Jump to content


Photo
- - - - -

Trojan.Agent wont delete?

Virus Trojan malware Malware

  • This topic is locked This topic is locked
7 replies to this topic

#1 snxp

snxp

    New Member

  • Members
  • Pip
  • 3 posts

Posted 03 September 2012 - 11:37 AM

Think i landed on a bad website, and instantly got infected somehow never had this happen before.

Attached Files



#2 RPMcMurphy

RPMcMurphy

    Elite Member

  • Experts
  • PipPipPipPipPip
  • 1,044 posts

Posted 03 September 2012 - 07:42 PM

Hello and welcome. Please follow these guidelines while we work on your PC:
  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.
Posted Image Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • If you have trouble, stop and post back. Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.
.
Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Please include the following in your next post:
  • ComboFix log

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#3 snxp

snxp

    New Member

  • Members
  • Pip
  • 3 posts

Posted 03 September 2012 - 08:11 PM

I get an error saying it could night mind NKRMD and there was also an error saying that it couldn't write a certain file as things were being extracted. I then got a beeping noise.

#4 RPMcMurphy

RPMcMurphy

    Elite Member

  • Experts
  • PipPipPipPipPip
  • 1,044 posts

Posted 03 September 2012 - 09:35 PM

Try this instead:

Posted Image Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]Please include the following in your next post:
  • FRST.txt log

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#5 snxp

snxp

    New Member

  • Members
  • Pip
  • 3 posts

Posted 04 September 2012 - 09:33 AM

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) (x86) Version: 04-09-2012 01
Ran by SYSTEM at 04-09-2012 07:17:06
Running from F:\
Windows 7 Professional (X86) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup [307200 2011-06-14] (PowerISO Computing, Inc.)
HKLM\...\Run: [] [x]
HKLM\...\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" [1095560 2012-07-26] (Spigot, Inc.)
HKLM\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup [602624 2009-03-12] ()
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)
HKU\Administrator\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Administrator\...\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)
HKU\Administrator\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)
HKU\jamielatty\...\Run: [Spark] C:\Program Files\Spark\Spark.exe [x]
HKU\User\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\User\...\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)
HKU\User\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)
HKU\User\...\Run: [Java Updater] "C:\Users\User\AppData\Roaming\JavaUpdater\javaupdate.exe" [486400 2012-08-22] (Java)
HKU\User\...\Run: [F.lux] "C:\Users\User\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-28] ()
HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x]
Tcpip\..\Interfaces\{35EE6603-51E0-4025-96A1-00E7B6EEB81C}: [NameServer]8.8.8.8,8.8.4.4

========================== Services (Whitelisted) ========================

2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [87968 2009-11-17] (Andrea Electronics Corporation)
2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [794560 2012-07-26] (Spigot, Inc.)
2 BPowMon; C:\Program Files\Broadcom\BPowMon\BPowMon.exe [79168 2009-08-17] (Broadcom Corp.)
3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [135584 2012-04-26] (Futuremark Corporation)
2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-30] (Hi-Rez Studios)
2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ===================

3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare)
3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
3 k57nd60x; C:\Windows\System32\DRIVERS\k57nd60x.sys [273960 2009-08-21] (Broadcom Corporation)
3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-07-03] (Malwarebytes Corporation)
3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [97552 2011-08-29] (MotioninJoy)
0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45200 2009-07-09] (Sonic Solutions)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) =================


