[Closed] Windows Explorer has stopped working

Status
Not open for further replies.
[2012/07/16 19:26:24 | 000,002,087 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate-small-disable.png
[2012/07/16 19:26:24 | 000,001,939 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate-small-selected.png
[2012/07/16 19:26:24 | 000,003,215 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\corporate.png
[2012/07/16 19:26:24 | 000,002,265 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs-small-disable.png
[2012/07/16 19:26:24 | 000,002,263 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs-small-selected.png
[2012/07/16 19:26:24 | 000,005,828 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\drugs.png
[2012/07/16 19:26:24 | 000,002,303 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling-small-disable.png
[2012/07/16 19:26:24 | 000,002,155 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling-small-selected.png
[2012/07/16 19:26:24 | 000,004,773 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\gambling.png
[2012/07/16 19:26:24 | 000,003,829 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-1.png
[2012/07/16 19:26:24 | 000,003,549 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-2.png
[2012/07/16 19:26:24 | 000,003,075 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-3.png
[2012/07/16 19:26:24 | 000,001,593 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-hover.png
[2012/07/16 19:26:24 | 000,002,977 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green-selected.png
[2012/07/16 19:26:24 | 000,001,590 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green.png
[2012/07/16 19:26:24 | 000,001,416 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green1-16.png
[2012/07/16 19:26:24 | 000,001,408 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green1-small.png
[2012/07/16 19:26:24 | 000,001,430 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green2-16.png
[2012/07/16 19:26:24 | 000,001,426 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green2-small.png
[2012/07/16 19:26:24 | 000,001,406 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-16.png
[2012/07/16 19:26:34 | 000,000,722 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-24.png
[2012/07/16 19:26:24 | 000,001,396 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\green3-small.png
[2012/07/16 19:26:24 | 000,003,955 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-0.png
[2012/07/16 19:26:24 | 000,003,110 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-3.png
[2012/07/16 19:26:24 | 000,001,433 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey-small.png
[2012/07/16 19:26:24 | 000,001,441 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey0-16.png
[2012/07/16 19:26:24 | 000,001,451 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\grey3-16.png
[2012/07/16 19:26:24 | 000,002,318 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal-small-disable.png
[2012/07/16 19:26:24 | 000,002,320 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal-small-selected.png
[2012/07/16 19:26:24 | 000,006,501 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\illegal.png
[2012/07/16 19:26:24 | 000,002,139 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it-small-disable.png
[2012/07/16 19:26:24 | 000,001,957 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it-small-selected.png
[2012/07/16 19:26:24 | 000,003,884 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\it.png
[2012/07/16 19:26:24 | 000,001,300 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet-hover.png
[2012/07/16 19:26:24 | 000,002,791 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet-selected.png
[2012/07/16 19:26:24 | 000,001,298 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\limet.png
[2012/07/16 19:26:24 | 000,001,810 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\line-dark-horizontal.png
[2012/07/16 19:26:24 | 000,001,787 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\line-light-horizontal.png
[2012/07/16 19:26:24 | 000,003,601 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo128.jpg
[2012/07/16 19:26:24 | 000,008,456 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo256.jpg
[2012/07/16 19:26:24 | 000,001,391 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo48.jpg
[2012/07/16 19:26:24 | 000,001,769 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\logo64.jpg
[2012/07/16 19:26:24 | 000,002,057 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news-small-disable.png
[2012/07/16 19:26:25 | 000,001,961 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news-small-selected.png
[2012/07/16 19:26:25 | 000,003,762 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\news.png
[2012/07/16 19:26:25 | 000,001,303 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange-hover.png
[2012/07/16 19:26:25 | 000,002,788 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange-selected.png
[2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange.png
[2012/07/16 19:26:25 | 000,001,389 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange1-16.png
[2012/07/16 19:26:25 | 000,001,406 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange2-16.png
[2012/07/16 19:26:25 | 000,001,363 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\orange3-16.png
[2012/07/16 19:26:25 | 000,002,124 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography-small-disable.png
[2012/07/16 19:26:25 | 000,001,984 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography-small-selected.png
[2012/07/16 19:26:25 | 000,004,104 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\pornography.png
[2012/07/16 19:26:25 | 000,003,741 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-1.png
[2012/07/16 19:26:25 | 000,003,479 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-2.png
[2012/07/16 19:26:25 | 000,002,716 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-3.png
[2012/07/16 19:26:25 | 000,001,549 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-hover.png
[2012/07/16 19:26:25 | 000,002,939 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red-selected.png
[2012/07/16 19:26:25 | 000,001,552 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red.png
[2012/07/16 19:26:25 | 000,001,376 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red1-16.png
[2012/07/16 19:26:25 | 000,001,367 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red1-small.png
[2012/07/16 19:26:25 | 000,001,386 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red2-16.png
[2012/07/16 19:26:25 | 000,001,377 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red2-small.png
[2012/07/16 19:26:25 | 000,001,361 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red3-16.png
[2012/07/16 19:26:25 | 000,001,352 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\red3-small.png
[2012/07/16 19:26:25 | 000,002,122 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping-small-disable.png
[2012/07/16 19:26:25 | 000,002,075 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping-small-selected.png
[2012/07/16 19:26:25 | 000,005,208 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\shopping.png
[2012/07/16 19:26:25 | 000,002,235 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social-small-disable.png
[2012/07/16 19:26:25 | 000,002,147 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social-small-selected.png
[2012/07/16 19:26:25 | 000,005,147 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\social.png
[2012/07/16 19:26:25 | 000,002,245 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence-small-disable.png
[2012/07/16 19:26:25 | 000,002,109 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence-small-selected.png
[2012/07/16 19:26:25 | 000,004,866 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\violence.png
[2012/07/16 19:26:25 | 000,002,245 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons-small-disable.png
[2012/07/16 19:26:25 | 000,002,109 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons-small-selected.png
[2012/07/16 19:26:25 | 000,006,701 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\weapons.png
[2012/07/16 19:26:25 | 000,003,818 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-1.png
[2012/07/16 19:26:25 | 000,003,525 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-2.png
[2012/07/16 19:26:25 | 000,002,697 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-3.png
[2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-hover.png
[2012/07/16 19:26:25 | 000,002,782 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow-selected.png
[2012/07/16 19:26:25 | 000,001,304 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow.png
[2012/07/16 19:26:25 | 000,001,337 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow1-16.png
[2012/07/16 19:26:25 | 000,001,379 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow1-small.png
[2012/07/16 19:26:25 | 000,001,345 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow2-16.png
[2012/07/16 19:26:25 | 000,001,395 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow2-small.png
[2012/07/16 19:26:26 | 000,001,302 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow3-16.png
[2012/07/16 19:26:26 | 000,001,363 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\User Data\Temp\scoped_dir_2888_16056\CRX_INSTALL\skin\images\icons\yellow3-small.png

< %USERPROFILE%\AppData\Local\ /s >

< %systemroot%\Installer\ /s >

< %systemroot%\system32\Cache\ /s >

< %systemroot%\system32\config\systemprofile\Application Data /s >

< %PROGRAMFILES%\*. >
[2011/08/10 20:09:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\.minecraft
[2011/11/25 17:56:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/06/12 12:52:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AIM
[2011/08/04 12:48:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/06/01 15:52:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AruaROSE
[2011/11/22 21:55:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2012/07/16 20:03:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brand Affinity Technologies
[2011/08/06 00:04:17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Combined Community Codec Pack
[2012/06/12 12:52:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/08/21 15:12:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2011/07/22 15:21:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FRYS
[2012/06/29 06:34:20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Heroes of Newerth
[2012/04/17 21:55:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/08/10 23:24:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2011/08/21 15:14:42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Itibiti Soft Phone
[2012/04/03 00:27:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2011/07/31 15:10:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2012/06/29 19:36:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012/07/15 23:13:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/25 18:08:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/06/18 05:02:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/12/28 04:01:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/07/16 19:08:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/07/01 20:54:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/11/25 18:05:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSECache
[2011/07/22 21:20:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mumble
[2012/05/04 20:02:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/03/18 23:42:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ooVoo
[2011/07/31 15:00:55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2012/04/20 16:20:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PhotoScape
[2012/02/19 03:31:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Presentation Assistant Pro
[2011/11/22 22:00:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2012/06/18 10:42:59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RaidCall
[2012/05/20 14:53:49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\REACTOR
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2008/09/04 09:24:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RocketDock
[2012/05/05 17:08:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2012/07/17 19:11:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2011/08/12 17:01:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/07/27 20:42:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamViewer
[2009/07/13 21:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/07/31 14:58:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\uTorrent
[2011/08/12 20:56:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/08/10 22:45:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/08/10 22:44:46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/13 22:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2009/07/13 22:32:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/07/13 22:37:47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/07/22 21:25:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR

< %appdata%\*.* >
[2011/08/21 16:41:28 | 000,000,011 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Roaming\RSBuddy Login.ini
[2011/08/21 16:38:27 | 000,000,473 | ---- | M] () -- C:\Users\KENT NGUYEN\AppData\Roaming\RSBuddy_BlazinGhost.ini

