snxp

Trojan.Agent wont delete?

8 posts in this topic

Hello and welcome. Please follow these guidelines while we work on your PC:

  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.

icon11.gif Download Combofix from either of the links below, and save it to your desktop.

Link 1

Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

  • If you have trouble, stop and post back. Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.

.

Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Please include the following in your next post:

  • ComboFix log

Share this post


Link to post
Share on other sites

I get an error saying it could night mind NKRMD and there was also an error saying that it couldn't write a certain file as things were being extracted. I then got a beeping noise.

Share this post


Link to post
Share on other sites

Try this instead:

icon11.gif Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Please include the following in your next post:

  • FRST.txt log

Share this post


Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) (x86) Version: 04-09-2012 01

Ran by SYSTEM at 04-09-2012 07:17:06

Running from F:\

Windows 7 Professional (X86) OS Language: English(US)

The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)

HKLM\...\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup [307200 2011-06-14] (PowerISO Computing, Inc.)

HKLM\...\Run: [] [x]

HKLM\...\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" [1095560 2012-07-26] (Spigot, Inc.)

HKLM\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10996368 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM\...\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup [602624 2009-03-12] ()

HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)

HKU\Administrator\...\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)

HKU\Administrator\...\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)

HKU\Administrator\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)

HKU\jamielatty\...\Run: [spark] C:\Program Files\Spark\Spark.exe [x]

HKU\User\...\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)

HKU\User\...\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)

HKU\User\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)

HKU\User\...\Run: [Java Updater] "C:\Users\User\AppData\Roaming\JavaUpdater\javaupdate.exe" [486400 2012-08-22] (Java)

HKU\User\...\Run: [F.lux] "C:\Users\User\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-28] ()

HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x]

Tcpip\..\Interfaces\{35EE6603-51E0-4025-96A1-00E7B6EEB81C}: [NameServer]8.8.8.8,8.8.4.4

========================== Services (Whitelisted) ========================

2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [87968 2009-11-17] (Andrea Electronics Corporation)

2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [794560 2012-07-26] (Spigot, Inc.)

2 BPowMon; C:\Program Files\Broadcom\BPowMon\BPowMon.exe [79168 2009-08-17] (Broadcom Corp.)

3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [135584 2012-04-26] (Futuremark Corporation)

2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-30] (Hi-Rez Studios)

2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)

2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ===================

3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare)

3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()

3 k57nd60x; C:\Windows\System32\DRIVERS\k57nd60x.sys [273960 2009-08-21] (Broadcom Corporation)

3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-07-03] (Malwarebytes Corporation)

3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [97552 2011-08-29] (MotioninJoy)

0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45200 2009-07-09] (Sonic Solutions)

3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) =================

============ One Month Created Files and Folders ==============

2012-09-04 07:17 - 2012-09-04 07:17 - 00000000 ____D C:\FRST

2012-09-04 05:56 - 2012-09-04 05:57 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe

2012-09-04 05:41 - 2012-09-04 06:12 - 00001108 ____A C:\Windows\PFRO.log

2012-09-03 17:08 - 2012-09-03 17:09 - 00000000 ___SD C:\ComboFix

2012-09-03 17:08 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe

2012-09-03 17:08 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe

2012-09-03 17:08 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe

2012-09-03 17:08 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe

2012-09-03 17:08 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe

2012-09-03 17:08 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe

2012-09-03 17:08 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe

2012-09-03 17:06 - 2012-09-03 17:08 - 00000000 ____D C:\Qoobox

2012-09-03 17:05 - 2012-09-03 17:08 - 00000000 ___SD C:\32788R22FWJFW

2012-09-03 17:05 - 2012-09-03 17:05 - 00000000 ____D C:\Windows\erdnt

2012-09-03 17:03 - 2012-09-03 17:04 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk

2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe

2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt

2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt

2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk

2012-09-03 09:25 - 2012-09-03 09:25 - 00000000 ____D C:\Riot Games

2012-09-03 09:21 - 2012-09-04 06:12 - 00000224 ____A C:\Windows\setupact.log

2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log

2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe

2012-09-03 08:57 - 2012-09-03 08:59 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe

2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com

2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk

2012-09-03 07:59 - 2012-09-03 07:59 - 00000000 ____D C:\Program Files\CCleaner

2012-09-03 07:58 - 2012-09-03 07:59 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe

2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe

2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe

2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2012-09-03 07:54 - 2012-07-03 12:46 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2012-09-03 07:53 - 2012-09-03 07:54 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe

2012-09-03 06:50 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Everything

2012-09-03 06:46 - 2012-09-03 07:47 - 00000000 ____D C:\Program Files\File Shredder

2012-09-02 18:32 - 2012-09-02 18:32 - 00000000 ____D C:\Program Files\Screaming Bee LLC

2012-09-02 18:21 - 2012-09-02 18:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Screaming Bee

2012-09-02 18:20 - 2012-09-02 18:30 - 00000000 ____D C:\Program Files\Screaming Bee

2012-09-02 18:20 - 2012-09-02 18:20 - 00000000 ____D C:\Users\All Users\Screaming Bee

2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip

2012-09-02 13:24 - 2012-09-02 13:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes

2012-09-01 07:42 - 2012-09-01 07:42 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe

2012-09-01 07:35 - 2012-09-03 09:00 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR

2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia

2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia

2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe

2012-08-28 22:17 - 2012-08-28 22:21 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov

2012-08-28 15:13 - 2012-08-28 15:13 - 00000000 ____D C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5

2012-08-28 10:29 - 2012-08-28 10:30 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip

2012-08-28 10:27 - 2012-08-31 17:46 - 00000000 ____D C:\Users\User\AppData\Local\Spotify

2012-08-28 10:25 - 2012-09-03 07:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify

2012-08-26 04:25 - 2012-08-26 04:25 - 00000000 ____D C:\Users\User\Desktop\Zenith

2012-08-26 04:13 - 2012-08-27 01:45 - 00000000 ____D C:\Users\User\ZenithCache1

2012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe

2012-08-26 04:01 - 2012-08-26 04:01 - 00000000 ____D C:\Users\User\Desktop\Zenith Client

2012-08-26 03:19 - 2012-08-26 04:25 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar

2012-08-26 03:19 - 2012-08-26 03:20 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar

2012-08-26 03:06 - 2012-08-26 03:08 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar

2012-08-26 03:06 - 2012-08-26 03:07 - 06118558 ____A C:\Users\User\Downloads\Server.rar

2012-08-26 02:21 - 2012-08-26 02:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Applied Acoustics Systems

2012-08-26 02:08 - 2012-08-26 02:08 - 00000000 ____D C:\SNxP

2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip

2012-08-26 02:03 - 2012-08-26 02:04 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe

2012-08-26 01:41 - 2012-08-26 01:41 - 00000000 ____D C:\Users\User\AppData\Roaming\JavaUpdater

2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Server

2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Client

2012-08-26 01:14 - 2012-08-26 01:24 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar

2012-08-26 01:14 - 2012-08-26 01:17 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar

2012-08-26 00:25 - 2012-08-26 00:25 - 00000000 ____D C:\Users\User\VistexV6Cache

2012-08-26 00:16 - 2012-08-26 00:16 - 00000000 ____D C:\Users\User\Desktop\Sexy Time

2012-08-26 00:13 - 2012-08-26 00:25 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip

2012-08-26 00:12 - 2012-08-26 00:14 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar

2012-08-26 00:08 - 2012-08-26 00:09 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip

2012-08-25 23:23 - 2012-08-25 23:24 - 00000000 ____D C:\Users\User\paradise704Cache1

2012-08-24 05:09 - 2012-09-01 09:48 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat

2012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\Users\User\jagexcache1

2012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\.jagex_cache_32

2012-08-21 18:43 - 2012-08-22 19:41 - 00000000 ____D C:\Users\User\Documents\My Recordings

2012-08-20 22:15 - 2012-08-20 23:13 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer

2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk

2012-08-20 22:15 - 2012-08-20 22:15 - 00000000 ____D C:\Program Files\TeamViewer

2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe

2012-08-20 22:08 - 2012-08-20 22:08 - 00000000 ____D C:\Users\User\Desktop\ZyberRune client by Visible

2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a

2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar

2012-08-20 20:48 - 2012-08-20 20:49 - 91577013 ____A C:\Users\User\Desktop\client.rar

2012-08-20 20:33 - 2012-08-20 20:33 - 00000000 ____D C:\Users\User\Desktop\ZybeRune source by Visible

2012-08-20 19:31 - 2012-08-20 19:50 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar

2012-08-20 19:31 - 2012-08-20 19:33 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar

2012-08-20 19:26 - 2012-08-20 19:50 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar

2012-08-20 19:24 - 2012-08-20 19:40 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar

2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\User\AppData\Roaming\NCH Software

2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\All Users\NCH Software

2012-08-20 03:13 - 2012-08-21 18:35 - 00000000 ____D C:\Program Files\NCH Software

