snxp Posted September 3, 2012 ID:593131 Share Posted September 3, 2012 Think i landed on a bad website, and instantly got infected somehow never had this happen before.DDS.txtAttach.txtmbam-log-2012-09-03 (09-34-51).txt Link to post Share on other sites More sharing options...
RPMcMurphy Posted September 4, 2012 ID:593304 Share Posted September 4, 2012 Hello and welcome. Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed. Download Combofix from either of the links below, and save it to your desktop. Link 1Link 2**Note: It is important that it is saved directly to your desktop**--------------------------------------------------------------------IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link--------------------------------------------------------------------Double click on ComboFix.exe & follow the prompts.If you have trouble, stop and post back. Do not try to repeatedly run comboFix!When finished, it will produce a report for you..Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.Please include the following in your next post:ComboFix log Link to post Share on other sites More sharing options...
snxp Posted September 4, 2012 Author ID:593313 Share Posted September 4, 2012 I get an error saying it could night mind NKRMD and there was also an error saying that it couldn't write a certain file as things were being extracted. I then got a beeping noise. Link to post Share on other sites More sharing options...
RPMcMurphy Posted September 4, 2012 ID:593341 Share Posted September 4, 2012 Try this instead: Download Farbar Recovery Scan Tool and save it to a flash drive.Plug the flashdrive into the infected PC.Enter System Recovery Options.To enter System Recovery Options from the Advanced Boot Options:Restart the computer.As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.Use the arrow keys to select the Repair your computer menu item.Select US as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account an click Next.To enter System Recovery Options by using Windows installation disc:Insert the installation disc.Restart your computer.If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.Click Repair your computer.Select US as the keyboard language settings, and then click Next.Select the operating system you want to repair, and then click Next.Select your user account and click Next.On the System Recovery Options menu you will get the following options:Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt[*]Select Command Prompt[*]In the command window type in notepad and press Enter.[*]The notepad opens. Under File menu select Open.[*]Select "Computer" and find your flash drive letter and close the notepad.[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press EnterNote: Replace letter e with the drive letter of your flash drive.[*]The tool will start to run.[*]When the tool opens click Yes to disclaimer.[*]Press Scan button.[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.Please include the following in your next post:FRST.txt log Link to post Share on other sites More sharing options...
snxp Posted September 4, 2012 Author ID:593431 Share Posted September 4, 2012 Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) (x86) Version: 04-09-2012 01Ran by SYSTEM at 04-09-2012 07:17:06Running from F:\Windows 7 Professional (X86) OS Language: English(US) The current controlset is ControlSet001==================== Registry (Whitelisted) ===================HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)HKLM\...\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup [307200 2011-06-14] (PowerISO Computing, Inc.)HKLM\...\Run: [] [x]HKLM\...\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" [1095560 2012-07-26] (Spigot, Inc.)HKLM\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [10996368 2012-06-11] (Realtek Semiconductor)HKLM\...\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)HKLM\...\Run: [Everything] "C:\Program Files\Everything\Everything.exe" -startup [602624 2009-03-12] ()HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)HKU\Administrator\...\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)HKU\Administrator\...\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)HKU\Administrator\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)HKU\jamielatty\...\Run: [spark] C:\Program Files\Spark\Spark.exe [x]HKU\User\...\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)HKU\User\...\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent [1353080 2012-08-04] (Valve Corporation)HKU\User\...\Run: [Facebook Update] "C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-07] (Facebook Inc.)HKU\User\...\Run: [Java Updater] "C:\Users\User\AppData\Roaming\JavaUpdater\javaupdate.exe" [486400 2012-08-22] (Java)HKU\User\...\Run: [F.lux] "C:\Users\User\Local Settings\Apps\F.lux\flux.exe" /noshow [966656 2009-08-28] ()HKLM\...\Runonce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x]Tcpip\..\Interfaces\{35EE6603-51E0-4025-96A1-00E7B6EEB81C}: [NameServer]8.8.8.8,8.8.4.4========================== Services (Whitelisted) ========================2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [87968 2009-11-17] (Andrea Electronics Corporation)2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [794560 2012-07-26] (Spigot, Inc.)2 BPowMon; C:\Program Files\Broadcom\BPowMon\BPowMon.exe [79168 2009-08-17] (Broadcom Corp.)3 Futuremark SystemInfo Service; "C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe" [135584 2012-04-26] (Futuremark Corporation)2 HiPatchService; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-30] (Hi-Rez Studios)2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net)2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)==================== Drivers (Whitelisted) ===================3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [16640 2010-12-30] (Wondershare)3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()3 k57nd60x; C:\Windows\System32\DRIVERS\k57nd60x.sys [273960 2009-08-21] (Broadcom Corporation)3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-07-03] (Malwarebytes Corporation)3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [97552 2011-08-29] (MotioninJoy)0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45200 2009-07-09] (Sonic Solutions)3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)==================== NetSvcs (Whitelisted) ============================= One