< MD5 for: AFD.SYS >
 
[2008/04/13 12:19:23 | 000,138,112 | ---- | M] (Microsoft Corporation) MD5=322D0E36693D6E24A2398BEE62A268CD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\afd.sys
[2008/08/14 03:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP3QFE\afd.sys
[2008/08/14 03:34:26 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=4D43E74F2A1239D53929B82600F1971C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3QFE\afd.sys
[2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2GDR\afd.sys
[2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\afd.sys
[2008/08/14 02:51:43 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=55E6E1C51B6D30E54335750955453702 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\afd.sys
[2004/08/10 12:00:00 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=5AC495F4CB807B2B98AD2AD591E6D92E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB951748$\afd.sys
[2008/08/14 02:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP2QFE\afd.sys
[2008/08/14 02:48:52 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=6A0397376853E604DE8E1E7A87FC08AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP2QFE\afd.sys
[2011/04/24 19:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\SysNative\drivers\afd.sys
[2011/04/24 19:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys
[2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\afd.sys
[2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956803\SP3GDR\afd.sys
[2008/08/14 03:04:36 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=7E775010EF291DA96AD17CA4B17137D7 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\a94a6432dbac6901fc5bf15157f718f8\SP3GDR\afd.sys
[2008/06/20 03:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956803$\afd.sys
[2008/06/20 03:44:38 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=944CA435BFCFC82CC1ED9E3A7D731AA9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\afd.sys
[2009/07/13 16:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys
[2011/04/24 19:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys
[2008/06/20 04:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
[2008/06/20 04:48:03 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=D6EE6014241D034E63C49A50CB2B442A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\afd.sys
[2008/06/20 03:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
[2008/06/20 03:44:08 | 000,138,368 | ---- | M] (Microsoft Corporation) MD5=D99DDFFB33DEACDCF20717CB520379F6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\afd.sys
[2008/06/20 04:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
[2008/06/20 04:40:08 | 000,138,496 | ---- | M] (Microsoft Corporation) MD5=E3049B90FE06F3F740B7CFDA44995E2C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\afd.sys
[2011/04/24 20:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys
[2011/04/24 19:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 12:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/10 12:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\I386\sp2.cab:atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/13 18:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2004/08/10 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2004/08/10 12:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB914906$\cryptsvc.dll
[2008/04/13 17:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\cryptsvc.dll
[2006/02/11 03:48:12 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=87F3E2D2A3231F820F9248DB90090F42 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\cryptsvc.dll
[2009/07/13 18:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009/07/13 18:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/13 18:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/13 18:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: DNSRSLVR.DLL >
[2011/03/02 23:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=16835866AAA693C7D7FCEBA8FFF706E4 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsrslvr.dll
[2008/04/13 17:11:52 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=474B4DC3983173E4B4C9740B0DAC98A6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\dnsrslvr.dll
[2008/02/20 11:49:36 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=6333C7E182E5B6247500188D28214DEF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB945553\SP2QFE\dnsrslvr.dll
[2008/02/20 11:49:36 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=6333C7E182E5B6247500188D28214DEF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\d61766d223927760d60364c3824ce500\sp2qfe\dnsrslvr.dll
[2009/07/13 18:40:32 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=676108C4E3AA6F6B34633748BD0BEBD9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsrslvr.dll
[2004/08/10 12:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7379DE06FD196E396A00AA97B990C00D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB945553$\dnsrslvr.dll
[2011/03/02 23:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\SysNative\dnsrslvr.dll
[2011/03/02 23:17:10 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=85CF424C74A1D5EC33533E1DBFF9920A -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsrslvr.dll
[2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\d61766d223927760d60364c3824ce500\sp2gdr\dnsrslvr.dll
[2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\dnsrslvr.dll
[2008/02/19 22:32:43 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=AAC8FFBFD61E784FA3BAC851D4A0BD5F -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dnsrslvr.dll
[2011/03/02 23:12:55 | 000,183,296 | ---- | M] (Microsoft Corporation) MD5=B2205BAEAE4C178ABEB1B149751FC2B9 -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsrslvr.dll
[2011/03/02 23:23:37 | 000,182,272 | ---- | M] (Microsoft Corporation) MD5=D8065FA366D28746EE3D75F08ED6B2FE -- C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsrslvr.dll

< MD5 for: ES.DLL >
[2008/04/13 17:11:53 | 000,246,272 | ---- | M] (Microsoft Corporation) MD5=19A799805B24990867B00C120D300C3A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\es.dll
[2005/07/26 04:39:45 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=34BBD9ACC1538818F2C878898C64E793 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB950974$\es.dll
[2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\SysNative\es.dll
[2009/07/13 18:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) MD5=4166F82BE4D24938977DD1746BE9B8A0 -- C:\Windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp2gdr\es.dll
[2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\es.dll
[2008/07/07 13:32:22 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=60D1A6342238378BFB7545C81EE3606C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\es.dll
[2012/06/28 03:27:57 | 000,008,216 | ---- | M] () MD5=8C4CBA187C451FAE0C9C1674B9C3AC39 -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\20.0.1132.47\Locales\es.dll
[2005/07/26 04:20:28 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=95F5FEA4C6DE2C3F28784D0DCC8F0DD3 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB902400\SP2QFE\es.dll
[2008/07/07 13:06:43 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A4AB3DCA4A383F0DF4988ABDEB84F9A4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
[2008/07/07 13:06:43 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=A4AB3DCA4A383F0DF4988ABDEB84F9A4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp2qfe\es.dll
[2004/08/10 12:00:00 | 000,243,200 | ---- | M] (Microsoft Corporation) MD5=ACD36A2DD7D1E9D8A060AA651DC07E63 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB902400$\es.dll
[2012/07/09 21:07:57 | 000,008,216 | ---- | M] () MD5=D088A143E3692E65FCEECBEAF6B66E08 -- C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\20.0.1132.57\Locales\es.dll
[2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\es.dll
[2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
[2008/07/07 13:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=D4991D98F2DB73C60D042F1AEF79EFAE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp3gdr\es.dll
[2011/03/23 10:48:11 | 000,296,504 | ---- | M] () MD5=F08E0B593833D0EE455AAAFE489871BD -- C:\My Backup -- 11-04-05 0941PM\Documents and Settings\a\Local Settings\Application Data\Google\Chrome\Application\10.0.648.204\Locales\es.dll
[2008/07/07 13:23:18 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=F17F6226BDC0CD5F0BEF0DAF84D29BEC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
[2008/07/07 13:23:18 | 000,253,952 | ---- | M] (Microsoft Corporation) MD5=F17F6226BDC0CD5F0BEF0DAF84D29BEC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\8cac00e8efc87d728c0261686f85c975\sp3qfe\es.dll
[2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\SysWOW64\es.dll
[2009/07/13 18:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=F6916EFC29D9953D5D0DF06882AE8E16 -- C:\Windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll

< MD5 for: EXPLORER.EXE >
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 04:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\explorer.exe
[2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
[2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2004/08/10 12:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IPNATHLP.DLL >
[2004/08/10 12:00:00 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=36CC8C01B5E50163037BEF56CB96DEFF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\ipnathlp.dll
[2008/04/13 17:11:55 | 000,331,264 | ---- | M] (Microsoft Corporation) MD5=83F41D0D89645D7235C051AB1D9523AC -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipnathlp.dll
[2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\SysNative\ipnathlp.dll
[2009/07/13 18:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) MD5=B95F6501A2F8B2E78C697FEC401970CE -- C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\ipnathlp.dll

< MD5 for: IPSEC.SYS >
[2008/04/13 12:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=23C74D75E36E7158768DD63D92789A91 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\ipsec.sys
[2004/08/10 12:00:00 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=64537AA5C003A6AFEEE1DF819062D0D1 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\ipsec.sys

< MD5 for: NETBT.SYS >
[2004/08/10 12:00:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=0C80E410CD2F47134407EE7DD19CC86B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\netbt.sys
[2008/04/13 12:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) MD5=74B2B2F5BEA5E9A3DC021D685551BD3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netbt.sys
[2009/07/13 16:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\SysNative\drivers\netbt.sys
[2009/07/13 16:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A -- C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys

< MD5 for: NETMAN.DLL >
[2008/04/13 17:12:01 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=13E67B55B3ABD7BF3FE7AAE5A0F9A9DE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netman.dll
[2005/08/22 18:24:55 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=3516D8A18B36784B1005B950B84232E1 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB905414\SP2QFE\netman.dll
[2005/08/22 18:29:46 | 000,197,632 | ---- | M] (Microsoft Corporation) MD5=36739B39267914BA69AD0610A0299732 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\netman.dll
[2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\SysNative\netman.dll
[2009/07/13 18:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=847D3AE376C0817161A14A82C8922A9E -- C:\Windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[2004/08/10 12:00:00 | 000,198,144 | ---- | M] (Microsoft Corporation) MD5=DAB9E6C7105D2EF49876FE92C524F565 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB905414$\netman.dll