2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk

2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk

2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk

2012-08-20 01:55 - 2012-08-20 02:00 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar

2012-08-20 01:55 - 2012-08-20 01:56 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar

2012-08-18 23:03 - 2012-08-18 23:05 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar

2012-08-18 21:44 - 2012-08-18 21:45 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe

2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe

2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks

2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Program Files\No-IP

2012-08-18 21:10 - 2012-08-18 21:16 - 00000000 ____D C:\Windows\.mpr_file_store_32

2012-08-18 21:00 - 2012-08-18 21:00 - 00000000 ____D C:\Users\User\Downloads\AllstarScape

2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar

2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat

2012-08-18 18:06 - 2012-08-18 18:06 - 00000000 ____D C:\Program Files\Common Files\Java

2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe

2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll

2012-08-18 17:43 - 2012-08-18 17:55 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe

2012-08-18 17:39 - 2012-08-18 18:54 - 00000162 ____A C:\Users\User\Desktop\build.bat

2012-08-18 16:50 - 2012-06-19 15:54 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys

2012-08-18 16:50 - 2012-06-19 12:30 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT

2012-08-18 16:50 - 2012-06-08 15:23 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll

2012-08-18 16:50 - 2012-06-08 15:21 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll

2012-08-18 16:50 - 2012-06-08 15:18 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll

2012-08-18 16:50 - 2012-06-06 09:44 - 00645776 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApoApi.dll

2012-08-18 16:50 - 2012-06-01 08:37 - 02417808 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll

2012-08-18 16:50 - 2012-05-31 17:08 - 00087696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll

2012-08-18 16:50 - 2012-04-10 13:40 - 02193472 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO.dll

2012-08-18 16:50 - 2012-03-08 10:47 - 00176736 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTACap.dll

2012-08-18 16:50 - 2012-03-08 10:47 - 00095840 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTARen.dll

2012-08-18 16:50 - 2011-12-16 13:57 - 00054360 ____A (Creative Technology Ltd.) C:\Windows\System32\MBppld32.dll

2012-08-18 16:50 - 2011-12-13 15:58 - 01497704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.cpl

2012-08-18 16:50 - 2011-11-22 15:28 - 00013416 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00359768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP32A.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00170840 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED32A.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL32A.dll

2012-08-18 16:50 - 2010-11-08 06:31 - 00064856 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG32A.dll

2012-08-18 16:50 - 2009-11-24 08:55 - 00345328 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSXT.dll

2012-08-18 16:50 - 2009-11-24 08:55 - 00140528 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW.dll

2012-08-18 16:50 - 2009-11-18 06:13 - 00050776 ____A (Creative Technology Ltd.) C:\Windows\System32\MBPPCn32.dll

2012-08-18 16:49 - 2012-05-25 17:06 - 01706640 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll

2012-08-18 08:38 - 2012-08-18 08:45 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe

2012-08-18 08:31 - 2012-08-18 08:31 - 00000000 ____D C:\Users\User\Downloads\win7_1883

2012-08-18 08:29 - 2009-07-08 15:34 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\System32\CSVer.dll

2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe

2012-08-18 08:24 - 2012-08-18 08:27 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip

2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi

2012-08-17 17:01 - 2012-08-17 18:16 - 00000000 ____D C:\Users\User\Desktop\g

2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt

2012-08-15 20:06 - 2009-12-14 14:25 - 00057344 ____A (NexiTech, Inc.) C:\Windows\System32\Wnaspint.dll

2012-08-15 19:50 - 2009-12-14 14:24 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll

2012-08-15 08:20 - 2012-08-15 08:20 - 00000000 ____D C:\Users\User\AppData\Roaming\SynthMaker

2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll

2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll

2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk

2012-08-15 07:53 - 2012-08-15 07:53 - 00000000 ____D C:\Program Files\ASIO4ALL v2

2012-08-15 07:52 - 2012-08-15 07:52 - 00000000 ____D C:\Program Files\Outsim

2012-08-15 07:52 - 2009-09-15 01:14 - 01554944 ____A (HMS http://hp.vector.co.jp/authors/VA012897/) C:\Windows\System32\vorbis.acm

2012-08-15 07:52 - 2006-06-20 00:56 - 00225280 ____A (Propellerhead Software AB) C:\Windows\System32\rewire.dll

2012-08-15 07:47 - 2012-09-01 07:44 - 00000000 ____D C:\Users\User\AppData\Local\Adobe