Month Created Files and Folders ==============2012-09-04 07:17 - 2012-09-04 07:17 - 00000000 ____D C:\FRST2012-09-04 05:56 - 2012-09-04 05:57 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe2012-09-04 05:41 - 2012-09-04 06:12 - 00001108 ____A C:\Windows\PFRO.log2012-09-03 17:08 - 2012-09-03 17:09 - 00000000 ___SD C:\ComboFix2012-09-03 17:08 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe2012-09-03 17:08 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe2012-09-03 17:08 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe2012-09-03 17:08 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe2012-09-03 17:08 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe2012-09-03 17:08 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe2012-09-03 17:08 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe2012-09-03 17:06 - 2012-09-03 17:08 - 00000000 ____D C:\Qoobox2012-09-03 17:05 - 2012-09-03 17:08 - 00000000 ___SD C:\32788R22FWJFW2012-09-03 17:05 - 2012-09-03 17:05 - 00000000 ____D C:\Windows\erdnt2012-09-03 17:03 - 2012-09-03 17:04 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk2012-09-03 09:25 - 2012-09-03 09:25 - 00000000 ____D C:\Riot Games2012-09-03 09:21 - 2012-09-04 06:12 - 00000224 ____A C:\Windows\setupact.log2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe2012-09-03 08:57 - 2012-09-03 08:59 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk2012-09-03 07:59 - 2012-09-03 07:59 - 00000000 ____D C:\Program Files\CCleaner2012-09-03 07:58 - 2012-09-03 07:59 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2012-09-03 07:54 - 2012-07-03 12:46 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys2012-09-03 07:53 - 2012-09-03 07:54 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe2012-09-03 06:50 - 2012-09-04 05:42 - 00000000 ____D C:\Program Files\Everything2012-09-03 06:46 - 2012-09-03 07:47 - 00000000 ____D C:\Program Files\File Shredder2012-09-02 18:32 - 2012-09-02 18:32 - 00000000 ____D C:\Program Files\Screaming Bee LLC2012-09-02 18:21 - 2012-09-02 18:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Screaming Bee2012-09-02 18:20 - 2012-09-02 18:30 - 00000000 ____D C:\Program Files\Screaming Bee2012-09-02 18:20 - 2012-09-02 18:20 - 00000000 ____D C:\Users\All Users\Screaming Bee2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip2012-09-02 13:24 - 2012-09-02 13:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes2012-09-01 07:42 - 2012-09-01 07:42 - 00000000 ____D C:\Users\All Users\regid.1986-12.com.adobe2012-09-01 07:35 - 2012-09-03 09:00 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia2012-09-01 07:35 - 2012-09-01 07:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe2012-08-28 22:17 - 2012-08-28 22:21 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov2012-08-28 15:13 - 2012-08-28 15:13 - 00000000 ____D C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.52012-08-28 10:29 - 2012-08-28 10:30 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip2012-08-28 10:27 - 2012-08-31 17:46 - 00000000 ____D C:\Users\User\AppData\Local\Spotify2012-08-28 10:25 - 2012-09-03 07:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify2012-08-26 04:25 - 2012-08-26 04:25 - 00000000 ____D C:\Users\User\Desktop\Zenith2012-08-26 04:13 - 2012-08-27 01:45 - 00000000 ____D C:\Users\User\ZenithCache12012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe2012-08-26 04:01 - 2012-08-26 04:01 - 00000000 ____D C:\Users\User\Desktop\Zenith Client2012-08-26 03:19 - 2012-08-26 04:25 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar2012-08-26 03:19 - 2012-08-26 03:20 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar2012-08-26 03:06 - 2012-08-26 03:08 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar2012-08-26 03:06 - 2012-08-26 03:07 - 06118558 ____A C:\Users\User\Downloads\Server.rar2012-08-26 02:21 - 2012-08-26 02:21 - 00000000 ____D C:\Users\User\AppData\Roaming\Applied Acoustics Systems2012-08-26 02:08 - 2012-08-26 02:08 - 00000000 ____D C:\SNxP2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip2012-08-26 02:03 - 2012-08-26 02:04 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe2012-08-26 01:41 - 2012-08-26 01:41 - 00000000 ____D C:\Users\User\AppData\Roaming\JavaUpdater2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Server2012-08-26 01:29 - 2012-08-26 01:29 - 00000000 ____D C:\Users\User\Desktop\Project-Complexity Client2012-08-26 01:14 - 2012-08-26 01:24 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar2012-08-26 01:14 - 2012-08-26 01:17 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar2012-08-26 00:25 - 2012-08-26 00:25 - 00000000 ____D C:\Users\User\VistexV6Cache2012-08-26 00:16 - 2012-08-26 00:16 - 00000000 ____D C:\Users\User\Desktop\Sexy Time2012-08-26 00:13 - 2012-08-26 00:25 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip2012-08-26 00:12 - 2012-08-26 00:14 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar2012-08-26 00:08 - 2012-08-26 00:09 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip2012-08-25 23:23 - 2012-08-25 23:24 - 00000000 ____D C:\Users\User\paradise704Cache12012-08-24 05:09 - 2012-09-01 09:48 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat2012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\Users\User\jagexcache12012-08-24 05:09 - 2012-08-24 05:09 - 00000000 ____D C:\.jagex_cache_322012-08-21 18:43 - 2012-08-22 19:41 - 00000000 ____D C:\Users\User\Documents\My Recordings2012-08-20 22:15 - 2012-08-20 23:13 - 00000000 ____D C:\Users\User\AppData\Roaming\TeamViewer2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk2012-08-20 22:15 - 2012-08-20 22:15 - 00000000 ____D C:\Program Files\TeamViewer2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe2012-08-20 22:08 - 2012-08-20 22:08 - 00000000 ____D C:\Users\User\Desktop\ZyberRune client by Visible2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar2012-08-20 20:48 - 2012-08-20 20:49 - 91577013 ____A C:\Users\User\Desktop\client.rar2012-08-20 20:33 - 2012-08-20 20:33 - 00000000 ____D C:\Users\User\Desktop\ZybeRune source by Visible2012-08-20 19:31 - 2012-08-20 19:50 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar2012-08-20 19:31 - 2012-08-20 19:33 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar2012-08-20 19:26 - 2012-08-20 19:50 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar2012-08-20 19:24 - 2012-08-20 19:40 