============ One Month Created Files and Folders ==============

2012-09-04 07:17 - 2012-09-04 07:17 - 00000000 ____D C:\FRST
2012-09-04 05:56 - 2012-09-04 05:57 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe
2012-09-04 05:41 - 2012-09-04 06:12 - 00001108 ____A C:\Windows\PFRO.log
2012-09-03 17:08 - 2012-09-03 17:09 - 00000000 ___SD C:\ComboFix
2012-09-03 17:08 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-09-03 17:08 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-09-03 17:08 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-09-03 17:08 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-09-03 17:08 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-09-03 17:08 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-09-03 17:08 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-09-03 17:06 - 2012-09-03 17:08 - 00000000 ____D C:\Qoobox
2012-09-03 17:05 - 2012-09-03 17:08 - 00000000 ___SD C:\32788R22FWJFW
2012-09-03 17:05 - 2012-09-03 17:05 - 00000000 ____D C:\Windows\erdnt
2012-09-03 17:03 - 2012-09-03 17:04 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk
2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe
2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt
2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt
2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2012-09-03 09:25 - 2012-09-03 09:25 - 00000000 ____D C:\Riot Games
2012-09-03 09:21 - 2012-09-04 06:12 - 00000224 ____A C:\Windows\setupact.log
2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log
2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe
2012-09-03 08:57 - 2012-09-03 08:59 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe
2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com
2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-09-03 07:59 - 2012-09-03 07:59 - 00000000 ____D C:\Program Files\CCleaner
2012-09-03 07:58 - 2012-09-03 07:59 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe
2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe
2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe
2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-03 07:54 - 2012-07-03 12:46 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-03 07:53 - 2012-09-03 07:54 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe
2012-09-03 06:50 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Everything
2012-09-03 06:46 - 2012-09-03 07:47 - 00000000 ____D C:\Program Files\File Shredder
2012-09-02 18:32 - 2012-09-02 18:32 - 00000000 ____D C:\Program Files\Screaming Bee LLC
2012-09-02 18:21 - 2012-09-02 18:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Screaming Bee
2012-09-02 18:20 - 2012-09-02 18:30 - 00000000 ____D C:\Program Files\Screaming Bee
2012-09-02 18:20 - 2012-09-02 18:20 - 00000000 ____D C:\Users\All Users\Screaming Bee
2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip
2012-09-02 13:24 - 2012-09-02 13:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2012-09-01 07:42 - 2012-09-01 07:42 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe
2012-09-01 07:35 - 2012-09-03 09:00 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe
2012-08-28 22:17 - 2012-08-28 22:21 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov
2012-08-28 15:13 - 2012-08-28 15:13 - 00000000 ____D C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5
2012-08-28 10:29 - 2012-08-28 10:30 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip
2012-08-28 10:27 - 2012-08-31 17:46 - 00000000 ____D C:\Users\User\AppData\Local\Spotify
2012-08-28 10:25 - 2012-09-03 07:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify
2012-08-26 04:25 - 2012-08-26 04:25 - 00000000 ____D C:\Users\User\Desktop\Zenith
2012-08-26 04:13 - 2012-08-27 01:45 - 00000000 ____D C:\Users\User\ZenithCache1
2012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe
2012-08-26 04:01 - 2012-08-26 04:01 - 00000000 ____D C:\Users\User\Desktop\Zenith Client
2012-08-26 03:19 - 2012-08-26 04:25 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar
2012-08-26 03:19 - 2012-08-26 03:20 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar
2012-08-26 03:06 - 2012-08-26 03:08 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar
2012-08-26 03:06 - 2012-08-26 03:07 - 06118558 ____A C:\Users\User\Downloads\Server.rar
2012-08-26 02:21 - 2012-08-26 02:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Applied Acoustics Systems
2012-08-26 02:08 - 2012-08-26 02:08 - 00000000 ____D C:\SNxP
2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip
2012-08-26 02:03 - 2012-08-26 02:04 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe
2012-08-26 01:41 - 2012-08-26 01:41 - 00000000 ____D C:\Users\User\AppData\Roaming\JavaUpdater
2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Server
2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Client
2012-08-26 01:14 - 2012-08-26 01:24 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar
2012-08-26 01:14 - 2012-08-26 01:17 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar
2012-08-26 00:25 - 2012-08-26 00:25 - 00000000 ____D C:\Users\User\VistexV6Cache
2012-08-26 00:16 - 2012-08-26 00:16 - 00000000 ____D C:\Users\User\Desktop\Sexy Time
2012-08-26 00:13 - 2012-08-26 00:25 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip
2012-08-26 00:12 - 2012-08-26 00:14 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar
2012-08-26 00:08 - 2012-08-26 00:09 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip
2012-08-25 23:23 - 2012-08-25 23:24 - 00000000 ____D C:\Users\User\paradise704Cache1
2012-08-24 05:09 - 2012-09-01 09:48 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat
2012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\Users\User\jagexcache1
2012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\.jagex_cache_32
2012-08-21 18:43 - 2012-08-22 19:41 - 00000000 ____D C:\Users\User\Documents\My Recordings
