Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-06-2013 04 Ran by SYSTEM on 12-06-2013 22:04:30 Running from X:\ Windows Vista (TM) Home Basic (X86) OS Language: Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet003 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [947152 2013-01-27] (Microsoft Corporation) HKLM\...\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [3012816 2013-04-15] (COMODO) HKU\UpdatusUser\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [x] HKU\UpdatusUser\...\Run: [WeatherWatcher] "C:\Program Files\Weather Watcher\ww.exe" [x] HKU\UpdatusUser\...\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [ 2012-02-16] (SeriousBit) HKU\UpdatusUser\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler [ 2006-09-10] (Macrovision Corporation) HKU\UpdatusUser\...\Run: [Google Update] "C:\Users\wiekoo\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x] HKU\UpdatusUser\...\Winlogon: [Shell] "C:\Program Files\Aston2\Aston2.exe" HKU\wiekoo\...\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" [x] HKU\wiekoo\...\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [ 2012-02-16] (SeriousBit) HKU\wiekoo\...\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler [ 2006-09-10] (Macrovision Corporation) HKU\wiekoo\...\Run: [WeatherWatcherLive] "C:\Program Files\Weather Watcher Live\ww.exe" [x] HKU\wiekoo\...\Winlogon: [Shell] EXPLORER.EXE SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll No File BootExecute: autocheck autochk * lsdelete ========================== Services (Whitelisted) ================= S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com) S2 AnviCsbSvc; C:\Program Files\Cloud System Booster\CSBSvc.exe [318312 2012-12-14] () S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4443912 2013-04-25] (COMODO) S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1737728 2013-06-04] (Lavasoft Limited ) S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation) S2 NetBalancer Windows Service; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [10240 2012-02-16] (SeriousBit) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation) S3 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [x] S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [x] S2 BBSvc; "C:\Program Files\Microsoft\BingBar\BBSvc.EXE" [x] S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [x] S3 cmdvirth; "C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" [x] S3 DfSdkS; "C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS.exe" [x] S3 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [x] S3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [x] S3 fsssvc; "C:\Program Files\Windows Live\Family Safety\fsssvc.exe" [x] S3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [x] S3 IDriverT; "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [x] S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [x] S3 Macromedia Licensing Service; "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe" [x] S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [x] S3 MSCSPTISRV; "C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe" [x] S3 msiserver; %systemroot%\system32\msiexec /V [x] S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x] S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x] S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [x] S2 nvUpdatusService; "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [x] S3 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x] S3 PACSPTISVR; "C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe" [x] S3 SPTISRV; "C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe" [x] S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [x] S3 