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\User\AppData\Roaming\NCH Software2012-08-20 03:13 - 2012-08-27 03:13 - 00000000 ____D C:\Users\All Users\NCH Software2012-08-20 03:13 - 2012-08-21 18:35 - 00000000 ____D C:\Program Files\NCH Software2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk2012-08-20 01:55 - 2012-08-20 02:00 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar2012-08-20 01:55 - 2012-08-20 01:56 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar2012-08-18 23:03 - 2012-08-18 23:05 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar2012-08-18 21:44 - 2012-08-18 21:45 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Users\User\AppData\Local\Vitalwerks2012-08-18 21:20 - 2012-08-18 21:20 - 00000000 ____D C:\Program Files\No-IP2012-08-18 21:10 - 2012-08-18 21:16 - 00000000 ____D C:\Windows\.mpr_file_store_322012-08-18 21:00 - 2012-08-18 21:00 - 00000000 ____D C:\Users\User\Downloads\AllstarScape2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat2012-08-18 18:06 - 2012-08-18 18:06 - 00000000 ____D C:\Program Files\Common Files\Java2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll2012-08-18 17:43 - 2012-08-18 17:55 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe2012-08-18 17:39 - 2012-08-18 18:54 - 00000162 ____A C:\Users\User\Desktop\build.bat2012-08-18 16:50 - 2012-06-19 15:54 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys2012-08-18 16:50 - 2012-06-19 12:30 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT2012-08-18 16:50 - 2012-06-08 15:23 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll2012-08-18 16:50 - 2012-06-08 15:21 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll2012-08-18 16:50 - 2012-06-08 15:18 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll2012-08-18 16:50 - 2012-06-06 09:44 - 00645776 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApoApi.dll2012-08-18 16:50 - 2012-06-01 08:37 - 02417808 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll2012-08-18 16:50 - 2012-05-31 17:08 - 00087696 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll2012-08-18 16:50 - 2012-04-10 13:40 - 02193472 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO.dll2012-08-18 16:50 - 2012-03-08 10:47 - 00176736 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTACap.dll2012-08-18 16:50 - 2012-03-08 10:47 - 00095840 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTARen.dll2012-08-18 16:50 - 2011-12-16 13:57 - 00054360 ____A (Creative Technology Ltd.) C:\Windows\System32\MBppld32.dll2012-08-18 16:50 - 2011-12-13 15:58 - 01497704 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSndMgr.cpl2012-08-18 16:50 - 2011-11-22 15:28 - 00013416 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00359768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP32A.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00295768 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00170840 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED32A.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL32A.dll2012-08-18 16:50 - 2010-11-08 06:31 - 00064856 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG32A.dll2012-08-18 16:50 - 2009-11-24 08:55 - 00345328 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSXT.dll2012-08-18 16:50 - 2009-11-24 08:55 - 00140528 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW.dll2012-08-18 16:50 - 2009-11-18 06:13 - 00050776 ____A (Creative Technology Ltd.) C:\Windows\System32\MBPPCn32.dll2012-08-18 16:49 - 2012-05-25 17:06 - 01706640 ____A (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll2012-08-18 08:38 - 2012-08-18 08:45 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe2012-08-18 08:31 - 2012-08-18 08:31 - 00000000 ____D C:\Users\User\Downloads\win7_18832012-08-18 08:29 - 2009-07-08 15:34 - 00053248 ____A (Windows XP Bundled build C-Centric Single User) C:\Windows\System32\CSVer.dll2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe2012-08-18 08:24 - 2012-08-18 08:27 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi2012-08-17 17:01 - 2012-08-17 18:16 - 00000000 ____D C:\Users\User\Desktop\g2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt2012-08-15 20:06 - 2009-12-14 14:25 - 00057344 ____A (NexiTech, Inc.) C:\Windows\System32\Wnaspint.dll2012-08-15 19:50 - 2009-12-14 14:24 - 00348160 ____A (Microsoft Corporation) C:\Windows\System32\msvcr71.dll2012-08-15 08:20 - 2012-08-15 08:20 - 00000000 ____D C:\Users\User\AppData\Roaming\SynthMaker2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk2012-08-15 07:53 - 2012-08-15 07:53 - 00000000 ____D C:\Program Files\ASIO4ALL v22012-08-15 07:52 - 2012-08-15 07:52 - 00000000 ____D C:\Program Files\Outsim2012-08-15 07:52 - 2009-09-15 01:14 - 01554944 ____A (HMS http://hp.vector.co.jp/authors/VA012897/) C:\Windows\System32\vorbis.acm2012-08-15 07:52 - 2006-06-20 00:56 - 00225280 ____A (Propellerhead Software AB) C:\Windows\System32\rewire.dll2012-08-15 07:47 - 2012-09-01 07:44 - 00000000 ____D C:\Users\User\AppData\Local\Adobe2012-08-15 02:02 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2012-08-15 02:02 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2012-08-15 02:02 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2012-08-15 02:02 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2012-08-15 02:02 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2012-08-15 02:02 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2012-08-15 02:02 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2012-08-15 02:02 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2012-08-15 02:02 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2012-08-15 02:02 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2012-08-15 02:02 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2012-08-15 02:02 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2012-08-15 02:02 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2012-08-15 02:02 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2012-08-15 01:09 - 2012-07-18 09:10 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys2012-08-15 01:09 - 2012-05-04 23:44 - 00400896 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll2012-08-15 01:08 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll2012-08-15 01:08 - 2012-07-04 13:23 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll2012-08-15 01:08 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll2012-08-15 01:08 - 