2012-08-15 02:02 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-08-15 02:02 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-08-15 02:02 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-08-15 02:02 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-08-15 02:02 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-08-15 02:02 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-08-15 02:02 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-08-15 02:02 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-08-15 02:02 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-08-15 02:02 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-08-15 02:02 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-08-15 02:02 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-08-15 02:02 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-08-15 02:02 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-08-15 01:09 - 2012-07-18 09:10 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-08-15 01:09 - 2012-05-04 23:44 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll

2012-08-15 01:08 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-08-15 01:08 - 2012-07-04 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-08-15 01:08 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-08-15 01:08 - 2012-05-13 20:37 - 00768512 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll

2012-08-15 01:08 - 2012-02-10 21:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll

2012-08-15 01:08 - 2012-02-10 21:41 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe

2012-08-14 20:17 - 2012-08-22 00:11 - 00000000 ____D C:\Users\User\Documents\GTA San Andreas User Files

2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk

2012-08-14 19:59 - 2012-08-14 19:59 - 00000000 ____D C:\Program Files\Rockstar Games

2012-08-14 17:54 - 2012-08-14 17:54 - 00000000 ____D C:\Users\User\Documents\Amnesia

2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk

2012-08-14 17:34 - 2012-08-14 17:39 - 00000000 ____D C:\Program Files\Amnesia - The Dark Descent

2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2012-08-14 14:42 - 2012-09-03 07:50 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT

2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW

2012-08-14 07:46 - 2012-08-14 14:52 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg

2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk

2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw2

2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp

2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp

2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ____D C:\Users\Public\Documents\Softwrap

2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe

2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe

2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Program Files\MSXML 4.0

2012-08-13 00:07 - 2012-08-14 02:55 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk

2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Leadertech

2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Program Files\Atari

2012-08-12 23:05 - 2012-09-03 07:47 - 00000000 ____D C:\Windows\.jagex_cache_32

2012-08-12 23:04 - 2012-09-02 12:05 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences

2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk

2012-08-12 22:55 - 2012-08-12 22:57 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi

2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar

2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe

2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe

2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk

2012-08-12 16:43 - 2012-08-12 16:43 - 00000000 ____D C:\Users\User\AppData\Roaming\GameRanger

2012-08-12 16:42 - 2012-08-12 16:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft Games

2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk

2012-08-12 16:32 - 2012-08-14 07:12 - 00000000 ____D C:\Program Files\Microsoft Games

2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk

2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk

2012-08-12 16:32 - 2012-08-12 16:32 - 00000000 ____D C:\Program Files\GameSpy Arcade

2012-08-12 16:01 - 2012-08-12 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Blender Foundation

2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk

2012-08-12 14:15 - 2012-08-12 14:15 - 00000000 ____D C:\Users\User\.thumbnails

2012-08-12 14:14 - 2012-08-12 14:14 - 00000000 ____D C:\Program Files\Blender Foundation

2012-08-12 14:10 - 2012-08-12 14:13 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe

2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile

2012-08-11 22:17 - 2012-08-11 22:29 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe

2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url

2012-08-11 13:48 - 2012-08-11 13:48 - 00000000 ____D C:\Program Files\Futuremark

2012-08-09 22:47 - 2012-08-09 22:47 - 00000000 ____D C:\Users\User\AppData\Roaming\RotMG.Production

2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url

2012-08-08 22:17 - 2012-08-08 22:17 - 00000000 ____D C:\Users\User\Documents\Streaming Audio Recorder

2012-08-08 02:02 - 2010-09-13 22:07 - 00276992 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll

2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk

2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Apowersoft

2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Program Files\Apowersoft

2012-08-07 22:48 - 2010-12-30 14:19 - 00016640 ____A (Wondershare) C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys

2012-08-07 22:44 - 2012-08-07 22:46 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe

2012-08-07 13:59 - 2012-08-07 13:59 - 00000000 ____D C:\Program Files\Xvid

2012-08-07 13:59 - 2011-05-30 05:42 - 00240640 ____A C:\Windows\System32\xvidvfw.dll

2012-08-07 13:59 - 2011-05-23 01:52 - 00153088 ____A C:\Windows\System32\xvid.ax

2012-08-07 13:59 - 2011-05-22 23:46 - 00645632 ____A C:\Windows\System32\xvidcore.dll

2012-08-07 13:56 - 2012-08-07 13:58 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe

2012-08-07 13:53 - 2012-08-07 13:53 - 00000000 ____D C:\Users\User\Downloads\VirtualDub-1.9.11