2012-08-20 22:15 - 2012-08-20 23:13 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer
2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk
2012-08-20 22:15 - 2012-08-20 22:15 - 00000000 ____D C:\Program Files\TeamViewer
2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe
2012-08-20 22:08 - 2012-08-20 22:08 - 00000000 ____D C:\Users\User\Desktop\ZyberRune client by Visible
2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a
2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar
2012-08-20 20:48 - 2012-08-20 20:49 - 91577013 ____A C:\Users\User\Desktop\client.rar
2012-08-20 20:33 - 2012-08-20 20:33 - 00000000 ____D C:\Users\User\Desktop\ZybeRune source by Visible
2012-08-20 19:31 - 2012-08-20 19:50 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar
2012-08-20 19:31 - 2012-08-20 19:33 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar
2012-08-20 19:26 - 2012-08-20 19:50 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar
2012-08-20 19:24 - 2012-08-20 19:40 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar
2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\User\AppData\Roaming\NCH Software
2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\All Users\NCH Software
2012-08-20 03:13 - 2012-08-21 18:35 - 00000000 ____D C:\Program Files\NCH Software
2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk
2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk
2012-08-20 01:55 - 2012-08-20 02:00 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar
2012-08-20 01:55 - 2012-08-20 01:56 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar
2012-08-18 23:03 - 2012-08-18 23:05 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar
2012-08-18 21:44 - 2012-08-18 21:45 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe
2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe
2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks
2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Program Files\No-IP
2012-08-18 21:10 - 2012-08-18 21:16 - 00000000 ____D C:\Windows\.mpr_file_store_32
2012-08-18 21:00 - 2012-08-18 21:00 - 00000000 ____D C:\Users\User\Downloads\AllstarScape
2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar
2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat
2012-08-18 18:06 - 2012-08-18 18:06 - 00000000 ____D C:\Program Files\Common Files\Java
2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2012-08-18 17:43 - 2012-08-18 17:55 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe
2012-08-18 17:39 - 2012-08-18 18:54 - 00000162 ____A C:\Users\User\Desktop\build.bat
2012-08-18 16:50 - 2012-06-19 15:54 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys
2012-08-18 16:50 - 2012-06-19 12:30 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2012-08-18 16:50 - 2012-06-08 15:23 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll
2012-08-18 16:50 - 2012-06-08 15:21 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll
2012-08-18 16:50 - 2012-06-08 15:18 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll
2012-08-18 16:50 - 2012-06-06 09:44 - 00645776 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApoApi.dll
2012-08-18 16:50 - 2012-06-01 08:37 - 02417808 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll
2012-08-18 16:50 - 2012-05-31 17:08 - 00087696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll
2012-08-18 16:50 - 2012-04-10 13:40 - 02193472 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO.dll
2012-08-18 16:50 - 2012-03-08 10:47 - 00176736 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTACap.dll
2012-08-18 16:50 - 2012-03-08 10:47 - 00095840 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTARen.dll
2012-08-18 16:50 - 2011-12-16 13:57 - 00054360 ____A (Creative Technology Ltd.) C:\Windows\System32\MBppld32.dll
2012-08-18 16:50 - 2011-12-13 15:58 - 01497704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.cpl
2012-08-18 16:50 - 2011-11-22 15:28 - 00013416 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00359768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP32A.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00170840 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED32A.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL32A.dll
2012-08-18 16:50 - 2010-11-08 06:31 - 00064856 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG32A.dll
2012-08-18 16:50 - 2009-11-24 08:55 - 00345328 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSXT.dll
2012-08-18 16:50 - 2009-11-24 08:55 - 00140528 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW.dll
2012-08-18 16:50 - 2009-11-18 06:13 - 00050776 ____A (Creative Technology Ltd.) C:\Windows\System32\MBPPCn32.dll
2012-08-18 16:49 - 2012-05-25 17:06 - 01706640 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2012-08-18 08:38 - 2012-08-18 08:45 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe
2012-08-18 08:31 - 2012-08-18 08:31 - 00000000 ____D C:\Users\User\Downloads\win7_1883
2012-08-18 08:29 - 2009-07-08 15:34 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\System32\CSVer.dll
2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe
2012-08-18 08:24 - 2012-08-18 08:27 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip
2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi
2012-08-17 17:01 - 2012-08-17 18:16 - 00000000 ____D C:\Users\User\Desktop\g
2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt
2012-08-15 20:06 - 2009-12-14 14:25 - 00057344 ____A (NexiTech, Inc.) C:\Windows\System32\Wnaspint.dll
2012-08-15 19:50 - 2009-12-14 14:24 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll
2012-08-15 08:20 - 2012-08-15 08:20 - 00000000 ____D C:\Users\User\AppData\Roaming\SynthMaker
2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll
2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2012-08-15 07:53 - 2012-08-15 07:53 - 00000000 ____D C:\Program Files\ASIO4ALL v2
2012-08-15 07:52 - 2012-08-15 07:52 - 00000000 ____D C:\Program Files\Outsim