2012-05-13 20:37 - 00768512 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll2012-08-15 01:08 - 2012-02-10 21:44 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll2012-08-15 01:08 - 2012-02-10 21:41 - 00316928 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe2012-08-14 20:17 - 2012-08-22 00:11 - 00000000 ____D C:\Users\User\Documents\GTA San Andreas User Files2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk2012-08-14 19:59 - 2012-08-14 19:59 - 00000000 ____D C:\Program Files\Rockstar Games2012-08-14 17:54 - 2012-08-14 17:54 - 00000000 ____D C:\Users\User\Documents\Amnesia2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk2012-08-14 17:34 - 2012-08-14 17:39 - 00000000 ____D C:\Program Files\Amnesia - The Dark Descent2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe2012-08-14 14:42 - 2012-09-03 07:50 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW2012-08-14 07:46 - 2012-08-14 14:52 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw22012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ____D C:\Users\Public\Documents\Softwrap2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe2012-08-13 02:00 - 2012-08-13 02:00 - 00000000 ____D C:\Program Files\MSXML 4.02012-08-13 00:07 - 2012-08-14 02:55 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Leadertech2012-08-13 00:06 - 2012-08-13 00:06 - 00000000 ____D C:\Program Files\Atari2012-08-12 23:05 - 2012-09-03 07:47 - 00000000 ____D C:\Windows\.jagex_cache_322012-08-12 23:04 - 2012-09-02 12:05 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk2012-08-12 22:55 - 2012-08-12 22:57 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk2012-08-12 16:43 - 2012-08-12 16:43 - 00000000 ____D C:\Users\User\AppData\Roaming\GameRanger2012-08-12 16:42 - 2012-08-12 16:42 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft Games2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk2012-08-12 16:32 - 2012-08-14 07:12 - 00000000 ____D C:\Program Files\Microsoft Games2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk2012-08-12 16:32 - 2012-08-12 16:32 - 00000000 ____D C:\Program Files\GameSpy Arcade2012-08-12 16:01 - 2012-08-12 16:01 - 00000000 ____D C:\Users\User\AppData\Roaming\Blender Foundation2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk2012-08-12 14:15 - 2012-08-12 14:15 - 00000000 ____D C:\Users\User\.thumbnails2012-08-12 14:14 - 2012-08-12 14:14 - 00000000 ____D C:\Program Files\Blender Foundation2012-08-12 14:10 - 2012-08-12 14:13 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile2012-08-11 22:17 - 2012-08-11 22:29 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url2012-08-11 13:48 - 2012-08-11 13:48 - 00000000 ____D C:\Program Files\Futuremark2012-08-09 22:47 - 2012-08-09 22:47 - 00000000 ____D C:\Users\User\AppData\Roaming\RotMG.Production2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url2012-08-08 22:17 - 2012-08-08 22:17 - 00000000 ____D C:\Users\User\Documents\Streaming Audio Recorder2012-08-08 02:02 - 2010-09-13 22:07 - 00276992 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Apowersoft2012-08-07 22:48 - 2012-08-07 22:48 - 00000000 ____D C:\Program Files\Apowersoft2012-08-07 22:48 - 2010-12-30 14:19 - 00016640 ____A (Wondershare) C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys2012-08-07 22:44 - 2012-08-07 22:46 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe2012-08-07 13:59 - 2012-08-07 13:59 - 00000000 ____D C:\Program Files\Xvid2012-08-07 13:59 - 2011-05-30 05:42 - 00240640 ____A C:\Windows\System32\xvidvfw.dll2012-08-07 13:59 - 2011-05-23 01:52 - 00153088 ____A C:\Windows\System32\xvid.ax2012-08-07 13:59 - 2011-05-22 23:46 - 00645632 ____A C:\Windows\System32\xvidcore.dll2012-08-07 13:56 - 2012-08-07 13:58 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe2012-08-07 13:53 - 2012-08-07 13:53 - 00000000 ____D C:\Users\User\Downloads\VirtualDub-1.9.112012-08-07 13:51 - 2012-08-07 13:52 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip2012-08-07 11:03 - 2011-06-15 20:35 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll2012-08-07 11:03 - 2011-03-28 19:07 - 00258560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00284160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys2012-08-07 11:03 - 2011-03-28 19:06 - 00005888 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys2012-08-07 11:03 - 2011-02-17 21:33 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\prevhost.exe2012-08-07 11:03 - 2009-09-25 21:58 - 00194488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys2012-08-07 11:02 - 2012-05-01 20:52 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll2012-08-07 11:02 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll2012-08-07 11:02 - 2012-01-04 01:03 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll2012-08-07 11:02 - 2012-01-02 21:44 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl2012-08-07 11:02 - 2011-05-03 20:53 - 01553920 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll2012-08-07 11:02 - 2011-05-03 20:52 - 01401856 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll2012-08-07 11:02 - 2011-05-03 20:52 - 00666624 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll2012-08-07 11:02 - 2011-05-03 20:52 - 00428032 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe2012-08-07 11:02 - 2011-05-03 20:52 - 00337408 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll2012-08-07 11:02 - 2011-05-03 20:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll2012-08-07 11:02 - 2011-05-03 20:52 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe2012-08-07 11:02 - 2011-05-03 20:52 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe2012-08-07 11:02 - 2011-05-03 20:52 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll2012-08-07 11:02 - 2011-03-12 03:31 - 00442880 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll2012-08-07 11:02 - 2011-03-10 21:44 - 01210240 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys2012-08-07 11:02 - 2011-03-10 21:44 - 00146304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys2012-08-07 11:02 - 2011-03-10 21:44 - 00143744 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys2012-08-07 11:02 - 2011-03-10 21:44 - 00117120 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys2012-08-07 11:02 - 2011-03-10 21:43 - 00332160 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys2012-08-07 11:02 - 2011-03-10 21:43 - 00080256 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys2012-08-07 11:02 - 2011-03-10 21:43 - 00022400 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys2012-08-07 11:02 - 2011-03-10 21:39 - 01686016 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll2012-08-07 11:02 - 2011-03-10 21:37 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe2012-08-07 11:02 - 2011-03-10 20:08 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS2012-08-07 11:02 - 2011-02-25 21:33 - 02614784 ____A (Microsoft Corporation) C:\Windows\explorer.exe2012-08-07 11:02 - 2011-02-23 21:32 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00350720 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\upnp.