< MD5 for: QMGR.DLL >
[2004/08/10 12:00:00 | 000,382,464 | ---- | M] (Microsoft Corporation) MD5=2C69EC7E5A311334D10DD95F338FCCEA -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\qmgr.dll
[2008/04/13 17:12:03 | 000,409,088 | ---- | M] (Microsoft Corporation) MD5=574738F61FCA2935F5265DC4E5691314 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\qmgr.dll
[2009/07/13 18:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\SysNative\qmgr.dll
[2009/07/13 18:41:53 | 000,848,384 | ---- | M] (Microsoft Corporation) MD5=7F0C323FE3DA28AA4AA1BDA3F575707F -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_7f85b69413231233\qmgr.dll

< MD5 for: RPCSS.DLL >
[2009/02/09 03:20:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=01095FEBF33BEEA00C2A0730B9B3EC28 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\rpcss.dll
[2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\rpcss.dll
[2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 03:01:53 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=24B5D53B9ACCC1E2EDCF0A878D6659D4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\rpcss.dll
[2008/04/13 17:12:04 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=2589FE6015A316C0F5D5112B4DA7B509 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[2009/02/09 05:10:48 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=6B27A5C03DFB94B4245739065431322C -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\rpcss.dll
[2009/07/13 18:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\SysNative\rpcss.dll
[2009/07/13 18:41:53 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=7266972E86890E2B30C0C322E906B027 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[2009/02/09 03:56:36 | 000,401,408 | ---- | M] (Microsoft Corporation) MD5=9222562D44021B988B9F9F62207FB6F2 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\rpcss.dll
[2005/01/14 05:07:42 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=94456045BEB4545B5EBE1DCC85951AFA -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[2005/07/26 04:20:40 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=C369DF215D352B6F3A0B8C3469AA34F8 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[2005/04/28 19:31:11 | 000,395,776 | ---- | M] (Microsoft Corporation) MD5=C8061F289E000703E7672916B7FE1571 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB902400$\rpcss.dll
[2005/07/26 04:39:49 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=CE94A2BD25E3E9F4D46A7373FF455C6D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956572$\rpcss.dll
[2005/04/28 19:35:01 | 000,396,288 | ---- | M] (Microsoft Corporation) MD5=DA383FB39A6F1C445F3AFC94B3EB1248 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB894391\SP2QFE\rpcss.dll
 
< MD5 for: SERVICES.EXE >
[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/06 04:06:24 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=020CEAAEDC8EB655B6506B8C70D53BB6 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3QFE\services.exe
[2008/04/13 17:12:34 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=0E776ED5F7CC9F94299E70461B7B8185 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009/02/06 10:14:03 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=37561F8D4160D62DA86D24AE41FAE8DE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2GDR\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP2QFE\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\services.exe
[2009/02/06 03:22:21 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=4712531AB7A01B7EE059853CA17D39BD -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
[2009/02/06 04:11:05 | 000,110,592 | ---- | M] (Microsoft Corporation) MD5=65DF52F5B8B6E9BBD183505225C37315 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\51401b498f4675531d9efb941ee01ef3\SP3GDR\services.exe
[2004/08/10 12:00:00 | 000,108,032 | ---- | M] (Microsoft Corporation) MD5=C6CE6EEC82F187615D1002BB3BB50ED4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SR.SYS >
[2008/04/13 11:36:52 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=76BB022C2FB6902FD5BDD4F78FC13A5D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sr.sys
[2004/08/10 12:00:00 | 000,073,472 | ---- | M] (Microsoft Corporation) MD5=E41B6D037D6CD08461470AF04500DC24 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\sr.sys

< MD5 for: SRSVC.DLL >
[2008/04/13 17:12:07 | 000,171,008 | ---- | M] (Microsoft Corporation) MD5=3805DF0AC4296A34BA4BF93B346CC378 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\srsvc.dll
[2004/08/10 12:00:00 | 000,170,496 | ---- | M] (Microsoft Corporation) MD5=92BDF74F12D6CBEC43C94D4B7F804838 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\srsvc.dll

< MD5 for: SVCHOST.EXE >
[2008/04/13 17:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004/08/10 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2006/04/20 11:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2011/04/24 22:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2gdr\tcpip.sys
[2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 03:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\tcpip.sys
[2011/06/20 23:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2011/04/24 22:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2005/05/25 19:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2008/06/20 03:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008/06/20 03:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp2qfe\tcpip.sys
[2005/05/25 19:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2009/07/13 18:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/24 22:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2008/04/13 12:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\tcpip.sys
[2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-03-29 0718PM\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008/06/20 04:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3gdr\tcpip.sys
[2011/06/20 23:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2008/06/20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008/06/20 04:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\ad744bdeedce85bf37a096f34577ff3a\sp3qfe\tcpip.sys
[2006/04/20 12:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2011/04/24 23:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/20 23:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/06/20 23:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/20 23:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: TDX.SYS >
[2009/07/13 16:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\SysNative\drivers\tdx.sys
[2009/07/13 16:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F -- C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys

< MD5 for: USERINIT.EXE >
[2004/08/10 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2008/04/13 17:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\userinit.exe

< MD5 for: VOLSNAP.SYS >
[2008/04/13 11:41:01 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=4C8FCB5CC53AAB716D810740FE59D025 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\volsnap.sys
[2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\drivers\volsnap.sys
[2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_1b1a512d99c5b72c\volsnap.sys
[2009/07/13 18:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C -- C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys
[2004/08/10 12:00:00 | 000,052,352 | ---- | M] (Microsoft Corporation) MD5=EE4660083DEBA849FF6C485D944B379B -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\drivers\volsnap.sys

< MD5 for: WININIT.EXE >
[2009/07/13 18:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/13 18:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2004/08/10 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2008/04/13 17:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\winlogon.exe

< MD5 for: WMISVC.DLL >
[2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\SysNative\wbem\WMIsvc.dll
[2009/07/13 18:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) MD5=19B07E7E8915D701225DA41CB3877306 -- C:\Windows\winsxs\amd64_microsoft-windows-wmi-core-svc_31bf3856ad364e35_6.1.7600.16385_none_fca7ad7710a22535\WMIsvc.dll
[2008/04/13 17:12:09 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=2D0E4ED081963804CCC196A0929275B5 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wmisvc.dll
[2004/08/10 12:00:00 | 000,144,896 | ---- | M] (Microsoft Corporation) MD5=F399242A80C4066FD155EFA4CF96658E -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wbem\wmisvc.dll

< MD5 for: WSCSVC.DLL >
[2010/12/20 23:09:08 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=34D280957E8681E4BD9492B3F1FC27B9 -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.20862_none_76d192b6e4d9ed67\wscsvc.dll
[2004/08/10 12:00:00 | 000,081,408 | ---- | M] (Microsoft Corporation) MD5=4D59DAA66C60858CDF4F67A900F42D4A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wscsvc.dll
[2008/04/13 17:12:10 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=7C278E6408D1DCE642230C0585A854D5 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wscsvc.dll
[2010/12/20 23:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\SysNative\wscsvc.dll
[2010/12/20 23:16:27 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=8F9F3969933C02DA96EB0F84576DB43E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16723_none_767435e5cb9af730\wscsvc.dll
[2009/07/13 18:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) MD5=E8B1FE6669397D1772D8196DF0E57A9E -- C:\Windows\winsxs\amd64_microsoft-windows-securitycenter-core_31bf3856ad364e35_6.1.7600.16385_none_76354f59cbc9dce8\wscsvc.dll

< MD5 for: WUAUSERV.DLL >
[2004/08/10 12:00:00 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=13D72740963CBA12D9FF76A7F218BCD8 -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\wuauserv.dll
[2008/04/13 17:12:11 | 000,006,656 | ---- | M] (Microsoft Corporation) MD5=35321FB577CDC98CE3EB3A3EB9E4610A -- C:\My Backup -- 11-04-05 0941PM\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\wuauserv.dll
< End of report >
 