2012-08-07 13:51 - 2012-08-07 13:52 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip

2012-08-07 11:03 - 2011-06-15 20:35 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll

2012-08-07 11:03 - 2011-03-28 19:07 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00284160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys

2012-08-07 11:03 - 2011-03-28 19:06 - 00005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys

2012-08-07 11:03 - 2011-02-17 21:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe

2012-08-07 11:03 - 2009-09-25 21:58 - 00194488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2012-08-07 11:02 - 2012-05-01 20:52 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll

2012-08-07 11:02 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll

2012-08-07 11:02 - 2012-01-04 01:03 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll

2012-08-07 11:02 - 2012-01-02 21:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl

2012-08-07 11:02 - 2011-05-03 20:53 - 01553920 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll

2012-08-07 11:02 - 2011-05-03 20:52 - 01401856 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll

2012-08-07 11:02 - 2011-05-03 20:52 - 00666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll

2012-08-07 11:02 - 2011-05-03 20:52 - 00428032 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe

2012-08-07 11:02 - 2011-05-03 20:52 - 00337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll

2012-08-07 11:02 - 2011-05-03 20:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll

2012-08-07 11:02 - 2011-05-03 20:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe

2012-08-07 11:02 - 2011-05-03 20:52 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe

2012-08-07 11:02 - 2011-05-03 20:52 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll

2012-08-07 11:02 - 2011-03-12 03:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2012-08-07 11:02 - 2011-03-10 21:44 - 01210240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2012-08-07 11:02 - 2011-03-10 21:44 - 00146304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys

2012-08-07 11:02 - 2011-03-10 21:44 - 00143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys

2012-08-07 11:02 - 2011-03-10 21:44 - 00117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys

2012-08-07 11:02 - 2011-03-10 21:43 - 00332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys

2012-08-07 11:02 - 2011-03-10 21:43 - 00080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys

2012-08-07 11:02 - 2011-03-10 21:43 - 00022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys

2012-08-07 11:02 - 2011-03-10 21:39 - 01686016 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll

2012-08-07 11:02 - 2011-03-10 21:37 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe

2012-08-07 11:02 - 2011-03-10 20:08 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS

2012-08-07 11:02 - 2011-02-25 21:33 - 02614784 ____A (Microsoft Corporation) C:\Windows\explorer.exe

2012-08-07 11:02 - 2011-02-23 21:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll

2012-08-07 11:02 - 2010-12-20 21:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll

2012-08-07 11:02 - 2010-12-20 21:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll

2012-08-07 11:01 - 2011-04-22 11:36 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys

2012-08-07 10:59 - 2011-02-02 21:45 - 00219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys

2012-08-07 10:59 - 2010-11-01 20:46 - 00728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys

2012-08-07 10:59 - 2010-11-01 20:23 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

2012-08-07 10:55 - 2012-09-04 02:00 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job

2012-08-07 10:55 - 2012-09-03 11:00 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job

2012-08-07 10:55 - 2012-08-07 10:58 - 00000000 ____D C:\Users\User\AppData\Local\Facebook

2012-08-07 10:54 - 2012-08-07 10:55 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe

2012-08-06 21:23 - 2012-08-08 19:44 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live

2012-08-06 21:23 - 2012-08-06 21:23 - 00000000 ____D C:\Users\User\AppData\Local\{636EDCCA-0DA9-4AB2-BA93-08F8E5E17AC0}

2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp

2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk

2012-08-06 18:10 - 2012-08-06 18:11 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe

2012-08-06 17:54 - 2012-08-06 18:00 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp4

2012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip

2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile

2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller

2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf

2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf

2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url

2012-08-05 17:58 - 2012-09-03 07:58 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux

2012-08-05 17:20 - 2012-08-06 19:42 - 00000000 ____D C:\Fraps

2012-08-05 16:42 - 2012-08-05 16:42 - 00000000 ____D C:\Users\User\AppData\Local\qBittorrent

2012-08-05 16:09 - 2012-08-05 16:09 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA

2012-08-05 11:51 - 2012-08-05 11:51 - 00000000 ____D C:\Users\All Users\NVIDIA Corporation

2012-08-05 11:50 - 2012-08-06 12:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation

2012-08-05 11:50 - 2012-08-05 11:50 - 00000000 ____D C:\NVIDIA

2012-08-05 11:01 - 2012-09-03 15:29 - 00000024 ____A C:\Users\User\random.dat

2012-08-05 11:01 - 2012-09-03 14:59 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat

2012-08-05 11:01 - 2012-08-12 23:04 - 00000000 ____D C:\Users\User\jagexcache

============ 3 Months Modified Files ========================

2012-09-04 06:12 - 2012-09-04 05:41 - 00001108 ____A C:\Windows\PFRO.log

2012-09-04 06:12 - 2012-09-03 09:21 - 00000224 ____A C:\Windows\setupact.log

2012-09-04 06:12 - 2011-06-06 08:50 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2012-09-04 06:12 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2012-09-04 06:01 - 2009-07-13 20:55 - 01668606 ____A C:\Windows\WindowsUpdate.log

2012-09-04 05:57 - 2012-09-04 05:56 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe

2012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2012-09-04 02:33 - 2011-06-06 08:50 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2012-09-04 02:00 - 2012-08-07 10:55 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job

2012-09-03 17:04 - 2012-09-03 17:03 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe

2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk

2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe

2012-09-03 15:29 - 2012-08-05 11:01 - 00000024 ____A C:\Users\User\random.dat

2012-09-03 14:59 - 2012-08-05 11:01 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat

2012-09-03 11:00 - 2012-08-07 10:55 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job

2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt

2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt

2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk

2012-09-03 09:27 - 2011-01-28 11:11 - 00740996 ____A C:\Windows\System32\PerfStringBackup.INI

2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log

2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe

2012-09-03 09:00 - 2011-06-06 07:51 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job

2012-09-03 08:59 - 2012-09-03 08:57 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe

2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com

2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk

2012-09-03 07:59 - 2012-09-03 07:58 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe

2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe

2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe

2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2012-09-03 07:54 - 2012-09-03 07:53 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe

2012-09-03 07:50 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT

2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip

2012-09-02 12:05 - 2012-08-12 23:04 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences

2012-09-01 09:48 - 2012-08-24 05:09 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat

2012-09-01 07:42 - 2012-07-12 00:22 - 00108824 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe

2012-08-28 22:21 - 2012-08-28 22:17 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov

2012-08-28 10:30 - 2012-08-28 10:29 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip

2012-08-26 04:25 - 2012-08-26 03:19 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar

2012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe

2012-08-26 03:20 - 2012-08-26 03:19 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar

2012-08-26 03:08 - 2012-08-26 03:06 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar

2012-08-26 03:07 - 2012-08-26 03:06 - 06118558 ____A C:\Users\User\Downloads\Server.rar

2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip

2012-08-26 02:04 - 2012-08-26 02:03 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe

2012-08-26 01:24 - 2012-08-26 01:14 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar

2012-08-26 01:17 - 2012-08-26 01:14 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar

2012-08-26 00:25 - 2012-08-26 00:13 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip

2012-08-26 00:14 - 2012-08-26 00:12 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar

2012-08-26 00:09 - 2012-08-26 00:08 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip

2012-08-25 06:59 - 2012-08-25 06:59 - 00005577 ____A C:\Users\User\Desktop\Audiosurf - Shortcut.lnk

2012-08-21 17:34 - 2011-06-06 08:51 - 00002288 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk

2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe

2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a

2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar

2012-08-20 20:49 - 2012-08-20 20:48 - 91577013 ____A C:\Users\User\Desktop\client.rar

2012-08-20 19:50 - 2012-08-20 19:31 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar

2012-08-20 19:50 - 2012-08-20 19:26 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar

2012-08-20 19:40 - 2012-08-20 19:24 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar

2012-08-20 19:33 - 2012-08-20 19:31 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar

2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk

2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk

2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk

2012-08-20 02:00 - 2012-08-20 01:55 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar

2012-08-20 01:56 - 2012-08-20 01:55 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar

2012-08-18 23:05 - 2012-08-18 23:03 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar

2012-08-18 21:45 - 2012-08-18 21:44 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe

2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe

2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar

2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat

2012-08-18 18:54 - 2012-08-18 17:39 - 00000162 ____A C:\Users\User\Desktop\build.bat

2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe

2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll

2012-08-18 18:01 - 2012-08-04 08:28 - 00821736 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll

2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe

2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe

2012-08-18 18:01 - 2011-01-28 11:06 - 00746984 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll

2012-08-18 17:55 - 2012-08-18 17:43 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe

2012-08-18 08:45 - 2012-08-18 08:38 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe

2012-08-18 08:27 - 2012-08-18 08:24 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip

2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe

2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi

2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt

2012-08-16 15:00 - 2011-06-06 07:51 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2012-08-15 20:06 - 2012-08-15 20:06 - 00000984 ____A C:\Users\Public\Desktop\Mixcraft 5.lnk

2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll

2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll

2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk

2012-08-15 02:07 - 2009-07-13 20:33 - 00407664 ____A C:\Windows\System32\FNTCACHE.DAT

2012-08-15 02:04 - 2009-07-13 18:04 - 00000499 ____A C:\Windows\win.ini

2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk

2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk

2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe

2012-08-14 15:00 - 2012-08-04 17:52 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl

2012-08-14 14:52 - 2012-08-14 07:46 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg

2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW

2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk

2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw2

2012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\User\Desktop\Game Maker.lnk

2012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\Administrator\Desktop\Game Maker.lnk

2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp

2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp

2012-08-14 03:48 - 2012-08-14 03:42 - 10857464 ____A () C:\Users\User\Desktop\gmaker80.exe

2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe

2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe

2012-08-14 02:55 - 2012-08-13 00:07 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk

2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk

2012-08-12 22:57 - 2012-08-12 22:55 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi

2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar

2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe

2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe

2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk

2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk

2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk

2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk

2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk

2012-08-12 14:13 - 2012-08-12 14:10 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe

2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile

2012-08-11 22:29 - 2012-08-11 22:17 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe

2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url

2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url

2012-08-09 02:08 - 2011-06-06 11:03 - 00000989 ____A C:\Users\jamielatty\Desktop\WORD.lnk

2012-08-09 02:08 - 2011-06-06 11:03 - 00000977 ____A C:\Users\jamielatty\Desktop\EXCEL.lnk

2012-08-09 02:08 - 2011-06-06 11:02 - 00000989 ____A C:\Users\jamielatty\Desktop\OUTLOOK.lnk

2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk

2012-08-07 22:46 - 2012-08-07 22:44 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe

2012-08-07 13:58 - 2012-08-07 13:56 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe

2012-08-07 13:52 - 2012-08-07 13:51 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip

2012-08-07 10:55 - 2012-08-07 10:54 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe

2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp

2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk

2012-08-06 18:11 - 2012-08-06 18:10 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe

2012-08-06 18:00 - 2012-08-06 17:54 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp4

2012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip

2012-08-06 16:00 - 2012-07-12 00:22 - 00001082 ____A C:\Users\Public\Desktop\DS3 Tool.lnk

2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile

2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller

2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf

2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf

2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url

2012-08-04 18:16 - 2012-08-04 18:16 - 00000877 ____A C:\Users\Public\Desktop\Steam.lnk

2012-08-04 18:15 - 2012-08-04 18:14 - 01606656 ____A C:\Users\User\Downloads\SteamInstall.msi

2012-08-04 18:09 - 2012-08-04 18:09 - 00002503 ____A C:\Users\Public\Desktop\Skype.lnk

2012-08-04 18:05 - 2012-08-04 18:05 - 00946352 ____A (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe

2012-08-04 14:18 - 2012-08-04 14:18 - 00001985 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk

2012-08-04 14:18 - 2012-08-04 14:18 - 00001976 ____A C:\Users\Public\Desktop\Smite.lnk

2012-08-04 14:17 - 2012-08-04 14:16 - 13846728 ____A (Hi-Rez Studios) C:\Users\User\Downloads\InstallHiRezGamesEnglish.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2012-08-04 02:05 - 2012-08-04 02:05 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2012-08-04 02:05 - 2012-08-04 02:05 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2012-08-04 02:05 - 2012-08-04 02:05 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2012-08-04 02:05 - 2012-08-04 02:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2012-08-04 02:05 - 2012-08-04 02:05 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2012-08-04 02:03 - 2012-08-04 02:03 - 01495040 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll

2012-08-04 02:03 - 2012-08-04 02:03 - 00801792 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2012-08-04 02:03 - 2012-08-04 02:03 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll

2012-08-03 19:26 - 2012-08-03 19:26 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends.exe

2012-07-18 09:10 - 2012-08-15 01:09 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2012-07-12 00:43 - 2012-07-12 00:43 - 00000971 ____A C:\Users\Public\Desktop\PowerISO.lnk

2012-07-04 14:47 - 2012-07-04 14:47 - 00000020 ___SH C:\Users\User\ntuser.ini

2012-07-04 14:46 - 2011-06-06 07:59 - 00000008 _RASH C:\Users\All Users\ntuser.pol