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\wscapi.dll2012-08-07 11:02 - 2010-12-20 21:38 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\slwga.dll2012-08-07 11:02 - 2010-12-20 21:34 - 00080384 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll2012-08-07 11:01 - 2011-04-22 11:36 - 00026496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys2012-08-07 10:59 - 2011-02-02 21:45 - 00219008 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys2012-08-07 10:59 - 2010-11-01 20:46 - 00728448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys2012-08-07 10:59 - 2010-11-01 20:23 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll2012-08-07 10:55 - 2012-09-04 02:00 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job2012-08-07 10:55 - 2012-09-03 11:00 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job2012-08-07 10:55 - 2012-08-07 10:58 - 00000000 ____D C:\Users\User\AppData\Local\Facebook2012-08-07 10:54 - 2012-08-07 10:55 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe2012-08-06 21:23 - 2012-08-08 19:44 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live2012-08-06 21:23 - 2012-08-06 21:23 - 00000000 ____D C:\Users\User\AppData\Local\{636EDCCA-0DA9-4AB2-BA93-08F8E5E17AC0}2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk2012-08-06 18:10 - 2012-08-06 18:11 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe2012-08-06 17:54 - 2012-08-06 18:00 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp42012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url2012-08-05 17:58 - 2012-09-03 07:58 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux2012-08-05 17:20 - 2012-08-06 19:42 - 00000000 ____D C:\Fraps2012-08-05 16:42 - 2012-08-05 16:42 - 00000000 ____D C:\Users\User\AppData\Local\qBittorrent2012-08-05 16:09 - 2012-08-05 16:09 - 00000000 ____D C:\Users\User\AppData\Roaming\NVIDIA2012-08-05 11:51 - 2012-08-05 11:51 - 00000000 ____D C:\Users\All Users\NVIDIA Corporation2012-08-05 11:50 - 2012-08-06 12:09 - 00000000 ____D C:\Program Files\NVIDIA Corporation2012-08-05 11:50 - 2012-08-05 11:50 - 00000000 ____D C:\NVIDIA2012-08-05 11:01 - 2012-09-03 15:29 - 00000024 ____A C:\Users\User\random.dat2012-08-05 11:01 - 2012-09-03 14:59 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat2012-08-05 11:01 - 2012-08-12 23:04 - 00000000 ____D C:\Users\User\jagexcache============ 3 Months Modified Files ========================2012-09-04 06:12 - 2012-09-04 05:41 - 00001108 ____A C:\Windows\PFRO.log2012-09-04 06:12 - 2012-09-03 09:21 - 00000224 ____A C:\Windows\setupact.log2012-09-04 06:12 - 2011-06-06 08:50 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2012-09-04 06:12 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT2012-09-04 06:01 - 2009-07-13 20:55 - 01668606 ____A C:\Windows\WindowsUpdate.log2012-09-04 05:57 - 2012-09-04 05:56 - 00904906 ____A (Farbar) C:\Users\User\Downloads\FRST.exe2012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02012-09-04 05:48 - 2009-07-13 20:34 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02012-09-04 02:33 - 2011-06-06 08:50 - 00000888 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2012-09-04 02:00 - 2012-08-07 10:55 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003UA.job2012-09-03 17:04 - 2012-09-03 17:03 - 04742575 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe2012-09-03 15:42 - 2012-09-03 15:42 - 00001130 ____A C:\Users\User\Desktop\Install Microsoft Visual C# 2010 Express.lnk2012-09-03 15:36 - 2012-09-03 15:36 - 03252048 ____A (Microsoft Corporation) C:\Users\User\Downloads\vcs_web.exe2012-09-03 15:29 - 2012-08-05 11:01 - 00000024 ____A C:\Users\User\random.dat2012-09-03 14:59 - 2012-08-05 11:01 - 00000043 ____A C:\Users\User\jagex_cl_runescape_LIVE.dat2012-09-03 11:00 - 2012-08-07 10:55 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3425785903-2770119548-1269738250-1003Core.job2012-09-03 10:34 - 2012-09-03 10:34 - 00011364 ____A C:\Users\User\Downloads\Attach.txt2012-09-03 10:33 - 2012-09-03 10:33 - 00024408 ____A C:\Users\User\Downloads\DDS.txt2012-09-03 09:30 - 2012-09-03 09:30 - 00001722 ____A C:\Users\Public\Desktop\Play League of Legends.lnk2012-09-03 09:27 - 2011-01-28 11:11 - 00740996 ____A C:\Windows\System32\PerfStringBackup.INI2012-09-03 09:21 - 2012-09-03 09:21 - 00000000 ____A C:\Windows\setuperr.log2012-09-03 09:07 - 2012-09-03 09:07 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends (1).exe2012-09-03 09:00 - 2011-06-06 07:51 - 00000422 ____A C:\Windows\Tasks\SystemToolsDailyTest.job2012-09-03 08:59 - 2012-09-03 08:57 - 15428440 ____A (Adobe Systems Inc.) C:\Users\User\Downloads\AdobeAIRInstaller.exe2012-09-03 08:14 - 2012-09-03 08:14 - 00607260 ____R (Swearware) C:\Users\User\Downloads\dds.com2012-09-03 07:59 - 2012-09-03 07:59 - 00000971 ____A C:\Users\Public\Desktop\CCleaner.lnk2012-09-03 07:59 - 2012-09-03 07:58 - 03927560 ____A (Piriform Ltd) C:\Users\User\Downloads\ccsetup322.exe2012-09-03 07:58 - 2012-09-03 07:58 - 00559424 ____A C:\Users\User\Downloads\flux-setup.exe2012-09-03 07:57 - 2012-09-03 07:57 - 00341811 ____A () C:\Users\User\Downloads\Everything-1.2.1.371.exe2012-09-03 07:54 - 2012-09-03 07:54 - 00001073 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2012-09-03 07:54 - 2012-09-03 07:53 - 10652120 ____A (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-1.62.0.1300.exe2012-09-03 07:50 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.TXT2012-09-02 17:57 - 2012-09-02 17:57 - 00996826 ____A C:\Users\User\Downloads\SkypeVoiceChanger1-2.zip2012-09-02 12:05 - 2012-08-12 23:04 - 00000024 ____A C:\Users\User\jagexappletviewer.preferences2012-09-01 09:48 - 2012-08-24 05:09 - 00000044 ____A C:\Users\User\jagex_cl_runescape_LIVE1.dat2012-09-01 