OTL Extras logfile created on: 7/21/2012 9:58:36 PM - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\KENT NGUYEN\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.39% Memory free
6.00 Gb Paging File | 4.36 Gb Available in Paging File | 72.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 227.51 Gb Total Space | 43.11 Gb Free Space | 18.95% Space Free | Partition Type: NTFS
Drive D: | 5.36 Gb Total Space | 2.11 Gb Free Space | 39.33% Space Free | Partition Type: FAT32
Drive E: | 678.22 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: KENTNGUYEN-PC | User Name: KENT NGUYEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [openNew] -- explorer %1 (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07213459-26FC-4E3E-87A3-475636F4C978}" = lport=37676 | protocol=17 | dir=in | name=oovoo udp port 37676 |
"{07B6F601-1787-4922-89BB-72FAEEB9812D}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{0845A9F6-0395-4CF8-9719-6144AA41E933}" = lport=57304 | protocol=17 | dir=in | name=pando media booster |
"{0C4E003B-0A32-432F-BE37-81D39D36A8D4}" = lport=57304 | protocol=6 | dir=in | name=pando media booster |
"{0DEE4C98-4F71-4802-98DE-BD9900BCFF5A}" = lport=58046 | protocol=6 | dir=in | name=pando media booster |
"{193950CB-E96A-4404-BA29-225AE7B75DBA}" = lport=57304 | protocol=6 | dir=in | name=pando media booster |
"{21AC1DCF-EA55-4803-B9F1-05951B3D7CB2}" = lport=58995 | protocol=17 | dir=in | name=pando media booster |
"{31D0D9CC-FE12-4B78-A864-DF511840D94A}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{3A6322BE-3646-4F5A-BB0E-E6BEA5674F5F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4FA4CD85-392C-4C39-ADE0-DBD0AF377BFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{6B95885C-64D5-4E82-AC67-83BBC4B52EFC}" = lport=37677 | protocol=17 | dir=in | name=oovoo udp port 37677 |
"{72844F87-6F89-49FC-AB3A-625F51182D69}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{81061EC3-0909-41C5-BC81-784DFF1A7E70}" = lport=58046 | protocol=17 | dir=in | name=pando media booster |
"{851457FB-DE63-4945-9876-A45401D1BB0E}" = lport=58046 | protocol=17 | dir=in | name=pando media booster |
"{B92ED36F-52FE-4655-80F5-6BE998C6185B}" = lport=37678 | protocol=6 | dir=in | name=oovoo tcp port 37678 |
"{C80E75B8-7DD1-49EF-8F44-34F3E5B02791}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D8CB4AC7-588E-4A35-9DDA-A3E9434D14CA}" = lport=58046 | protocol=6 | dir=in | name=pando media booster |
"{E0590C9D-04C1-41BE-BA45-9086FB91B02F}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{E3F74CA5-2688-4D0D-BEAA-A2A7E4349F8B}" = lport=37676 | protocol=6 | dir=in | name=oovoo tcp port 37676 |
"{E4726E2E-5991-40DD-8DAE-A570EAFD0E21}" = lport=58995 | protocol=6 | dir=in | name=pando media booster |
"{E6443D36-4A91-4A99-BB00-6BE29EFB0735}" = lport=37678 | protocol=17 | dir=in | name=oovoo udp port 37678 |
"{E87151B9-47AA-4BA4-87CE-CBA2ABE1B145}" = lport=37679 | protocol=17 | dir=in | name=oovoo udp port 37679 |
"{E966602F-4810-4988-AC7D-83DA315E7226}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{EF751086-F907-474C-8B8A-E6E8DAECD3F2}" = lport=57304 | protocol=17 | dir=in | name=pando media booster |
"{F3A512EE-E6FD-4444-9133-742CD08DE068}" = lport=58995 | protocol=6 | dir=in | name=pando media booster |
"{F6F8D7B2-F551-4ACC-8040-550E6601C4C3}" = lport=58995 | protocol=17 | dir=in | name=pando media booster |

========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015FCA90-A655-4EE3-A815-6987CDC0C0C0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{02896475-44FB-4DD5-85B5-FBD7B1CF1706}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{07D455F6-7516-44B2-B17F-3A7C57BA4ACC}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{0810B343-DFAD-40D3-9D3D-3E3348487083}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{13D19F08-8B8C-4A3E-8170-AD0914801DB0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{160D4107-C5DF-435B-8F6B-FA7E659906FF}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{1748622C-95B6-469F-9F3F-A2E5697BA0A2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1B6A4EA1-EC19-4F3B-9D13-9F7DFBB37AEC}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{25BD4249-1F6C-41BB-9BA3-7910FE57C31F}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{32C13902-8397-4D91-9598-29C716F2EAAB}" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
"{3386219E-66B9-40FD-AE46-092330DF5B51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
"{41209D93-97D4-4CD8-BDA7-1E21141D16C9}" = protocol=17 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{44DAF907-AE80-4863-A2E2-2005F00BCEFD}" = protocol=6 | dir=in | app=c:\nexon\combat arms\nmservice.exe |
"{45872381-8C39-442F-99F8-5AEB1A8AEDA3}" = protocol=17 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
"{49986349-F15F-4624-B62C-BB23AEA6DEE9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4C1305B5-2375-4F08-8C57-BAE6F0EFB118}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{4D9E6437-9A1D-4861-B867-392EA181C0D7}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{5C39ACEF-6AF9-4A6F-806F-D68D40B19AF4}" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{5D76AFCC-A8D0-4F08-A0EE-0BB3CEA490CB}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{5EEB78DD-25D0-48C8-A833-8D4FF2F69A48}" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
"{64585A6A-157A-4972-99B6-4168FA78390A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike\hl.exe |
"{67047085-8298-4D1B-8031-63AABEA42AF4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{696D59A2-411E-47D5-887D-A53EDA362761}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6C702485-FD77-4832-BC06-1B2B96AA5B96}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{6FAB18EC-CAC9-4CDE-9C1B-61E4ACA7E6F6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{7B3F1D22-4E68-41A5-BBD3-29B797D05E60}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7F7E34E5-1F08-4CAE-8A7C-D3E8637B3B57}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{8517B1FC-9CA6-47E4-970B-809051B27A29}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{85D6BCED-A8AA-4912-B628-940C0432E9B4}" = protocol=17 | dir=in | app=c:\users\kent nguyen\downloads\utorrent.exe |
"{893A6E2E-2195-4962-AEC9-896B329AA09E}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{904AD292-A8DC-40EF-A82E-A51132EF43B5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike\hl.exe |
"{930244AA-2667-4D6D-984D-99B016EEFF6D}" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"{96671ECC-74D7-4738-8BA6-9CFC4A4425CD}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{967B37B1-0CD1-4699-835D-1ACF96FD6D5F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{97A1FEAF-E8F3-41C3-8087-97B9ED92036F}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{97D8D600-BEBA-41D9-9BF5-29F2758A999F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B1CB1418-7F05-4350-BED2-BDE74CBBEA78}" = protocol=6 | dir=in | app=c:\users\kent nguyen\downloads\utorrent.exe |
"{B45F78E3-412C-4F6B-B1FD-1CA9C81366E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
"{B8A48679-3B83-4994-B351-78F2053BD4A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BA708267-8BFF-4455-9EDB-07C1451C6968}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C053FC74-2CD5-4B25-8FA0-8153F7CBC43D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
"{C22CE48E-937C-442E-8B06-559F7F03EC78}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C3598F82-064A-4B37-8E2C-4C9ECF73AADE}" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"{C538D1EF-8356-4F44-AEC1-29E0EBAC3E2E}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{C8A83FFE-CF93-4E61-81EC-03660DFEEA80}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CD464855-8C83-4B2C-B1D5-5E48E79A5ED0}" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
"{CE2B326D-473B-48ED-B2A0-BE9C2A52F2BE}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D7A9D664-FF7D-4D06-A3EC-331C19EF4504}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{DC337550-BD97-459D-A006-3771E25879DD}" = protocol=6 | dir=in | app=c:\program files (x86)\itibiti soft phone\itibiti.exe |
"{E0384177-DC07-4FDC-AAD3-994147E4C38A}" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"{E349F3E9-D9A6-45B6-9611-10F227D96141}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{F0F1544D-3D27-4A8F-9607-E724DAF05F3A}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F1B25074-F27E-4D55-A3FB-4F640C389E54}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F2D9DB99-BE3A-40E1-8466-46B56E7B43D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\vietxboipride\counter-strike source\hl2.exe |
"{F6A7BDC2-8095-408B-9B6E-8A462AEF2CA8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{FE23197B-0A75-4808-A550-8D756FF6DB3C}" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\ijjioptimizer.exe |
"TCP Query User{072A3449-593D-4DC1-B356-A023B82D2A8D}C:\ijji\english\u_sf\soldierfront.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
"TCP Query User{2D081530-791C-44CD-B92D-03D0CF38B4BE}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{8F0BFCFD-D51F-4214-B50A-9B4F1814FBE3}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=6 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
"TCP Query User{A8100A1D-9B81-4EF1-8CC2-EE50A1839315}C:\nexon\combat arms\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms\engine.exe |
"TCP Query User{BA8CF1A2-3E0C-460E-A517-55EBDB118D1A}C:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe |
"TCP Query User{C946883F-0DF0-4AA3-A344-15855AE85512}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |
"TCP Query User{F07EEE7A-42B8-4499-AA56-ADD294F72C21}C:\program files (x86)\reactor\reactor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"UDP Query User{37C3B1CF-1522-431D-9C96-15A66B660D5D}C:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\xeternalfate\garrysmod\hl2.exe |
"UDP Query User{4EDF24DE-437A-4875-B16C-95057AF8DE89}C:\ijji\english\u_sf\soldierfront.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_sf\soldierfront.exe |
"UDP Query User{54439EDF-9F5F-42CC-9FA3-EC7B2EFEEDF6}C:\program files (x86)\reactor\reactor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\reactor\reactor.exe |
"UDP Query User{66B0D162-9B7F-44D8-B74E-0C0FB654C86E}C:\nexon\combat arms\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms\engine.exe |
"UDP Query User{B6011681-AE52-4C35-AB8D-2F02BA41E847}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{C7758234-B532-4FE2-B9C9-84D19037FC92}C:\game\softnyxgame\gunboundis\gunbound.gme" = protocol=17 | dir=in | app=c:\game\softnyxgame\gunboundis\gunbound.gme |
"UDP Query User{FEA0C262-EF6E-4EAB-9BEE-54E662A10CDF}C:\program files (x86)\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\heroes of newerth\hon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC Optimizer Pro" = PC Optimizer Pro

