Potential Malware Issue

**Shadefyre** · 19-12-2011

Hi, I posted a thread in the Windows 7 area earlier about a wireless card that suddenly stopped working with my system (http://www.d-a-l.com/help/windows-7-...tml#post250675). Since it works just fine with a seperate Windows 7 computer and was previously working fine with my system, I'm concerned that something malicious on my system is preventing the drivers from being used.As always, I'd like to rule out malware before just buying a new card.

Malwarebytes Antimalware Scan Log
Malwarebytes' Anti-Malware 1.51.2.1300
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Database version: 7622

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

19/12/2011 10:45:18 AM
mbam-log-2011-12-19 (10-45-18).txt

Scan type: Quick scan
Objects scanned: 176012
Time elapsed: 3 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER Log came up empty, with nothing to post.

aswMBR Logs
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-19 11:45:22
-----------------------------
11:45:22.405 OS Version: Windows x64 6.1.7601 Service Pack 1
11:45:22.405 Number of processors: 4 586 0x2A07
11:45:22.405 ComputerName: ALPHAZERO UserName: Shadefyre
11:45:24.190 Initialize success
11:45:24.480 AVAST engine defs: 11121701
11:45:40.312 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
11:45:40.312 Disk 0 Vendor: ST31000528AS CC37 Size: 953869MB BusType: 3
11:45:40.317 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-7
11:45:40.317 Disk 1 Vendor: ST31000528AS CC38 Size: 953869MB BusType: 3
11:45:42.332 Disk 1 MBR read successfully
11:45:42.337 Disk 1 MBR scan
11:45:42.337 Disk 1 Windows 7 default MBR code
11:45:42.342 Service scanning
11:45:43.767 Modules scanning
11:45:43.767 Disk 1 trace - called modules:
11:45:43.787 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
11:45:43.792 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80051f7060]
11:45:43.797 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800469ed10]
11:45:43.802 5 ACPI.sys[fffff88000f9c7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-7[0xfffffa800475a060]
11:45:46.727 AVAST engine scan C:\Windows
11:45:51.238 AVAST engine scan C:\Windows\system32
11:47:06.244 AVAST engine scan C:\Windows\system32\drivers
11:47:12.985 AVAST engine scan C:\Users\Shadefyre
11:50:03.707 AVAST engine scan C:\ProgramData
11:50:38.431 Scan finished successfully
12:02:44.131 Disk 1 MBR has been saved successfully to "H:\Computer Fix\Logs\MBR.dat"
12:02:44.146 The log file has been saved successfully to "H:\Computer Fix\Logs\aswMBR.txt"