WLSetupSvc; "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" [x] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [x] ==================== Drivers (Whitelisted) ==================== S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-08-20] (EnTech Taiwan) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation) S4 adp94xx; \SystemRoot\system32\drivers\adp94xx.sys [x] S4 adpahci; \SystemRoot\system32\drivers\adpahci.sys [x] S4 adpu160m; \SystemRoot\system32\drivers\adpu160m.sys [x] S4 adpu320; \SystemRoot\system32\drivers\adpu320.sys [x] S3 agp440; \SystemRoot\system32\drivers\agp440.sys [x] S4 aic78xx; \SystemRoot\system32\drivers\djsvs.sys [x] S4 aliide; \SystemRoot\system32\drivers\aliide.sys [x] S3 amdagp; \SystemRoot\system32\drivers\amdagp.sys [x] S4 amdide; \SystemRoot\system32\drivers\amdide.sys [x] S4 AmdK7; \SystemRoot\system32\drivers\amdk7.sys [x] S4 AmdK8; \SystemRoot\system32\drivers\amdk8.sys [x] S3 Andbus; system32\DRIVERS\lgandbus.sys [x] S3 AndDiag; system32\DRIVERS\lganddiag.sys [x] S3 AndGps; system32\DRIVERS\lgandgps.sys [x] S3 ANDModem; system32\DRIVERS\lgandmodem.sys [x] S4 arc; \SystemRoot\system32\drivers\arc.sys [x] S4 arcsas; \SystemRoot\system32\drivers\arcsas.sys [x] S2 atksgt; system32\DRIVERS\atksgt.sys [x] S3 azt4rsbl; No ImagePath S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x] S3 BrFiltLo; \SystemRoot\system32\drivers\brfiltlo.sys [x] S3 BrFiltUp; \SystemRoot\system32\drivers\brfiltup.sys [x] S4 Brserid; \SystemRoot\system32\drivers\brserid.sys [x] S4 BrSerWdm; \SystemRoot\system32\drivers\brserwdm.sys [x] S4 BrUsbMdm; \SystemRoot\system32\drivers\brusbmdm.sys [x] S3 BrUsbSer; \SystemRoot\system32\drivers\brusbser.sys [x] S4 BTHMODEM; \SystemRoot\system32\drivers\bthmodem.sys [x] S4 circlass; \SystemRoot\system32\drivers\circlass.sys [x] S1 cmderd; System32\DRIVERS\cmderd.sys [x] S1 cmdGuard; system32\DRIVERS\cmdguard.sys [x] S1 cmdHlp; System32\DRIVERS\cmdhlp.sys [x] S4 cmdide; \SystemRoot\system32\drivers\cmdide.sys [x] S4 Compbatt; \SystemRoot\system32\drivers\compbatt.sys [x] S0 crcdisk; system32\drivers\crcdisk.sys [x] S4 Crusoe; \SystemRoot\system32\drivers\crusoe.sys [x] S3 DrmRAudio; system32\drivers\DrmRAudio.sys [x] S1 dtsoftbus01; system32\DRIVERS\dtsoftbus01.sys [x] S3 E1G60; system32\DRIVERS\E1G60I32.sys [x] S4 elxstor; \SystemRoot\system32\drivers\elxstor.sys [x] S2 enodpl; System32\drivers\enodpl.sys [x] S4 ErrDev; \SystemRoot\system32\drivers\errdev.sys [x] S0 evczer; No ImagePath S4 fdc; system32\DRIVERS\fdc.sys [x] S3 FIXUSTOR; system32\DRIVERS\fixustor.sys [x] S4 flpydisk; system32\DRIVERS\flpydisk.sys [x] S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [x] S3 fssfltr; system32\DRIVERS\fssfltr.sys [x] S3 gagp30kx; \SystemRoot\system32\drivers\gagp30kx.sys [x] S3 gdrv; \??\C:\Windows\gdrv.sys [x] S3 GEARAspiWDM; system32\DRIVERS\GEARAspiWDM.sys [x] S4 HidBth; \SystemRoot\system32\drivers\hidbth.sys [x] S4 HidIr; \SystemRoot\system32\drivers\hidir.sys [x] S4 HpCISSs; \SystemRoot\system32\drivers\hpcisss.sys [x] S4 i2omp; \SystemRoot\system32\drivers\i2omp.sys [x] S4 iaStorV; \SystemRoot\system32\drivers\iastorv.sys [x] S4 iirsp; \SystemRoot\system32\drivers\iirsp.sys [x] S1 inspect; system32\DRIVERS\inspect.sys [x] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [x] S3 intelppm; system32\DRIVERS\intelppm.