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30A0F8D9-709B-451C-BFB3-D8559F4797F8}" = Fantapper Browser Plugin
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9198056-A296-4583-A790-C0E73694CFE8}" = Fry's Wireless N USB Adapter FR-300USB
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4472792-1F94-40B9-A21C-4406FB559E89}" = Soldier Front
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AIM_7" = AIM 7
"avast" = avast! Free Antivirus
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-06-26
"hon" = Heroes of Newerth
"Itibiti_is1" = Knctr
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"MapleStory" = MapleStory
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PhotoScape" = PhotoScape
"Presentation Assistant Pro_is1" = Presentation Assistant Pro V2.3.3
"Raidcall" = Raidcall
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 240" = Counter-Strike: Source
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/22/2012 12:08:34 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:08:34 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 7/22/2012 12:46:42 AM | Computer Name = KENTNGUYEN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ System Events ]
Error - 7/12/2012 5:41:03 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 7/15/2012 7:30:29 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 7/16/2012 3:08:19 AM | Computer Name = KENTNGUYEN-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 7/18/2012 10:07:57 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
service to connect.

Error - 7/18/2012 10:07:57 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
Description = The WlanWpsSvc service failed to start due to the following error:
%%1053

Error - 7/19/2012 5:56:04 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
service to connect.

Error - 7/19/2012 5:56:04 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
Description = The WlanWpsSvc service failed to start due to the following error:
%%1053

Error - 7/20/2012 2:38:52 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the WlanWpsSvc
service to connect.

Error - 7/20/2012 2:38:52 PM | Computer Name = KENTNGUYEN-PC | Source = Service Control Manager | ID = 7000
Description = The WlanWpsSvc service failed to start due to the following error:
%%1053

Error - 7/21/2012 8:54:05 PM | Computer Name = KENTNGUYEN-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >
 
Any more issues?

We need to know any other issues that are plaguing your computer. Kindly give a summary so we know how to continue from here.

Many of the things to note for us would be:

  • Slow computer
  • Error messages
  • Fake antivirus alerts or the icon in the system tray
  • svchost.exe running at 100%
  • System crashes or blue screen of death
 
When I start up my computer it states,
RunDLL
There was a problem starting NVCPL.DLL
NVCPL.DLL s not a valid Win3s application.

And also, it took me about 15 minutes to restart my computer earlier.
My comptuer has been running slower, but not too slow.
 
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
RGKRScan.png


  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
RGKRDelete.png


  • The report has been created on the desktop.
  • Next click on the ShortcutsFix

    RGKRShortcutsFix.png
  • The report has been created on the desktop.
Please post:

All RKreport.txt text files located on your desktop.
 
RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: KENT NGUYEN [Admin rights]
Mode: Scan -- Date: 07/23/2012 05:19:02

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250824A ATA Device +++++
--- User ---
[MBR] 59185432201731811da4948aa9c718ac
[BSP] b52da85d5cfa29e18f18656d438ee0ab : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 11261565 | Size: 232966 Mo
1 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 5498 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: KENT NGUYEN [Admin rights]
Mode: Remove -- Date: 07/23/2012 05:20:37

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 5 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250824A ATA Device +++++
--- User ---
[MBR] 59185432201731811da4948aa9c718ac
[BSP] b52da85d5cfa29e18f18656d438ee0ab : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 11261565 | Size: 232966 Mo
1 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 5498 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: KENT NGUYEN [Admin rights]
Mode: Shortcuts HJfix -- Date: 07/23/2012 05:25:34

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 7 / Fail 0
Quick launch: Success 1 / Fail 0
Programs: Success 8 / Fail 0
Start menu: Success 1 / Fail 0
User folder: Success 149 / Fail 0
My documents: Success 1 / Fail 0
My favorites: Success 5 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 2 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 926 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[E:] \Device\CdRom0 -- 0x5 --> Skipped
[F:] \Device\HarddiskVolume3 -- 0x2 --> Restored
[G:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[H:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[I:] \Device\HarddiskVolume6 -- 0x2 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
 
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: 
    :filefind
nvcpl.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
SystemLook 30.07.11 by jpshortstuff
Log created at 19:54 on 23/07/2012 by KENT NGUYEN
Administrator - Elevation successful

========== filefind ==========

Searching for "nvcpl.dll"
C:\My Backup -- 11-04-05 0941PM\WINDOWS\system32\nvcpl.dll--a---- 13880424 bytes[03:56 08/01/2011][03:56 08/01/2011] 229EF72A47F7EF9233F3A52FA519E01B
C:\NVIDIA\DisplayDriver\280.26\WinVista_Win7_64\English\DisplayControlPanel\nvcpl.dll--a---- 6136936 bytes[00:07 13/08/2011][11:50 03/08/2011] 1E3B29FA18FF1C4BDA24F8155A2FE656
C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.2\nvcpl.dll--a---- 6136936 bytes[00:07 13/08/2011][11:50 03/08/2011] 1E3B29FA18FF1C4BDA24F8155A2FE656
C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.3\NvCpl.dll--a---- 6074176 bytes[03:03 05/05/2012][21:00 29/02/2012] 11E549E5FE081995D2B3961CB7FB523E
C:\Windows\System32\nvcpl.dll--a---- 6074176 bytes[05:05 18/04/2012][21:00 29/02/2012] 11F02E0CD38FE970F2E2A7EB14F65FFF

-= EOF =-
 
Go to Start, type in CMD and hit enter.

In Command Prompt type the following, hitting enter after each line:

regsvr32 /u C:\Windows\System32\nvcpl.dll
regsvr32 "C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.3\NvCpl.dll"
exit

You may see display changes and funny graphics. If you have any trouble, it'll have to be finished in Safe Mode, but let me know first if you have trouble...
 
I have no idea how to work safe mode, I don't really know how to do anything in safe mode. I'm not that smart when it comes to computers. )=

But I got this error,

The module "C:\Program Files\NVIDIA Corporation\InstallerZ\Display.Control...\NvCpl.dll" failed to load

Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files.

The specified module could not be found.
 
Okay. We'll work with it, no problem.

Did the first command work? (regsvr32 /u C:\Windows\System32\nvcpl.dll)
 
Error:

RegSvr32
The module "C:\Windows\System32\nvcpl.dll" may not compatible with the version of Windows that you're running. Check if the module is compatible with an x86 (32-bit) or x64 (64-bit) version of regsvr32.exe.
 
DxDiag
  1. Click Start and then click Run.
  2. Type dxdiag in the Open box, and then click OK.
  3. Click Save all information, and it will collect information and it will prompt you to save the file. Save the file to the Desktop.
  4. Find DxDiag.txt on your Desktop, and post the contents of it in your next reply.
 
------------------
System Information
------------------
Time of this report: 7/30/2012, 03:28:44
Machine name: KENTNGUYEN-PC
Operating System: Windows 7 Eternity™ 2009 64-bit (6.1, Build 7600) (7600.win7_gdr.110622-1503)
Language: English (Regional Setting: English)
System Manufacturer: Gateway
System Model: GT5220
BIOS: )Phoenix - Award WorkstationBIOS v6.00PG
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ (2 CPUs), ~2.0GHz
Memory: 3072MB RAM
Available OS Memory: 3072MB RAM
Page File: 4078MB used, 2062MB available
Windows Dir: C:\Windows
DirectX Version: DirectX 11
DX Setup Parameters: Not found
User DPI Setting: Using System DPI
System DPI Setting: 96 DPI (100 percent)
DWM DPI Scaling: Disabled
DxDiag Version: 6.01.7600.16385 32bit Unicode

------------
DxDiag Notes
------------
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Input Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (retail)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (retail)
DirectMusic: 0/5 (retail)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: NVIDIA GeForce GT 440
Manufacturer: NVIDIA
Chip type: GeForce GT 440
DAC type: Integrated RAMDAC
Device Key: Enum\PCI\VEN_10DE&DEV_0DE0&SUBSYS_14413842&REV_A1
Display Memory: 2273 MB
Dedicated Memory: 993 MB
Shared Memory: 1279 MB
Current Mode: 1920 x 1080 (32 bit) (60Hz)
Monitor Name: Generic PnP Monitor
Monitor Model: W2353
Monitor Id: GSM56EE
Native Mode: 1920 x 1080(p) (60.000Hz)
Output Type: HD15
Driver Name: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um
Driver File Version: 8.17.0012.9610 (English)
Driver Version: 8.17.12.9610
DDI Version: 10.1
Driver Model: WDDM 1.1
Driver Attributes: Final Retail
Driver Date/Size: 2/29/2012 17:02:00, 17642816 bytes
WHQL Logo'd: n/a
WHQL Date Stamp: n/a
Device Identifier: {D7B71E3E-4EA0-11CF-787E-4D341FC2C535}
Vendor ID: 0x10DE
Device ID: 0x0DE0
SubSys ID: 0x14413842
Revision ID: 0x00A1
Driver Strong Name: oem4.inf:NVIDIA_SetA_Devices.NTamd64.6.1:Section015:8.17.12.9610:pci\ven_10de&dev_0de0
Rank Of Driver: 00E62001
Video Accel: ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
D3D9 Overlay: Supported
DXVA-HD: Supported
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled

-------------
Sound Devices
-------------
Description: Speakers (High Definition Audio Device)
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1019E601&REV_1000
Manufacturer ID: 1
Product ID: 65535
Type: WDM
Driver Name: HdAudio.sys
Driver Version: 6.01.7600.16385 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 7/13/2009 17:07:00, 350208 bytes
Other Files:
Driver Provider: Microsoft
HW Accel Level: Basic
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

Description: Digital Audio (S/PDIF) (High Definition Audio Device)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0883&SUBSYS_1019E601&REV_1000
Manufacturer ID: 1
Product ID: 65535
Type: WDM
Driver Name: HdAudio.sys
Driver Version: 6.01.7600.16385 (English)
Driver Attributes: Final Retail
WHQL Logo'd: n/a
Date and Size: 7/13/2009 17:07:00, 350208 bytes
Other Files:
Driver Provider: Microsoft
HW Accel Level: Basic
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No

---------------------
Sound Capture Devices
---------------------
Description: Microphone (High Definition Audio Device)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: HdAudio.sys
Driver Version: 6.01.7600.16385 (English)
Driver Attributes: Final Retail
Date and Size: 7/13/2009 17:07:00, 350208 bytes
Cap Flags: 0x0
Format Flags: 0x0

Description: Line In (High Definition Audio Device)
Default Sound Capture: No
Default Voice Capture: No
Driver Name: HdAudio.sys
Driver Version: 6.01.7600.16385 (English)
Driver Attributes: Final Retail
Date and Size: 7/13/2009 17:07:00, 350208 bytes
Cap Flags: 0x0
Format Flags: 0x0

-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: USB Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31D
FF Driver: n/a

Device Name: USB Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31D
FF Driver: n/a

Device Name: USB Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC31D
FF Driver: n/a

Poll w/ Interrupt: No

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x10DE, 0x026D
| Matching Device ID: usb\root_hub
| Service: usbhub
|
+-+ USB Input Device
| | Vendor/Product ID: 0x04B4, 0x0033
| | Location: Port_#0003.Hub_#0001
| | Matching Device ID: generic_hid_device
| | Service: HidUsb
| |
| +-+ HID-compliant mouse
| | | Vendor/Product ID: 0x04B4, 0x0033
| | | Matching Device ID: hid_device_system_mouse
| | | Service: mouhid

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC31D
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 42.9 GB
Total Space: 233.0 GB
File System: NTFS
Model: ST3250824A ATA Device

Drive: D:
Free Space: 2.2 GB
Total Space: 5.5 GB
File System: FAT32
Model: ST3250824A ATA Device

Drive: E:
Model: LITE-ON DVDRW SHW-160P6S ATA Device
Driver: c:\windows\system32\drivers\cdrom.sys, 6.01.7600.16385 (English), , 0 bytes

--------------
System Devices
--------------
Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_10DE&DEV_02FC&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&10
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_0272&SUBSYS_03511019&REV_A3\3&2411E6FE&1&52
Driver: n/a

Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_0266&SUBSYS_03511019&REV_A1\3&2411E6FE&1&70
Driver: n/a

Name: AMD HyperTransport(tm) Configuration
Device ID: PCI\VEN_1022&DEV_1100&SUBSYS_00000000&REV_00\3&2411E6FE&1&C0
Driver: n/a

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_10DE&DEV_02FB&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&20
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_0270&SUBSYS_03511019&REV_A2\3&2411E6FE&1&48
Driver: n/a

Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_10DE&DEV_0265&SUBSYS_03511019&REV_A1\3&2411E6FE&1&68
Driver: n/a

Name: In-Build CX11256 modem
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200014F1&REV_00\4&3A20BB39&0&3880
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_02FA&SUBSYS_03511019&REV_A2\3&2411E6FE&1&01
Driver: n/a

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_10DE&DEV_026F&SUBSYS_00000000&REV_A2\3&2411E6FE&1&80
Driver: n/a

Name: NVIDIA nForce PCI System Management
Device ID: PCI\VEN_10DE&DEV_0264&SUBSYS_03511019&REV_A3\3&2411E6FE&1&51
Driver: n/a

Name: VIA 1394 OHCI Compliant Host Controller
Device ID: PCI\VEN_1106&DEV_3044&SUBSYS_30441019&REV_C0\4&3A20BB39&0&4880
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_02F9&SUBSYS_03511019&REV_A2\3&2411E6FE&1&04
Driver: n/a

Name: Standard Enhanced PCI to USB Host Controller
Device ID: PCI\VEN_10DE&DEV_026E&SUBSYS_03511019&REV_A3\3&2411E6FE&1&59
Driver: n/a

Name: PCI standard ISA bridge
Device ID: PCI\VEN_10DE&DEV_0260&SUBSYS_03511019&REV_A3\3&2411E6FE&1&50
Driver: n/a

Name: NVIDIA GeForce GT 440
Device ID: PCI\VEN_10DE&DEV_0DE0&SUBSYS_14413842&REV_A1\4&2AD12F4B&0&0020
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_02F8&SUBSYS_03511019&REV_A2\3&2411E6FE&1&03
Driver: n/a

Name: Standard OpenHCD USB Host Controller
Device ID: PCI\VEN_10DE&DEV_026D&SUBSYS_03511019&REV_A3\3&2411E6FE&1&58
Driver: n/a

Name: High Definition Audio Controller
Device ID: PCI\VEN_10DE&DEV_0BEA&SUBSYS_14413842&REV_A1\4&2AD12F4B&0&0120
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_02F0&SUBSYS_03511019&REV_A2\3&2411E6FE&1&00
Driver: n/a

Name: High Definition Audio Controller
Device ID: PCI\VEN_10DE&DEV_026C&SUBSYS_A88D1019&REV_A2\3&2411E6FE&1&81
Driver: n/a

Name: AMD Miscellaneous Configuration
Device ID: PCI\VEN_1022&DEV_1103&SUBSYS_00000000&REV_00\3&2411E6FE&1&C3
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_02FE&SUBSYS_03511019&REV_A2\3&2411E6FE&1&02
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_027F&SUBSYS_03511019&REV_A2\3&2411E6FE&1&06
Driver: n/a

Name: NVIDIA nForce Networking Controller
Device ID: PCI\VEN_10DE&DEV_0269&SUBSYS_03511019&REV_A3\3&2411E6FE&1&A0
Driver: n/a

Name: AMD DRAM and HyperTransport(tm) Trace Mode Configuration
Device ID: PCI\VEN_1022&DEV_1102&SUBSYS_00000000&REV_00\3&2411E6FE&1&C2
Driver: n/a

Name: PCI standard PCI-to-PCI bridge
Device ID: PCI\VEN_10DE&DEV_02FD&SUBSYS_000010DE&REV_A1\3&2411E6FE&1&18
Driver: n/a

Name: PCI standard RAM Controller
Device ID: PCI\VEN_10DE&DEV_027E&SUBSYS_03511019&REV_A2\3&2411E6FE&1&07
Driver: n/a

Name: NVIDIA nForce Serial ATA Controller
Device ID: PCI\VEN_10DE&DEV_0267&SUBSYS_03511019&REV_A1\3&2411E6FE&1&78
Driver: n/a

Name: AMD Address Map Configuration
Device ID: PCI\VEN_1022&DEV_1101&SUBSYS_00000000&REV_00\3&2411E6FE&1&C1
Driver: n/a