2012-08-15 07:52 - 2009-09-15 01:14 - 01554944 ____A (HMS http://hp.vector.co....thors/VA012897/) C:\Windows\System32\vorbis.acm
2012-08-15 07:52 - 2006-06-20 00:56 - 00225280 ____A (Propellerhead Software AB) C:\Windows\System32\rewire.dll
2012-08-15 07:47 - 2012-09-01 07:44 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2012-08-15 02:02 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-15 02:02 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-15 02:02 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-15 02:02 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-15 02:02 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-15 02:02 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-15 02:02 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-15 02:02 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-15 02:02 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-15 02:02 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-15 02:02 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-15 02:02 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-15 02:02 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-15 02:02 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-15 01:09 - 2012-07-18 09:10 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 01:09 - 2012-05-04 23:44 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-15 01:08 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 01:08 - 2012-07-04 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-15 01:08 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-15 01:08 - 2012-05-13 20:37 - 00768512 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 01:08 - 2012-02-10 21:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-15 01:08 - 2012-02-10 21:41 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-14 20:17 - 2012-08-22 00:11 - 00000000 ____D C:\Users\User\Documents\GTA San Andreas User Files
2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk
2012-08-14 19:59 - 2012-08-14 19:59 - 00000000 ____D C:\Program Files\Rockstar Games
2012-08-14 17:54 - 2012-08-14 17:54 - 00000000 ____D C:\Users\User\Documents\Amnesia
2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk
2012-08-14 17:34 - 2012-08-14 17:39 - 00000000 ____D C:\Program Files\Amnesia - The Dark Descent
2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-14 14:42 - 2012-09-03 07:50 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT
2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW
2012-08-14 07:46 - 2012-08-14 14:52 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg
2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk
2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw2
2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp
2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp
2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ____D C:\Users\Public\Documents\Softwrap
2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe
2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe
2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Program Files\MSXML 4.0
2012-08-13 00:07 - 2012-08-14 02:55 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk
2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Leadertech
2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Program Files\Atari
2012-08-12 23:05 - 2012-09-03 07:47 - 00000000 ____D C:\Windows\.jagex_cache_32
2012-08-12 23:04 - 2012-09-02 12:05 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences
2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk
2012-08-12 22:55 - 2012-08-12 22:57 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi
2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar
2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe
2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe
2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk
2012-08-12 16:43 - 2012-08-12 16:43 - 00000000 ____D C:\Users\User\AppData\Roaming\GameRanger
2012-08-12 16:42 - 2012-08-12 16:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft Games
2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk
2012-08-12 16:32 - 2012-08-14 07:12 - 00000000 ____D C:\Program Files\Microsoft Games
2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk
2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk
2012-08-12 16:32 - 2012-08-12 16:32 - 00000000 ____D C:\Program Files\GameSpy Arcade
2012-08-12 16:01 - 2012-08-12 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Blender Foundation
2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk
2012-08-12 14:15 - 2012-08-12 14:15 - 00000000 ____D C:\Users\User\.thumbnails
2012-08-12 14:14 - 2012-08-12 14:14 - 00000000 ____D C:\Program Files\Blender Foundation
2012-08-12 14:10 - 2012-08-12 14:13 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe
2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile
2012-08-11 22:17 - 2012-08-11 22:29 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe
2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url
2012-08-11 13:48 - 2012-08-11 13:48 - 00000000 ____D C:\Program Files\Futuremark
2012-08-09 22:47 - 2012-08-09 22:47 - 00000000 ____D C:\Users\User\AppData\Roaming\RotMG.Production
2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url
2012-08-08 22:17 - 2012-08-08 22:17 - 00000000 ____D C:\Users\User\Documents\Streaming Audio Recorder
2012-08-08 02:02 - 2010-09-13 22:07 - 00276992 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk
2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Apowersoft
2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Program Files\Apowersoft
2012-08-07 22:48 - 2010-12-30 14:19 - 00016640 ____A (Wondershare) C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys
2012-08-07 22:44 - 2012-08-07 22:46 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe
2012-08-07 13:59 - 2012-08-07 13:59 - 00000000 ____D C:\Program Files\Xvid