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S4 IPMIDRV; \SystemRoot\system32\drivers\ipmidrv.sys [x] S4 isapnp; \SystemRoot\system32\drivers\isapnp.sys [x] S4 iteatapi; \SystemRoot\system32\drivers\iteatapi.sys [x] S4 iteraid; \SystemRoot\system32\drivers\iteraid.sys [x] S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [x] S0 Lbd; system32\DRIVERS\Lbd.sys [x] S3 LHidFilt; system32\DRIVERS\LHidFilt.Sys [x] S2 lirsgt; system32\DRIVERS\lirsgt.sys [x] S3 LMouFilt; system32\DRIVERS\LMouFilt.Sys [x] S4 LSI_FC; \SystemRoot\system32\drivers\lsi_fc.sys [x] S4 LSI_SAS; \SystemRoot\system32\drivers\lsi_sas.sys [x] S4 LSI_SCSI; \SystemRoot\system32\drivers\lsi_scsi.sys [x] S3 LUsbFilt; System32\Drivers\LUsbFilt.Sys [x] S3 LVPr2Mon; system32\Drivers\LVPr2Mon.sys [x] S3 LVRS; system32\DRIVERS\lvrs.sys [x] S3 ManyCam; system32\DRIVERS\ManyCam.sys [x] S4 megasas; \SystemRoot\system32\drivers\megasas.sys [x] S4 MegaSR; \SystemRoot\system32\drivers\megasr.sys [x] S3 mpfilt; \??\C:\Windows\system32\drivers\mpfilt.sys [x] S4 mpio; \SystemRoot\system32\drivers\mpio.sys [x] S4 Mraid35x; \SystemRoot\system32\drivers\mraid35x.sys [x] S4 msahci; \SystemRoot\system32\drivers\msahci.sys [x] S4 msdsm; \SystemRoot\system32\drivers\msdsm.sys [x] S3 Nbdrv; system32\DRIVERS\nbdrv.sys [x] S1 netbt; System32\DRIVERS\netbt.sys [x] S4 nfrd960; \SystemRoot\system32\drivers\nfrd960.sys [x] S4 ntrigdigi; \SystemRoot\system32\drivers\ntrigdigi.sys [x] S3 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x] S4 nvraid; \SystemRoot\system32\drivers\nvraid.sys [x] S4 nvstor; \SystemRoot\system32\drivers\nvstor.sys [x] S3 nv_agp; \SystemRoot\system32\drivers\nv_agp.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S4 ohci1394; \SystemRoot\system32\drivers\ohci1394.sys [x] S3 PAC207; system32\DRIVERS\PFC027.SYS [x] S3 pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [x] S4 pciide; \SystemRoot\system32\drivers\pciide.sys [x] S4 pcmcia; \SystemRoot\system32\drivers\pcmcia.sys [x] S3 pepifilter; system32\DRIVERS\lv302af.sys [x] S3 PID_PEPI; system32\DRIVERS\LV302V32.SYS [x] S4 Processor; \SystemRoot\system32\drivers\processr.sys [x] S4 ql2300; \SystemRoot\system32\drivers\ql2300.sys [x] S4 ql40xx; \SystemRoot\system32\drivers\ql40xx.sys [x] S1 rdbss; system32\DRIVERS\rdbss.sys [x] S4 rdpdr; \SystemRoot\system32\drivers\rdpdr.sys [x] S3 RTL8169; system32\DRIVERS\Rtlh86.sys [x] S3 RTSTOR; system32\drivers\RTSTOR.SYS [x] S3 s0016bus; system32\DRIVERS\s0016bus.sys [x] S3 s0016mdfl; system32\DRIVERS\s0016mdfl.sys [x] S3 s0016mdm; system32\DRIVERS\s0016mdm.sys [x] S3 s0016mgmt; system32\DRIVERS\s0016mgmt.sys [x] S3 s0016nd5; system32\DRIVERS\s0016nd5.sys [x] S3 s0016obex; system32\DRIVERS\s0016obex.sys [x] S3 s0016unic; system32\DRIVERS\s0016unic.sys [x] S3 s125bus; system32\DRIVERS\s125bus.sys [x] S3 s125mdfl; system32\DRIVERS\s125mdfl.sys [x] S3 s125mdm; system32\DRIVERS\s125mdm.sys [x] S3 s125mgmt; system32\DRIVERS\s125mgmt.sys [x] S3 s125obex; system32\DRIVERS\s125obex.sys [x] S1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [x] S1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [x] S4 sbp2port; \SystemRoot\system32\drivers\sbp2port.sys [x] S2 secdrv; No ImagePath S3 seehcri; system32\DRIVERS\seehcri.sys [x] S4 sffdisk; \SystemRoot\system32\drivers\sffdisk.sys [x] S3 sffp_mmc; \SystemRoot\system32\drivers\sffp_mmc.sys [x] S3 sffp_sd; \SystemRoot\system32\drivers\sffp_sd.sys [x] S4 sfloppy; \SystemRoot\system32\drivers\sfloppy.sys [x] S3 sisagp; \SystemRoot\system32\drivers\sisagp.sys [x] S4 SiSRaid2; \SystemRoot\system32\drivers\sisraid2.sys [x] S4 SiSRaid4; \SystemRoot\system32\drivers\sisraid4.sys [x] S0 SmartDefragDriver; System32\Drivers\SmartDefragDriver.sys [x] S4 sptd; \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [x] S3 SRS_SSCFilter; system32\drivers\srs_sscfilter_i386.sys [x] S1 StarOpen; No ImagePath S3 swenum; system32\DRIVERS\swenum.sys [x] S4 Symc8xx; \SystemRoot\system32\drivers\symc8xx.sys [x] S4 Sym_hi; \SystemRoot\system32\drivers\sym_hi.sys [x] S4 Sym_u3; \SystemRoot\system32\drivers\sym_u3.sys [x] S2 