------------------
DirectShow Filters
------------------

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,WMADMOD.DLL,6.01.7600.16385
WMAPro over S/PDIF DMO,0x00600800,1,1,WMADMOD.DLL,6.01.7600.16385
WMSpeech Decoder DMO,0x00600800,1,1,WMSPDMOD.DLL,6.01.7600.16385
MP3 Decoder DMO,0x00600800,1,1,mp3dmod.dll,6.01.7600.16385
Mpeg4s Decoder DMO,0x00800001,1,1,mp4sdecd.dll,6.01.7600.16385
WMV Screen decoder DMO,0x00600800,1,1,wmvsdecd.dll,6.01.7600.16385
WMVideo Decoder DMO,0x00800001,1,1,wmvdecod.dll,6.01.7600.16597
Mpeg43 Decoder DMO,0x00800001,1,1,mp43decd.dll,6.01.7600.16385
Mpeg4 Decoder DMO,0x00800001,1,1,mpg4decd.dll,6.01.7600.16385
ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.01.3887.0000
ffdshow DXVA Video Decoder,0xff800002,2,1,ffdshow.ax,1.01.3887.0000
ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.01.3887.0000
ffdshow Audio Decoder,0xff800001,1,1,ffdshow.ax,1.01.3887.0000
DV Muxer,0x00400000,0,0,qdv.dll,6.06.7600.16385
Color Space Converter,0x00400001,1,1,quartz.dll,6.06.7600.16490
WM ASF Reader,0x00400000,0,0,qasf.dll,12.00.7600.16385
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,12.00.7600.16385
AVI Splitter,0x00600000,1,1,quartz.dll,6.06.7600.16490
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.06.7600.16490
SBE2MediaTypeProfile,0x00200000,0,0,sbe.dll,6.06.7600.16724
Microsoft DTV-DVD Video Decoder,0x005fffff,2,4,msmpeg2vdec.dll,6.01.7140.0000
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.06.7600.16724
StreamBufferSink,0x00200000,0,0,sbe.dll,6.06.7600.16724
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.06.7600.16490
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385
MPC - MPEG-2 Video Decoder (Gabest),0x00500001,1,1,Mpeg2DecFilter.ax,1.05.0002.3268
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.06.7600.16724
Closed Captions Analysis Filter,0x00200000,2,5,cca.dll,6.06.7600.16385
SBE2FileScan,0x00200000,0,0,sbe.dll,6.06.7600.16724
Microsoft MPEG-2 Video Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
MPC - FLV Splitter (Gabest),0x00600000,1,1,FLVSplitter.ax,1.05.0002.3268
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.06.7600.16490
WavPack Audio Decoder,0x00600000,1,1,WavPackDSDecoder.ax,1.01.0000.0484
DV Splitter,0x00600000,1,2,qdv.dll,6.06.7600.16385
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.06.7600.16490
Haali Media Splitter,0x00800001,0,1,splitter.ax,1.11.0096.0014
Haali Media Splitter (AR),0x00400000,1,1,splitter.ax,1.11.0096.0014
Microsoft MPEG-2 Encoder,0x00200000,2,1,msmpeg2enc.dll,6.01.7600.16385
ACM Wrapper,0x00600000,1,1,quartz.dll,6.06.7600.16490
Video Renderer,0x00800001,1,0,quartz.dll,6.06.7600.16490
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.06.7600.16724
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.06.7600.16385
Video Port Manager,0x00600000,2,1,quartz.dll,6.06.7600.16490
Video Renderer,0x00400000,1,0,quartz.dll,6.06.7600.16490
Haali Video Renderer,0x00200000,1,0,dxr.dll,
VPS Decoder,0x00200000,0,0,WSTPager.ax,6.06.7600.16385
WM ASF Writer,0x00400000,0,0,qasf.dll,12.00.7600.16385
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,6.01.7600.16385
File writer,0x00200000,1,0,qcap.dll,6.06.7600.16385
iTV Data Sink,0x00600000,1,0,itvdata.dll,6.06.7600.16385
iTV Data Capture filter,0x00600000,1,1,itvdata.dll,6.06.7600.16385
Haali Simple Media Splitter,0x00200000,0,1,splitter.ax,1.11.0096.0014
DirectVobSub,0x00200000,2,1,VSFilter.dll,2.40.3252.0002
DirectVobSub (auto-loading version),0x00800002,2,1,VSFilter.dll,2.40.3252.0002
DVD Navigator,0x00200000,0,3,qdvd.dll,6.06.7600.16385
Overlay Mixer2,0x00200000,1,1,qdvd.dll,6.06.7600.16385
Haali Matroska Muxer,0x00200000,1,0,splitter.ax,1.11.0096.0014
AVI Draw,0x00600064,9,1,quartz.dll,6.06.7600.16490
RDP DShow Redirection Filter,0xffffffff,1,0,DShowRdpFilter.dll,
Microsoft MPEG-2 Audio Encoder,0x00200000,1,1,msmpeg2enc.dll,6.01.7600.16385
WST Pager,0x00200000,1,1,WSTPager.ax,6.06.7600.16385
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.06.7600.16724
DV Video Decoder,0x00800000,1,1,qdv.dll,6.06.7600.16385
ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.01.3887.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.06.7600.16385
Null Renderer,0x00200000,1,0,qedit.dll,6.06.7600.16385
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.06.7600.16385
Microsoft AC3 Encoder,0x00200000,1,1,msac3enc.dll,6.01.7600.16385
MPC - FLV Source (Gabest),0x00600000,0,0,FLVSplitter.ax,1.05.0002.3268
StreamBufferSource,0x00200000,0,0,sbe.dll,6.06.7600.16724
Smart Tee,0x00200000,1,2,qcap.dll,6.06.7600.16385
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.06.7600.16385
AVI Decompressor,0x00600000,1,1,quartz.dll,6.06.7600.16490
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.06.7600.16490
Wave Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
MIDI Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
Multi-file Parser,0x00400000,1,1,quartz.dll,6.06.7600.16490
File stream renderer,0x00400000,1,1,quartz.dll,6.06.7600.16490
WavPack Audio Splitter,0x00600000,1,1,WavPackDSSplitter.ax,1.01.0000.0323
ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.01.3887.0000
Microsoft DTV-DVD Audio Decoder,0x005fffff,1,1,msmpeg2adec.dll,6.01.7140.0000
StreamBufferSink2,0x00200000,0,0,sbe.dll,6.06.7600.16724
AVI Mux,0x00200000,1,0,qcap.dll,6.06.7600.16385
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.06.7600.16490
File Source (Async.),0x00400000,0,1,quartz.dll,6.06.7600.16490
File Source (URL),0x00400000,0,1,quartz.dll,6.06.7600.16490
Haali Video Sink,0x00200000,1,0,splitter.ax,1.11.0096.0014
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.06.7600.16385
Enhanced Video Renderer,0x00200000,1,0,evr.dll,6.01.7600.16385
BDA MPEG2 Transport Information Filter,0x00200000,2,0,psisrndr.ax,6.06.7600.16385
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.06.7600.16490

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,wmvxencd.dll,6.01.7600.16385
WMVideo9 Encoder DMO,0x00600800,1,1,wmvencod.dll,6.01.7600.16385
MSScreen 9 encoder DMO,0x00600800,1,1,wmvsencd.dll,6.01.7600.16385
DV Video Encoder,0x00200000,0,0,qdv.dll,6.06.7600.16385
ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.01.3887.0000
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.06.7600.16490
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.06.7600.16385
ffdshow Video Codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft RLE,0x00200000,1,1,qcap.dll,6.06.7600.16385
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.06.7600.16385

Audio Compressors:
WM Speech Encoder DMO,0x00600800,1,1,WMSPDMOE.DLL,6.01.7600.16385
WMAudio Encoder DMO,0x00600800,1,1,WMADMOE.DLL,6.01.7600.16385
IMA ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
PCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.06.7600.16490
GSM 6.10,0x00200000,1,1,quartz.dll,6.06.7600.16490
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT A-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
CCITT u-Law,0x00200000,1,1,quartz.dll,6.06.7600.16490
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.06.7600.16490

Audio Capture Sources:
Microphone (High Definition Aud,0x00200000,0,0,qcap.dll,6.06.7600.16385
Line In (High Definition Audio ,0x00200000,0,0,qcap.dll,6.06.7600.16385

PBDA CP Filters:
PBDA DTFilter,0x00600000,1,1,CPFilters.dll,6.06.7600.16724
PBDA ETFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16724
PBDA PTFilter,0x00200000,0,0,CPFilters.dll,6.06.7600.16724

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Microsoft GS Wavetable Synth,0x00200000,1,0,quartz.dll,6.06.7600.16490

WDM Streaming Capture Devices:
HD Audio Mixed capture,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

WDM Streaming Rendering Devices:
HD Audio Speaker,0x00200000,1,1,ksproxy.ax,6.01.7600.16385
HD Audio SPDIF out,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

BDA Network Providers:
Microsoft ATSC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBC Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBS Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft DVBT Network Provider,0x00200000,0,1,MSDvbNP.ax,6.06.7600.16385
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.06.7600.16648

Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.06.7600.16385

BDA Transport Information Renderers:
BDA MPEG2 Transport Information Filter,0x00600000,2,0,psisrndr.ax,6.06.7600.16385
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.06.7600.16385

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,1,EncDec.dll,6.06.7600.16724
Encrypt/Tag,0x00200000,0,0,EncDec.dll,6.06.7600.16724
PTFilter,0x00200000,0,0,EncDec.dll,6.06.7600.16724
XDS Codec,0x00200000,0,0,EncDec.dll,6.06.7600.16724

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,ksproxy.ax,6.01.7600.16385

Audio Renderers:
Speakers (High Definition Audio,0x00200000,1,0,quartz.dll,6.06.7600.16490
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.06.7600.16490
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.06.7600.16490
Digital Audio (S/PDIF) (High De,0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Digital Audio (S/PDIF) (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490
DirectSound: Speakers (High Definition Audio Device),0x00200000,1,0,quartz.dll,6.06.7600.16490

---------------
EVR Power Information
---------------
Current Setting: {5C67A112-A4C9-483F-B4A7-1D473BECAFDC} (Quality)
Quality Flags: 2576
Enabled:
Force throttling
Allow half deinterlace
Allow scaling
Decode Power Usage: 100
Balanced Flags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 50
PowerFlags: 1424
Enabled:
Force throttling
Allow batching
Force half deinterlace
Force scaling
Decode Power Usage: 0
 
So, um, what do I do now? I still get that windows explorer has stopped working error when I right click onto my desktop.
 