2012-08-07 13:59 - 2011-05-30 05:42 - 00240640 ____A C:\Windows\System32\xvidvfw.dll
2012-08-07 13:59 - 2011-05-23 01:52 - 00153088 ____A C:\Windows\System32\xvid.ax
2012-08-07 13:59 - 2011-05-22 23:46 - 00645632 ____A C:\Windows\System32\xvidcore.dll
2012-08-07 13:56 - 2012-08-07 13:58 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe
2012-08-07 13:53 - 2012-08-07 13:53 - 00000000 ____D C:\Users\User\Downloads\VirtualDub-1.9.11
2012-08-07 13:51 - 2012-08-07 13:52 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip
2012-08-07 11:03 - 2011-06-15 20:35 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll
2012-08-07 11:03 - 2011-03-28 19:07 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00284160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2012-08-07 11:03 - 2011-03-28 19:06 - 00005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2012-08-07 11:03 - 2011-02-17 21:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe
2012-08-07 11:03 - 2009-09-25 21:58 - 00194488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2012-08-07 11:02 - 2012-05-01 20:52 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-08-07 11:02 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
2012-08-07 11:02 - 2012-01-04 01:03 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-08-07 11:02 - 2012-01-02 21:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-08-07 11:02 - 2011-05-03 20:53 - 01553920 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2012-08-07 11:02 - 2011-05-03 20:52 - 01401856 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2012-08-07 11:02 - 2011-05-03 20:52 - 00666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2012-08-07 11:02 - 2011-05-03 20:52 - 00428032 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2012-08-07 11:02 - 2011-05-03 20:52 - 00337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2012-08-07 11:02 - 2011-05-03 20:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2012-08-07 11:02 - 2011-05-03 20:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2012-08-07 11:02 - 2011-05-03 20:52 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2012-08-07 11:02 - 2011-05-03 20:52 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2012-08-07 11:02 - 2011-03-12 03:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2012-08-07 11:02 - 2011-03-10 21:44 - 01210240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-07 11:02 - 2011-03-10 21:44 - 00146304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-08-07 11:02 - 2011-03-10 21:44 - 00143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2012-08-07 11:02 - 2011-03-10 21:44 - 00117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-08-07 11:02 - 2011-03-10 21:43 - 00332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2012-08-07 11:02 - 2011-03-10 21:43 - 00080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2012-08-07 11:02 - 2011-03-10 21:43 - 00022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2012-08-07 11:02 - 2011-03-10 21:39 - 01686016 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2012-08-07 11:02 - 2011-03-10 21:37 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2012-08-07 11:02 - 2011-03-10 20:08 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2012-08-07 11:02 - 2011-02-25 21:33 - 02614784 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2012-08-07 11:02 - 2011-02-23 21:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll
2012-08-07 11:02 - 2010-12-20 21:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll
2012-08-07 11:02 - 2010-12-20 21:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2012-08-07 11:01 - 2011-04-22 11:36 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2012-08-07 10:59 - 2011-02-02 21:45 - 00219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2012-08-07 10:59 - 2010-11-01 20:46 - 00728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2012-08-07 10:59 - 2010-11-01 20:23 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2012-08-07 10:55 - 2012-09-04 02:00 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job
2012-08-07 10:55 - 2012-09-03 11:00 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job
2012-08-07 10:55 - 2012-08-07 10:58 - 00000000 ____D C:\Users\User\AppData\Local\Facebook
2012-08-07 10:54 - 2012-08-07 10:55 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2012-08-06 21:23 - 2012-08-08 19:44 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live
2012-08-06 21:23 - 2012-08-06 21:23 - 00000000 ____D C:\Users\User\AppData\Local\{636EDCCA-0DA9-4AB2-BA93-08F8E5E17AC0}
2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp
2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk
2012-08-06 18:10 - 2012-08-06 18:11 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe
2012-08-06 17:54 - 2012-08-06 18:00 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp4
2012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip
2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile
2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller
2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url
2012-08-05 17:58 - 2012-09-03 07:58 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux
2012-08-05 17:20 - 2012-08-06 19:42 - 00000000 ____D C:\Fraps
2012-08-05 16:42 - 2012-08-05 16:42 - 00000000 ____D C:\Users\User\AppData\Local\qBittorrent
2012-08-05 16:09 - 2012-08-05 16:09 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA
2012-08-05 11:51 - 2012-08-05 11:51 - 00000000 ____D C:\Users\All Users\NVIDIA Corporation
2012-08-05 11:50 - 2012-08-06 12:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2012-08-05 11:50 - 2012-08-05 11:50 - 00000000 ____D C:\NVIDIA
2012-08-05 11:01 - 2012-09-03 15:29 - 00000024 ____A C:\Users\User\random.dat
2012-08-05 11:01 - 2012-09-03 14:59 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat
2012-08-05 11:01 - 2012-08-12 23:04 - 00000000 ____D C:\Users\User\jagexcache

