[Closed] Windows Explorer has stopped working

By BlazinGhost
Jul 16, 2012
Topic Status:
Not open for further replies.
  1. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    [2012/07/16 19:26:24 | 000,002,087 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate-small-disable.png
    [2012/07/16 19:26:24 | 000,001,939 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate-small-selected.png
    [2012/07/16 19:26:24 | 000,003,215 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate.png
    [2012/07/16 19:26:24 | 000,002,265 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs-small-disable.png
    [2012/07/16 19:26:24 | 000,002,263 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs-small-selected.png
    [2012/07/16 19:26:24 | 000,005,828 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs.png
    [2012/07/16 19:26:24 | 000,002,303 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling-small-disable.png
    [2012/07/16 19:26:24 | 000,002,155 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling-small-selected.png
    [2012/07/16 19:26:24 | 000,004,773 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling.png
    [2012/07/16 19:26:24 | 000,003,829 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-1.png
    [2012/07/16 19:26:24 | 000,003,549 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-2.png
    [2012/07/16 19:26:24 | 000,003,075 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-3.png
    [2012/07/16 19:26:24 | 000,001,593 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-hover.png
    [2012/07/16 19:26:24 | 000,002,977 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-selected.png
    [2012/07/16 19:26:24 | 000,001,590 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green.png
    [2012/07/16 19:26:24 | 000,001,416 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green1-16.png
    [2012/07/16 19:26:24 | 000,001,408 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green1-small.png
    [2012/07/16 19:26:24 | 000,001,430 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green2-16.png
    [2012/07/16 19:26:24 | 000,001,426 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green2-small.png
    [2012/07/16 19:26:24 | 000,001,406 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-16.png
    [2012/07/16 19:26:34 | 000,000,722 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-24.png
    [2012/07/16 19:26:24 | 000,001,396 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-small.png
    [2012/07/16 19:26:24 | 000,003,955 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-0.png
    [2012/07/16 19:26:24 | 000,003,110 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-3.png
    [2012/07/16 19:26:24 | 000,001,433 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-small.png
    [2012/07/16 19:26:24 | 000,001,441 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey0-16.png
    [2012/07/16 19:26:24 | 000,001,451 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey3-16.png
    [2012/07/16 19:26:24 | 000,002,318 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal-small-disable.png
    [2012/07/16 19:26:24 | 000,002,320 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal-small-selected.png
    [2012/07/16 19:26:24 | 000,006,501 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal.png
    [2012/07/16 19:26:24 | 000,002,139 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it-small-disable.png
    [2012/07/16 19:26:24 | 000,001,957 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it-small-selected.png
    [2012/07/16 19:26:24 | 000,003,884 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it.png
    [2012/07/16 19:26:24 | 000,001,300 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet-hover.png
    [2012/07/16 19:26:24 | 000,002,791 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet-selected.png
    [2012/07/16 19:26:24 | 000,001,298 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet.png
    [2012/07/16 19:26:24 | 000,001,810 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\line-dark-horizontal.png
    [2012/07/16 19:26:24 | 000,001,787 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\line-light-horizontal.png
    [2012/07/16 19:26:24 | 000,003,601 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo128.jpg
    [2012/07/16 19:26:24 | 000,008,456 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo256.jpg
    [2012/07/16 19:26:24 | 000,001,391 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo48.jpg
    [2012/07/16 19:26:24 | 000,001,769 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo64.jpg
    [2012/07/16 19:26:24 | 000,002,057 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news-small-disable.png
    [2012/07/16 19:26:25 | 000,001,961 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news-small-selected.png
    [2012/07/16 19:26:25 | 000,003,762 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news.png
    [2012/07/16 19:26:25 | 000,001,303 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange-hover.png
    [2012/07/16 19:26:25 | 000,002,788 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange-selected.png
    [2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange.png
    [2012/07/16 19:26:25 | 000,001,389 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange1-16.png
    [2012/07/16 19:26:25 | 000,001,406 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange2-16.png
    [2012/07/16 19:26:25 | 000,001,363 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange3-16.png
    [2012/07/16 19:26:25 | 000,002,124 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography-small-disable.png
    [2012/07/16 19:26:25 | 000,001,984 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography-small-selected.png
    [2012/07/16 19:26:25 | 000,004,104 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography.png
    [2012/07/16 19:26:25 | 000,003,741 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-1.png
    [2012/07/16 19:26:25 | 000,003,479 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-2.png
    [2012/07/16 19:26:25 | 000,002,716 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-3.png
    [2012/07/16 19:26:25 | 000,001,549 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-hover.png
    [2012/07/16 19:26:25 | 000,002,939 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-selected.png
    [2012/07/16 19:26:25 | 000,001,552 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red.png
    [2012/07/16 19:26:25 | 000,001,376 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red1-16.png
    [2012/07/16 19:26:25 | 000,001,367 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red1-small.png
    [2012/07/16 19:26:25 | 000,001,386 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red2-16.png
    [2012/07/16 19:26:25 | 000,001,377 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red2-small.png
    [2012/07/16 19:26:25 | 000,001,361 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red3-16.png
    [2012/07/16 19:26:25 | 000,001,352 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red3-small.png
    [2012/07/16 19:26:25 | 000,002,122 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping-small-disable.png
    [2012/07/16 19:26:25 | 000,002,075 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping-small-selected.png
    [2012/07/16 19:26:25 | 000,005,208 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping.png
    [2012/07/16 19:26:25 | 000,002,235 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social-small-disable.png
    [2012/07/16 19:26:25 | 000,002,147 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social-small-selected.png
    [2012/07/16 19:26:25 | 000,005,147 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social.png
    [2012/07/16 19:26:25 | 000,002,245 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence-small-disable.png
    [2012/07/16 19:26:25 | 000,002,109 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence-small-selected.png
    [2012/07/16 19:26:25 | 000,004,866 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence.png
    [2012/07/16 19:26:25 | 000,002,245 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons-small-disable.png
    [2012/07/16 19:26:25 | 000,002,109 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons-small-selected.png
    [2012/07/16 19:26:25 | 000,006,701 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons.png
    [2012/07/16 19:26:25 | 000,003,818 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-1.png
    [2012/07/16 19:26:25 | 000,003,525 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-2.png
    [2012/07/16 19:26:25 | 000,002,697 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-3.png
    [2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-hover.png
    [2012/07/16 19:26:25 | 000,002,782 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-selected.png
    [2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow.png
    [2012/07/16 19:26:25 | 000,001,337 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow1-16.png
    [2012/07/16 19:26:25 | 000,001,379 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow1-small.png
    [2012/07/16 19:26:25 | 000,001,345 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow2-16.png
    [2012/07/16 19:26:25 | 000,001,395 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow2-small.png
    [2012/07/16 19:26:26 | 000,001,302 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow3-16.png
    [2012/07/16 19:26:26 | 000,001,363 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow3-small.png

    < %USERPROFILE%\AppData\Local\ /s >

    < %systemroot%\Installer\ /s >

    < %systemroot%\system32\Cache\ /s >

    < %systemroot%\system32\config\systemprofile\Application Data /s >

    < %PROGRAMFILES%\*. >
    [2011/08/10 20:09:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\.minecraft
    [2011/11/25 17:56:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
    [2012/06/12 12:52:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM
    [2011/08/04 12:48:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
    [2012/06/01 15:52:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AruaROSE
    [2011/11/22 21:55:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
    [2012/07/16 20:03:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brand Affinity Technologies
    [2011/08/06 00:04:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
    [2012/06/12 12:52:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
    [2011/08/21 15:12:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
    [2011/07/22 15:21:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FRYS
    [2012/06/29 06:34:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Heroes of Newerth
    [2012/04/17 21:55:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
    [2011/08/10 23:24:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
    [2011/08/21 15:14:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Itibiti Soft Phone
    [2012/04/03 00:27:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
    [2011/07/31 15:10:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
    [2012/06/29 19:36:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
    [2012/07/15 23:13:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2011/11/25 18:08:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
    [2012/06/18 05:02:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
    [2011/12/28 04:01:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
    [2012/07/16 19:08:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
    [2012/07/01 20:54:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
    [2011/11/25 18:05:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
    [2011/07/22 21:20:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mumble
    [2012/05/04 20:02:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
    [2012/03/18 23:42:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ooVoo
    [2011/07/31 15:00:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
    [2012/04/20 16:20:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoScape
    [2012/02/19 03:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Presentation Assistant Pro
    [2011/11/22 22:00:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
    [2012/06/18 10:42:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RaidCall
    [2012/05/20 14:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\REACTOR
    [2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
    [2008/09/04 09:24:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RocketDock
    [2012/05/05 17:08:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
    [2012/07/17 19:11:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
    [2011/08/12 17:01:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
    [2011/07/27 20:42:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
    [2009/07/13 21:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
    [2011/07/31 14:58:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
    [2011/08/12 20:56:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
    [2011/08/10 22:45:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
    [2011/08/10 22:44:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
    [2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
    [2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
    [2009/07/13 22:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
    [2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
    [2011/07/22 21:25:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