tandpl; System32\drivers\tandpl.sys [x] S3 uagp35; \SystemRoot\system32\drivers\uagp35.sys [x] S3 uliagpkx; \SystemRoot\system32\drivers\uliagpkx.sys [x] S4 uliahci; \SystemRoot\system32\drivers\uliahci.sys [x] S4 UlSata; \SystemRoot\system32\drivers\ulsata.sys [x] S4 ulsata2; \SystemRoot\system32\drivers\ulsata2.sys [x] S3 USBAAPL; System32\Drivers\usbaapl.sys [x] S3 usbbus; system32\DRIVERS\lgusbbus.sys [x] S4 usbcir; \SystemRoot\system32\drivers\usbcir.sys [x] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x] S4 usbohci; \SystemRoot\system32\drivers\usbohci.sys [x] S3 usbscan; system32\DRIVERS\usbscan.sys [x] S3 vga; system32\DRIVERS\vgapnp.sys [x] S3 viaagp; \SystemRoot\system32\drivers\viaagp.sys [x] S4 ViaC7; \SystemRoot\system32\drivers\viac7.sys [x] S4 viaide; \SystemRoot\system32\drivers\viaide.sys [x] S4 vsmraid; \SystemRoot\system32\drivers\vsmraid.sys [x] S4 WacomPen; \SystemRoot\system32\drivers\wacompen.sys [x] S4 Wd; \SystemRoot\system32\drivers\wd.sys [x] S4 WmiAcpi; \SystemRoot\system32\drivers\wmiacpi.sys [x] S3 WsAudio_DeviceS(1); system32\drivers\WsAudio_DeviceS(1).sys [x] S3 WsAudio_DeviceS(2); system32\drivers\WsAudio_DeviceS(2).sys [x] S3 WsAudio_DeviceS(3); system32\drivers\WsAudio_DeviceS(3).sys [x] S3 WsAudio_DeviceS(4); system32\drivers\WsAudio_DeviceS(4).sys [x] S3 WsAudio_DeviceS(5); system32\drivers\WsAudio_DeviceS(5).sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-12 18:56 - 2008-01-21 02:32 - 00017976 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelide.sys 2013-06-12 17:02 - 2013-06-12 17:02 - 00000512 ____A C:\Windows\PFRO.log 2013-06-12 16:59 - 2013-06-12 16:59 - 00624408 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-11 16:44 - 2013-06-11 16:44 - 00000000 ____D C:\FRST 2013-06-11 09:40 - 2013-06-11 09:40 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Macromedia 2013-06-11 09:40 - 2013-06-11 09:40 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Adobe 2013-06-11 08:46 - 2013-06-11 10:57 - 00845456 ____A C:\Windows\System32\Drivers\sfi.dat 2013-06-05 08:58 - 2013-06-11 05:47 - 00222821 ____A C:\Windows\WindowsUpdate.log 2013-06-04 10:14 - 2013-06-04 10:14 - 00000000 ____D C:\Program Files\Lavasoft 2013-06-04 09:27 - 2013-06-11 08:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-05-31 11:02 - 2013-06-10 08:27 - 00000400 ____A C:\Windows\Tasks\Wise Care 365.job 2013-05-31 11:02 - 2013-06-07 11:00 - 00000380 ____A C:\Windows\Tasks\Wise Turbo Checker.job 2013-05-31 10:32 - 2013-05-31 10:32 - 00000000 ____D C:\Program Files\Wise 2013-05-23 20:49 - 2013-06-11 08:01 - 00000000 ____D C:\Program Files\Cloud System Booster 2013-05-19 14:41 - 2013-05-19 14:41 - 00000000 _RASH C:\MSDOS.SYS 2013-05-19 14:41 - 2013-05-19 14:41 - 00000000 _RASH C:\IO.SYS 2013-05-16 08:30 - 2013-05-05 19:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-16 08:30 - 2013-05-05 19:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-16 07:56 - 2013-04-04 22:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-16 07:56 - 2013-04-04 22:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-16 07:56 - 2013-04-04 22:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-16 07:56 - 2013-04-04 22:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-16 07:56 - 2013-04-04 22:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-16 07:56 - 2013-04-04 22:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-16 07:56 - 2013-04-04 21:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-16 07:56 - 2013-04-04 21:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-16 07:56 - 2013-04-04 21:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-16 07:56 - 2013-04-04 21:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-16 