | 001,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\SysWow64\vorbis.acm
[2010/11/22 15:41:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2010/11/22 15:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2010/11/22 15:39:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2010/11/22 15:30:35 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\HuluDesktop
[2010/11/22 15:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7
[2010/11/22 15:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera 11.00 alpha
[2010/11/22 14:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/11/21 20:26:09 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Zune converter
[2010/11/21 20:25:03 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\Any Video Converter
[2010/11/21 20:24:42 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\AnvSoft
[2010/11/21 20:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnvSoft
[2010/11/19 23:59:29 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\AMD
[2010/11/19 23:58:44 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2010/11/19 23:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2010/11/19 22:42:50 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2010/11/19 22:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/19 22:35:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010/11/19 22:33:04 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Downloaded Installations
[2010/11/19 21:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/11/19 21:41:14 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Google
[2010/11/19 21:41:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/11/19 02:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Future Systems Solutions
[2010/11/19 02:30:49 | 000,000,000 | ---D | C] -- C:\Program Files\Future Systems Solutions
[2010/11/19 02:28:38 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Roaming\Future Systems Solutions
[2010/11/19 02:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2010/11/19 02:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2010/11/19 02:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2010/11/19 01:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EASEUS
[2010/11/19 01:06:57 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Game Iso
[2010/11/19 00:36:46 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Manga Archive
[2010/11/18 23:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrium
[2010/11/18 19:03:46 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\Criterion Games
[2010/11/18 19:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010/11/18 19:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2010/11/18 18:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010/11/17 22:41:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/11/17 20:09:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2010/11/17 20:09:52 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\EA Games
[2010/11/17 19:45:37 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010/11/17 19:45:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010/11/17 19:45:36 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010/11/17 19:45:36 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010/11/17 19:45:33 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010/11/17 19:45:33 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010/11/17 19:45:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010/11/17 19:45:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010/11/17 19:45:25 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010/11/17 19:45:25 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/11/17 19:45:21 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010/11/17 19:45:21 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010/11/17 19:45:16 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010/11/17 19:45:16 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010/11/17 19:45:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010/11/17 19:45:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010/11/17 19:45:08 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010/11/17 19:45:08 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010/11/17 19:45:05 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/11/17 19:45:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/11/17 19:45:01 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010/11/17 19:45:01 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/11/17 19:44:55 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010/11/17 19:44:55 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010/11/17 19:44:55 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010/11/17 19:44:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010/11/17 19:44:50 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010/11/17 19:44:50 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010/11/17 19:44:45 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010/11/17 19:44:45 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010/11/17 19:44:45 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010/11/17 19:44:45 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/11/17 19:44:40 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010/11/17 19:44:40 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010/11/17 19:44:35 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010/11/17 19:44:35 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010/11/17 19:44:28 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010/11/17 19:44:28 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010/11/17 19:44:28 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010/11/17 19:44:28 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010/11/17 19:44:21 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010/11/17 19:44:21 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010/11/17 19:43:07 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010/11/17 19:43:07 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010/11/17 19:43:07 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010/11/17 19:43:07 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010/11/17 19:42:59 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010/11/17 19:42:59 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010/11/17 19:42:48 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010/11/17 19:42:48 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010/11/17 19:42:38 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010/11/17 19:42:38 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010/11/17 19:42:38 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010/11/17 19:42:38 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010/11/17 19:42:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010/11/17 19:42:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010/11/17 19:42:21 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010/11/17 19:42:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010/11/17 19:42:21 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010/11/17 19:42:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010/11/17 19:42:13 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010/11/17 19:42:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010/11/17 19:42:03 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010/11/17 19:42:03 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010/11/17 19:42:03 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010/11/17 19:42:03 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010/11/17 19:41:55 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010/11/17 19:41:55 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010/11/17 19:41:48 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010/11/17 19:41:48 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010/11/17 19:41:39 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010/11/17 19:41:39 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010/11/17 19:41:39 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010/11/17 19:41:39 | 000,467,984 | ---- | C] (Microsoft Corporation) --