    < %appdata%\*.* >
    [2011/08/21 16:41:28 | 000,000,011 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Roaming\RSBuddy Login.ini
    [2011/08/21 16:38:27 | 000,000,473 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Roaming\RSBuddy_BlazinGhost.ini

    < MD5 for: AFD.SYS >
  2. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    [2008/04/13 12:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\afd.sys
    [2008/08/14 03:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
    [2008/08/14 03:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3QFE\afd.sys
    [2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2GDR\afd.sys
    [2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\afd.sys
    [2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\afd.sys
    [2004/08/10 12:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB951748$\afd.sys
    [2008/08/14 02:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
    [2008/08/14 02:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2QFE\afd.sys
    [2011/04/24 19:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\SysNative\drivers\afd.sys
    [2011/04/24 19:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
    [2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\afd.sys
    [2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
    [2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3GDR\afd.sys
    [2008/06/20 03:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956803$\afd.sys
    [2008/06/20 03:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\afd.sys
    [2009/07/13 16:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
    [2011/04/24 19:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
    [2008/06/20 04:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
    [2008/06/20 04:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\afd.sys
    [2008/06/20 03:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
    [2008/06/20 03:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\afd.sys
    [2008/06/20 04:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
    [2008/06/20 04:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\afd.sys
    [2011/04/24 20:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
    [2011/04/24 19:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

    < MD5 for: ATAPI.SYS >
    [2004/08/10 12:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
    [2004/08/10 12:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\I386\sp2.cab:atapi.sys
    [2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
    [2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
    [2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
    [2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
    [2004/08/10 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\atapi.sys

    < MD5 for: CRYPTSVC.DLL >
    [2004/08/10 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB914906$\cryptsvc.dll
    [2008/04/13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
    [2006/02/11 03:48:12 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=87F3E2D2A3231F820F9248DB90090F42 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\cryptsvc.dll
    [2009/07/13 18:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
    [2009/07/13 18:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
    [2009/07/13 18:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
    [2009/07/13 18:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

    < MD5 for: DNSRSLVR.DLL >
    [2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
    [2008/04/13 17:11:52 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=474B4DC3983173E4B4C9740B0DAC98A6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dnsrslvr.dll
    [2008/02/20 11:49:36 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=6333C7E182E5B6247500188D28214DEF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
    [2008/02/20 11:49:36 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=6333C7E182E5B6247500188D28214DEF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\d61766d223927760d60364c3824ce500\sp2qfe\dnsrslvr.dll
    [2009/07/13 18:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=676108C4E3AA6F6B34633748BD0BEBD9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsrslvr.dll
    [2004/08/10 12:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7379DE06FD196E396A00AA97B990C00D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
    [2011/03/02 23:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\SysNative\dnsrslvr.dll
    [2011/03/02 23:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsrslvr.dll
    [2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\d61766d223927760d60364c3824ce500\sp2gdr\dnsrslvr.dll
    [2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\dnsrslvr.dll
    [2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dnsrslvr.dll
    [2011/03/02 23:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
    [2011/03/02 23:23:37 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=D8065FA366D28746EE3D75F08ED6B2FE -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsrslvr.dll

    < MD5 for: ES.DLL >
    [2008/04/13 17:11:53 | 000,246,272 | ---- | M] (Microsoft Corporation) MD5=19A799805B24990867B00C120D300C3A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\es.dll
    [2005/07/26 04:39:45 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=34BBD9ACC1538818F2C878898C64E793 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB950974$\es.dll
    [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
    [2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
    [2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp2gdr\es.dll
    [2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\es.dll
    [2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\es.dll
    [2012/06/28 03:27:57 | 000,008,216 | ---- | M] () MD5=8C4CBA187C451FAE0C9C1674B9C3AC39 -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
    [2005/07/26 04:20:28 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=95F5FEA4C6DE2C3F28784D0DCC8F0DD3 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
    [2008/07/07 13:06:43 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A4AB3DCA4A383F0DF4988ABDEB84F9A4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
    [2008/07/07 13:06:43 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A4AB3DCA4A383F0DF4988ABDEB84F9A4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp2qfe\es.dll
    [2004/08/10 12:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=ACD36A2DD7D1E9D8A060AA651DC07E63 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB902400$\es.dll
    [2012/07/09 21:07:57 | 000,008,216 | ---- | M] () MD5=D088A143E3692E65FCEECBEAF6B66E08 -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\20.0.1132.57\Locales\es.dll
    [2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\es.dll
    [2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
    [2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp3gdr\es.dll
    [2011/03/23 10:48:11 | 000,296,504 | ---- | M] () MD5=F08E0B593833D0EE455AAAFE489871BD -- C:\My Backup -- 11-04-05 0941PM\Documents and Settings\a\Local Settings\Application Data\Google\Chrome\Application\10.0.648.204\Locales\es.dll
    [2008/07/07 13:23:18 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=F17F6226BDC0CD5F0BEF0DAF84D29BEC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
    [2008/07/07 13:23:18 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=F17F6226BDC0CD5F0BEF0DAF84D29BEC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp3qfe\es.dll
    [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
    [2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

    < MD5 for: EXPLORER.EXE >
    [2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
    [2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
    [2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
    [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
    [2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
    [2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
    [2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
    [2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
    [2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
    [2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
    [2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
    [2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
    [2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
    [2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe
    [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
    [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\explorer.exe
    [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
    [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\explorer.exe
    [2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
    [2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
    [2004/08/10 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB938828$\explorer.exe
    [2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
    [2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
    [2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
    [2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
    [2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
    [2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

    < MD5 for: IPNATHLP.DLL >
    [2004/08/10 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=36CC8C01B5E50163037BEF56CB96DEFF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\ipnathlp.dll
    [2008/04/13 17:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=83F41D0D89645D7235C051AB1D9523AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipnathlp.dll
    [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
    [2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

    < MD5 for: IPSEC.SYS >
    [2008/04/13 12:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipsec.sys
    [2004/08/10 12:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\ipsec.sys

    < MD5 for: NETBT.SYS >
    [2004/08/10 12:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=0C80E410CD2F47134407EE7DD19CC86B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\netbt.sys
    [2008/04/13 12:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netbt.sys
    [2009/07/13 16:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\SysNative\drivers\netbt.sys
    [2009/07/13 16:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

    < MD5 for: NETMAN.DLL >
    [2008/04/13 17:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netman.dll
    [2005/08/22 18:24:55 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=3516D8A18B36784B1005B950B84232E1 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
    [2005/08/22 18:29:46 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=36739B39267914BA69AD0610A0299732 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\netman.dll
    [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
    [2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
    [2004/08/10 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB905414$\netman.dll

    < MD5 for: QMGR.DLL >
    [2004/08/10 12:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\qmgr.dll
    [2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\qmgr.dll
    [2009/07/13 18:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\SysNative\qmgr.dll
    [2009/07/13 18:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

    < MD5 for: RPCSS.DLL >
    [2009/02/09 03:20:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=01095FEBF33BEEA00C2A0730B9B3EC28 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\rpcss.dll
    [2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\rpcss.dll
    [2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\rpcss.dll
    [2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\rpcss.dll
    [2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\rpcss.dll
    [2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\rpcss.dll
    [2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3GDR\rpcss.dll
    [2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\rpcss.dll
    [2009/07/13 18:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\SysNative\rpcss.dll
    [2009/07/13 18:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
    [2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
    [2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\rpcss.dll
    [2005/01/14 05:07:42 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=94456045BEB4545B5EBE1DCC85951AFA -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll
    [2005/07/26 04:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
    [2005/04/28 19:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=C8061F289E000703E7672916B7FE1571 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB902400$\rpcss.dll
    [2005/07/26 04:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956572$\rpcss.dll
    [2005/04/28 19:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
  3. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    < MD5 for: SERVICES.EXE >
    [2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
    [2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\services.exe
    [2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
    [2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
    [2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009/02/06 10:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\services.exe
    [2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\services.exe
    [2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\services.exe
    [2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\services.exe
    [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\services.exe
    [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
    [2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\services.exe
    [2004/08/10 12:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956572$\services.exe