07:56 - 2013-04-04 21:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-16 07:56 - 2013-04-04 21:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-16 07:56 - 2013-04-04 21:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-16 07:56 - 2013-04-04 21:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-15 09:25 - 2013-04-15 14:20 - 00638328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2013-05-15 09:25 - 2013-04-13 10:56 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2013-05-15 09:24 - 2013-04-09 01:36 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys ==================== One Month Modified Files and Folders ======== 2013-06-12 17:02 - 2013-06-12 17:02 - 00000512 ____A C:\Windows\PFRO.log 2013-06-12 16:59 - 2013-06-12 16:59 - 00624408 ____A C:\Windows\System32\FNTCACHE.DAT 2013-06-11 16:45 - 2009-03-22 16:35 - 00000000 ____D C:\users\wiekoo 2013-06-11 16:45 - 2006-11-02 11:18 - 00000000 __RHD C:\users\Default 2013-06-11 16:44 - 2013-06-11 16:44 - 00000000 ____D C:\FRST 2013-06-11 11:03 - 2010-05-26 10:36 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Aston2 2013-06-11 10:57 - 2013-06-11 08:46 - 00845456 ____A C:\Windows\System32\Drivers\sfi.dat 2013-06-11 10:27 - 2006-11-02 12:45 - 00003792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-11 10:27 - 2006-11-02 12:45 - 00003792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-11 10:27 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\spool 2013-06-11 09:40 - 2013-06-11 09:40 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Macromedia 2013-06-11 09:40 - 2013-06-11 09:40 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Adobe 2013-06-11 08:38 - 2008-11-06 14:47 - 00000000 ____D C:\Windows\System32\Macromed 2013-06-11 08:38 - 2008-01-21 06:20 - 00000000 ____D C:\Windows\WindowsMobile 2013-06-11 08:38 - 2006-11-02 12:35 - 00000000 ____D C:\Windows\twain_32 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\zh-TW 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\zh-HK 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\winevt 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\tr-TR 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\sv-SE 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\SMI 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\pt-BR 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\pl-PL 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\nl-NL 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\nb-NO 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\MUI 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\LogFiles 2013-06-11 08:38 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\ko-KR 2013-06-11 08:37 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\it-IT 2013-06-11 08:37 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\he-IL 2013-06-11 08:37 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\fr-FR 2013-06-11 08:37 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\fi-FI 2013-06-11 08:37 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\el-GR 2013-06-11 08:36 - 2009-03-22 16:21 - 00000000 ____D C:\Windows\Panther 2013-06-11 08:36 - 2008-01-21 06:20 - 00000000 ____D C:\Windows\System32\Drivers\pl-PL 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ___RD C:\Windows\Offline Web Pages 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\de-DE 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\com 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\System32\ar-SA 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\system 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\registration 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\MSAgent 2013-06-11 08:36 