2012-07-04 14:27 - 2012-07-04 14:26 - 00000020 ____A C:\Windows\´ùk

2012-07-04 14:23 - 2012-07-04 14:23 - 00000020 ___SH C:\Users\Administrator\ntuser.ini

2012-07-04 13:59 - 2009-07-13 20:53 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2012-07-04 13:26 - 2012-08-15 01:08 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2012-07-04 13:23 - 2012-08-15 01:08 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll

2012-07-04 13:23 - 2012-08-15 01:08 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll

2012-07-03 12:46 - 2012-09-03 07:54 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2012-06-28 16:52 - 2012-08-15 02:02 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2012-06-28 16:27 - 2012-08-15 02:02 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2012-06-28 16:16 - 2012-08-15 02:02 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2012-06-28 16:09 - 2012-08-15 02:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2012-06-28 16:09 - 2012-08-15 02:02 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2012-06-28 16:08 - 2012-08-15 02:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2012-06-28 16:07 - 2012-08-15 02:02 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2012-06-28 16:06 - 2012-08-15 02:02 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2012-06-28 16:04 - 2012-08-15 02:02 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2012-06-28 16:04 - 2012-08-15 02:02 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2012-06-28 16:01 - 2012-08-15 02:02 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2012-06-28 16:01 - 2012-08-15 02:02 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2012-06-28 16:00 - 2012-08-15 02:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2012-06-28 15:57 - 2012-08-15 02:02 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2012-06-19 15:54 - 2012-08-18 16:50 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys

2012-06-19 12:30 - 2012-08-18 16:50 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT

2012-06-08 20:46 - 2012-08-03 18:41 - 12868608 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2012-06-08 15:23 - 2012-08-18 16:50 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll

2012-06-08 15:21 - 2012-08-18 16:50 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll

2012-06-08 15:18 - 2012-08-18 16:50 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-09-02 18:19:50

Restore point made on: 2012-09-02 18:24:17

Restore point made on: 2012-09-02 18:25:14

Restore point made on: 2012-09-02 18:26:01

Restore point made on: 2012-09-02 18:26:44

Restore point made on: 2012-09-02 18:27:28

Restore point made on: 2012-09-02 18:28:11

Restore point made on: 2012-09-02 18:28:56

Restore point made on: 2012-09-02 18:29:54

Restore point made on: 2012-09-02 18:30:45

Restore point made on: 2012-09-02 18:32:16

Restore point made on: 2012-09-03 07:43:34

Restore point made on: 2012-09-03 07:56:51

Restore point made on: 2012-09-03 09:08:36

Restore point made on: 2012-09-03 09:16:09

Restore point made on: 2012-09-03 09:23:40

Restore point made on: 2012-09-03 09:25:17

==================== Memory info ===========================

Percentage of memory in use: 20%

Total physical RAM: 2046.8 MB

Available physical RAM: 1621.83 MB

Total Pagefile: 2046.8 MB

Available Pagefile: 1623.45 MB

Total Virtual: 2047.88 MB

Available Virtual: 1962.3 MB

==================== Partitions ============================

1 Drive c: (OS) (Fixed) (Total:221.64 GB) (Free:129.05 GB) NTFS

2 Drive e: (RCTYCOON) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS

3 Drive f: (BLACKBERRY) (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT

4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

5 Drive y: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:6.64 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 232 GB 0 B

Disk 1 Online 968 MB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 39 MB 31 KB

Partition 2 Primary 11 GB 40 MB

Partition 3 Primary 221 GB 11 GB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 4 FAT Partition 39 MB Healthy Hidden

==================================================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y RECOVERY NTFS Partition 11 GB Healthy

==================================================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 221 GB Healthy

==================================================================================

Partitions of Disk 1:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 964 MB 4109 KB

==================================================================================

Disk: 1

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F BLACKBERRY FAT Removable 964 MB Healthy

==================================================================================

Last Boot: 2012-08-31 06:22

==================== End Of Log =============================

Share this post


Link to post
Share on other sites

I'd like you to run MBAM again, but this time allow it to remove those items it detects:

icon11.gif You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM

  • Click the Update tab
  • Click Check for Updates
  • If an update is found, it will download and install the latest version.
  • The program will close to update and reopen.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Uncheck any entries from C:\System Volume Information, C:\_OTL\MovedFiles or C:\Qoobox
  • Make sure that everything else is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Please include the following in your next post:

  • MBAM log

Share this post


Link to post
Share on other sites

@snxp

How's it going? Are you still needing help?

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.