    < MD5 for: SR.SYS >
    [2008/04/13 11:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sr.sys
    [2004/08/10 12:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=E41B6D037D6CD08461470AF04500DC24 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\sr.sys

    < MD5 for: SRSVC.DLL >
    [2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
    [2004/08/10 12:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) MD5=92BDF74F12D6CBEC43C94D4B7F804838 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\srsvc.dll

    < MD5 for: SVCHOST.EXE >
    [2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
    [2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
    [2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
    [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
    [2004/08/10 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\svchost.exe
    [2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
    [2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

    < MD5 for: TCPIP.SYS >
    [2006/04/20 11:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB951748$\tcpip.sys
    [2011/04/24 22:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
    [2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
    [2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\tcpip.sys
    [2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\tcpip.sys
    [2011/06/20 23:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
    [2011/04/24 22:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
    [2005/05/25 19:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
    [2008/06/20 03:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
    [2008/06/20 03:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
    [2005/05/25 19:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB917953$\tcpip.sys
    [2009/07/13 18:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
    [2011/04/24 22:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
    [2008/04/13 12:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
    [2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\tcpip.sys
    [2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
    [2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
    [2011/06/20 23:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
    [2008/06/20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
    [2008/06/20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
    [2006/04/20 12:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
    [2011/04/24 23:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
    [2011/06/20 23:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\SysNative\drivers\tcpip.sys
    [2011/06/20 23:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
    [2011/06/20 23:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

    < MD5 for: TDX.SYS >
    [2009/07/13 16:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\SysNative\drivers\tdx.sys
    [2009/07/13 16:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys

    < MD5 for: USERINIT.EXE >
    [2004/08/10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\userinit.exe
    [2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
    [2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
    [2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
    [2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
    [2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe

    < MD5 for: VOLSNAP.SYS >
    [2008/04/13 11:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\volsnap.sys
    [2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\drivers\volsnap.sys
    [2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_1b1a512d99c5b72c\volsnap.sys
    [2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
    [2004/08/10 12:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\volsnap.sys

    < MD5 for: WININIT.EXE >
    [2009/07/13 18:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
    [2009/07/13 18:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
    [2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
    [2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

    < MD5 for: WINLOGON.EXE >
    [2004/08/10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\winlogon.exe
    [2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
    [2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
    [2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
    [2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
    [2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
    [2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe

    < MD5 for: WMISVC.DLL >
    [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
    [2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_fca7ad7710a22535\WMIsvc.dll
    [2008/04/13 17:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=2D0E4ED081963804CCC196A0929275B5 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wmisvc.dll
    [2004/08/10 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=F399242A80C4066FD155EFA4CF96658E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wbem\wmisvc.dll

    < MD5 for: WSCSVC.DLL >
    [2010/12/20 23:09:08 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=34D280957E8681E4BD9492B3F1FC27B9 -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_76d192b6e4d9ed67\wscsvc.dll
    [2004/08/10 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) MD5=4D59DAA66C60858CDF4F67A900F42D4A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wscsvc.dll
    [2008/04/13 17:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=7C278E6408D1DCE642230C0585A854D5 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wscsvc.dll
    [2010/12/20 23:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\SysNative\wscsvc.dll
    [2010/12/20 23:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_767435e5cb9af730\wscsvc.dll
    [2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_76354f59cbc9dce8\wscsvc.dll

    < MD5 for: WUAUSERV.DLL >
    [2004/08/10 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=13D72740963CBA12D9FF76A7F218BCD8 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wuauserv.dll
    [2008/04/13 17:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=35321FB577CDC98CE3EB3A3EB9E4610A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wuauserv.dll
    < End of report >
  4. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    OTL Extras logfile created on: 7/21/2012 9:58:36 PM - Run 1
    OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\KENT NGUYEN\Desktop
    64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.39% Memory free
    6.00 Gb Paging File | 4.36 Gb Available in Paging File | 72.75% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 227.51 Gb Total Space | 43.11 Gb Free Space | 18.95% Space Free | Partition Type: NTFS
    Drive D: | 5.36 Gb Total Space | 2.11 Gb Free Space | 39.33% Space Free | Partition Type: FAT32
    Drive E: | 678.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: KENTNGUYEN-PC | User Name: KENT NGUYEN | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [openNew] -- explorer %1 (Microsoft Corporation)
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [openNew] -- explorer %1 (Microsoft Corporation)
    Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{07213459-26FC-4E3E-87A3-475636F4C978}" = lport=37676 | protocol=17 | dir=in | name=oovoo udp port 37676 |
    "{07B6F601-1787-4922-89BB-72FAEEB9812D}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
    "{0845A9F6-0395-4CF8-9719-6144AA41E933}" = lport=57304 | protocol=17 | dir=in | name=pando media booster |
    "{0C4E003B-0A32-432F-BE37-81D39D36A8D4}" = lport=57304 | protocol=6 | dir=in | name=pando media booster |
    "{0DEE4C98-4F71-4802-98DE-BD9900BCFF5A}" = lport=58046 | protocol=6 | dir=in | name=pando media booster |
    "{193950CB-E96A-4404-BA29-225AE7B75DBA}" = lport=57304 | protocol=6 | dir=in | name=pando media booster |
    "{21AC1DCF-EA55-4803-B9F1-05951B3D7CB2}" = lport=58995 | protocol=17 | dir=in | name=pando media booster |
    "{31D0D9CC-FE12-4B78-A864-DF511840D94A}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
    "{3A6322BE-3646-4F5A-BB0E-E6BEA5674F5F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{4FA4CD85-392C-4C39-ADE0-DBD0AF377BFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{6B95885C-64D5-4E82-AC67-83BBC4B52EFC}" = lport=37677 | protocol=17 | dir=in | name=oovoo udp port 37677 |
    "{72844F87-6F89-49FC-AB3A-625F51182D69}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
    "{81061EC3-0909-41C5-BC81-784DFF1A7E70}" = lport=58046 | protocol=17 | dir=in | name=pando media booster |
    "{851457FB-DE63-4945-9876-A45401D1BB0E}" = lport=58046 | protocol=17 | dir=in | name=pando media booster |
    "{B92ED36F-52FE-4655-80F5-6BE998C6185B}" = lport=37678 | protocol=6 | dir=in | name=oovoo tcp port 37678 |
    "{C80E75B8-7DD1-49EF-8F44-34F3E5B02791}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{D8CB4AC7-588E-4A35-9DDA-A3E9434D14CA}" = lport=58046 | protocol=6 | dir=in | name=pando media booster |
    "{E0590C9D-04C1-41BE-BA45-9086FB91B02F}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
    "{E3F74CA5-2688-4D0D-BEAA-A2A7E4349F8B}" = lport=37676 | protocol=6 | dir=in | name=oovoo tcp port 37676 |
    "{E4726E2E-5991-40DD-8DAE-A570EAFD0E21}" = lport=58995 | protocol=6 | dir=in | name=pando media booster |
    "{E6443D36-4A91-4A99-BB00-6BE29EFB0735}" = lport=37678 | protocol=17 | dir=in | name=oovoo udp port 37678 |
    "{E87151B9-47AA-4BA4-87CE-CBA2ABE1B145}" = lport=37679 | protocol=17 | dir=in | name=oovoo udp port 37679 |
    "{E966602F-4810-4988-AC7D-83DA315E7226}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
    "{EF751086-F907-474C-8B8A-E6E8DAECD3F2}" = lport=57304 | protocol=17 | dir=in | name=pando media booster |
    "{F3A512EE-E6FD-4444-9133-742CD08DE068}" = lport=58995 | protocol=6 | dir=in | name=pando media booster |
    "{F6F8D7B2-F551-4ACC-8040-550E6601C4C3}" = lport=58995 | protocol=17 | dir=in | name=pando media booster |