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\Microsoft.NET 2013-06-11 08:35 - 2006-11-02 12:35 - 00000000 ____D C:\Windows\DigitalLocker 2013-06-11 08:35 - 2006-11-02 11:18 - 00000000 __RSD C:\Windows\Media 2013-06-11 08:35 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\IME 2013-06-11 08:35 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\Help 2013-06-11 08:34 - 2013-02-06 13:21 - 00000000 ___HD C:\VTRoot 2013-06-11 08:34 - 2009-02-01 21:07 - 00000000 ____D C:\Users\wiekoo\{ed5f49a9-819f-48bf-a080-f080c38d5e37} 2013-06-11 08:32 - 2012-02-07 09:31 - 00000000 ____D C:\Users\wiekoo\Documents\ZPS14 2013-06-11 08:32 - 2011-01-07 11:31 - 00000000 ____D C:\Users\wiekoo\Documents\ZPS13 2013-06-11 08:32 - 2010-06-21 09:16 - 00000000 ____D C:\Users\wiekoo\Documents\Corel 2013-06-11 08:32 - 2009-07-29 18:24 - 00000000 ____D C:\Users\wiekoo\Documents\Ableton 2013-06-11 08:30 - 2012-09-28 10:00 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\ProcessLasso 2013-06-11 08:30 - 2010-04-17 10:06 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\NVIDIA 2013-06-11 08:30 - 2010-01-03 12:52 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\SecuROM 2013-06-11 08:27 - 2010-08-26 20:34 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Ashampoo 2013-06-11 08:26 - 2009-11-26 11:24 - 00000000 ____D C:\Users\wiekoo\AppData\Local\Xenocode 2013-06-11 08:26 - 2009-07-29 18:24 - 00000000 ____D C:\Users\wiekoo\AppData\Roaming\Ableton 2013-06-11 08:26 - 2008-12-19 19:43 - 00000000 ____D C:\Users\wiekoo\AppData\Local\Microsoft Games 2013-06-11 08:26 - 2008-12-18 15:58 - 00000000 ____D C:\Users\wiekoo\AppData\Local\VirtualStore 2013-06-11 08:23 - 2011-08-31 04:47 - 00000000 ____D C:\Users\wiekoo\AppData\Local\Comodo 2013-06-11 08:21 - 2010-06-01 17:45 - 00000000 ____D C:\users\Administrator.wiekoomp 2013-06-11 08:21 - 2010-05-26 10:36 - 00000000 ____D C:\Users\wiekoo\AppData\Local\Aston2 2013-06-11 08:21 - 2006-11-02 11:18 - 00000000 ___RD C:\users\Public 2013-06-11 08:11 - 2012-11-27 15:04 - 00000000 ____D C:\Program Files\Weather Watcher Live 2013-06-11 08:11 - 2006-11-02 12:35 - 00000000 ____D C:\Program Files\Windows Sidebar 2013-06-11 08:11 - 2006-11-02 12:35 - 00000000 ____D C:\Program Files\Windows Photo Gallery 2013-06-11 08:10 - 2013-06-04 09:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2013-06-11 08:10 - 2012-11-13 01:04 - 00000000 ____D C:\Program Files\CrystalDiskInfo 2013-06-11 08:10 - 2012-11-09 11:58 - 00000000 ____D C:\Program Files\Tunatic 2013-06-11 08:10 - 2009-12-16 15:33 - 00000000 ____D C:\Program Files\SWiSH Max2 2013-06-11 08:09 - 2012-11-23 14:31 - 00000000 ___RD C:\Program Files\Skype 2013-06-11 08:09 - 2012-10-11 09:45 - 00000000 ____D C:\Program Files\PowerArchiver 2013-06-11 08:09 - 2012-01-05 10:47 - 00000000 ____D C:\Program Files\Process Lasso 2013-06-11 08:09 - 2011-10-23 21:23 - 00000000 ____D C:\Program Files\RocketDock 2013-06-11 08:09 - 2009-03-22 16:31 - 00000000 ____D C:\Program Files\Realtek 2013-06-11 08:08 - 2013-01-13 19:38 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-06-11 08:08 - 2012-02-18 09:35 - 00000000 ____D C:\Program Files\NetBalancer 2013-06-11 08:08 - 2010-02-24 13:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2013-06-11 08:08 - 2006-11-02 12:35 - 00000000 ____D C:\Program Files\Movie Maker 2013-06-11 08:08 - 2006-11-02 12:35 - 00000000 ____D C:\Program Files\Microsoft Games 2013-06-11 08:06 - 2012-09-27 22:16 - 00000000 ____D C:\Program Files\LG PC Suite II 2013-06-11 08:05 - 2008-12-18 17:23 - 00000000 ____D C:\Program Files\Java 2013-06-11 08:05 - 2008-11-06 14:38 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2013-06-11 08:04 - 2009-05-22 14:52 - 00000000 ____D