DDS Log
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Shadefyre at 12:03:10 on 2011-12-19
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.2.1033.18.4073.2273 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files (x86)\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\TrustCheckerIEPlugin.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRunOnce: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-2GLOH.exe" /REG /REGSVRMODE
uPolicies-explorer: RestrictRun = 0 (0x0)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: RestrictRun = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\TrustCheckerIEPlugin.dll
BHO-X64: ZoneAlarm Security Engine Registrar - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\TrustCheckerIEPlugin.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e" -launchedbylogin
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRunOnce-x64: [Malwarebytes' Anti-Malware (registration)] regsvr32.exe /s "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll"
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce-x64: [InnoSetupRegFile.0000000001] "C:\Windows\is-2GLOH.exe" /REG /REGSVRMODE
.
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.s ys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.s ys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswF sBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\driver s\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-5 44768]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-3 33672]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-11-3 827520]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atik mdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atik mpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe --> C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [?]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2011-12-6 131912]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 netr7364;Linksys Compact Wireless-G USB Adapter Driver for Vista;C:\Windows\system32\DRIVERS\WUSB54GCx64.sys --> C:\Windows\system32\DRIVERS\WUSB54GCx64.sys [?]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-1-9 4925184]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominipor t.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\ synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsus bhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-19 15:40:44 709968 ----a-w- C:\Windows\is-2GLOH.exe
2011-12-19 08:11:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B69E7D51-BA73-4656-B107-5FDFCFCBEF86}\offreg.dll
2011-12-18 09:26:26 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Quest3D
2011-12-18 09:22:46 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Nicalis
2011-12-18 09:21:58 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\SaintXi
2011-12-18 08:45:02 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2011-12-18 08:44:59 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2011-12-18 08:35:34 -------- d-----w- C:\Program Files (x86)\Firefly Studios
2011-12-18 08:28:56 -------- d-----w- C:\Program Files (x86)\Nicolas Games
2011-12-18 08:14:38 2352128 ----a-r- C:\Users\Shadefyre\AppData\Roaming\Microsoft\Insta ller\{932247E9-A3C1-11D4-80B0-00A0D21817C9}\blairwitch2.exe
2011-12-18 08:14:03 -------- d-----w- C:\Program Files (x86)\HumanHead
2011-12-18 08:00:01 -------- d-----w- C:\Program Files (x86)\King's Bounty The Legend
2011-12-18 03:25:47 20747 ----a-w- C:\Windows\SysWow64\drivers\AegisP.sys
2011-12-18 03:13:12 320512 ----a-w- C:\Windows\System32\drivers\WUSB54GCx64.sys
2011-12-18 03:12:23 256000 ----a-w- C:\Windows\System32\drivers\netr73.sys
2011-12-17 19:58:25 734208 ----a-w- C:\Windows\System32\drivers\netr28u.sys
2011-12-17 19:58:25 221184 ----a-w- C:\Windows\System32\drivers\RaCoInst.dll
2011-12-17 19:39:01 245248 ----a-w- C:\Windows\SysWow64\rt73.sys
2011-12-17 19:38:42 -------- d-----w- C:\Program Files (x86)\Compact Wireless-G USB Adapter Wireless Network Monitor
2011-12-17 19:35:29 94208 ----a-w- C:\Windows\SysWow64\GTW32N50.dll
2011-12-17 19:35:29 31930 ----a-w- C:\Windows\SysWow64\GTNDIS3.VXD
2011-12-17 19:35:29 15872 ----a-w- C:\Windows\SysWow64\GTNDIS5.sys
2011-12-17 19:35:28 17992 ----a-w- C:\Windows\SysWow64\drivers\bcm42rly.sys