C:\Windows\SysWow64\d3dx10_38.dll
[2010/11/17 19:41:31 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010/11/17 19:41:31 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010/11/17 19:41:23 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010/11/17 19:41:23 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010/11/17 19:41:16 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010/11/17 19:41:16 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010/11/17 19:41:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010/11/17 19:41:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010/11/17 19:41:01 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010/11/17 19:41:01 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010/11/17 19:41:01 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010/11/17 19:41:01 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010/11/17 19:40:53 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010/11/17 19:40:53 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010/11/17 19:40:48 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010/11/17 19:40:48 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010/11/17 19:40:38 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010/11/17 19:40:38 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010/11/17 19:40:37 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010/11/17 19:40:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010/11/17 19:40:32 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010/11/17 19:40:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010/11/17 19:40:26 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010/11/17 19:40:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010/11/17 19:40:07 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010/11/17 19:40:07 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010/11/17 19:40:07 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010/11/17 19:40:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010/11/17 19:39:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010/11/17 19:39:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010/11/17 19:39:39 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010/11/17 19:39:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010/11/17 19:39:39 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010/11/17 19:39:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010/11/17 19:39:33 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010/11/17 19:39:33 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010/11/17 19:39:27 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010/11/17 19:39:27 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010/11/17 19:39:22 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010/11/17 19:39:22 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010/11/17 19:39:17 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010/11/17 19:39:17 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010/11/17 19:39:12 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/11/17 19:39:12 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/11/17 19:39:07 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010/11/17 19:39:07 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010/11/17 19:39:07 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010/11/17 19:39:07 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010/11/17 19:39:02 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010/11/17 19:39:02 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010/11/17 19:38:56 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010/11/17 19:38:56 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010/11/17 19:38:52 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010/11/17 19:38:52 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010/11/17 19:38:46 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010/11/17 19:38:46 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010/11/17 19:38:41 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010/11/17 19:38:41 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010/11/17 19:38:35 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010/11/17 19:38:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010/11/17 19:37:52 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010/11/17 19:37:52 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010/11/17 19:37:45 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010/11/17 19:37:45 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010/11/17 19:37:45 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010/11/17 19:37:45 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010/11/17 19:37:39 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010/11/17 19:37:39 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010/11/17 19:37:34 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010/11/17 19:37:34 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010/11/17 19:37:26 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010/11/17 19:37:26 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010/11/17 19:37:21 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010/11/17 19:37:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010/11/17 19:37:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010/11/17 19:37:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010/11/17 19:37:10 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010/11/17 19:37:10 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010/11/17 19:30:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2010/11/17 19:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2010/11/17 19:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/11/16 15:25:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010/11/16 14:38:38 | 000,000,000 | ---D | C] -- C:\Users\James\Documents\My Games
[2010/11/15 19:30:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2010/11/15 19:29:27 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010/11/15 19:29:27 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010/11/15 19:29:27 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010/11/15 19:29:27 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010/11/15 19:29:24 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010/11/15 19:29:24 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010/11/15 19:29:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010/11/15 19:29:22 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010/11/15 19:29:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010/11/15 19:29:22 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010/11/15 19:29:19 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010/11/15 19:29:19 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010/11/15 19:29:18 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010/11/15 19:29:18 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/11/15 19:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010/11/15 01:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElcomSoft
[2010/11/15 01:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010/11/12 19:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/11/12 19:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/11/12 19:08:35 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/11/12 19:08:35 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/12 19:08:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/12 19:08:35 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/12 19:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010/11/12 16:56:51 | 000,000,000 | ---D | C] -- C:\Fraps
[2010/11/12 16:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010/11/12 16:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010/11/12 16:35:40 | 000,000,000 | ---D | C] -- C:\Users\James\AppData\Local\Activision
[2010/11/12 16:23:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010/11/07 20:12:25 | 000,000,000 | ---D | C] -- C:\Users\James\Desktop\Anime
[2010/11/06 03:52:09 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/11/06 03:52:09 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/11/06 03:52:09 | 000,133,632 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/11/06 03:52:08 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/11/06 03:51:53 | 002,873,820 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2010/11/05 21:56:07 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2010/11/03 20:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
========== Files - Modified Within 30 Days ==========
[2010/12/02 21:02:41 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\James\OTL.exe
[2010/12/02 20:51:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/02 20:15:43 | 406,756,622 | ---- | M] () -- C:\Users\James\Desktop\1291249206_bangin_body_big.wmv
[2010/12/02 17:12:13 | 562,062,003 | ---- | M] () -- C:\Users\James\Desktop\18yo_alexiscapri-wmvFullHigh-1.wmv
[2010/12/02 16:51:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/02 16:46:06 | 242,857,695 | ---- | M] () -- C:\Users\James\Desktop\18yo_alexiscapri-wmvFullLow-1.wmv
[2010/12/02 16:43:59 | 091,939,868 | ---- | M] () -- C:\Users\James\Desktop\[Harth]_Ichiban_Ushiro_no_Daimaou_Special_06_[Blu-ray_720p_FLAC][E53E162F].mkv
[2010/12/02 16:33:51 | 323,411,929 | ---- | M] () -- C:\Users\James\Desktop\saf_bree_daniels03-sd169.wmv
[2010/12/02 16:18:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 16:18:22 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/02 16:13:13 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/02 16:08:40 | 335,292,600 | ---- | M] () -- C:\Users\James\Desktop\[Underwater] Shinryaku! Ika Musume - 01 [720p][D99B479D].mkv
[2010/12/02 00:49:04 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/02 00:43:03 | 000,001,399 | ---- | M] () -- C:\Users\James\Desktop\New Rich Text Document.rtf
[2010/12/01 20:47:59 | 243,777,342 | ---- | M] () -- C:\Users\James\Desktop\[ACX]Samurai_7_-_15_-_The_Gun_and_The_Clam_[[Saiyan]BrollY]_[B63A58F5].mkv
[2010/11/30 17:06:25 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI
[2010/11/30 13:53:10 | 000,098,501 | ---- | M] () -- C:\Users\James\Desktop\qteiden_shoujo_ch1.33.jpg
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/28 14:28:27 | 000,503,029 | ---- | M] () -- C:\Users\James\Desktop\Zennou_no_Noa_v2_ch11_p186-187.jpg
[2010/11/27 17:30:08 | 000,101,291 | ---- | M] () -- C:\Users\James\Desktop\tkoi_wo_suru_no_ga_shigoto_desu_ch11_eng.11_12.jpg
[2010/11/26 23:36:04 | 095,809,345 | ---- | M] () -- C:\Users\James\Desktop\_5BKira-Fansub_5D_20Hyakka_20Ryouran_20Samurai_20Girls_20The_20Picture_20Scroll_20Edition_2001v0_20_28BD_201920x1080_20h264_20AAC_29_20_20_5B62DC513E_5D.mkv
[2010/11/26 00:29:42 | 574,137,745 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/11/25 22:07:25 | 000,000,632 | RHS- | M] () -- C:\Users\James\ntuser.pol
[2010/11/25 21:23:28 | 000,000,967 | ---- | M] () -- C:\Users\James\Desktop\IceChat.lnk
[2010/11/25 21:06:11 | 000,426,015 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/11/25 20:02:28 | 1029,424,232 | ---- | M] () -- C:\Users\James\Desktop\Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON3.asx
[2010/11/25 20:01:27 | 1045,638,888 | ---- | M] () -- C:\Users\James\Desktop\1290734291_Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON2.asx
[2010/11/25 18:28:08 | 1043,681,144 | ---- | M] () -- C:\Users\James\Desktop\Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON1.asx
[2010/11/25 15:50:06 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/25 15:50:06 | 000,632,708 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/25 15:50:06 | 000,110,342 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/24 00:53:27 | 2750,701,856 | ---- | M] () -- C:\Users\James\Desktop\cm-prestige.mkv
[2010/11/23 21:03:09 | 697,462,783 | ---- | M] () -- C:\Users\James\Desktop\rld-tww2.iso
[2010/11/23 14:01:29 | 000,000,592 | ---- | M] () -- C:\Users\James\Desktop\Dragon Age Origins - Shortcut.lnk
[2010/11/22 15:25:03 | 000,002,115 | ---- | M] () -- C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 7.lnk
[2010/11/22 15:25:03 | 000,002,091 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 7.lnk
[2010/11/20 22:15:24 | 000,062,108 | ---- | M] () -- C:\Users\James\Desktop\029.png
[2010/11/20 01:37:06 | 732,434,432 | ---- | M] () -- C:\Users\James\Desktop\smokey-armadilloa.asx
[2010/11/20 01:35:57 | 731,392,000 | ---- | M] () -- C:\Users\James\Desktop\smokey-armadillob.asx
[2010/11/19 23:59:02 | 000,002,133 | ---- | M] () -- C:\Users\Public\Desktop\AMD Fusion.lnk
[2010/11/19 21:44:11 | 000,002,199 | ---- | M] () -- C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/19 02:04:08 | 000,000,061 | ---- | M] () -- C:\Windows\WININIT.INI
[2010/11/18 19:03:36 | 000,000,754 | ---- | M] () -- C:\Users\James\Desktop\Need for Speed(TM) Hot Pursuit - Shortcut.lnk
[2010/11/18 00:37:49 | 000,272,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/11/17 23:19:34 | 000,001,867 | ---- | M] () -- C:\Users\James\Desktop\Crysis - Shortcut.lnk
[2010/11/17 22:23:17 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/11/17 22:23:10 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/11/17 20:46:26 | 000,000,724 | ---- | M] () -- C:\Users\James\Desktop\Medal of Honor - Shortcut.lnk
[2010/11/15 19:31:38 | 000,743,126 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/15 19:29:34 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/15 02:30:47 | 2727,428,732 | ---- | M] () -- C:\Users\James\Desktop\salt.directors.cut.2010.720p.bluray.dts.x264-xxx.mkv
[2010/11/14 18:43:57 | 000,000,000 | -H-- | M] () -- C:\Users\James\Documents\Default.rdp
[2010/11/12 19:08:26 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/11/12 19:08:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/11/12 19:08:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/11/12 19:08:25 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/11/12 16:56:54 | 000,000,562 | ---- | M] () -- C:\Users\James\Desktop\Fraps.lnk