    ========== Vista Active Application Exception List ==========
  5. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{015FCA90-A655-4EE3-A815-6987CDC0C0C0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{02896475-44FB-4DD5-85B5-FBD7B1CF1706}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{07D455F6-7516-44B2-B17F-3A7C57BA4ACC}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
    "{0810B343-DFAD-40D3-9D3D-3E3348487083}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "{13D19F08-8B8C-4A3E-8170-AD0914801DB0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{160D4107-C5DF-435B-8F6B-FA7E659906FF}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
    "{1748622C-95B6-469F-9F3F-A2E5697BA0A2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{1B6A4EA1-EC19-4F3B-9D13-9F7DFBB37AEC}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{25BD4249-1F6C-41BB-9BA3-7910FE57C31F}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{32C13902-8397-4D91-9598-29C716F2EAAB}" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "{3386219E-66B9-40FD-AE46-092330DF5B51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
    "{41209D93-97D4-4CD8-BDA7-1E21141D16C9}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
    "{44DAF907-AE80-4863-A2E2-2005F00BCEFD}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
    "{45872381-8C39-442F-99F8-5AEB1A8AEDA3}" = protocol=17 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
    "{49986349-F15F-4624-B62C-BB23AEA6DEE9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{4C1305B5-2375-4F08-8C57-BAE6F0EFB118}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{4D9E6437-9A1D-4861-B867-392EA181C0D7}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{5C39ACEF-6AF9-4A6F-806F-D68D40B19AF4}" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
    "{5D76AFCC-A8D0-4F08-A0EE-0BB3CEA490CB}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "{5EEB78DD-25D0-48C8-A833-8D4FF2F69A48}" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "{64585A6A-157A-4972-99B6-4168FA78390A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike\hl.exe |
    "{67047085-8298-4D1B-8031-63AABEA42AF4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{696D59A2-411E-47D5-887D-A53EDA362761}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{6C702485-FD77-4832-BC06-1B2B96AA5B96}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{6FAB18EC-CAC9-4CDE-9C1B-61E4ACA7E6F6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
    "{7B3F1D22-4E68-41A5-BBD3-29B797D05E60}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{7F7E34E5-1F08-4CAE-8A7C-D3E8637B3B57}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{8517B1FC-9CA6-47E4-970B-809051B27A29}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{85D6BCED-A8AA-4912-B628-940C0432E9B4}" = protocol=17 | dir=in | app=c:\users\kent nguyen\downloads\utorrent.exe |
    "{893A6E2E-2195-4962-AEC9-896B329AA09E}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{904AD292-A8DC-40EF-A82E-A51132EF43B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike\hl.exe |
    "{930244AA-2667-4D6D-984D-99B016EEFF6D}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "{96671ECC-74D7-4738-8BA6-9CFC4A4425CD}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{967B37B1-0CD1-4699-835D-1ACF96FD6D5F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{97A1FEAF-E8F3-41C3-8087-97B9ED92036F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
    "{97D8D600-BEBA-41D9-9BF5-29F2758A999F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{B1CB1418-7F05-4350-BED2-BDE74CBBEA78}" = protocol=6 | dir=in | app=c:\users\kent nguyen\downloads\utorrent.exe |
    "{B45F78E3-412C-4F6B-B1FD-1CA9C81366E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
    "{B8A48679-3B83-4994-B351-78F2053BD4A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{BA708267-8BFF-4455-9EDB-07C1451C6968}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{C053FC74-2CD5-4B25-8FA0-8153F7CBC43D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
    "{C22CE48E-937C-442E-8B06-559F7F03EC78}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{C3598F82-064A-4B37-8E2C-4C9ECF73AADE}" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "{C538D1EF-8356-4F44-AEC1-29E0EBAC3E2E}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{C8A83FFE-CF93-4E61-81EC-03660DFEEA80}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{CD464855-8C83-4B2C-B1D5-5E48E79A5ED0}" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
    "{CE2B326D-473B-48ED-B2A0-BE9C2A52F2BE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{D7A9D664-FF7D-4D06-A3EC-331C19EF4504}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
    "{DC337550-BD97-459D-A006-3771E25879DD}" = protocol=6 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
    "{E0384177-DC07-4FDC-AAD3-994147E4C38A}" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "{E349F3E9-D9A6-45B6-9611-10F227D96141}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{F0F1544D-3D27-4A8F-9607-E724DAF05F3A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{F1B25074-F27E-4D55-A3FB-4F640C389E54}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
    "{F2D9DB99-BE3A-40E1-8466-46B56E7B43D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
    "{F6A7BDC2-8095-408B-9B6E-8A462AEF2CA8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{FE23197B-0A75-4808-A550-8D756FF6DB3C}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
    "TCP Query User{072A3449-593D-4DC1-B356-A023B82D2A8D}C:\ijji\english\u_sf\soldierfront.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
    "TCP Query User{2D081530-791C-44CD-B92D-03D0CF38B4BE}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "TCP Query User{8F0BFCFD-D51F-4214-B50A-9B4F1814FBE3}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "TCP Query User{A8100A1D-9B81-4EF1-8CC2-EE50A1839315}C:\nexon\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
    "TCP Query User{BA8CF1A2-3E0C-460E-A517-55EBDB118D1A}C:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe |
    "TCP Query User{C946883F-0DF0-4AA3-A344-15855AE85512}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
    "TCP Query User{F07EEE7A-42B8-4499-AA56-ADD294F72C21}C:\program files (x86)\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
    "UDP Query User{37C3B1CF-1522-431D-9C96-15A66B660D5D}C:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe |
    "UDP Query User{4EDF24DE-437A-4875-B16C-95057AF8DE89}C:\ijji\english\u_sf\soldierfront.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
    "UDP Query User{54439EDF-9F5F-42CC-9FA3-EC7B2EFEEDF6}C:\program files (x86)\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
    "UDP Query User{66B0D162-9B7F-44D8-B74E-0C0FB654C86E}C:\nexon\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
    "UDP Query User{B6011681-AE52-4C35-AB8D-2F02BA41E847}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{C7758234-B532-4FE2-B9C9-84D19037FC92}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
    "UDP Query User{FEA0C262-EF6E-4EAB-9BEE-54E662A10CDF}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
    "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
    "{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "PC Optimizer Pro" = PC Optimizer Pro

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{30A0F8D9-709B-451C-BFB3-D8559F4797F8}" = Fantapper Browser Plugin
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
    "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
    "{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
    "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
    "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D9198056-A296-4583-A790-C0E73694CFE8}" = Fry's Wireless N USB Adapter FR-300USB
    "{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E4472792-1F94-40B9-A21C-4406FB559E89}" = Soldier Front
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
    "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
    "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "AIM_7" = AIM 7
    "avast" = avast! Free Antivirus
    "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-06-26
    "hon" = Heroes of Newerth
    "Itibiti_is1" = Knctr
    "LogMeIn Hamachi" = LogMeIn Hamachi
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
    "MapleStory" = MapleStory
    "Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
    "PhotoScape" = PhotoScape
    "Presentation Assistant Pro_is1" = Presentation Assistant Pro V2.3.3
    "Raidcall" = Raidcall
    "SoftwareUpdUtility" = Download Updater (AOL LLC)
    "Steam App 240" = Counter-Strike: Source
    "SystemRequirementsLab" = System Requirements Lab
    "TeamViewer 6" = TeamViewer 6
    "uTorrent" = µTorrent
    "WinLiveSuite" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 4.01 (32-bit)

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "UnityWebPlayer" = Unity Web Player

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 7/22/2012 12:08:34 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:08:34 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
    Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
    with error: A required certificate is not within its validity period when verifying
    against the current system clock or the timestamp in the signed file. .

    [ System Events ]
    Error - 7/12/2012 5:41:03 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
    Description = The shadow copies of volume C: were aborted because the shadow copy
    storage could not grow due to a user imposed limit.

    Error - 7/15/2012 7:30:29 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
    Description = The shadow copies of volume C: were aborted because the shadow copy
    storage could not grow due to a user imposed limit.

    Error - 7/16/2012 3:08:19 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
    Description = The shadow copies of volume C: were aborted because the shadow copy
    storage could not grow due to a user imposed limit.

    Error - 7/18/2012 10:07:57 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
    service to connect.

    Error - 7/18/2012 10:07:57 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
    Description = The WlanWpsSvc service failed to start due to the following error:
    %%1053

    Error - 7/19/2012 5:56:04 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
    service to connect.

    Error - 7/19/2012 5:56:04 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
    Description = The WlanWpsSvc service failed to start due to the following error:
    %%1053

    Error - 7/20/2012 2:38:52 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
    service to connect.

    Error - 7/20/2012 2:38:52 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
    Description = The WlanWpsSvc service failed to start due to the following error:
    %%1053

    Error - 7/21/2012 8:54:05 PM | Computer Name = KENTNGUYEN-PC | Source = WMPNetworkSvc | ID = 866300
    Description =


    < End of report >
  6. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Any more issues?

    We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

    Many of the things to note for us would be:

    • Slow computer
    • Error messages
    • Fake antivirus alerts or the icon in the system tray
    • svchost.exe running at 100%
    • System crashes or blue screen of death
  7. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    When I start up my computer it states,
    RunDLL
    There was a problem starting NVCPL.DLL
    NVCPL.DLL s not a valid Win3s application.