2011-12-17 19:35:28 17992 ----a-w- C:\Windows\SysWow64\bcm42rly.sys
2011-12-17 19:35:28 17992 ----a-w- C:\Windows\bcm42rly.sys
2011-12-17 19:35:25 32768 ----a-w- C:\Windows\SysWow64\GTGina.dll
2011-12-17 16:55:06 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Malwarebytes
2011-12-17 16:55:01 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-17 16:55:01 -------- d-----w- C:\ProgramData\Malwarebytes
2011-12-17 16:55:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-17 15:48:23 -------- d-----w- C:\Program Files\Computer Artworks
2011-12-17 15:45:37 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-12-17 15:45:36 77824 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-12-17 15:45:36 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-12-17 15:45:36 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-12-16 17:53:33 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B69E7D51-BA73-4656-B107-5FDFCFCBEF86}\mpengine.dll
2011-12-16 07:02:02 -------- d-----w- C:\Users\Shadefyre\AppData\Local\dxhr
2011-12-16 06:31:45 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Registry Mechanic
2011-12-16 06:27:40 880640 ----a-w- C:\Windows\SysWow64\UniBox10.ocx
2011-12-16 06:27:40 40408 ----a-w- C:\Windows\System32\CleanMFT64.exe
2011-12-16 06:27:40 212992 ----a-w- C:\Windows\SysWow64\UniBoxVB12.ocx
2011-12-16 06:27:40 1101824 ----a-w- C:\Windows\SysWow64\UniBox210.ocx
2011-12-16 06:27:39 658432 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2011-12-16 06:27:39 506368 ----a-w- C:\Windows\SysWow64\msxml.dll
2011-12-16 06:27:39 1081616 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2011-12-16 06:27:36 -------- d-----w- C:\Program Files (x86)\Common Files\PC Tools
2011-12-15 10:15:28 -------- d-----w- C:\Program Files (x86)\Capcom
2011-12-15 10:12:01 -------- d-----w- C:\Program Files (x86)\SaintXi
2011-12-15 10:05:31 -------- d-----w- C:\Program Files (x86)\Ship Simulator Extremes
2011-12-14 13:17:20 -------- d-----w- C:\Windows\Stalin vs. Martians
2011-12-14 13:17:20 -------- d-----w- C:\Program Files (x86)\Stalin vs. Martians
2011-12-14 13:13:30 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
2011-12-14 13:10:39 -------- d-----w- C:\Program Files (x86)\The Adventure Company
2011-12-14 13:07:09 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Codemasters
2011-12-14 13:05:41 -------- d-----w- C:\Windows\85EBB28365AF4C539EBE7C0A232762F7.TMP
2011-12-14 13:05:36 -------- d-----w- C:\ProgramData\Media Center Programs
2011-12-14 13:02:48 86960 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2011-12-14 13:02:48 78784 ----a-w- C:\Windows\SysWow64\ISUSPM.cpl
2011-12-14 13:02:48 394184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2011-12-14 13:02:48 29640 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\_ispmres.dll
2011-12-14 13:02:48 218032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
2011-12-14 13:02:47 992176 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2011-12-14 13:02:47 283568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2011-12-14 13:02:17 -------- d-----w- C:\Program Files (x86)\Codemasters
2011-12-14 12:53:12 -------- d-----w- C:\Program Files (x86)\Thief - Deadly Shadows
2011-12-14 12:52:57 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\ctor.dll
2011-12-14 12:52:57 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\DotNetInstaller.exe
2011-12-14 12:52:57 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\iscript.dll
2011-12-14 12:52:57 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\iuser.dll
2011-12-14 12:52:56 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\iKernel.dll
2011-12-14 12:52:55 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\setup.dll
2011-12-14 12:52:55 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Int el32\iGdi.dll
2011-12-14 06:17:15 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Ice-pick Lodge
2011-12-14 05:49:14 -------- d-----w- C:\Program Files (x86)\Cargo!
2011-12-13 08:48:15 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Skyrim
2011-12-13 07:22:25 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Ubisoft
2011-12-12 04:51:25 -------- d-----w- C:\Users\Shadefyre\AppData\Local\4A Games
2011-12-08 15:12:34 -------- d-----w- C:\Program Files (x86)\Combined Community Codec Pack