[2010/11/12 16:46:04 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/11/12 16:33:00 | 000,002,210 | ---- | M] () -- C:\Users\James\Desktop\Call of Duty - Black Ops Call MP.lnk
[2010/11/12 16:33:00 | 000,002,196 | ---- | M] () -- C:\Users\James\Desktop\Call of Duty - Black Ops.lnk
[2010/11/11 01:01:44 | 000,001,428 | ---- | M] () -- C:\Users\James\Desktop\OURMEDIASERVER - Shortcut.lnk
[2010/11/07 21:35:40 | 000,002,085 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100 Smart Wizard.lnk
[2010/11/06 03:52:09 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010/11/06 03:52:09 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010/11/06 03:52:09 | 000,133,632 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010/11/06 03:52:09 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010/11/06 02:02:44 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010/11/03 17:52:13 | 000,000,029 | ---- | M] () -- C:\Windows\sfbm.INI
========== Files Created - No Company Name ==========
[2010/12/02 20:11:48 | 406,756,622 | ---- | C] () -- C:\Users\James\Desktop\1291249206_bangin_body_big.wmv
[2010/12/02 17:07:13 | 562,062,003 | ---- | C] () -- C:\Users\James\Desktop\18yo_alexiscapri-wmvFullHigh-1.wmv
[2010/12/02 16:39:56 | 242,857,695 | ---- | C] () -- C:\Users\James\Desktop\18yo_alexiscapri-wmvFullLow-1.wmv
[2010/12/02 16:35:08 | 091,939,868 | ---- | C] () -- C:\Users\James\Desktop\[Harth]_Ichiban_Ushiro_no_Daimaou_Special_06_[Blu-ray_720p_FLAC][E53E162F].mkv
[2010/12/02 16:25:50 | 323,411,929 | ---- | C] () -- C:\Users\James\Desktop\saf_bree_daniels03-sd169.wmv
[2010/12/02 15:35:28 | 335,292,600 | ---- | C] () -- C:\Users\James\Desktop\[Underwater] Shinryaku! Ika Musume - 01 [720p][D99B479D].mkv
[2010/12/02 00:49:04 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/02 00:42:55 | 000,001,399 | ---- | C] () -- C:\Users\James\Desktop\New Rich Text Document.rtf
[2010/12/01 20:31:31 | 243,777,342 | ---- | C] () -- C:\Users\James\Desktop\[ACX]Samurai_7_-_15_-_The_Gun_and_The_Clam_[[Saiyan]BrollY]_[B63A58F5].mkv
[2010/11/30 17:06:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/11/30 13:53:10 | 000,098,501 | ---- | C] () -- C:\Users\James\Desktop\qteiden_shoujo_ch1.33.jpg
[2010/11/28 13:24:57 | 000,503,029 | ---- | C] () -- C:\Users\James\Desktop\Zennou_no_Noa_v2_ch11_p186-187.jpg
[2010/11/27 17:30:08 | 000,101,291 | ---- | C] () -- C:\Users\James\Desktop\tkoi_wo_suru_no_ga_shigoto_desu_ch11_eng.11_12.jpg
[2010/11/26 23:34:59 | 095,809,345 | ---- | C] () -- C:\Users\James\Desktop\_5BKira-Fansub_5D_20Hyakka_20Ryouran_20Samurai_20Girls_20The_20Picture_20Scroll_20Edition_2001v0_20_28BD_201920x1080_20h264_20AAC_29_20_20_5B62DC513E_5D.mkv
[2010/11/26 19:07:13 | 000,116,296 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2010/11/26 00:29:42 | 574,137,745 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/11/25 22:07:25 | 000,000,632 | RHS- | C] () -- C:\Users\James\ntuser.pol
[2010/11/25 21:23:28 | 000,000,967 | ---- | C] () -- C:\Users\James\Desktop\IceChat.lnk
[2010/11/25 19:35:38 | 1029,424,232 | ---- | C] () -- C:\Users\James\Desktop\Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON3.asx
[2010/11/25 19:35:35 | 1045,638,888 | ---- | C] () -- C:\Users\James\Desktop\1290734291_Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON2.asx
[2010/11/25 18:15:30 | 1043,681,144 | ---- | C] () -- C:\Users\James\Desktop\Scott.Pilgrim.Vs.The.World.2010.720p.BRRip.XviD.AC3-ViSiON1.asx
[2010/11/23 23:34:34 | 2750,701,856 | ---- | C] () -- C:\Users\James\Desktop\cm-prestige.mkv
[2010/11/23 19:58:51 | 697,462,783 | ---- | C] () -- C:\Users\James\Desktop\rld-tww2.iso
[2010/11/23 14:01:29 | 000,000,592 | ---- | C] () -- C:\Users\James\Desktop\Dragon Age Origins - Shortcut.lnk
[2010/11/22 15:25:03 | 000,002,115 | ---- | C] () -- C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 7.lnk
[2010/11/22 15:25:03 | 000,002,091 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 7.lnk
[2010/11/20 22:15:24 | 000,062,108 | ---- | C] () -- C:\Users\James\Desktop\029.png
[2010/11/20 01:22:28 | 732,434,432 | ---- | C] () -- C:\Users\James\Desktop\smokey-armadilloa.asx
[2010/11/20 01:21:56 | 731,392,000 | ---- | C] () -- C:\Users\James\Desktop\smokey-armadillob.asx
[2010/11/19 23:59:02 | 000,002,133 | ---- | C] () -- C:\Users\Public\Desktop\AMD Fusion.lnk
[2010/11/19 21:44:11 | 000,002,199 | ---- | C] () -- C:\Users\James\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/11/19 21:41:25 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/19 21:41:24 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/19 02:04:08 | 000,000,061 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/11/18 19:03:36 | 000,000,754 | ---- | C] () -- C:\Users\James\Desktop\Need for Speed(TM) Hot Pursuit - Shortcut.lnk
[2010/11/17 23:19:34 | 000,001,867 | ---- | C] () -- C:\Users\James\Desktop\Crysis - Shortcut.lnk
[2010/11/17 20:46:26 | 000,000,724 | ---- | C] () -- C:\Users\James\Desktop\Medal of Honor - Shortcut.lnk
[2010/11/15 19:31:35 | 000,743,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/15 19:29:37 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/11/15 19:29:34 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/11/15 19:29:34 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/15 00:34:18 | 2727,428,732 | ---- | C] () -- C:\Users\James\Desktop\salt.directors.cut.2010.720p.bluray.dts.x264-xxx.mkv
[2010/11/14 18:43:57 | 000,000,000 | -H-- | C] () -- C:\Users\James\Documents\Default.rdp
[2010/11/12 23:52:21 | 000,001,428 | ---- | C] () -- C:\Users\James\Desktop\OURMEDIASERVER - Shortcut.lnk
[2010/11/12 16:56:54 | 000,000,562 | ---- | C] () -- C:\Users\James\Desktop\Fraps.lnk
[2010/11/12 16:41:34 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010/11/12 16:33:00 | 000,002,210 | ---- | C] () -- C:\Users\James\Desktop\Call of Duty - Black Ops Call MP.lnk
[2010/11/12 16:33:00 | 000,002,196 | ---- | C] () -- C:\Users\James\Desktop\Call of Duty - Black Ops.lnk
[2010/11/07 21:35:40 | 000,002,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100 Smart Wizard.lnk
[2010/11/03 20:19:07 | 004,174,814 | ---- | C] () -- C:\Windows\SysWow64\CT4MGM.SF2
[2010/11/03 20:19:07 | 004,174,814 | ---- | C] () -- C:\Windows\SysNative\CT4MGM.SF2
[2010/11/03 20:19:07 | 002,167,684 | ---- | C] () -- C:\Windows\SysWow64\CT2MGM.SF2
[2010/11/03 20:19:07 | 002,167,684 | ---- | C] () -- C:\Windows\SysNative\CT2MGM.SF2
[2010/11/03 17:52:13 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2010/10/30 23:58:04 | 000,003,584 | ---- | C] () -- C:\Users\James\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/30 22:19:31 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/10/30 22:19:31 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/07/13 17:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 15:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/11/13 13:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007/12/04 12:20:30 | 000,001,489 | ---- | C] () -- C:\Windows\P17EP51.ini
[2007/06/07 12:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2005/09/15 22:10:22 | 000,160,768 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/07/13 19:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010/10/30 19:04:11 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2010/12/02 16:13:13 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2006/12/02 01:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/12/02 16:13:13 | 4294,033,408 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2010/10/30 18:40:13 | 000,000,020 | RHS- | M] () -- C:\win7.ld