    And also, it took me about 15 minutes to restart my computer earlier.
    My comptuer has been running slower, but not too slow.
  8. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    • Download RogueKiller and save it on your desktop.
    • Quit all programs
    • Start RogueKiller.exe.
    • Wait until Prescan has finished ...
    • Click on Scan
    [​IMG]

    • Wait for the end of the scan.
    • The report has been created on the desktop.
    • Click on the Delete button.
    [​IMG]

    • The report has been created on the desktop.
    • Next click on the ShortcutsFix

      [​IMG]
    • The report has been created on the desktop.
    Please post:

    All RKreport.txt text files located on your desktop.
  9. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    RogueKiller V7.6.4 [07/17/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7600 ) 64 bits version
    Started in : Normal mode
    User: KENT NGUYEN [Admin rights]
    Mode: Scan -- Date: 07/23/2012 05:19:02

    ¤¤¤ Bad processes: 0 ¤¤¤

    ¤¤¤ Registry Entries: 5 ¤¤¤
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver: [NOT LOADED] ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST3250824A ATA Device +++++
    --- User ---
    [MBR] 59185432201731811da4948aa9c718ac
    [BSP] b52da85d5cfa29e18f18656d438ee0ab : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 11261565 | Size: 232966 Mo
    1 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 5498 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt

    RogueKiller V7.6.4 [07/17/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7600 ) 64 bits version
    Started in : Normal mode
    User: KENT NGUYEN [Admin rights]
    Mode: Remove -- Date: 07/23/2012 05:20:37

    ¤¤¤ Bad processes: 0 ¤¤¤

    ¤¤¤ Registry Entries: 5 ¤¤¤
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
    [HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
    [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
    [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver: [NOT LOADED] ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST3250824A ATA Device +++++
    --- User ---
    [MBR] 59185432201731811da4948aa9c718ac
    [BSP] b52da85d5cfa29e18f18656d438ee0ab : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 11261565 | Size: 232966 Mo
    1 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 5498 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt

    RogueKiller V7.6.4 [07/17/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7600 ) 64 bits version
    Started in : Normal mode
    User: KENT NGUYEN [Admin rights]
    Mode: Shortcuts HJfix -- Date: 07/23/2012 05:25:34

    ¤¤¤ Bad processes: 0 ¤¤¤

    ¤¤¤ Driver: [NOT LOADED] ¤¤¤

    ¤¤¤ File attributes restored: ¤¤¤
    Desktop: Success 7 / Fail 0
    Quick launch: Success 1 / Fail 0
    Programs: Success 8 / Fail 0
    Start menu: Success 1 / Fail 0
    User folder: Success 149 / Fail 0
    My documents: Success 1 / Fail 0
    My favorites: Success 5 / Fail 0
    My pictures: Success 0 / Fail 0
    My music: Success 2 / Fail 0
    My videos: Success 0 / Fail 0
    Local drives: Success 926 / Fail 0
    Backup: [NOT FOUND]

    Drives:
    [C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
    [D:] \Device\HarddiskVolume1 -- 0x3 --> Restored
    [E:] \Device\CdRom0 -- 0x5 --> Skipped
    [F:] \Device\HarddiskVolume3 -- 0x2 --> Restored
    [G:] \Device\HarddiskVolume4 -- 0x2 --> Restored
    [H:] \Device\HarddiskVolume5 -- 0x2 --> Restored
    [I:] \Device\HarddiskVolume6 -- 0x2 --> Restored

    ¤¤¤ Infection : ¤¤¤

    Finished : << RKreport[3].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
  10. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :filefind
      nvcpl.dll
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
  11. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    SystemLook 30.07.11 by jpshortstuff
    Log created at 19:54 on 23/07/2012 by KENT NGUYEN
    Administrator - Elevation successful

    ========== filefind ==========

    Searching for "nvcpl.dll"
    C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\nvcpl.dll--a---- 13880424 bytes[03:56 08/01/2011][03:56 08/01/2011] 229EF72A47F7EF9233F3A52FA519E01B
    C:\NVIDIA\DisplayDriver\280.26\WinVista_Win7_64\English\DisplayControlPanel\nvcpl.dll--a---- 6136936 bytes[00:07 13/08/2011][11:50 03/08/2011] 1E3B29FA18FF1C4BDA24F8155A2FE656
    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.2\nvcpl.dll--a---- 6136936 bytes[00:07 13/08/2011][11:50 03/08/2011] 1E3B29FA18FF1C4BDA24F8155A2FE656
    C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.3\NvCpl.dll--a---- 6074176 bytes[03:03 05/05/2012][21:00 29/02/2012] 11E549E5FE081995D2B3961CB7FB523E
    C:\Windows\System32\nvcpl.dll--a---- 6074176 bytes[05:05 18/04/2012][21:00 29/02/2012] 11F02E0CD38FE970F2E2A7EB14F65FFF

    -= EOF =-
     
  12. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Go to Start, type in CMD and hit enter.

    In Command Prompt type the following, hitting enter after each line:

    regsvr32 /u C:\Windows\System32\nvcpl.dll
    regsvr32 "C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.3\NvCpl.dll"
    exit

    You may see display changes and funny graphics. If you have any trouble, it'll have to be finished in Safe Mode, but let me know first if you have trouble...
  13. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    I have no idea how to work safe mode, I don't really know how to do anything in safe mode. I'm not that smart when it comes to computers. )=

    But I got this error,

    The module "C:\Program Files\NVIDIA Corporation\InstallerZ\Display.Control...\NvCpl.dll" failed to load

    Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.

    The specified module could not be found.
  14. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Okay. We'll work with it, no problem.

    Did the first command work? (regsvr32 /u C:\Windows\System32\nvcpl.dll)
  15. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    Yeah, the first command did.
  16. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Run this command and see what happens:

    regsvr32 C:\Windows\System32\nvcpl.dll
  17. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    Error:

    RegSvr32
    The module "C:\Windows\System32\nvcpl.dll" may not compatible with the version of Windows that you're running. Check if the module is compatible with an x86 (32-bit) or x64 (64-bit) version of regsvr32.exe.
  18. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    DxDiag
    1. Click Start and then click Run.
    2. Type dxdiag in the Open box, and then click OK.
    3. Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
    4. Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.
     
  19. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    ------------------
    System Information
    ------------------
    Time of this report: 7/30/2012, 03:28:44
    Machine name: KENTNGUYEN-PC
    Operating System: Windows 7 Eternity™ 2009 64-bit (6.1, Build 7600) (7600.win7_gdr.110622-1503)
    Language: English (Regional Setting: English)
    System Manufacturer: Gateway
    System Model: GT5220
    BIOS: )Phoenix - Award WorkstationBIOS v6.00PG
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ (2 CPUs), ~2.0GHz
    Memory: 3072MB RAM
    Available OS Memory: 3072MB RAM
    Page File: 4078MB used, 2062MB available
    Windows Dir: C:\Windows
    DirectX Version: DirectX 11
    DX Setup Parameters: Not found
    User DPI Setting: Using System DPI
    System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
    DxDiag Version: 6.01.7600.16385 32bit Unicode

    ------------
    DxDiag Notes
    ------------
    Display Tab 1: No problems found.
    Sound Tab 1: No problems found.
    Sound Tab 2: No problems found.
    Input Tab: No problems found.

    --------------------
    DirectX Debug Levels
    --------------------
    Direct3D: 0/4 (retail)
    DirectDraw: 0/4 (retail)
    DirectInput: 0/5 (retail)
    DirectMusic: 0/5 (retail)
    DirectPlay: 0/9 (retail)
    DirectSound: 0/5 (retail)
    DirectShow: 0/6 (retail)

    ---------------
    Display Devices
    ---------------
    Card name: NVIDIA GeForce GT 440
    Manufacturer: NVIDIA
    Chip type: GeForce GT 440
    DAC type: Integrated RAMDAC
    Device Key: Enum\PCI\VEN_10DE&DEV_0DE0&SUBSYS_14413842&REV_A1
    Display Memory: 2273 MB
    Dedicated Memory: 993 MB
    Shared Memory: 1279 MB
    Current Mode: 1920 x 1080 (32 bit) (60Hz)
    Monitor Name: Generic PnP Monitor
    Monitor Model: W2353
    Monitor Id: GSM56EE
    Native Mode: 1920 x 1080(p) (60.000Hz)
    Output Type: HD15
    Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
    Driver File Version: 8.17.0012.9610 (English)
    Driver Version: 8.17.12.9610
    DDI Version: 10.1
    Driver Model: WDDM 1.1
    Driver Attributes: Final Retail
    Driver Date/Size: 2/29/2012 17:02:00, 17642816 bytes
    WHQL Logo'd: n/a
    WHQL Date Stamp: n/a
    Device Identifier: {D7B71E3E-4EA0-11CF-787E-4D341FC2C535}
    Vendor ID: 0x10DE
    Device ID: 0x0DE0
    SubSys ID: 0x14413842
    Revision ID: 0x00A1
    Driver Strong Name: oem4.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section015:8.17.12.9610:pci\ven_10de&dev_0de0
    Rank Of Driver: 00E62001
    Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
    Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
    D3D9 Overlay: Supported
    DXVA-HD: Supported
    DDraw Status: Enabled
    D3D Status: Enabled
    AGP Status: Enabled