2011-12-07 16:34:10 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Tropico 4
2011-12-07 16:33:45 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Kalypso Media
2011-12-07 15:53:29 -------- d-----w- C:\Program Files (x86)\Kalypso Media
2011-12-07 15:52:38 -------- d-----w- C:\Program Files (x86)\To the Moon
2011-12-07 10:01:29 -------- d-----w- C:\Program Files (x86)\Bethesda Softworks
2011-12-07 10:01:16 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\ctor.dll
2011-12-07 10:01:16 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\iscript.dll
2011-12-07 10:01:16 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\iuser.dll
2011-12-07 10:01:15 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\iKernel.dll
2011-12-07 10:01:15 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\DotNetInstaller.exe
2011-12-07 10:01:06 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\Setup.dll
2011-12-07 10:01:06 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Inte l32\IGdi.dll
2011-12-07 09:48:27 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Stardock
2011-12-07 09:47:08 -------- d-----w- C:\Program Files (x86)\Fort Zombie
2011-12-07 09:46:17 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2011-12-07 09:45:46 68448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework\Shared\xnavisualizer.dll
2011-12-07 09:45:46 2239328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework\v3.0\XnaNative.dll
2011-12-07 09:45:46 16736 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\Framework\Shared\XnaVisualizerPS.dll
2011-12-07 09:36:44 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Wings of Prey
2011-12-07 08:54:20 -------- d-----w- C:\Program Files (x86)\Wings of Prey
2011-12-07 08:27:23 -------- d-----w- C:\Program Files (x86)\The Cursed Crusade
2011-12-07 08:01:02 -------- d-----w- C:\Program Files (x86)\Eidos
2011-12-07 08:00:43 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\ISBEW64.exe
2011-12-07 08:00:42 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\iKernel.dll
2011-12-07 08:00:42 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\ctor.dll
2011-12-07 08:00:42 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\DotNetInstaller.exe
2011-12-07 08:00:42 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\iscript.dll
2011-12-07 08:00:42 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\iuser.dll
2011-12-07 08:00:39 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\setup.dll
2011-12-07 08:00:39 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Int el32\iGdi.dll
2011-12-07 07:56:40 -------- d-----w- C:\Program Files (x86)\Buka
2011-12-07 07:51:16 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-12-07 07:37:19 -------- d-----w- C:\Program Files (x86)\Aspyr
2011-12-06 16:54:53 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\CheckPoint
2011-12-06 16:54:36 -------- d-----w- C:\Program Files\CheckPoint
2011-12-06 16:54:24 -------- d-----w- C:\ProgramData\CheckPoint
2011-12-06 15:26:02 -------- d-----w- C:\Program Files (x86)\Frozen Synapse
2011-12-06 15:24:15 -------- d-----w- C:\Amorous Professor Cherry
2011-12-06 14:59:30 -------- d-----w- C:\ProgramData\Ice-pick Lodge
2011-12-06 14:56:25 -------- d-----w- C:\Users\Shadefyre\AppData\Local\DFH
2011-12-06 14:53:48 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Sudeki
2011-12-06 14:48:44 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2011-12-06 14:47:21 -------- d-----w- C:\ProgramData\Solidshield
2011-12-06 14:46:07 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Microsoft Games
2011-12-06 14:45:05 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Namco
2011-12-06 14:43:36 -------- d-----w- C:\ProgramData\PopCap Games
2011-12-06 14:43:15 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-06 14:27:22 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\Hothead Games
2011-12-06 14:21:12 -------- d-----w- C:\Users\Shadefyre\AppData\Local\AlienShooter2 Reloaded
2011-12-06 14:15:48 -------- d-----w- C:\Users\Shadefyre\Stubbs The Zombie - Rebel Without A Pulse
2011-12-06 14:05:29 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2011-12-06 13:56:00 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Adobe