[2010/10/30 18:40:13 | 000,243,447 | RHS- | M] () -- C:\YLDZF
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\drivers\*.sys /90 >
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
< End of report >
Please tell me how it didn't work and what did you do to make it download.Also didn't think anything of it last time but upon downloading OTL this time I noticed I had my computer refused to download OTL. Tried many things to work around it and eventually did.
Re-run TDSSKiller. Post back its log.
Does redirecting occur with all your browsers? Please test if you haven't yet.
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Idm would reject it saying something about not being able to contact the server. After several tries it downloaded but Idm said it could not assemble the parts due to...not having permission I think it was. I then tried to download through a browser I don't have Idm integrated into. Download immediately had an error every time I tried. I clicked restart and on the second time it downloaded.
And redirecting happens in Firefox, Opera, IE explorer (64bit), not sure of Chrome as it crashes too often to use. And the problem is still present but no where near as bad as it was at first, not sure what caused it to ease up? But it happened before I asked for help on this forum.
2010/12/03 15:56:12.0781 TDSS rootkit removing tool 2.4.10.0 Nov 28 2010 18:35:56
2010/12/03 15:56:12.0781 ================================================================================
2010/12/03 15:56:12.0781 SystemInfo:
2010/12/03 15:56:12.0781
2010/12/03 15:56:12.0781 OS Version: 6.1.7600 ServicePack: 0.0
2010/12/03 15:56:12.0781 Product type: Workstation
2010/12/03 15:56:12.0782 ComputerName: JAMES-PC
2010/12/03 15:56:12.0783 UserName: James
2010/12/03 15:56:12.0783 Windows directory: C:\Windows
2010/12/03 15:56:12.0783 System windows directory: C:\Windows
2010/12/03 15:56:12.0783 Running under WOW64
2010/12/03 15:56:12.0783 Processor architecture: Intel x64
2010/12/03 15:56:12.0783 Number of processors: 3
2010/12/03 15:56:12.0783 Page size: 0x1000
2010/12/03 15:56:12.0783 Boot type: Normal boot
2010/12/03 15:56:12.0783 ================================================================================
2010/12/03 15:56:12.0783 Utility is running under WOW64
2010/12/03 15:56:19.0386 Initialize success
2010/12/03 15:56:25.0435 ================================================================================
2010/12/03 15:56:25.0436 Scan started
2010/12/03 15:56:25.0436 Mode: Manual;
2010/12/03 15:56:25.0436 ================================================================================
2010/12/03 15:56:26.0267 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/12/03 15:56:26.0300 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/12/03 15:56:26.0324 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/12/03 15:56:26.0363 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/12/03 15:56:26.0393 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/12/03 15:56:26.0423 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/12/03 15:56:26.0493 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/12/03 15:56:26.0523 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/12/03 15:56:26.0560 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/12/03 15:56:26.0607 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/12/03 15:56:26.0643 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
2010/12/03 15:56:26.0688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/12/03 15:56:26.0874 amdkmdag (522a8bd1414cc7517faec907f138db9c) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/12/03 15:56:27.0089 amdkmdap (f712c26d40bf3cd2c020bb518e8150b1) C:\Windows\system32\DRIVERS\atikmpag.sys
2010/12/03 15:56:27.0128 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/12/03 15:56:27.0162 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/12/03 15:56:27.0195 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/12/03 15:56:27.0224 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/12/03 15:56:27.0261 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/12/03 15:56:27.0317 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/12/03 15:56:27.0334 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/12/03 15:56:27.0383 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/12/03 15:56:27.0408 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/12/03 15:56:27.0449 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
2010/12/03 15:56:27.0639 atikmdag (522a8bd1414cc7517faec907f138db9c) C:\Windows\system32\DRIVERS\atikmdag.sys
2010/12/03 15:56:27.0735 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/12/03 15:56:27.0767 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/12/03 15:56:27.0812 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/12/03 15:56:27.0856 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/12/03 15:56:27.0892 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/12/03 15:56:27.0923 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/12/03 15:56:27.0952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/12/03 15:56:27.0986 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/12/03 15:56:28.0015 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/12/03 15:56:28.0041 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/12/03 15:56:28.0065 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/12/03 15:56:28.0089 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/12/03 15:56:28.0125 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/12/03 15:56:28.0149 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/12/03 15:56:28.0189 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/12/03 15:56:28.0220 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/12/03 15:56:28.0277 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/12/03 15:56:28.0304 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/12/03 15:56:28.0332 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/12/03 15:56:28.0369 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/12/03 15:56:28.0393 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/12/03 15:56:28.0433 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/12/03 15:56:28.0477 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2010/12/03 15:56:28.0559 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/12/03 15:56:28.0581 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/12/03 15:56:28.0606 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/12/03 15:56:28.0658 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/12/03 15:56:28.0701 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/12/03 15:56:28.0742 E1G60 (edc6e9c057c9d7f83eea22b4cef5dcad) C:\Windows\system32\DRIVERS\E1G6032E.sys
2010/12/03 15:56:28.0829 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/12/03 15:56:28.0967 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