07:42 - 2012-07-12 00:22 - 00108824 ____A C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT2012-08-30 18:46 - 2012-08-30 18:46 - 00126160 ____A (RealNetworks, Inc.) C:\Users\User\Downloads\COHSetup-dm.exe2012-08-28 22:21 - 2012-08-28 22:17 - 10287639 ____A C:\Users\User\Desktop\imnothigh.mov2012-08-28 10:30 - 2012-08-28 10:29 - 11040639 ____A C:\Users\User\Downloads\SciLorsGrooveshark.comDownloaderV0.4.9.5.zip2012-08-26 04:25 - 2012-08-26 03:19 - 456837164 ____A C:\Users\User\Desktop\Zenith.rar2012-08-26 04:06 - 2012-08-26 04:06 - 00894952 ____A (Oracle Corporation) C:\Users\User\Downloads\jre-7u6-windows-i586-iftw.exe2012-08-26 03:20 - 2012-08-26 03:19 - 04194888 ____A C:\Users\User\Desktop\Zenith Client.rar2012-08-26 03:08 - 2012-08-26 03:06 - 12900524 ____A C:\Users\User\Downloads\Client (1).rar2012-08-26 03:07 - 2012-08-26 03:06 - 06118558 ____A C:\Users\User\Downloads\Server.rar2012-08-26 02:04 - 2012-08-26 02:04 - 00265910 ____A C:\Users\User\Downloads\JARMaker.zip2012-08-26 02:04 - 2012-08-26 02:03 - 00587432 ____A C:\Users\User\Downloads\cbsidlm-tr1_5-JAR_Maker-10588876.exe2012-08-26 01:24 - 2012-08-26 01:14 - 64723042 ____A C:\Users\User\Desktop\Project-Complexity Client.rar2012-08-26 01:17 - 2012-08-26 01:14 - 11425929 ____A C:\Users\User\Desktop\Project-Complexity Server.rar2012-08-26 00:25 - 2012-08-26 00:13 - 107397022 ____A C:\Users\User\Desktop\VistexV6Cache.zip2012-08-26 00:14 - 2012-08-26 00:12 - 13763606 ____A C:\Users\User\Desktop\Sexy Time.rar2012-08-26 00:09 - 2012-08-26 00:08 - 09015333 ____A C:\Users\User\Desktop\RsCalifornia v2.zip2012-08-25 06:59 - 2012-08-25 06:59 - 00005577 ____A C:\Users\User\Desktop\Audiosurf - Shortcut.lnk2012-08-21 17:34 - 2011-06-06 08:51 - 00002288 ____A C:\Users\Public\Desktop\Google Chrome.lnk2012-08-20 22:15 - 2012-08-20 22:15 - 00001126 ____A C:\Users\Public\Desktop\TeamViewer 7.lnk2012-08-20 22:14 - 2012-08-20 22:14 - 03610576 ____A (TeamViewer GmbH) C:\Users\User\Downloads\TeamViewer_Setup_en.exe2012-08-20 21:58 - 2012-08-20 21:58 - 02094105 ____A C:\Users\User\Desktop\river.m4a2012-08-20 20:51 - 2012-08-20 20:51 - 91577013 ____A C:\Users\User\Downloads\client.rar2012-08-20 20:49 - 2012-08-20 20:48 - 91577013 ____A C:\Users\User\Desktop\client.rar2012-08-20 19:50 - 2012-08-20 19:31 - 90464619 ____A C:\Users\User\Desktop\ZyberRune client by Visible.rar2012-08-20 19:50 - 2012-08-20 19:26 - 110899404 ____A C:\Users\User\Downloads\Deception release.rar2012-08-20 19:40 - 2012-08-20 19:24 - 33937932 ____A C:\Users\User\Downloads\ElysianX_V1.rar2012-08-20 19:33 - 2012-08-20 19:31 - 07056705 ____A C:\Users\User\Desktop\ZybeRune source by Visible.rar2012-08-20 03:13 - 2012-08-20 03:13 - 00002058 ____A C:\Users\Public\Desktop\WavePad Sound Editor.lnk2012-08-20 03:13 - 2012-08-20 03:13 - 00002014 ____A C:\Users\Public\Desktop\MixPad.lnk2012-08-20 03:13 - 2012-08-20 03:13 - 00001098 ____A C:\Users\Public\Desktop\Switch Sound File Converter.lnk2012-08-20 02:00 - 2012-08-20 01:55 - 27289602 ____A C:\Users\User\Downloads\Pk Planet Client V6.rar2012-08-20 01:56 - 2012-08-20 01:55 - 03699607 ____A C:\Users\User\Downloads\Pk Planet Source V3.rar2012-08-18 23:05 - 2012-08-18 23:03 - 20022886 ____A C:\Users\User\Desktop\Allstar-Scape Package.rar2012-08-18 21:45 - 2012-08-18 21:44 - 00893936 ____A (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u5.exe2012-08-18 21:20 - 2012-08-18 21:20 - 01117296 ____A C:\Users\User\Downloads\ducsetup.exe2012-08-18 20:09 - 2012-08-18 20:09 - 02071608 ____A C:\Users\User\Downloads\AllstarScape.rar2012-08-18 19:48 - 2012-08-18 19:48 - 00000000 ____A C:\Users\User\jagex_runescape_preferences.dat2012-08-18 18:54 - 2012-08-18 17:39 - 00000162 ____A C:\Users\User\Desktop\build.bat2012-08-18 18:01 - 2012-08-18 18:01 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe2012-08-18 18:01 - 2012-08-18 18:01 - 00093672 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll2012-08-18 18:01 - 2012-08-04 08:28 - 00821736 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe2012-08-18 18:01 - 2012-08-04 08:28 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe2012-08-18 18:01 - 2011-01-28 11:06 - 00746984 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll2012-08-18 17:55 - 2012-08-18 17:43 - 92624352 ____A (Oracle Corporation) C:\Users\User\Downloads\jdk-7u6-windows-i586.exe2012-08-18 08:45 - 2012-08-18 08:38 - 51733249 ____A (Realtek Semiconductor Corp.) C:\Users\User\Downloads\32bit_Vista_Win7_Win8_R270.exe2012-08-18 08:27 - 2012-08-18 08:24 - 25635465 ____A C:\Users\User\Downloads\win7_1883.zip2012-08-18 08:25 - 2012-08-18 08:25 - 02738712 ____A (Intel Corporation) C:\Users\User\Downloads\infinst_autol_1019.exe2012-08-18 08:15 - 2012-08-18 08:15 - 01449984 ____A C:\Users\User\Downloads\pidenu31.msi2012-08-16 20:44 - 2012-08-16 20:44 - 00000103 ____A C:\Users\User\Documents\marcs info.txt2012-08-16 15:00 - 2011-06-06 07:51 - 00000564 ____A C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job2012-08-15 20:06 - 2012-08-15 20:06 - 00000984 ____A C:\Users\Public\Desktop\Mixcraft 5.lnk2012-08-15 07:54 - 2012-08-15 07:54 - 01700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll2012-08-15 07:54 - 2012-08-15 07:54 - 01060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll2012-08-15 07:53 - 2012-08-15 07:53 - 00001102 ____A C:\Users\User\Desktop\ASIO4ALL v2 Instruction Manual.lnk2012-08-15 02:07 - 2009-07-13 20:33 - 00407664 ____A C:\Windows\System32\FNTCACHE.DAT2012-08-15 02:04 - 2009-07-13 18:04 - 00000499 ____A C:\Windows\win.ini2012-08-14 20:12 - 2012-08-14 20:12 - 00001077 ____A C:\Users\User\Desktop\gta_sa - Shortcut.lnk2012-08-14 17:39 - 2012-08-14 17:39 - 00002128 ____A C:\Users\User\Desktop\Amnesia.lnk2012-08-14 15:00 - 2012-08-14 15:00 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe2012-08-14 15:00 - 2012-08-04 17:52 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl2012-08-14 14:52 - 2012-08-14 07:46 - 00007605 ____A C:\Users\User\AppData\Local\Resmon.ResmonCfg2012-08-14 14:42 - 2012-08-14 14:42 - 00000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW2012-08-14 07:15 - 2012-08-14 07:15 - 00002026 ____A C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk2012-08-14 03:49 - 2012-08-14 03:49 - 00002645 ____A C:\Users\Public\Documents\Global.sw22012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\User\Desktop\Game Maker.lnk2012-08-14 03:49 - 2012-08-14 03:49 - 00001002 ____A