2011-12-06 13:12:40 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Sony
2011-12-06 13:09:57 -------- d-----w- C:\Program Files\Sony
2011-12-06 13:09:57 -------- d-----w- C:\Program Files (x86)\Sony
2011-12-06 12:38:00 -------- d-----w- C:\Program Files (x86)\Common Files\Desura
2011-12-06 12:36:21 -------- d-----w- C:\ProgramData\Desura
2011-12-06 12:36:18 -------- d-----w- C:\Program Files (x86)\Desura
2011-12-06 12:35:28 -------- d-----w- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2011-12-06 12:34:14 -------- d-----w- C:\Program Files (x86)\Unlocker
2011-12-06 12:33:41 -------- d-----w- C:\Program Files (x86)\Comical
2011-12-06 12:28:06 -------- d-----w- C:\Program Files (x86)\Octodad
2011-12-06 12:26:06 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2011-12-06 12:26:06 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2011-12-06 12:25:42 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Microsoft Help
2011-12-06 12:25:13 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\SonyEricsson
2011-12-06 12:25:07 -------- d-----w- C:\Program Files (x86)\Sony Ericsson
2011-12-06 12:21:01 279616 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-12-06 12:20:50 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2011-12-06 12:20:17 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\DAEMON Tools Lite
2011-12-06 12:20:13 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2011-12-06 12:11:15 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-12-06 11:08:51 -------- d-----w- C:\Users\Shadefyre\AppData\Local\SKIDROW
2011-12-06 11:05:50 -------- d-----w- C:\ProgramData\EA Core
2011-12-06 11:05:49 -------- d-----w- C:\ProgramData\Electronic Arts
2011-12-06 08:07:58 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-12-06 08:06:43 566208 ----a-w- C:\Windows\System32\winresume.efi
2011-12-06 08:01:54 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-06 01:06:41 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-06 01:01:17 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Apple Computer
2011-12-06 01:01:01 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-12-06 01:01:01 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll
2011-12-06 01:01:01 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2011-12-06 01:00:41 -------- d-----w- C:\Program Files\iPod
2011-12-06 01:00:40 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-06 01:00:40 -------- d-----w- C:\Program Files\iTunes
2011-12-06 01:00:40 -------- d-----w- C:\Program Files (x86)\iTunes
2011-12-06 00:59:48 -------- d-----w- C:\Program Files\Bonjour
2011-12-06 00:59:48 -------- d-----w- C:\Program Files (x86)\Bonjour
2011-12-05 22:56:53 -------- d-----w- C:\Windows\SysWow64\directx
2011-12-05 22:34:30 -------- d-----w- C:\Users\Shadefyre\Tracing
2011-12-05 22:33:02 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-12-05 22:32:40 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2011-12-05 22:31:53 -------- d-----w- C:\Windows\PCHEALTH
2011-12-05 22:29:31 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-12-05 22:28:34 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Mozilla
2011-12-05 13:40:04 -------- d-----w- C:\Users\Shadefyre\AppData\Local\28050
2011-12-05 13:32:59 540688 ----a-w- C:\Windows\System32\d3dx10_38.dll
2011-12-05 13:05:29 -------- d-----w- C:\Users\Shadefyre\AppData\Local\ElevatedDiagnosti cs
2011-12-05 12:57:00 -------- d-----w- C:\Program Files (x86)\Marvell
2011-12-05 12:56:16 -------- d-----w- C:\Program Files (x86)\Renesas Electronics
2011-12-05 12:54:54 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2011-12-05 12:54:54 406632 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2011-12-05 12:54:54 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2011-12-05 12:54:50 -------- d-----w- C:\Program Files (x86)\Realtek
2011-12-05 12:54:16 16896 ----a-w- C:\Windows\AsTaskSched.dll
2011-12-05 12:53:30 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2011-12-05 12:53:16 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2011-12-05 12:51:51 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2011-12-05 12:08:27 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-12-05 12:07:54 -------- d-----w- C:\Users\Shadefyre\AppData\Roaming\uTorrent