2010/12/03 15:56:29.0001 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/12/03 15:56:29.0034 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/12/03 15:56:29.0083 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/12/03 15:56:29.0112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/12/03 15:56:29.0138 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/12/03 15:56:29.0178 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/12/03 15:56:29.0188 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/12/03 15:56:29.0207 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/12/03 15:56:29.0249 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/12/03 15:56:29.0284 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/12/03 15:56:29.0302 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/12/03 15:56:29.0352 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/12/03 15:56:29.0383 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/12/03 15:56:29.0424 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/12/03 15:56:29.0465 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/12/03 15:56:29.0509 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2010/12/03 15:56:29.0530 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/12/03 15:56:29.0555 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/12/03 15:56:29.0584 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/12/03 15:56:29.0611 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/12/03 15:56:29.0645 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/12/03 15:56:29.0695 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/12/03 15:56:29.0726 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/12/03 15:56:29.0759 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/12/03 15:56:29.0784 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/12/03 15:56:29.0814 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/12/03 15:56:29.0857 IDMWFP (39842dd1fac3d00546078782a1a742a9) C:\Windows\system32\DRIVERS\idmwfp.sys
2010/12/03 15:56:29.0888 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/12/03 15:56:29.0920 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/12/03 15:56:29.0949 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/12/03 15:56:29.0992 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/12/03 15:56:30.0019 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/12/03 15:56:30.0045 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/12/03 15:56:30.0081 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/12/03 15:56:30.0096 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/12/03 15:56:30.0127 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/12/03 15:56:30.0191 JSWPSLWF (5be640e88814b77a9e84b4549b5dcc2c) C:\Windows\system32\DRIVERS\jswpslwfx.sys
2010/12/03 15:56:30.0235 K7FWHlpr (8df52e06e816455290735deea01e5352) C:\Windows\system32\drivers\K7FWHlpr.sys
2010/12/03 15:56:30.0288 K7Sentry (af821513e34fc133c9b0b9b8970e6de9) C:\Windows\system32\drivers\K7Sentry.sys
2010/12/03 15:56:30.0323 K7TdiHlp (8a1e49b2b59ec6344c99674e07c12898) C:\Windows\system32\drivers\K7TdiHlp.sys
2010/12/03 15:56:30.0348 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/12/03 15:56:30.0367 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/12/03 15:56:30.0395 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/12/03 15:56:30.0443 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/12/03 15:56:30.0462 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/12/03 15:56:30.0514 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/12/03 15:56:30.0557 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/12/03 15:56:30.0582 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/12/03 15:56:30.0607 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/12/03 15:56:30.0626 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/12/03 15:56:30.0647 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/12/03 15:56:30.0683 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/12/03 15:56:30.0713 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/12/03 15:56:30.0736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/12/03 15:56:30.0778 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/12/03 15:56:30.0795 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/12/03 15:56:30.0817 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/12/03 15:56:30.0838 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/12/03 15:56:30.0866 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/12/03 15:56:30.0883 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/12/03 15:56:30.0933 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/12/03 15:56:30.0972 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/12/03 15:56:31.0001 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/12/03 15:56:31.0050 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/12/03 15:56:31.0072 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2010/12/03 15:56:31.0101 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/12/03 15:56:31.0141 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/12/03 15:56:31.0166 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/12/03 15:56:31.0189 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/12/03 15:56:31.0232 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/12/03 15:56:31.0253 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/12/03 15:56:31.0268 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/12/03 15:56:31.0300 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/12/03 15:56:31.0332 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/12/03 15:56:31.0356 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/12/03 15:56:31.0376 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/12/03 15:56:31.0415 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
2010/12/03 15:56:31.0440 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/12/03 15:56:31.0470 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/12/03 15:56:31.0511 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/12/03 15:56:31.0543 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/12/03 15:56:31.0568 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/12/03 15:56:31.0592 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/12/03 15:56:31.0613 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/12/03 15:56:31.0631 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/12/03 15:56:31.0657 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/12/03 15:56:31.0675 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/12/03 15:56:31.0725 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/12/03 15:56:31.0747 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/12/03 15:56:31.0773 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/12/03 15:56:31.0828 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/12/03 15:56:31.0875 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/12/03 15:56:31.0901 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/12/03 15:56:31.0927 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/12/03 15:56:31.0951 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/12/03 15:56:31.0980 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/12/03 15:56:32.0030 P17 (edd1dcd36f6115acc6935c3f88ff54d7) C:\Windows\system32\drivers\P17.sys
2010/12/03 15:56:32.0105 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/12/03 15:56:32.0130 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/12/03 15:56:32.0175 PCAMp50a64 (304e6ac43613a9c43896c4300009442b) C:\Windows\system32\Drivers\PCAMp50a64.sys
2010/12/03 15:56:32.0213 PCASp50a64 (18b6869e23937175144e6f1d3cb85fc2) C:\Windows\system32\Drivers\PCASp50a64.sys