C:\Program Files\HP 2013-06-11 08:04 - 2008-12-24 20:52 - 00000000 ____D C:\Program Files\Google 2013-06-11 08:02 - 2006-11-02 11:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2013-06-11 08:01 - 2013-05-23 20:49 - 00000000 ____D C:\Program Files\Cloud System Booster 2013-06-11 08:01 - 2011-08-24 14:20 - 00000000 ____D C:\Program Files\Common Files\logishrd 2013-06-11 08:01 - 2008-12-20 10:43 - 00000000 ____D C:\Program Files\Common Files\Adobe 2013-06-11 08:01 - 2008-11-07 09:32 - 00000000 ____D C:\Program Files\Common Files\LightScribe 2013-06-11 08:01 - 2008-11-06 14:38 - 00000000 ____D C:\Program Files\Common Files\InstallShield 2013-06-11 07:59 - 2010-05-26 10:35 - 00000000 ___RD C:\Program Files\Aston2 2013-06-11 07:58 - 2010-06-01 14:36 - 00000000 ____D C:\Program Files\Ashampoo 2013-06-11 07:54 - 2012-03-15 18:25 - 00000000 ____D C:\Program Files\AnVir Task Manager 2013-06-11 07:53 - 2013-03-25 06:36 - 00000000 ____D C:\Program Files\Alawar.pl 2013-06-11 07:53 - 2012-01-17 21:33 - 00000000 ____D C:\Program Files\Adobe 2013-06-11 05:47 - 2013-06-05 08:58 - 00222821 ____A C:\Windows\WindowsUpdate.log 2013-06-10 08:27 - 2013-05-31 11:02 - 00000400 ____A C:\Windows\Tasks\Wise Care 365.job 2013-06-10 08:26 - 2006-11-02 12:58 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-09 23:38 - 2006-11-02 12:58 - 00032580 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2013-06-07 11:00 - 2013-05-31 11:02 - 00000380 ____A C:\Windows\Tasks\Wise Turbo Checker.job 2013-06-04 10:14 - 2013-06-04 10:14 - 00000000 ____D C:\Program Files\Lavasoft 2013-06-04 02:20 - 2012-11-12 19:55 - 00000000 ____D C:\users\UpdatusUser.wiekoomp 2013-05-31 11:24 - 2006-11-02 10:22 - 66584576 ____A C:\Windows\System32\config\SOFTWARE.bak 2013-05-31 11:24 - 2006-11-02 10:22 - 36700160 ____A C:\Windows\System32\config\COMPONENTS.bak 2013-05-31 11:24 - 2006-11-02 10:22 - 01310720 ____A C:\Windows\System32\config\DEFAULT.bak 2013-05-31 11:24 - 2006-11-02 10:22 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak 2013-05-31 11:24 - 2006-11-02 10:22 - 00057344 ____A C:\Windows\System32\config\SAM.bak 2013-05-31 10:32 - 2013-05-31 10:32 - 00000000 ____D C:\Program Files\Wise 2013-05-20 20:56 - 2013-02-26 18:19 - 00000930 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-19 14:41 - 2013-05-19 14:41 - 00000000 _RASH C:\MSDOS.SYS 2013-05-19 14:41 - 2013-05-19 14:41 - 00000000 _RASH C:\IO.SYS ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!. ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 2046.43 MB Available physical RAM: 1311.85 MB Total Pagefile: 1818.97 MB Available Pagefile: 823.94 MB Total Virtual: 2047.88 MB Available Virtual: 1993.64 MB ==================== Drives ================================ Drive b: (RamDrive) (Fixed) (Total:0.53 GB) (Free:0.5 GB) NTFS Drive c: (C: SYSTEM) (Fixed) (Total:78.14 GB) (Free:56.65 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (D: Zapasy) (Fixed) (Total:154.75 GB) (Free:5.28 GB) NTFS Drive e: (WIEXDRIVE) (Removable) (Total:3.73 GB) (Free:0.01 GB) FAT32 Drive j: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS Drive x: (Mini Xp) (Fixed) (Total:0.23 GB) (Free:0.23 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 763F1357) Partition 1: (Active) - (Size=78 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=155 GB) - (Type=OF Extended) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: 62756C20) Partition 1: (Not Active) - (Size=-777111989248) - (Type=6E) Partition 2: (Not Active) - (Size=780 GB) - (Type=73) Partition 3: (Not Active) - (Size=797 GB) - (Type=2C) Partition 4: (Not Active) - (Size=27 MB) - (Type=77) LastRegBack: 2013-06-11 09:05 ==================== End Of Log ============================