============ 3 Months Modified Files ========================

2012-09-04 06:12 - 2012-09-04 05:41 - 00001108 ____A C:\Windows\PFRO.log
2012-09-04 06:12 - 2012-09-03 09:21 - 00000224 ____A C:\Windows\setupact.log
2012-09-04 06:12 - 2011-06-06 08:50 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-09-04 06:12 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-04 06:01 - 2009-07-13 20:55 - 01668606 ____A C:\Windows\WindowsUpdate.log
2012-09-04 05:57 - 2012-09-04 05:56 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe
2012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-04 02:33 - 2011-06-06 08:50 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-09-04 02:00 - 2012-08-07 10:55 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job
2012-09-03 17:04 - 2012-09-03 17:03 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk
2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe
2012-09-03 15:29 - 2012-08-05 11:01 - 00000024 ____A C:\Users\User\random.dat
2012-09-03 14:59 - 2012-08-05 11:01 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat
2012-09-03 11:00 - 2012-08-07 10:55 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job
2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt
2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt
2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2012-09-03 09:27 - 2011-01-28 11:11 - 00740996 ____A C:\Windows\System32\PerfStringBackup.INI
2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log
2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe
2012-09-03 09:00 - 2011-06-06 07:51 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job
2012-09-03 08:59 - 2012-09-03 08:57 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe
2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com
2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk
2012-09-03 07:59 - 2012-09-03 07:58 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe
2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe
2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe
2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-09-03 07:54 - 2012-09-03 07:53 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe
2012-09-03 07:50 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT
2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip
2012-09-02 12:05 - 2012-08-12 23:04 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences
2012-09-01 09:48 - 2012-08-24 05:09 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat
2012-09-01 07:42 - 2012-07-12 00:22 - 00108824 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe
2012-08-28 22:21 - 2012-08-28 22:17 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov
2012-08-28 10:30 - 2012-08-28 10:29 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip
2012-08-26 04:25 - 2012-08-26 03:19 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar
2012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe
2012-08-26 03:20 - 2012-08-26 03:19 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar
2012-08-26 03:08 - 2012-08-26 03:06 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar
2012-08-26 03:07 - 2012-08-26 03:06 - 06118558 ____A C:\Users\User\Downloads\Server.rar
2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip
2012-08-26 02:04 - 2012-08-26 02:03 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe
2012-08-26 01:24 - 2012-08-26 01:14 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar
2012-08-26 01:17 - 2012-08-26 01:14 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar
2012-08-26 00:25 - 2012-08-26 00:13 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip
2012-08-26 00:14 - 2012-08-26 00:12 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar
2012-08-26 00:09 - 2012-08-26 00:08 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip
2012-08-25 06:59 - 2012-08-25 06:59 - 00005577 ____A C:\Users\User\Desktop\Audiosurf - Shortcut.lnk
2012-08-21 17:34 - 2011-06-06 08:51 - 00002288 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk
2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe
2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a
2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar
2012-08-20 20:49 - 2012-08-20 20:48 - 91577013 ____A C:\Users\User\Desktop\client.rar
2012-08-20 19:50 - 2012-08-20 19:31 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar
2012-08-20 19:50 - 2012-08-20 19:26 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar
2012-08-20 19:40 - 2012-08-20 19:24 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar
2012-08-20 19:33 - 2012-08-20 19:31 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar
2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk
2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk
2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk
2012-08-20 02:00 - 2012-08-20 01:55 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar
2012-08-20 01:56 - 2012-08-20 01:55 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar
2012-08-18 23:05 - 2012-08-18 23:03 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar
2012-08-18 21:45 - 2012-08-18 21:44 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe
2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe
2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar
2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat
2012-08-18 18:54 - 2012-08-18 17:39 - 00000162 ____A C:\Users\User\Desktop\build.bat
2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2012-08-18 18:01 - 2012-08-04 08:28 - 00821736 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-08-18 18:01 - 2011-01-28 11:06 - 00746984 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-08-18 17:55 - 2012-08-18 17:43 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe
2012-08-18 08:45 - 2012-08-18 08:38 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe
2012-08-18 08:27 - 2012-08-18 08:24 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip
2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe
2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi
2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt
2012-08-16 15:00 - 2011-06-06 07:51 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2012-08-15 20:06 - 2012-08-15 20:06 - 00000984 ____A C:\Users\Public\Desktop\Mixcraft 5.lnk
2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll
2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2012-08-15 02:07 - 2009-07-13 20:33 - 00407664 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-15 02:04 - 2009-07-13 18:04 - 00000499 ____A C:\Windows\win.ini
2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk
2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk
2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-14 15:00 - 2012-08-04 17:52 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-14 14:52 - 2012-08-14 07:46 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg
2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW
2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk
2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw2
2012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\User\Desktop\Game Maker.lnk
2012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\Administrator\Desktop\Game Maker.lnk
2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp
2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp
2012-08-14 03:48 - 2012-08-14 03:42 - 10857464 ____A () C:\Users\User\Desktop\gmaker80.exe
2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe
2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe
2012-08-14 02:55 - 2012-08-13 00:07 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk
2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk
2012-08-12 22:57 - 2012-08-12 22:55 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi
2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar
2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe
2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe
2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk
2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk
2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk
2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk
2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk
2012-08-12 14:13 - 2012-08-12 14:10 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe
2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile
2012-08-11 22:29 - 2012-08-11 22:17 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe
2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url
2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url
2012-08-09 02:08 - 2011-06-06 11:03 - 00000989 ____A C:\Users\jamielatty\Desktop\WORD.lnk
2012-08-09 02:08 - 2011-06-06 11:03 - 00000977 ____A C:\Users\jamielatty\Desktop\EXCEL.lnk
2012-08-09 02:08 - 2011-06-06 11:02 - 00000989 ____A C:\Users\jamielatty\Desktop\OUTLOOK.lnk
2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk
2012-08-07 22:46 - 2012-08-07 22:44 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe
2012-08-07 13:58 - 2012-08-07 13:56 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe
2012-08-07 13:52 - 2012-08-07 13:51 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip
2012-08-07 10:55 - 2012-08-07 10:54 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp
2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk
2012-08-06 18:11 - 2012-08-06 18:10 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe
2012-08-06 18:00 - 2012-08-06 17:54 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp4
2012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip
2012-08-06 16:00 - 2012-07-12 00:22 - 00001082 ____A C:\Users\Public\Desktop\DS3 Tool.lnk
2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile
2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller
2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url
2012-08-04 18:16 - 2012-08-04 18:16 - 00000877 ____A C:\Users\Public\Desktop\Steam.lnk
2012-08-04 18:15 - 2012-08-04 18:14 - 01606656 ____A C:\Users\User\Downloads\SteamInstall.msi
2012-08-04 18:09 - 2012-08-04 18:09 - 00002503 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-04 18:05 - 2012-08-04 18:05 - 00946352 ____A (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2012-08-04 14:18 - 2012-08-04 14:18 - 00001985 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2012-08-04 14:18 - 2012-08-04 14:18 - 00001976 ____A C:\Users\Public\Desktop\Smite.lnk
2012-08-04 14:17 - 2012-08-04 14:16 - 13846728 ____A (Hi-Rez Studios) C:\Users\User\Downloads\InstallHiRezGamesEnglish.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-08-04 02:05 - 2012-08-04 02:05 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-08-04 02:05 - 2012-08-04 02:05 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-08-04 02:05 - 2012-08-04 02:05 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-08-04 02:05 - 2012-08-04 02:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-08-04 02:05 - 2012-08-04 02:05 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-08-04 02:03 - 2012-08-04 02:03 - 01495040 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2012-08-04 02:03 - 2012-08-04 02:03 - 00801792 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-08-04 02:03 - 2012-08-04 02:03 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2012-08-03 19:26 - 2012-08-03 19:26 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends.exe
2012-07-18 09:10 - 2012-08-15 01:09 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-12 00:43 - 2012-07-12 00:43 - 00000971 ____A C:\Users\Public\Desktop\PowerISO.lnk
2012-07-04 14:47 - 2012-07-04 14:47 - 00000020 ___SH C:\Users\User\ntuser.ini
2012-07-04 14:46 - 2011-06-06 07:59 - 00000008 _RASH C:\Users\All Users\ntuser.pol
2012-07-04 14:27 - 2012-07-04 14:26 - 00000020 ____A C:\Windows\´ùk
2012-07-04 14:23 - 2012-07-04 14:23 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2012-07-04 13:59 - 2009-07-13 20:53 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-04 13:26 - 2012-08-15 01:08 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 13:23 - 2012-08-15 01:08 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 13:23 - 2012-08-15 01:08 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-03 12:46 - 2012-09-03 07:54 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-28 16:52 - 2012-08-15 02:02 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 16:27 - 2012-08-15 02:02 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 16:16 - 2012-08-15 02:02 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 16:09 - 2012-08-15 02:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 16:09 - 2012-08-15 02:02 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 16:08 - 2012-08-15 02:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 16:07 - 2012-08-15 02:02 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 16:06 - 2012-08-15 02:02 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 16:04 - 2012-08-15 02:02 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 16:04 - 2012-08-15 02:02 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 16:01 - 2012-08-15 02:02 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 16:01 - 2012-08-15 02:02 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 16:00 - 2012-08-15 02:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 15:57 - 2012-08-15 02:02 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-19 15:54 - 2012-08-18 16:50 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys
2012-06-19 12:30 - 2012-08-18 16:50 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT
2012-06-08 20:46 - 2012-08-03 18:41 - 12868608 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 15:23 - 2012-08-18 16:50 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll
2012-06-08 15:21 - 2012-08-18 16:50 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll
2012-06-08 15:18 - 2012-08-18 16:50 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-09-02 18:19:50
Restore point made on: 2012-09-02 18:24:17
Restore point made on: 2012-09-02 18:25:14
Restore point made on: 2012-09-02 18:26:01
Restore point made on: 2012-09-02 18:26:44
Restore point made on: 2012-09-02 18:27:28
Restore point made on: 2012-09-02 18:28:11
Restore point made on: 2012-09-02 18:28:56
Restore point made on: 2012-09-02 18:29:54
Restore point made on: 2012-09-02 18:30:45
Restore point made on: 2012-09-02 18:32:16
Restore point made on: 2012-09-03 07:43:34
Restore point made on: 2012-09-03 07:56:51
Restore point made on: 2012-09-03 09:08:36
Restore point made on: 2012-09-03 09:16:09
Restore point made on: 2012-09-03 09:23:40
Restore point made on: 2012-09-03 09:25:17