2010/12/03 15:56:32.0246 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/12/03 15:56:32.0272 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2010/12/03 15:56:32.0294 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/12/03 15:56:32.0322 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/12/03 15:56:32.0346 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/12/03 15:56:32.0483 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/12/03 15:56:32.0511 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/12/03 15:56:32.0542 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/12/03 15:56:32.0597 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/12/03 15:56:32.0653 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/12/03 15:56:32.0676 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/12/03 15:56:32.0703 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/12/03 15:56:32.0726 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/12/03 15:56:32.0751 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/12/03 15:56:32.0780 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/12/03 15:56:32.0800 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/12/03 15:56:32.0832 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/12/03 15:56:32.0851 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/12/03 15:56:32.0873 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/12/03 15:56:32.0903 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2010/12/03 15:56:32.0928 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/12/03 15:56:32.0953 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/12/03 15:56:32.0992 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/12/03 15:56:33.0022 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/12/03 15:56:33.0071 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/12/03 15:56:33.0120 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys
2010/12/03 15:56:33.0143 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2010/12/03 15:56:33.0178 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/12/03 15:56:33.0227 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/12/03 15:56:33.0265 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/12/03 15:56:33.0304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/12/03 15:56:33.0327 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/12/03 15:56:33.0356 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/12/03 15:56:33.0409 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/12/03 15:56:33.0434 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/12/03 15:56:33.0450 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/12/03 15:56:33.0483 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/12/03 15:56:33.0515 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/12/03 15:56:33.0541 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/12/03 15:56:33.0571 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/12/03 15:56:33.0608 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/12/03 15:56:33.0681 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2010/12/03 15:56:33.0731 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2010/12/03 15:56:33.0779 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/12/03 15:56:33.0827 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/12/03 15:56:33.0862 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2010/12/03 15:56:33.0886 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2010/12/03 15:56:33.0914 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/12/03 15:56:34.0016 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/12/03 15:56:34.0092 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/12/03 15:56:34.0126 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/12/03 15:56:34.0159 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/12/03 15:56:34.0188 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/12/03 15:56:34.0204 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/12/03 15:56:34.0223 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/12/03 15:56:34.0278 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/12/03 15:56:34.0310 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/12/03 15:56:34.0330 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/12/03 15:56:34.0358 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2010/12/03 15:56:34.0403 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/12/03 15:56:34.0429 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/12/03 15:56:34.0452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/12/03 15:56:34.0491 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/12/03 15:56:34.0518 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/12/03 15:56:34.0539 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2010/12/03 15:56:34.0564 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2010/12/03 15:56:34.0583 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/12/03 15:56:34.0606 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/12/03 15:56:34.0646 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/12/03 15:56:34.0666 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/12/03 15:56:34.0704 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
2010/12/03 15:56:34.0724 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/12/03 15:56:34.0756 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/12/03 15:56:34.0782 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/12/03 15:56:34.0810 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/12/03 15:56:34.0834 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/12/03 15:56:34.0860 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2010/12/03 15:56:34.0879 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2010/12/03 15:56:34.0919 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/12/03 15:56:34.0948 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/12/03 15:56:34.0982 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/12/03 15:56:35.0013 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/12/03 15:56:35.0037 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2010/12/03 15:56:35.0068 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/12/03 15:56:35.0107 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/12/03 15:56:35.0132 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/12/03 15:56:35.0155 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/12/03 15:56:35.0212 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/12/03 15:56:35.0247 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/12/03 15:56:35.0309 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/12/03 15:56:35.0331 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/12/03 15:56:35.0425 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys
2010/12/03 15:56:35.0463 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/12/03 15:56:35.0535 WNDA3100 (b972c12de88299e78f6656a31046dd99) C:\Windows\system32\DRIVERS\WNDA31w7x.sys
2010/12/03 15:56:35.0570 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/12/03 15:56:35.0614 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2010/12/03 15:56:35.0659 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/12/03 15:56:35.0763 ================================================================================
2010/12/03 15:56:35.0763 Scan finished
2010/12/03 15:56:35.0763 ================================================================================
Hi,
I still think router may have hacked DNS server settings on it. Do you have other systems connected on same router? If you do please check if those have redirect issues present.