C:\Users\Administrator\Desktop\Game Maker.lnk2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys2.bmp2012-08-14 03:49 - 2012-08-14 03:49 - 00000000 ___AH C:\Windows\SwSys1.bmp2012-08-14 03:48 - 2012-08-14 03:42 - 10857464 ____A () C:\Users\User\Desktop\gmaker80.exe2012-08-14 03:41 - 2012-08-14 03:41 - 00352944 ____A (Softonic) C:\Users\User\Downloads\SoftonicDownloader_for_game-maker.exe2012-08-14 03:18 - 2012-08-14 03:18 - 05857357 ____A (Croteam ) C:\Users\User\Downloads\secondencounterpatch107_usa.exe2012-08-14 02:55 - 2012-08-13 00:07 - 00002032 ____A C:\Users\Public\Desktop\RollerCoaster Tycoon.lnk2012-08-12 23:04 - 2012-08-12 23:04 - 00002050 ____A C:\Users\User\Desktop\RuneScape.lnk2012-08-12 22:57 - 2012-08-12 22:55 - 23642112 ____A C:\Users\User\Downloads\RuneScape.msi2012-08-12 20:22 - 2012-08-12 20:22 - 01825653 ____A C:\Users\User\Desktop\Speccy.rar2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup.exe2012-08-12 16:43 - 2012-08-12 16:43 - 00114352 ____A (GameRanger Technologies) C:\Users\User\Downloads\GameRangerSetup (1).exe2012-08-12 16:43 - 2012-08-12 16:43 - 00001070 ____A C:\Users\User\Desktop\GameRanger.lnk2012-08-12 16:38 - 2012-08-12 16:38 - 00002103 ____A C:\Users\Public\Desktop\Rise of Nations Gold.lnk2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\User\Desktop\GameSpy Arcade.lnk2012-08-12 16:32 - 2012-08-12 16:32 - 00000972 ____A C:\Users\Administrator\Desktop\GameSpy Arcade.lnk2012-08-12 14:15 - 2012-08-12 14:15 - 00002056 ____A C:\Users\Public\Desktop\Blender.lnk2012-08-12 14:13 - 2012-08-12 14:10 - 28432273 ____A C:\Users\User\Downloads\blender-2.63a-release-windows32.exe2012-08-11 22:30 - 2012-08-11 22:30 - 00002267 ____A C:\Users\User\Documents\gg.mij_profile2012-08-11 22:29 - 2012-08-11 22:17 - 124586272 ____A (NVIDIA Corporation) C:\Users\User\Downloads\301.42-desktop-win7-winvista-32bit-english-whql.exe2012-08-11 21:31 - 2012-08-11 21:31 - 00000216 ____A C:\Users\User\Desktop\Wanderlust Rebirth.url2012-08-09 22:41 - 2012-08-09 22:41 - 00000216 ____A C:\Users\User\Desktop\Realm of the Mad God.url2012-08-09 02:08 - 2011-06-06 11:03 - 00000989 ____A C:\Users\jamielatty\Desktop\WORD.lnk2012-08-09 02:08 - 2011-06-06 11:03 - 00000977 ____A C:\Users\jamielatty\Desktop\EXCEL.lnk2012-08-09 02:08 - 2011-06-06 11:02 - 00000989 ____A C:\Users\jamielatty\Desktop\OUTLOOK.lnk2012-08-07 22:48 - 2012-08-07 22:48 - 00001308 ____A C:\Users\Public\Desktop\Streaming Audio Recorder.lnk2012-08-07 22:46 - 2012-08-07 22:44 - 15129369 ____A (Apowersoft ) C:\Users\User\Downloads\streaming-audio-recorder.exe2012-08-07 13:58 - 2012-08-07 13:56 - 10768856 ____A (Xvid Team) C:\Users\User\Downloads\Xvid-1.3.2-20110601.exe2012-08-07 13:52 - 2012-08-07 13:51 - 01707366 ____A C:\Users\User\Downloads\VirtualDub-1.9.11.zip2012-08-07 10:55 - 2012-08-07 10:54 - 00501248 ____A (Facebook Inc.) C:\Users\User\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe2012-08-06 21:22 - 2012-08-06 21:22 - 00010598 ____A C:\Users\User\Documents\C&C Zero Hour Super Weapons VS Tank General.wlmp2012-08-06 19:42 - 2012-08-06 19:42 - 00000564 ____A C:\Users\User\Desktop\Fraps.lnk2012-08-06 18:11 - 2012-08-06 18:10 - 00299288 ____A C:\Users\User\Downloads\GmailInstaller.exe2012-08-06 18:00 - 2012-08-06 17:54 - 62057024 ____A C:\Users\User\Downloads\DISCO FRIES w-logos.mp42012-08-06 16:01 - 2012-08-06 16:01 - 04117346 ____A C:\Users\User\Downloads\MotioninJoy_071001_signed.zip2012-08-06 16:00 - 2012-07-12 00:22 - 00001082 ____A C:\Users\Public\Desktop\DS3 Tool.lnk2012-08-06 15:58 - 2012-08-06 15:58 - 00000744 ____A C:\Users\User\Documents\New Profile.xpadderprofile2012-08-06 15:57 - 2012-08-06 15:57 - 00000791 ____A C:\Users\User\Documents\My MotioninJoy Virtual Game Controller.xpaddercontroller2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf2012-08-06 15:36 - 2012-08-06 15:36 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf2012-08-06 11:19 - 2012-08-06 11:19 - 00000216 ____A C:\Users\User\Desktop\Terraria.url2012-08-04 18:16 - 2012-08-04 18:16 - 00000877 ____A C:\Users\Public\Desktop\Steam.lnk2012-08-04 18:15 - 2012-08-04 18:14 - 01606656 ____A C:\Users\User\Downloads\SteamInstall.msi2012-08-04 18:09 - 2012-08-04 18:09 - 00002503 ____A C:\Users\Public\Desktop\Skype.lnk2012-08-04 18:05 - 2012-08-04 18:05 - 00946352 ____A (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe2012-08-04 14:18 - 2012-08-04 14:18 - 00001985 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk2012-08-04 14:18 - 2012-08-04 14:18 - 00001976 ____A C:\Users\Public\Desktop\Smite.lnk2012-08-04 14:17 - 2012-08-04 14:16 - 13846728 ____A (Hi-Rez Studios) C:\Users\User\Downloads\InstallHiRezGamesEnglish.exe2012-08-04 02:05 - 2012-08-04 02:05 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat2012-08-04 02:05 - 2012-08-04 02:05 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec2012-08-04 02:05 - 2012-08-04 02:05 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx2012-08-04 02:05 - 2012-08-04 02:05 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll2012-08-04 02:05 - 2012-08-04 02:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe2012-08-04 02:05 - 2012-08-04 02:05 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe2012-08-04 02:03 - 2012-08-04 02:03 - 01495040 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll2012-08-04 02:03 - 2012-08-04 02:03 - 00801792 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll2012-08-04 02:03 - 2012-08-04 02:03 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll2012-08-03 19:26 - 2012-08-03 19:26 - 02353512 ____A C:\Users\User\Downloads\LeagueofLegends.exe2012-07-18 09:10 - 2012-08-15 01:09 - 02344448 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys2012-07-12 00:43 - 2012-07-12 00:43 - 00000971 ____A C:\Users\Public\Desktop\PowerISO.lnk2012-07-04 14:47 - 2012-07-04 14:47 - 00000020 ___SH C:\Users\User\ntuser.ini2012-07-04 14:46 - 2011-06-06 07:59 - 00000008 _RASH C:\Users\All Users\ntuser.pol2012-07-04 14:27 - 2012-07-04 14:26 - 00000020 ____A C:\Windows\´ùk2012-07-04 14:23 - 2012-07-04 14:23 - 00000020 ___SH C:\Users\Administrator\ntuser.ini2012-07-04 13:59 - 2009-07-13 20:53 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT2012-07-04 13:26 - 2012-08-15 01:08 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll2012-07-04 13:23 - 2012-08-15 01:08 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll2012-07-04 13:23 - 2012-08-15 