2011-12-05 12:01:07 203264 ----a-w- C:\Windows\System32\unrar.dll
2011-12-05 12:01:06 86016 ----a-w- C:\Windows\System32\ff_vfw.dll
2011-12-05 12:01:05 -------- d-----w- C:\Program Files\K-Lite Codec Pack x64
2011-12-05 12:00:22 175616 ----a-w- C:\Windows\SysWow64\unrar.dll
2011-12-05 12:00:17 839680 ----a-w- C:\Windows\SysWow64\lameACM.acm
2011-12-05 12:00:14 650752 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2011-12-05 12:00:14 243200 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2011-12-05 12:00:14 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2011-12-05 12:00:13 74752 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2011-12-05 12:00:12 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2011-12-05 11:57:28 -------- d-----w- C:\Users\Shadefyre\AppData\Local\Apple
2011-12-05 11:55:39 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-12-05 11:55:35 -------- d-----w- C:\Program Files (x86)\RocketDock
2011-12-05 11:54:47 -------- d-----w- C:\Program Files (x86)\CheckPoint
2011-12-05 11:53:12 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-12-05 11:46:00 -------- d-----w- C:\Program Files\Realtek
2011-12-05 11:45:20 -------- d--h--w- C:\Program Files (x86)\Temp
2011-12-05 11:45:10 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\ctor.dll
2011-12-05 11:45:10 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\ISBEW64.exe
2011-12-05 11:45:10 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps. dll
2011-12-05 11:45:10 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\iscript.dll
2011-12-05 11:45:10 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\iuser.dll
2011-12-05 11:45:09 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\iKernel.dll
2011-12-05 11:45:08 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\iGdi.dll
2011-12-05 11:45:05 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Int el32\setup.dll
2011-12-05 11:38:51 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-12-05 11:38:47 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-12-05 11:37:37 41184 ----a-w- C:\Windows\avastSS.scr
2011-12-05 11:37:33 -------- d-----w- C:\ProgramData\AVAST Software
2011-12-05 11:37:33 -------- d-----w- C:\Program Files\AVAST Software
2011-12-05 11:34:00 -------- d-----w- C:\Users\Shadefyre\AppData\Local\ATI
2011-12-05 11:33:03 0 ----a-w- C:\Windows\ativpsrm.bin
2011-12-05 11:31:24 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-12-05 11:30:50 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-12-05 11:30:40 116240 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-12-05 11:30:25 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-12-05 11:30:24 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-12-05 11:30:03 -------- d-----w- C:\Program Files\ATI
2011-12-05 11:29:58 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-12-05 11:29:17 -------- d-----w- C:\Program Files\ATI Technologies
2011-12-05 11:28:16 -------- d-sh--w- C:\Windows\Installer
2011-12-05 11:13:22 -------- d-----w- C:\Windows\SysWow64\Wat
2011-12-05 11:13:22 -------- d-----w- C:\Windows\System32\Wat
2011-12-05 11:10:44 -------- d-sh--w- C:\Recovery
2011-12-05 10:36:01 -------- d-----w- C:\Windows\Panther
2011-12-05 10:24:55 -------- d-----w- C:\Windows.old
2011-12-05 07:22:47 -------- d-sh--w- C:\Boot
.
==================== Find3M ====================
.
2011-12-05 11:58:53 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-12-05 11:58:53 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-12-05 11:58:53 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-12-05 11:58:53 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-12-05 11:13:41 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2011-12-05 11:13:41 14848 ----a-w- C:\Windows\System32\slwga.dll
2011-12-05 11:13:41 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2011-12-05 11:13:40 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2011-12-05 11:13:40 1008640 ----a-w- C:\Windows\System32\user32.dll
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-24 22:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 22:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2011-10-15 06:31:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 12:04:56.05 ===============