    -------------
    Sound Devices
    -------------
    Description: Speakers (High Definition Audio Device)
    Default Sound Playback: Yes
    Default Voice Playback: Yes
    Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1019E601&REV_1000
    Manufacturer ID: 1
    Product ID: 65535
    Type: WDM
    Driver Name: HdAudio.sys
    Driver Version: 6.01.7600.16385 (English)
    Driver Attributes: Final Retail
    WHQL Logo'd: n/a
    Date and Size: 7/13/2009 17:07:00, 350208 bytes
    Other Files:
    Driver Provider: Microsoft
    HW Accel Level: Basic
    Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
    Static/Strm HW Mix Bufs: 0, 0
    Static/Strm HW 3D Bufs: 0, 0
    HW Memory: 0
    Voice Management: No
    EAX(tm) 2.0 Listen/Src: No, No
    I3DL2(tm) Listen/Src: No, No
    Sensaura(tm) ZoomFX(tm): No

    Description: Digital Audio (S/PDIF) (High Definition Audio Device)
    Default Sound Playback: No
    Default Voice Playback: No
    Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1019E601&REV_1000
    Manufacturer ID: 1
    Product ID: 65535
    Type: WDM
    Driver Name: HdAudio.sys
    Driver Version: 6.01.7600.16385 (English)
    Driver Attributes: Final Retail
    WHQL Logo'd: n/a
    Date and Size: 7/13/2009 17:07:00, 350208 bytes
    Other Files:
    Driver Provider: Microsoft
    HW Accel Level: Basic
    Cap Flags: 0x0
    Min/Max Sample Rate: 0, 0
    Static/Strm HW Mix Bufs: 0, 0
    Static/Strm HW 3D Bufs: 0, 0
    HW Memory: 0
    Voice Management: No
    EAX(tm) 2.0 Listen/Src: No, No
    I3DL2(tm) Listen/Src: No, No
    Sensaura(tm) ZoomFX(tm): No

    ---------------------
    Sound Capture Devices
    ---------------------
    Description: Microphone (High Definition Audio Device)
    Default Sound Capture: Yes
    Default Voice Capture: Yes
    Driver Name: HdAudio.sys
    Driver Version: 6.01.7600.16385 (English)
    Driver Attributes: Final Retail
    Date and Size: 7/13/2009 17:07:00, 350208 bytes
    Cap Flags: 0x0
    Format Flags: 0x0

    Description: Line In (High Definition Audio Device)
    Default Sound Capture: No
    Default Voice Capture: No
    Driver Name: HdAudio.sys
    Driver Version: 6.01.7600.16385 (English)
    Driver Attributes: Final Retail
    Date and Size: 7/13/2009 17:07:00, 350208 bytes
    Cap Flags: 0x0
    Format Flags: 0x0

    -------------------
    DirectInput Devices
    -------------------
    Device Name: Mouse
    Attached: 1
    Controller ID: n/a
    Vendor/Product ID: n/a
    FF Driver: n/a

    Device Name: Keyboard
    Attached: 1
    Controller ID: n/a
    Vendor/Product ID: n/a
    FF Driver: n/a

    Device Name: USB Keyboard
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC31D
    FF Driver: n/a

    Device Name: USB Keyboard
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC31D
    FF Driver: n/a

    Device Name: USB Keyboard
    Attached: 1
    Controller ID: 0x0
    Vendor/Product ID: 0x046D, 0xC31D
    FF Driver: n/a

    Poll w/ Interrupt: No

    -----------
    USB Devices
    -----------
    + USB Root Hub
    | Vendor/Product ID: 0x10DE, 0x026D
    | Matching Device ID: usb\root_hub
    | Service: usbhub
    |
    +-+ USB Input Device
    | | Vendor/Product ID: 0x04B4, 0x0033
    | | Location: Port_#0003.Hub_#0001
    | | Matching Device ID: generic_hid_device
    | | Service: HidUsb
    | |
    | +-+ HID-compliant mouse
    | | | Vendor/Product ID: 0x04B4, 0x0033
    | | | Matching Device ID: hid_device_system_mouse
    | | | Service: mouhid

    ----------------
    Gameport Devices
    ----------------

    ------------
    PS/2 Devices
    ------------
    + HID Keyboard Device
    | Vendor/Product ID: 0x046D, 0xC31D
    | Matching Device ID: hid_device_system_keyboard
    | Service: kbdhid
    |
    + Terminal Server Keyboard Driver
    | Matching Device ID: root\rdp_kbd
    | Upper Filters: kbdclass
    | Service: TermDD
    |
    + Terminal Server Mouse Driver
    | Matching Device ID: root\rdp_mou
    | Upper Filters: mouclass
    | Service: TermDD

    ------------------------
    Disk & DVD/CD-ROM Drives
    ------------------------
    Drive: C:
    Free Space: 42.9 GB
    Total Space: 233.0 GB
    File System: NTFS
    Model: ST3250824A ATA Device

    Drive: D:
    Free Space: 2.2 GB
    Total Space: 5.5 GB
    File System: FAT32
    Model: ST3250824A ATA Device

    Drive: E:
    Model: LITE-ON DVDRW SHW-160P6S ATA Device
    Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), , 0 bytes

    --------------
    System Devices
    --------------
    Name: PCI standard PCI-to-PCI bridge
    Device ID: PCI\VEN_10DE&DEV_02FC&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&10
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_0272&SUBSYS_03511019&REV_A3\3&2411E6FE&1&52
    Driver: n/a

    Name: NVIDIA nForce Serial ATA Controller
    Device ID: PCI\VEN_10DE&DEV_0266&SUBSYS_03511019&REV_A1\3&2411E6FE&1&70
    Driver: n/a

    Name: AMD HyperTransport(tm) Configuration
    Device ID: PCI\VEN_1022&DEV_1100&SUBSYS_00000000&REV_00\3&2411E6FE&1&C0
    Driver: n/a

    Name: PCI standard PCI-to-PCI bridge
    Device ID: PCI\VEN_10DE&DEV_02FB&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&20
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_0270&SUBSYS_03511019&REV_A2\3&2411E6FE&1&48
    Driver: n/a

    Name: Standard Dual Channel PCI IDE Controller
    Device ID: PCI\VEN_10DE&DEV_0265&SUBSYS_03511019&REV_A1\3&2411E6FE&1&68
    Driver: n/a

    Name: In-Build CX11256 modem
    Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&3A20BB39&0&3880
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_02FA&SUBSYS_03511019&REV_A2\3&2411E6FE&1&01
    Driver: n/a

    Name: PCI standard PCI-to-PCI bridge
    Device ID: PCI\VEN_10DE&DEV_026F&SUBSYS_00000000&REV_A2\3&2411E6FE&1&80
    Driver: n/a

    Name: NVIDIA nForce PCI System Management
    Device ID: PCI\VEN_10DE&DEV_0264&SUBSYS_03511019&REV_A3\3&2411E6FE&1&51
    Driver: n/a

    Name: VIA 1394 OHCI Compliant Host Controller
    Device ID: PCI\VEN_1106&DEV_3044&SUBSYS_30441019&REV_C0\4&3A20BB39&0&4880
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_02F9&SUBSYS_03511019&REV_A2\3&2411E6FE&1&04
    Driver: n/a

    Name: Standard Enhanced PCI to USB Host Controller
    Device ID: PCI\VEN_10DE&DEV_026E&SUBSYS_03511019&REV_A3\3&2411E6FE&1&59
    Driver: n/a

    Name: PCI standard ISA bridge
    Device ID: PCI\VEN_10DE&DEV_0260&SUBSYS_03511019&REV_A3\3&2411E6FE&1&50
    Driver: n/a

    Name: NVIDIA GeForce GT 440
    Device ID: PCI\VEN_10DE&DEV_0DE0&SUBSYS_14413842&REV_A1\4&2AD12F4B&0&0020
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_02F8&SUBSYS_03511019&REV_A2\3&2411E6FE&1&03
    Driver: n/a