Please run Notepad (start > All Programs > Accessories > Notepad) and copy and paste the text in the quote box into a new file:
@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
ping -n 2 google.com
route print
)
start Log1.txt
del %0
- Go to the File menu at the top of the Notepad and select Save as.
- Select save in: desktop
- Fill in File name: test.bat
- Save as type: All file types (*.*)
- Click save.
- Close the Notepad.
- Locate and double-click test.bat on the desktop.
- A notepad opens, copy and paste the content it (log1.txt) to your reply.
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
Aye, about 10 other systems on the router. No others have this kind, or any, issue.
Windows IP Configuration
Host Name . . . . . . . . . . . . : James-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RangeMax Dual Band Wireless-N USB Adapter
Physical Address. . . . . . . . . : 00-1E-2A-E2-75-64
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d856:7e39:626b:5849%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251665962
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5E-6B-D0-00-22-15-B6-70-A9
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-22-15-B6-70-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{9C7BA129-759D-4D26-9566-F7615C7808E6}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Local Area Connection* 9:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:30ef:123f:b94d:9d6b(Preferred)
Link-local IPv6 Address . . . . . : fe80::30ef:123f:b94d:9d6b%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{2F55EC3C-F161-46B8-BFD0-4ECC7F941DC6}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns1.cox.net
Address: 68.105.28.11
Name: google.com
Addresses: 74.125.227.16
74.125.227.17
74.125.227.18
74.125.227.19
74.125.227.20
Pinging google.com [74.125.227.52] with 32 bytes of data:
Reply from 74.125.227.52: bytes=32 time=44ms TTL=57
Reply from 74.125.227.52: bytes=32 time=35ms TTL=57
Ping statistics for 74.125.227.52:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 35ms, Maximum = 44ms, Average = 39ms
===========================================================================
Interface List
13...00 1e 2a e2 75 64 ......RangeMax Dual Band Wireless-N USB Adapter
12...00 22 15 b6 70 a9 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.15 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.15 281
192.168.1.15 255.255.255.255 On-link 192.168.1.15 281
192.168.1.255 255.255.255.255 On-link 192.168.1.15 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.15 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.15 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:4137:9e76:30ef:123f:b94d:9d6b/128
On-link
13 281 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::30ef:123f:b94d:9d6b/128
On-link
13 281 fe80::d856:7e39:626b:5849/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Hi,
If possible, please unplug wlan adapter and plug ethernet cable in. Does it still redirect with all those browsers when surfing with wired cable connection?
Try IE by clicking:
Start / all programs / accessories / system tools / internet explorer [no add-ons]
Try Firefox by clicking:
Start / all programs / mozilla firefox / mozilla firefox (safe mode)
Does it redirect IE or Firefox in those modes?
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.
I haven't had this problem for a couple of days now so I'm guessing it got solved by one of these steps and I didn't notice.
Good. In that case we can move to the final steps.
THESE STEPS ARE VERY IMPORTANT
Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.
A To disable the System Restore feature:
1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Select c: drive and click Configure...
7. Select Turn off protection
8. Press OK.
Repeat steps 6-8 for each hard drive.
B. Reboot.
C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 7. select Restore system settings and previous versions of files -option.
- Double-click OTL.exe.
- Click the CleanUp! button.
- Select Yes when the
Begin cleanup Process?
prompt appears.- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes, if not delete it by yourself.
Note: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.
UPDATING WINDOWS AND INTERNET EXPLORER
IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.
If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.
Make your Internet Explorer more secure
This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Download and run Secunia Personal Software Inspector (PSI) and fix its findings.
Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
Once again, please post and tell me how things are going with your system... problems etc.
Have a great day,
Blade
Microsoft Windows Insider MVP 2016-2020
Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
If you have problems create a thread in the forum, please.
Malware removal instructions are for the correspondent user's case only.