Need scan from DDS please...

Please download DDS by sUBs from BleepingComputer.com or Forospyware.com and save it to your Desktop.

Note: Before scanning, make sure all other running programs are closed. There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click Yes to the Optional_Scan
  • Please follow the instructions that pop up for posting the results. Post only the contents of both logs.
  • Close the program window, and delete the program from your Desktop.
 
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by KENT NGUYEN at 4:02:22 on 2012-08-02
Microsoft® Windows 7 Eternity™ 2009 6.1.7600.0.1252.1.1033.18.3072.1513 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\FRYS\FR-300USB revA\WlanWpsSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\FRYS\FR-300USB revA\wirelesscm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\KENT NGUYEN\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\KENT NGUYEN\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
dRun: [Welcome Center] C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
dRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ROCKET~1.LNK - C:\Program Files (x86)\RocketDock\RocketDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\FRYS\FR-300USB revA\wirelesscm.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{31E03527-7ABA-4A1B-937E-456721522840} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\KENT NGUYEN\AppData\Roaming\Mozilla\Firefox\Profiles\ounn8cau.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\KENT NGUYEN\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\KENT NGUYEN\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-16 44808]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-6-27 2369960]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-15 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-17 2348352]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-7-27 2337144]
R2 WlanWpsSvc;WlanWpsSvc;C:\Program Files (x86)\FRYS\FR-300USB revA\WlanWpsSvc.exe [2011-7-22 167936]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
R3 VST64_DPV;VST64_DPV;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
R3 VST64HWBS2;VST64HWBS2;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-22 253088]
S3 Gun;Gun;C:\Game\SoftnyxGame\GunboundIS\Gun64.sys [2012-5-3 45176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-2 113120]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-07-26 10:05:39--------d-----w-C:\Program Files (x86)\Survival Project
2012-07-26 09:59:47--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\Downloaded Installations
2012-07-26 09:45:56--------d-----w-C:\Program Files (x86)\MSXML 4.0
2012-07-19 21:57:55--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{53997142-2F5B-4BC3-B107-CF3D70AEBD94}
2012-07-19 21:57:14--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{7AF86F08-A1E0-4F2A-8CC1-111D0BF97DC6}
2012-07-19 02:09:42--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{4184B0B7-C8C5-4748-AFA7-A188015712F9}
2012-07-19 02:09:12--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{8127895A-EB9E-4BE3-BFF4-34B916EB5136}
2012-07-17 21:20:13--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{ADEDA0C8-C2AD-486C-9DB1-DB104EA2F68A}
2012-07-17 21:19:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{78C8293F-F07C-4029-A1BA-6B18F81084F0}
2012-07-17 03:06:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D3E7CCD9-86F1-43A8-B387-38CF830B2E6C}
2012-07-17 03:06:05--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6EC5F370-6D42-4017-BA5A-C3C1C6CCDF04}
2012-07-17 02:31:49--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{85E094E1-8064-405B-BB04-DB041B4E4209}
2012-07-17 02:31:18--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{952D1D2B-6348-4574-8520-A52C04B947E7}
2012-07-17 02:21:0154072----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2012-07-17 02:20:59958400----a-w-C:\Windows\System32\drivers\aswSnx.sys
2012-07-17 02:20:5571064----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2012-07-17 02:20:0041224----a-w-C:\Windows\avastSS.scr
2012-07-17 02:19:40--------d-----w-C:\ProgramData\AVAST Software
2012-07-17 02:19:40--------d-----w-C:\Program Files\AVAST Software
2012-07-17 02:10:59--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{FEF2565D-E9CF-42FD-8B57-9FAF5BB85FC5}
2012-07-17 02:05:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{BA4D90E7-0500-4EFB-87BC-526AF1798DB5}
2012-07-16 06:14:08--------d-----w-C:\Users\KENT NGUYEN\AppData\Roaming\Malwarebytes
2012-07-16 06:13:46--------d-----w-C:\ProgramData\Malwarebytes
2012-07-16 06:13:4524904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-07-16 06:13:44--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-15 05:28:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6584F75C-1B41-417F-BD69-B2ED95C70AEC}
2012-07-15 05:28:00--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{0A631996-564C-480C-9DBF-E810465B1C40}
2012-07-14 02:20:46--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{8B4CFDAD-A57F-42A8-88A0-E266F9AB41A0}
2012-07-14 02:20:01--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{01DD146C-BED6-4E92-8686-69273353BCF1}
2012-07-13 04:06:29--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D258A4D1-1EF5-4EE5-AA9E-A5D0DEFFFB95}
2012-07-13 04:05:57--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{78901982-3F52-4C80-957D-47C9276872F1}
2012-07-10 02:29:41--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{6396E83E-66B5-4FDA-8C9D-474404D8C5E3}
2012-07-10 02:28:34--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{2E5F02D7-0EB7-42BB-845B-8453A52EE2C0}
2012-07-07 19:00:12--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{96051CB2-D295-4F34-B6F6-B4BC8C7B20A0}
2012-07-07 18:59:37--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{016872C1-2871-425C-9A93-671D017A4BA6}
2012-07-06 16:22:04--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{3E9D3CCC-D90C-4F0D-9A95-4FBE134B81AF}
2012-07-06 16:21:38--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{D899CCA2-F081-4127-8C58-9DD5FA452118}
2012-07-05 05:02:31--------d-----w-C:\Users\KENT NGUYEN\AppData\Local\{A5FE502F-FF41-46EE-9A2E-1187940554FD}
.
==================== Find3M ====================
.
.
============= FINISH: 4:03:31.28 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows 7 Eternity™ 2009
Boot Device: \Device\HarddiskVolume2
Install Date: 7/22/2011 3:06:41 PM
System Uptime: 8/1/2012 10:31:29 PM (6 hours ago)
.
Motherboard: C51PVGM-GB | | C51PVGM-GB
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket M2 | 2000/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 228 GiB total, 45.183 GiB free.
D: is FIXED (FAT32) - 5 GiB total, 2.108 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ACPI\AWY0001\2&DABA3FF&1
Manufacturer:
Name:
PNP Device ID: ACPI\AWY0001\2&DABA3FF&1
Service:
.
==== System Restore Points ===================
.
RP103: 7/21/2012 10:02:32 PM - OTL Restore Point - 7/21/2012 10:02:31 PM
RP104: 7/26/2012 2:43:47 AM - Installed MSXML 4.0 SP2 Parser and SDK
RP105: 7/26/2012 3:02:42 AM - Installed Survival Project.
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.1)
AIM 7
Apple Application Support
Apple Software Update
avast! Free Antivirus
Combined Community Codec Pack 2011-06-26
Counter-Strike: Source
D3DX10
Download Updater (AOL LLC)
Fantapper Browser Plugin
Fry's Wireless N USB Adapter FR-300USB
Google Chrome
Heroes of Newerth
Itibiti RTC
Java Auto Updater
Java(TM) 6 Update 26
Knctr
League of Legends
LogMeIn Hamachi
Malwarebytes Anti-Malware version 1.62.0.1300
MapleStory
Messenger Companion
Microsoft Office Excel Viewer
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 Parser and SDK
Mumble 1.2.3
Nexon Game Manager
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
ooVoo
Pando Media Booster
PhotoScape
Presentation Assistant Pro V2.3.3
QuickTime
Raidcall
REACTOR
Skype™ 5.8
Soldier Front
Steam
Survival Project
System Requirements Lab
TeamViewer 6
Unity Web Player
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.01 (32-bit)
.
==== End Of File ===========================
 
Please download ComboFix
combofix.gif
from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com (Click the green button on the page to download it).

Rename ComboFix.exe to combo-fix.exe before you save it to your Desktop
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:
    DDS::
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    dPolicies-explorer: NoResolveTrack = 1 (0x1)
    dPolicies-explorer: NoSMBalloonTip = 1 (0x1)

    ClearJavaCache::
    Click to expand...
  • Save this as CFScript.txt, in the same location as ComboFix.exe

    CFScriptB-4.gif

  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.
 
Status
Not open for further replies.

Similar threads

D
Wifi suddenly stopped working but ethernet works
Replies
1
Views
496
learninmypc
learninmypc
AGenericFool
Help - Valid Windows 10 Licenses deactivate after two days?!
Replies
1
Views
321
Nelson28
N
pcnthuziast
W11 start menu bug
Replies
0
Views
414
pcnthuziast
pcnthuziast

Latest posts

Back