    Name: Standard OpenHCD USB Host Controller
    Device ID: PCI\VEN_10DE&DEV_026D&SUBSYS_03511019&REV_A3\3&2411E6FE&1&58
    Driver: n/a

    Name: High Definition Audio Controller
    Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_14413842&REV_A1\4&2AD12F4B&0&0120
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_02F0&SUBSYS_03511019&REV_A2\3&2411E6FE&1&00
    Driver: n/a

    Name: High Definition Audio Controller
    Device ID: PCI\VEN_10DE&DEV_026C&SUBSYS_A88D1019&REV_A2\3&2411E6FE&1&81
    Driver: n/a

    Name: AMD Miscellaneous Configuration
    Device ID: PCI\VEN_1022&DEV_1103&SUBSYS_00000000&REV_00\3&2411E6FE&1&C3
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_02FE&SUBSYS_03511019&REV_A2\3&2411E6FE&1&02
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_027F&SUBSYS_03511019&REV_A2\3&2411E6FE&1&06
    Driver: n/a

    Name: NVIDIA nForce Networking Controller
    Device ID: PCI\VEN_10DE&DEV_0269&SUBSYS_03511019&REV_A3\3&2411E6FE&1&A0
    Driver: n/a

    Name: AMD DRAM and HyperTransport(tm) Trace Mode Configuration
    Device ID: PCI\VEN_1022&DEV_1102&SUBSYS_00000000&REV_00\3&2411E6FE&1&C2
    Driver: n/a

    Name: PCI standard PCI-to-PCI bridge
    Device ID: PCI\VEN_10DE&DEV_02FD&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&18
    Driver: n/a

    Name: PCI standard RAM Controller
    Device ID: PCI\VEN_10DE&DEV_027E&SUBSYS_03511019&REV_A2\3&2411E6FE&1&07
    Driver: n/a

    Name: NVIDIA nForce Serial ATA Controller
    Device ID: PCI\VEN_10DE&DEV_0267&SUBSYS_03511019&REV_A1\3&2411E6FE&1&78
    Driver: n/a

    Name: AMD Address Map Configuration
    Device ID: PCI\VEN_1022&DEV_1101&SUBSYS_00000000&REV_00\3&2411E6FE&1&C1
    Driver: n/a

    ------------------
    DirectShow Filters
    ------------------

    DirectShow Filters:
    WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7600.16385
    WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7600.16385
    WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7600.16385
    MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
    Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
    WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7600.16385
    WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7600.16597
    Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
    Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
    ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.01.3887.0000
    ffdshow DXVA Video Decoder,0xff800002,2,1,ffdshow.ax,1.01.3887.0000
    ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.01.3887.0000
    ffdshow Audio Decoder,0xff800001,1,1,ffdshow.ax,1.01.3887.0000
    DV Muxer,0x00400000,0,0,qdv.dll,6.06.7600.16385
    Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7600.16490
    WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7600.16385
    Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7600.16385
    AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7600.16490
    VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7600.16490
    SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7600.16724
    Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
    AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7600.16724
    StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7600.16724
    MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
    MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7600.16490
    SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
    VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
    MPC - MPEG-2 Video Decoder (Gabest),0x00500001,1,1,Mpeg2DecFilter.ax,1.05.0002.3268
    MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7600.16724
    Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7600.16385
    SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7600.16724
    Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
    MPC - FLV Splitter (Gabest),0x00600000,1,1,FLVSplitter.ax,1.05.0002.3268
    Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
    MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7600.16490
    WavPack Audio Decoder,0x00600000,1,1,WavPackDSDecoder.ax,1.01.0000.0484
    DV Splitter,0x00600000,1,2,qdv.dll,6.06.7600.16385
    Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7600.16490
    Haali Media Splitter,0x00800001,0,1,splitter.ax,1.11.0096.0014
    Haali Media Splitter (AR),0x00400000,1,1,splitter.ax,1.11.0096.0014
    Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7600.16385
    ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7600.16490
    Video Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
    MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7600.16724
    Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7600.16385
    Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7600.16490
    Video Renderer,0x00400000,1,0,quartz.dll,6.06.7600.16490
    Haali Video Renderer,0x00200000,1,0,dxr.dll,
    VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7600.16385
    WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7600.16385
    VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7600.16385
    File writer,0x00200000,1,0,qcap.dll,6.06.7600.16385
    iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7600.16385
    iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7600.16385
    Haali Simple Media Splitter,0x00200000,0,1,splitter.ax,1.11.0096.0014
    DirectVobSub,0x00200000,2,1,VSFilter.dll,2.40.3252.0002
    DirectVobSub (auto-loading version),0x00800002,2,1,VSFilter.dll,2.40.3252.0002
    DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7600.16385
    Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7600.16385
    Haali Matroska Muxer,0x00200000,1,0,splitter.ax,1.11.0096.0014
    AVI Draw,0x00600064,9,1,quartz.dll,6.06.7600.16490
    RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
    Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
    WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7600.16385
    MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7600.16724
    DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7600.16385
    ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.01.3887.0000
    SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7600.16385
    Null Renderer,0x00200000,1,0,qedit.dll,6.06.7600.16385
    MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7600.16385
    Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7600.16385
    MPC - FLV Source (Gabest),0x00600000,0,0,FLVSplitter.ax,1.05.0002.3268
    StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7600.16724
    Smart Tee,0x00200000,1,2,qcap.dll,6.06.7600.16385
    Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7600.16385
    AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
    AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7600.16490
    Wave Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
    MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
    Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
    File stream renderer,0x00400000,1,1,quartz.dll,6.06.7600.16490
    WavPack Audio Splitter,0x00600000,1,1,WavPackDSSplitter.ax,1.01.0000.0323
    ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.01.3887.0000
    Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
    StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7600.16724
    AVI Mux,0x00200000,1,0,qcap.dll,6.06.7600.16385
    Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7600.16490
    File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7600.16490
    File Source (URL),0x00400000,0,1,quartz.dll,6.06.7600.16490
    Haali Video Sink,0x00200000,1,0,splitter.ax,1.11.0096.0014
    Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7600.16385
    Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7600.16385
    BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7600.16385
    MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7600.16490

    WDM Streaming Tee/Splitter Devices:
    Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

    Video Compressors:
    WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
    WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
    MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
    DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7600.16385
    ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.01.3887.0000
    MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7600.16490
    Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.06.7600.16385
    ffdshow Video Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
    Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
    Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
    Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7600.16385
    Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7600.16385

    Audio Compressors:
    WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
    WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
    IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
    PCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
    Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
    GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7600.16490
    Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7600.16490
    CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
    CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
    MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7600.16490

    Audio Capture Sources:
    Microphone (High Definition Aud,0x00200000,0,0,qcap.dll,6.06.7600.16385
    Line In (High Definition Audio ,0x00200000,0,0,qcap.dll,6.06.7600.16385

    PBDA CP Filters:
    PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7600.16724
    PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16724
    PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16724

    Midi Renderers:
    Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
    Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7600.16490

    WDM Streaming Capture Devices:
    HD Audio Mixed capture,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

    WDM Streaming Rendering Devices:
    HD Audio Speaker,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
    HD Audio SPDIF out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

    BDA Network Providers:
    Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
    Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
    Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
    Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
    Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7600.16648

    Multi-Instance Capable VBI Codecs:
    VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385

    BDA Transport Information Renderers:
    BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7600.16385
    MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7600.16385

    BDA CP/CA Filters:
    Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7600.16724
    Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7600.16724
    PTFilter,0x00200000,0,0,EncDec.dll,6.06.7600.16724
    XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7600.16724

    WDM Streaming Communication Transforms:
    Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

    Audio Renderers:
    Speakers (High Definition Audio,0x00200000,1,0,quartz.dll,6.06.7600.16490
    Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
    Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7600.16490
    Digital Audio (S/PDIF) (High De,0x00200000,1,0,quartz.dll,6.06.7600.16490
    DirectSound: Digital Audio (S/PDIF) (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
    DirectSound: Speakers (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490

    ---------------
    EVR Power Information
    ---------------
    Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
    Quality Flags: 2576
    Enabled:
    Force throttling
    Allow half deinterlace
    Allow scaling
    Decode Power Usage: 100
    Balanced Flags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 50
    PowerFlags: 1424
    Enabled:
    Force throttling
    Allow batching
    Force half deinterlace
    Force scaling
    Decode Power Usage: 0
  20. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    As long as the log says this, then I wouldn't worry about that error.
  21. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    So, um, what do I do now? I still get that windows explorer has stopped working error when I right click onto my desktop.
  22. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Need scan from DDS please...

    Please download DDS by sUBs from BleepingComputer.com or Forospyware.com and save it to your Desktop.