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 2046.8 MB
Available physical RAM: 1621.83 MB
Total Pagefile: 2046.8 MB
Available Pagefile: 1623.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.3 MB

==================== Partitions ============================

1 Drive c: (OS) (Fixed) (Total:221.64 GB) (Free:129.05 GB) NTFS
2 Drive e: (RCTYCOON) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS
3 Drive f: (BLACKBERRY) (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:6.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 968 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 11 GB 40 MB
Partition 3 Primary 221 GB 11 GB

==================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 FAT Partition 39 MB Healthy Hidden

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y RECOVERY NTFS Partition 11 GB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 221 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 964 MB 4109 KB

==================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F BLACKBERRY FAT Removable 964 MB Healthy

==================================================================================

Last Boot: 2012-08-31 06:22

==================== End Of Log =============================

#6 RPMcMurphy

RPMcMurphy

    Elite Member

  • Experts
  • PipPipPipPipPip
  • 1,044 posts

Posted 04 September 2012 - 08:49 PM

I'd like you to run MBAM again, but this time allow it to remove those items it detects:

Posted Image You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM
  • Click the Update tab
  • Click Check for Updates
  • If an update is found, it will download and install the latest version.
  • The program will close to update and reopen.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Uncheck any entries from C:\System Volume Information, C:\_OTL\MovedFiles or C:\Qoobox
  • Make sure that everything else is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Please include the following in your next post:
  • MBAM log

ASAP & UNITE Member

The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#7 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 09 September 2012 - 03:42 PM

@snxp
How's it going? Are you still needing help?
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#8 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 10 September 2012 - 06:42 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





Also tagged with one or more of these keywords: Virus, Trojan, malware, Malware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users