DDS Attach Log
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 05/12/2011 6:13:42 AM
System Uptime: 19/12/2011 3:08:49 AM (9 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P8P67
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz | LGA1155 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 18.812 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is FIXED (NTFS) - 785 GiB total, 23.841 GiB free.
G: is FIXED (NTFS) - 932 GiB total, 328.589 GiB free.
H: is Removable
I: is FIXED (NTFS) - 466 GiB total, 4.726 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: USB\VID_0CF3&PID_3000\6&DF2EE03&0&7
Manufacturer:
Name:
PNP Device ID: USB\VID_0CF3&PID_3000\6&DF2EE03&0&7
Service:
.
==== System Restore Points ===================
.
RP53: 17/12/2011 10:45:55 AM - Installed The Thing
RP54: 17/12/2011 11:28:55 AM - Restore Operation
RP55: 17/12/2011 2:30:32 PM - Installed Compact Wireless-G USB Adapter
RP56: 17/12/2011 2:31:30 PM - Removed Compact Wireless-G USB Adapter
RP57: 17/12/2011 2:35:10 PM - Installed Compact Wireless-G USB Adapter
RP58: 17/12/2011 2:36:55 PM - Installed Compact Wireless-G USB Adapter
RP59: 17/12/2011 2:38:04 PM - Removed Compact Wireless-G USB Adapter
RP60: 17/12/2011 2:38:43 PM - Installed Compact Wireless-G USB Adapter
RP61: 17/12/2011 3:13:12 PM - Installed Compact Wireless-G USB Adapter
RP62: 17/12/2011 3:35:04 PM - Installed Ralink Wireless LAN
RP63: 17/12/2011 10:23:49 PM - Installed Compact Wireless-G USB Adapter
RP64: 17/12/2011 10:24:42 PM - Removed Compact Wireless-G USB Adapter
RP65: 17/12/2011 10:25:18 PM - Installed Compact Wireless-G USB Adapter
RP66: 18/12/2011 3:13:02 AM - Installed Blair Witch II
RP67: 18/12/2011 3:26:15 AM - Installed DirectX
RP68: 18/12/2011 3:28:38 AM - Installed Afterfall InSanity.
RP69: 18/12/2011 3:43:16 AM - Installed DirectX
RP70: 19/12/2011 3:20:23 AM - Removed Ralink Wireless LAN
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Community Help
Adobe Media Player
Adobe Photoshop CS5
Afterfall InSanity
Amorous Professor Cherry v1.0
Anno 1404
Apple Application Support
Apple Software Update
ASUS VGA Driver
µTorrent
Audacity 1.3.13 (Unicode)
avast! Free Antivirus
Blair Witch II
Call Of Cthulhu DCoTE
Cargo! version 1.0
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help English
Clive Barker's Jericho
Combined Community Codec Pack 2011-11-11
Comical 0.8
Compact Wireless-G USB Adapter
DAEMON Tools Lite
Dark Sector
Desura
Dungeon Defenders
Fort Zombie
Fraps (remove only)
Frozen Synapse PRO
Galactic Civilizations II - Ultimate Edition
Half-Life
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 29
Jurassic Park The Game
Just Cause 1.00.0000
K-Lite Codec Pack 8.0.0 (Full)
King's Bounty. The Legend (Remove Only)
LAME v3.98.3 for Audacity
Light of Altair 1.00
Malwarebytes' Anti-Malware version 1.51.2.1300
marvell 91xx console driver
Microsoft Choice Guard
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
MSVCRT
NVIDIA PhysX
Octodad
OpenAL
Outcry
Pathologic
PDF Settings CS5
PoxNora
QuickTime
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Registry Mechanic 10.0
Renegade Ops
Renesas Electronics USB 3.0 Host Controller Driver
Resident Evil 4 1.10
RocketDock 1.3.5
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Ship Simulator Extremes
Sony Ericsson DRM Packager 1.35
Stalin vs. Martians
Stronghold 3
Stubbs the Zombie in Rebel Without a Pulse
The Cursed Crusade (c) DTP version 1
The Suffering (remove only)
The Thing
Thief - Deadly Shadows
Thief - Deadly Shadows Collective Texture Pack by John P., ver. 1.0.3
To the Moon
Trespasser
Tropico 4 1.00
Ubisoft Game Launcher
Unlocker 1.9.1
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
VC 9.0 Runtime
VLC media player 1.0.5
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Wings of Prey
Zombie Panic Source
ZoneAlarm Firewall
ZoneAlarm Free
ZoneAlarm Security
.
==== Event Viewer Messages From Past Week ========
.
19/12/2011 3:27:03 AM, Error: Service Control Manager [7000] - The GTNDIS4 NDIS Protocol Driver service failed to start due to the following error: The system cannot find the file specified.
19/12/2011 2:43:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR9.
19/12/2011 10:38:52 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
17/12/2011 12:56:08 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
17/12/2011 11:49:49 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
17/12/2011 11:48:23 AM, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
17/12/2011 11:48:13 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
17/12/2011 11:47:01 AM, Error: Service Control Manager [7034] - The PC Tools Startup and Shutdown Monitor service service terminated unexpectedly. It has done this 1 time(s).
17/12/2011 11:22:35 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error: An instance of the service is already running.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
17/12/2011 11:21:35 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
17/12/2011 10:25:55 PM, Error: Service Control Manager [7030] - The WUSB54GCSVC service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
17/12/2011 10:18:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR5.
16/12/2011 1:08:34 AM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
.
==== End Of File ===========================

**broni** · 20-12-2011

I don't see anything malicious.

Potential Malware Issue

Potential Malware Issue

Similar Threads

Google Redirect Problem - Malware Does not detect any malware

Actively Monitoring and Managing Potential PC/Laptop Overheating

[Active] XP Locking Up.. Maybe a Malware Issue??

Malware Issue NginuL_na.exe

Win32/GenericA potential problem?