    Note: Before scanning, make sure all other running programs are closed. There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
    • Notepad will open with the results, click Yes to the Optional_Scan
    • Please follow the instructions that pop up for posting the results. Post only the contents of both logs.
    • Close the program window, and delete the program from your Desktop.
  23. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
    Run by KENT NGUYEN at 4:02:22 on 2012-08-02
    Microsoft® Windows 7 Eternity™ 2009 6.1.7600.0.1252.1.1033.18.3072.1513 [GMT -7:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
    C:\Program Files (x86)\FRYS\FR-300USB revA\WlanWpsSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\RocketDock\RocketDock.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\FRYS\FR-300USB revA\wirelesscm.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    uRun: [Google Update] "C:\Users\KENT NGUYEN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    dRun: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
    dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ROCKET~1.LNK - C:\Program Files (x86)\RocketDock\RocketDock.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\FRYS\FR-300USB revA\wirelesscm.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    dPolicies-explorer: NoResolveTrack = 1 (0x1)
    dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: Interfaces\{31E03527-7ABA-4A1B-937E-456721522840} : DhcpNameServer = 192.168.1.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\KENT NGUYEN\AppData\Roaming\Mozilla\Firefox\Profiles\ounn8cau.default\
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\KENT NGUYEN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Users\KENT NGUYEN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
    R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
    R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-16 44808]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-15 655944]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-17 2348352]
    R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-7-27 2337144]
    R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\FRYS\FR-300USB revA\WlanWpsSvc.exe [2011-7-22 167936]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
    R3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    R3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-22 253088]
    S3 Gun;Gun;C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [2012-5-3 45176]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-2 113120]
    S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-07-26 10:05:39--------d-----w-C:\Program Files (x86)\Survival Project
    2012-07-26 09:59:47--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\Downloaded Installations
    2012-07-26 09:45:56--------d-----w-C:\Program Files (x86)\MSXML 4.0
    2012-07-19 21:57:55--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{53997142-2F5B-4BC3-B107-CF3D70AEBD94}
    2012-07-19 21:57:14--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{7AF86F08-A1E0-4F2A-8CC1-111D0BF97DC6}
    2012-07-19 02:09:42--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{4184B0B7-C8C5-4748-AFA7-A188015712F9}
    2012-07-19 02:09:12--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{8127895A-EB9E-4BE3-BFF4-34B916EB5136}
    2012-07-17 21:20:13--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{ADEDA0C8-C2AD-486C-9DB1-DB104EA2F68A}
    2012-07-17 21:19:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{78C8293F-F07C-4029-A1BA-6B18F81084F0}
    2012-07-17 03:06:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D3E7CCD9-86F1-43A8-B387-38CF830B2E6C}
    2012-07-17 03:06:05--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6EC5F370-6D42-4017-BA5A-C3C1C6CCDF04}
    2012-07-17 02:31:49--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{85E094E1-8064-405B-BB04-DB041B4E4209}
    2012-07-17 02:31:18--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{952D1D2B-6348-4574-8520-A52C04B947E7}
    2012-07-17 02:21:0154072----a-w-C:\Windows\System32\drivers\aswRdr2.sys
    2012-07-17 02:20:59958400----a-w-C:\Windows\System32\drivers\aswSnx.sys
    2012-07-17 02:20:5571064----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
    2012-07-17 02:20:0041224----a-w-C:\Windows\avastSS.scr
    2012-07-17 02:19:40--------d-----w-C:\ProgramData\AVAST Software
    2012-07-17 02:19:40--------d-----w-C:\Program Files\AVAST Software
    2012-07-17 02:10:59--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{FEF2565D-E9CF-42FD-8B57-9FAF5BB85FC5}
    2012-07-17 02:05:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{BA4D90E7-0500-4EFB-87BC-526AF1798DB5}
    2012-07-16 06:14:08--------d-----w-C:\Users\KENT NGUYEN\AppData\Roaming\Malwarebytes
    2012-07-16 06:13:46--------d-----w-C:\ProgramData\Malwarebytes
    2012-07-16 06:13:4524904----a-w-C:\Windows\System32\drivers\mbam.sys
    2012-07-16 06:13:44--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-07-15 05:28:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6584F75C-1B41-417F-BD69-B2ED95C70AEC}
    2012-07-15 05:28:00--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{0A631996-564C-480C-9DBF-E810465B1C40}
    2012-07-14 02:20:46--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{8B4CFDAD-A57F-42A8-88A0-E266F9AB41A0}
    2012-07-14 02:20:01--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{01DD146C-BED6-4E92-8686-69273353BCF1}
    2012-07-13 04:06:29--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D258A4D1-1EF5-4EE5-AA9E-A5D0DEFFFB95}
    2012-07-13 04:05:57--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{78901982-3F52-4C80-957D-47C9276872F1}
    2012-07-10 02:29:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6396E83E-66B5-4FDA-8C9D-474404D8C5E3}
    2012-07-10 02:28:34--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{2E5F02D7-0EB7-42BB-845B-8453A52EE2C0}
    2012-07-07 19:00:12--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{96051CB2-D295-4F34-B6F6-B4BC8C7B20A0}
    2012-07-07 18:59:37--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{016872C1-2871-425C-9A93-671D017A4BA6}
    2012-07-06 16:22:04--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{3E9D3CCC-D90C-4F0D-9A95-4FBE134B81AF}
    2012-07-06 16:21:38--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D899CCA2-F081-4127-8C58-9DD5FA452118}
    2012-07-05 05:02:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{A5FE502F-FF41-46EE-9A2E-1187940554FD}
    .
    ==================== Find3M ====================
    .
    .
    ============= FINISH: 4:03:31.28 ===============
  24. BlazinGhost

    BlazinGhost Newcomer, in training Topic Starter Posts: 72

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows 7 Eternity™ 2009
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/22/2011 3:06:41 PM
    System Uptime: 8/1/2012 10:31:29 PM (6 hours ago)
    .
    Motherboard: C51PVGM-GB | | C51PVGM-GB
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket M2 | 2000/201mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 228 GiB total, 45.183 GiB free.
    D: is FIXED (FAT32) - 5 GiB total, 2.108 GiB free.
    E: is CDROM (CDFS)
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description:
    Device ID: ACPI\AWY0001\2&DABA3FF&1
    Manufacturer:
    Name:
    PNP Device ID: ACPI\AWY0001\2&DABA3FF&1
    Service:
    .
    ==== System Restore Points ===================
    .
    RP103: 7/21/2012 10:02:32 PM - OTL Restore Point - 7/21/2012 10:02:31 PM
    RP104: 7/26/2012 2:43:47 AM - Installed MSXML 4.0 SP2 Parser and SDK
    RP105: 7/26/2012 3:02:42 AM - Installed Survival Project.
    .
    ==== Installed Programs ======================
    .
    µTorrent
    Adobe Flash Player 10 ActiveX
    Adobe Reader X (10.1.1)
    AIM 7
    Apple Application Support
    Apple Software Update
    avast! Free Antivirus
    Combined Community Codec Pack 2011-06-26
    Counter-Strike: Source
    D3DX10
    Download Updater (AOL LLC)
    Fantapper Browser Plugin
    Fry's Wireless N USB Adapter FR-300USB
    Google Chrome
    Heroes of Newerth
    Itibiti RTC
    Java Auto Updater
    Java(TM) 6 Update 26
    Knctr
    League of Legends
    LogMeIn Hamachi
    Malwarebytes Anti-Malware version 1.62.0.1300
    MapleStory
    Messenger Companion
    Microsoft Office Excel Viewer
    Microsoft Silverlight
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 Parser and SDK
    Mumble 1.2.3
    Nexon Game Manager
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    ooVoo
    Pando Media Booster
    PhotoScape
    Presentation Assistant Pro V2.3.3
    QuickTime
    Raidcall
    REACTOR
    Skype™ 5.8
    Soldier Front
    Steam
    Survival Project
    System Requirements Lab
    TeamViewer 6
    Unity Web Player
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    WinRAR 4.01 (32-bit)
    .
    ==== End Of File ===========================
  25. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download ComboFix [​IMG] from BleepingComputer.com

    Alternate link: GeeksToGo.com

    Alternate link: Forospyware.com (Click the green button on the page to download it).

    Rename ComboFix.exe to combo-fix.exe before you save it to your Desktop
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Open notepad and copy/paste the text in the quotebox below into it:
    • Save this as CFScript.txt, in the same location as ComboFix.exe

      [​IMG]
    • Referring to the picture above, drag CFScript into ComboFix.exe
    • When finished, it shall produce a log for you at C:\ComboFix.txt
    • Please post the contents of the log in your next reply.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.