01:08 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll2012-07-03 12:46 - 2012-09-03 07:54 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys2012-06-28 16:52 - 2012-08-15 02:02 - 12317184 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll2012-06-28 16:27 - 2012-08-15 02:02 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll2012-06-28 16:16 - 2012-08-15 02:02 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll2012-06-28 16:09 - 2012-08-15 02:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll2012-06-28 16:09 - 2012-08-15 02:02 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll2012-06-28 16:08 - 2012-08-15 02:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl2012-06-28 16:07 - 2012-08-15 02:02 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll2012-06-28 16:06 - 2012-08-15 02:02 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll2012-06-28 16:04 - 2012-08-15 02:02 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll2012-06-28 16:04 - 2012-08-15 02:02 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe2012-06-28 16:01 - 2012-08-15 02:02 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll2012-06-28 16:01 - 2012-08-15 02:02 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll2012-06-28 16:00 - 2012-08-15 02:02 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb2012-06-28 15:57 - 2012-08-15 02:02 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll2012-06-19 15:54 - 2012-08-18 16:50 - 03240400 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHDA.sys2012-06-19 12:30 - 2012-08-18 16:50 - 00293889 ____A C:\Windows\System32\Drivers\RTAIODAT.DAT2012-06-08 20:46 - 2012-08-03 18:41 - 12868608 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll2012-06-08 15:23 - 2012-08-18 16:50 - 00071808 ____A (Creative Technology Ltd.) C:\Windows\System32\MBWrp32.dll2012-06-08 15:21 - 2012-08-18 16:50 - 00753280 ____A (Creative Technology Ltd.) C:\Windows\System32\MBAPO32.dll2012-06-08 15:18 - 2012-08-18 16:50 - 03173008 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll==================== Known DLLs (Whitelisted) ===================================== Bamital & volsnap Check =================C:\Windows\explorer.exe => MD5 is legitC:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit==================== EXE ASSOCIATION =====================HKLM\...\.exe: exefile => OKHKLM\...\exefile\DefaultIcon: %1 => OKHKLM\...\exefile\open\command: "%1" %* => OK==================== Restore Points =========================Restore point made on: 2012-09-02 18:19:50Restore point made on: 2012-09-02 18:24:17Restore point made on: 2012-09-02 18:25:14Restore point made on: 2012-09-02 18:26:01Restore point made on: 2012-09-02 18:26:44Restore point made on: 2012-09-02 18:27:28Restore point made on: 2012-09-02 18:28:11Restore point made on: 2012-09-02 18:28:56Restore point made on: 2012-09-02 18:29:54Restore point made on: 2012-09-02 18:30:45Restore point made on: 2012-09-02 18:32:16Restore point made on: 2012-09-03 07:43:34Restore point made on: 2012-09-03 07:56:51Restore point made on: 2012-09-03 09:08:36Restore point made on: 2012-09-03 09:16:09Restore point made on: 2012-09-03 09:23:40Restore point made on: 2012-09-03 09:25:17==================== Memory info =========================== Percentage of memory in use: 20%Total physical RAM: 2046.8 MBAvailable physical RAM: 1621.83 MBTotal Pagefile: 2046.8 MBAvailable Pagefile: 1623.45 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1962.3 MB==================== Partitions ============================1 Drive c: (OS) (Fixed) (Total:221.64 GB) (Free:129.05 GB) NTFS2 Drive e: (RCTYCOON) (CDROM) (Total:0.16 GB) (Free:0 GB) CDFS3 Drive f: (BLACKBERRY) (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS5 Drive y: (RECOVERY) (Fixed) (Total:11.15 GB) (Free:6.64 GB) NTFS ==>[system with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 232 GB 0 B Disk 1 Online 968 MB 0 B Partitions of Disk 0:=============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 39 MB 31 KB Partition 2 Primary 11 GB 40 MB Partition 3 Primary 221 GB 11 GB==================================================================================Disk: 0Partition 1Type : DEHidden: YesActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 4 FAT Partition 39 MB Healthy Hidden ==================================================================================Disk: 0Partition 2Type : 07Hidden: NoActive: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 1 Y RECOVERY NTFS Partition 11 GB Healthy ==================================================================================Disk: 0Partition 3Type : 07Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 2 C OS NTFS Partition 221 GB Healthy ==================================================================================Partitions of Disk 1:=============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 964 MB 4109 KB==================================================================================Disk: 1Partition 1Type : 06Hidden: NoActive: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- --------* Volume 3 F BLACKBERRY FAT Removable 964 MB Healthy ==================================================================================Last Boot: 2012-08-31 06:22==================== End Of Log ============================= Link to post Share on other sites More sharing options...
RPMcMurphy Posted September 5, 2012 ID:593633 Share Posted September 5, 2012 I'd like you to run MBAM again, but this time allow it to remove those items it detects: You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.Open MBAMClick the Update tabClick Check for UpdatesIf an update is found, it will download and install the latest version.The program will close to update and reopen.Once the program has loaded, select "Perform Full Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Uncheck any entries from C:\System Volume Information, C:\_OTL\MovedFiles or C:\QooboxMake sure that everything else is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.Please include the following in your next post:MBAM log Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2012 ID:595249 Share Posted September 9, 2012 @snxpHow's it going? Are you still needing help? Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 10, 2012 ID:595396 Share Posted September 10, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts