MoneyPak Virus no safe mode no command prompt

[maxsheebs]

OS: Windows 7 64 bit

Hello, I have the MoneyPak Virus on my computer. I can't enter safe mode, safe mode with networking, or safe mode with command prompt. I have done the first step with the farbar recovery scan tool and attached both "frst.txt" file and "search.txt" file.

Please help, Thanks

FRST.txt

Search.txt

[Maniac]

Hello maxsheebs and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know.

[maxsheebs]

Sad without my computer

[Maniac]

What is your opinion?

[maxsheebs]

My opinion? I'm sad that my computer is working from the moneypak virus. I wish i could fix it but can you or someone make a fixlog type thing with my Frst.txt and Search.txt?

[maxsheebs]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2013 01

Ran by SYSTEM at 24-02-2013 12:32:12

Running from J:\

Windows 7 Home Premium (X64) OS Language: English(US)

The current controlset is ControlSet002

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-06] (Realtek Semiconductor)

HKLM\...\Run: [RunDLLEntry_THXCfg] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64 [17920 2009-10-15] (Creative Technology Ltd.)

HKLM\...\Run: [RunDLLEntry_EptMon] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64 [21504 2009-10-15] (Creative Technology Ltd.)

HKLM-x32\...\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)

HKLM-x32\...\Run: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.)

HKLM-x32\...\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m [1807680 2010-02-09] ()

HKLM-x32\...\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r [963584 2009-12-01] (Creative Technology Ltd)

HKLM-x32\...\Run: [updReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup [623880 2008-09-09] (Intuit Inc. All rights reserved.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe" [46368 2010-03-08] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe" [29984 2010-03-08] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini" [377 2013-02-24] ()

HKLM-x32\...\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [139264 2011-04-20] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [2621440 2010-06-10] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1151152 2013-02-18] ()

HKLM-x32\...\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()

HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-29] ()

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)

HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot [295072 2012-12-19] (RealNetworks, Inc.)

HKLM-x32\...\Run: [MigAutoPlay] "C:\ProgramData\MigAutoPlay.exe" [89600 2013-02-22] ()

HKU\Max\...\Run: [Google Update] "C:\Users\Max\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-01] (Google Inc.)

HKU\Max\...\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [222496 2009-05-05] (Acresso Corporation)

HKU\Max\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\Max\...\Winlogon: [shell] explorer.exe,C:\Users\Max\AppData\Roaming\skype.dat [118784 2011-11-16] ()

HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-06] (Dell)

HKLM-x32\...\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2011-01-13] (Softthinks)

HKLM-x32\...\runonceex: [ContentMerger] c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-26] (Sonic Solutions)

HKLM-x32\...\Winlogon: [shell] C:\ProgramData\MigAutoPlay.exe [x ] ()

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Services (Whitelisted) ===================

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)

2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)

3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [1296728 2010-12-28] (www.BitComet.com)

4 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)

2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)

2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [38608 2012-11-29] ()

2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [968880 2013-02-18] ()

2 SessionLauncher; C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]

==================== Drivers (Whitelisted) =====================

3 automap; C:\Windows\System32\Drivers\automap.sys [11264 2009-10-16] (Novation Digital Music Systems Limited)

1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )

0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )

1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)

0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)

0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111968 2012-11-15] (AVG Technologies CZ, s.r.o.)

0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)

1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)

1 avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-18] (AVG Technologies)

3 L6PODHD3; C:\Windows\System32\Drivers\L6PODHD364.sys [770816 2010-09-07] (Line 6)

3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)

3 mc2avs; C:\Windows\System32\Drivers\mc2avs.sys [358520 2012-06-06] (Native Instruments GmbH)

3 mc2usb_svc; C:\Windows\System32\Drivers\mc2usb.sys [81016 2012-06-06] (Native Instruments GmbH)

3 NvnUsbAudio; C:\Windows\System32\Drivers\NvnUsbAudio.sys [55296 2010-10-28] (Novation DMS Ltd.)

3 rspAux; C:\Windows\System32\DRIVERS\rspAux64.sys [20536 2011-01-26] (Resplendence Software Projects Sp.)

1 RxFilter; C:\Windows\SysWow64\Drivers\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-02-24 12:46 - 2013-02-24 12:47 - 00282528 ____A C:\Windows\Minidump\022413-22089-01.dmp

2013-02-24 12:08 - 2013-02-24 12:08 - 00000000 ____D C:\FRST

2013-02-24 08:53 - 2013-02-24 08:53 - 00282528 ____A C:\Windows\Minidump\022413-25209-01.dmp

2013-02-23 09:40 - 2013-02-23 09:41 - 00282528 ____A C:\Windows\Minidump\022313-25178-01.dmp

2013-02-23 09:34 - 2013-02-23 09:34 - 00282528 ____A C:\Windows\Minidump\022313-21964-01.dmp

2013-02-23 09:27 - 2013-02-23 09:27 - 00282528 ____A C:\Windows\Minidump\022313-53976-01.dmp

2013-02-23 09:18 - 2013-02-23 09:18 - 00282528 ____A C:\Windows\Minidump\022313-21855-01.dmp

2013-02-23 09:13 - 2013-02-23 09:13 - 00283488 ____A C:\Windows\Minidump\022313-24835-01.dmp

2013-02-23 09:06 - 2013-02-23 09:06 - 00282528 ____A C:\Windows\Minidump\022313-28095-01.dmp

2013-02-22 22:18 - 2013-02-22 22:18 - 00282528 ____A C:\Windows\Minidump\022213-19156-01.dmp

2013-02-22 22:14 - 2013-02-24 12:46 - 557702091 ____A C:\Windows\MEMORY.DMP

2013-02-22 22:14 - 2013-02-22 22:14 - 00285944 ____A C:\Windows\Minidump\022213-24180-01.dmp

2013-02-22 22:12 - 2013-02-24 12:54 - 00000004 ____A C:\Users\Max\Application Data\skype.ini

2013-02-22 22:12 - 2013-02-24 12:54 - 00000004 ____A C:\Users\Max\AppData\Roaming\skype.ini

2013-02-22 22:12 - 2013-02-22 22:12 - 00089600 ____A C:\ProgramData\MigAutoPlay.exe

2013-02-22 22:12 - 2013-02-22 22:12 - 00089600 ____A C:\ProgramData\Application Data\MigAutoPlay.exe

2013-02-22 21:58 - 2013-02-22 21:58 - 00002016 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk

2013-02-22 21:58 - 2013-02-22 21:58 - 00002016 ____A C:\ProgramData\Desktop\Adobe Reader 9.lnk

2013-02-21 08:39 - 2013-02-24 12:53 - 00001858 ____A C:\Windows\setupact.log

2013-02-21 08:39 - 2013-02-21 08:39 - 00000000 ____A C:\Windows\setuperr.log

2013-02-20 16:04 - 2013-02-20 16:04 - 00000689 ____A C:\Users\Max\Downloads\Digitally Imported - Progressive (6).pls

2013-02-20 16:04 - 2013-02-20 16:04 - 00000640 ____A C:\Users\Max\Downloads\Digitally Imported - DJ Mixes (2).pls

2013-02-20 16:04 - 2013-02-20 16:04 - 00000619 ____A C:\Users\Max\Downloads\Digitally Imported - Trance (57).pls

2013-02-20 09:30 - 2006-05-25 12:48 - 01653749 ____A (Macromedia, Inc.) C:\Users\Max\Desktop\timeKeeper.exe

2013-02-20 09:21 - 2013-02-20 09:21 - 00000000 __HDC C:\ProgramData\Application Data\{6773A69F-BAAF-4138-BA38-16B1C896C9B8}

2013-02-20 09:21 - 2013-02-20 09:21 - 00000000 __HDC C:\ProgramData\{6773A69F-BAAF-4138-BA38-16B1C896C9B8}

2013-02-19 18:20 - 2013-02-19 18:20 - 00000000 __HDC C:\ProgramData\Application Data\{2F30CD77-E1A1-4BD9-AA6E-296AFD04BA75}

2013-02-19 18:20 - 2013-02-19 18:20 - 00000000 __HDC C:\ProgramData\{2F30CD77-E1A1-4BD9-AA6E-296AFD04BA75}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{8BE731A3-4C9E-42CC-AC78-66742062354D}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{6C01D0A2-AD25-4414-A44B-50D3159D1D9F}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{0209395A-8E4A-48E1-A5E3-C830292F263C}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{6C01D0A2-AD25-4414-A44B-50D3159D1D9F}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{0209395A-8E4A-48E1-A5E3-C830292F263C}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\Application Data\{68662BBC-37F9-4D7A-AF98-3BB4D33BC0F1}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\Application Data\{2E6321BB-FAC3-49D4-A09B-950445E829D2}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\{68662BBC-37F9-4D7A-AF98-3BB4D33BC0F1}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\{2E6321BB-FAC3-49D4-A09B-950445E829D2}

2013-02-19 18:17 - 2013-02-19 18:17 - 00000000 __HDC C:\ProgramData\Application Data\{74DB3B90-1497-4A6E-90BA-B176EFE13649}

2013-02-19 18:17 - 2013-02-19 18:17 - 00000000 __HDC C:\ProgramData\{74DB3B90-1497-4A6E-90BA-B176EFE13649}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{8D8448B4-DB2F-40BD-A53E-EA29A2EADDC4}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{03B61650-6A02-427E-8669-446D635453DD}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{8D8448B4-DB2F-40BD-A53E-EA29A2EADDC4}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{03B61650-6A02-427E-8669-446D635453DD}

2013-02-19 18:15 - 2013-02-19 18:15 - 00000000 ____D C:\Program Files (x86)\Native Instruments

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\Application Data\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\Application Data\{21E31F3C-3F9E-42A7-8D5C-6B93D935F5CE}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\{21E31F3C-3F9E-42A7-8D5C-6B93D935F5CE}

2013-02-19 16:48 - 2013-02-19 16:48 - 00000000 __HDC C:\ProgramData\Application Data\{B2B57FBA-DA61-4D1B-A585-4D382AFF525E}

2013-02-19 16:48 - 2013-02-19 16:48 - 00000000 __HDC C:\ProgramData\{B2B57FBA-DA61-4D1B-A585-4D382AFF525E}

2013-02-19 16:44 - 2013-02-19 16:44 - 00001085 ____A C:\Users\Max\Desktop\Service Center.lnk

2013-02-19 16:40 - 2013-02-19 16:40 - 00000000 __HDC C:\ProgramData\Application Data\{F92C204F-6C39-4D56-B100-EC929C871966}

2013-02-19 16:40 - 2013-02-19 16:40 - 00000000 __HDC C:\ProgramData\{F92C204F-6C39-4D56-B100-EC929C871966}

2013-02-19 16:01 - 2013-02-19 16:01 - 00000000 __HDC C:\ProgramData\Application Data\{7E15FB3A-A743-4BAD-9286-E6F67959668B}

2013-02-19 16:01 - 2013-02-19 16:01 - 00000000 __HDC C:\ProgramData\{7E15FB3A-A743-4BAD-9286-E6F67959668B}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\Application Data\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\Application Data\{3B9A3AE3-5BE1-4645-A31C-753724255564}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\{3B9A3AE3-5BE1-4645-A31C-753724255564}

2013-02-19 15:53 - 2013-02-19 15:53 - 00000000 __HDC C:\ProgramData\Application Data\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}

2013-02-19 15:53 - 2013-02-19 15:53 - 00000000 __HDC C:\ProgramData\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}

2013-02-19 15:46 - 2013-02-19 15:46 - 00000000 __HDC C:\ProgramData\Application Data\{7FC0C531-2951-4500-8947-99F534D0C6CC}

2013-02-19 15:46 - 2013-02-19 15:46 - 00000000 __HDC C:\ProgramData\{7FC0C531-2951-4500-8947-99F534D0C6CC}

2013-02-19 15:32 - 2013-02-19 15:32 - 00000000 __HDC C:\ProgramData\Application Data\{E051D9C8-9503-489B-8E90-21CEB1DF11C1}

2013-02-19 15:32 - 2013-02-19 15:32 - 00000000 __HDC C:\ProgramData\{E051D9C8-9503-489B-8E90-21CEB1DF11C1}

2013-02-18 17:49 - 2013-02-19 16:49 - 00000000 ____D C:\Users\Max\Local Settings\Native Instruments

2013-02-18 17:49 - 2013-02-19 16:49 - 00000000 ____D C:\Users\Max\Local Settings\Application Data\Native Instruments

2013-02-18 17:49 - 2013-02-19 16:49 - 00000000 ____D C:\Users\Max\AppData\Local\Native Instruments

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{D01A5283-10FA-4015-B8D3-67082F335861}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{585E0006-1B4B-44EF-96C4-51D30FCCFFC6}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{0E79EA03-0C79-4112-89DE-58E5FFDAEDA0}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{D01A5283-10FA-4015-B8D3-67082F335861}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{585E0006-1B4B-44EF-96C4-51D30FCCFFC6}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{0E79EA03-0C79-4112-89DE-58E5FFDAEDA0}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{D563D640-64F3-4192-B123-0D3D3F662FA4}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{D2FE58BA-3690-4E1E-BBEF-84E1A5802ED3}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{C971A76C-5987-4B4D-95AE-6204463C952E}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{B8969EB4-E1EB-417C-8086-EE966028415A}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{7C463C9F-A408-4FA8-B892-6EEA22220820}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{03697879-2B80-4810-9B4D-D8EF1EE777F0}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{D563D640-64F3-4192-B123-0D3D3F662FA4}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{D2FE58BA-3690-4E1E-BBEF-84E1A5802ED3}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{C971A76C-5987-4B4D-95AE-6204463C952E}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{B8969EB4-E1EB-417C-8086-EE966028415A}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{7C463C9F-A408-4FA8-B892-6EEA22220820}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{03697879-2B80-4810-9B4D-D8EF1EE777F0}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{F13364F6-2C7C-4CEE-9827-53409C92D829}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{D49FD676-115D-4DF5-B976-28952EB09BEB}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{9C1197E3-E0A6-47C8-8EE1-F1E9F2FD5C5F}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{86F5018B-953F-4E9F-B852-6A413B16003A}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{792288EF-B822-4482-B541-7ED490D444F7}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{F13364F6-2C7C-4CEE-9827-53409C92D829}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{D49FD676-115D-4DF5-B976-28952EB09BEB}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{9C1197E3-E0A6-47C8-8EE1-F1E9F2FD5C5F}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{86F5018B-953F-4E9F-B852-6A413B16003A}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{792288EF-B822-4482-B541-7ED490D444F7}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{6E467D89-1963-440B-84F9-852C8150E323}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}

2013-02-18 16:51 - 2013-02-18 16:51 - 00000000 __HDC C:\ProgramData\Application Data\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}

2013-02-18 16:51 - 2013-02-18 16:51 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}

2013-02-18 16:50 - 2013-02-18 16:50 - 00000000 __HDC C:\ProgramData\Application Data\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}

2013-02-18 16:50 - 2013-02-18 16:50 - 00000000 __HDC C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}

2013-02-18 16:48 - 2013-02-18 16:48 - 00000000 __HDC C:\ProgramData\Application Data\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}

2013-02-18 16:48 - 2013-02-18 16:48 - 00000000 __HDC C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}

2013-02-18 16:47 - 2013-02-18 16:47 - 00000000 __HDC C:\ProgramData\Application Data\{4C01754A-32F9-4A34-8B9F-E06DD553B755}

2013-02-18 16:47 - 2013-02-18 16:47 - 00000000 __HDC C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755}

2013-02-18 16:43 - 2013-02-18 16:43 - 00000000 __HDC C:\ProgramData\Application Data\{5309003E-4102-4141-A0C9-7507F0E10F52}

2013-02-18 16:43 - 2013-02-18 16:43 - 00000000 __HDC C:\ProgramData\{5309003E-4102-4141-A0C9-7507F0E10F52}

2013-02-18 16:41 - 2013-02-18 16:41 - 00000000 __HDC C:\ProgramData\Application Data\{499D67BC-046E-4931-8BFB-D5ABB500E67C}

2013-02-18 16:41 - 2013-02-18 16:41 - 00000000 __HDC C:\ProgramData\{499D67BC-046E-4931-8BFB-D5ABB500E67C}

2013-02-18 16:39 - 2013-02-18 16:39 - 00000000 __HDC C:\ProgramData\Application Data\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}

2013-02-18 16:39 - 2013-02-18 16:39 - 00000000 __HDC C:\ProgramData\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}

2013-02-18 16:35 - 2013-02-18 16:35 - 00000000 __HDC C:\ProgramData\Application Data\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}

2013-02-18 16:35 - 2013-02-18 16:35 - 00000000 __HDC C:\ProgramData\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}

2013-02-18 16:18 - 2013-02-18 16:18 - 00000000 __HDC C:\ProgramData\Application Data\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}

2013-02-18 16:18 - 2013-02-18 16:18 - 00000000 __HDC C:\ProgramData\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}

2013-02-18 16:13 - 2013-02-18 16:13 - 00000000 __HDC C:\ProgramData\Application Data\{727F248C-CA81-4A68-8E01-27236ED99D98}

2013-02-18 16:13 - 2013-02-18 16:13 - 00000000 __HDC C:\ProgramData\{727F248C-CA81-4A68-8E01-27236ED99D98}

2013-02-18 16:10 - 2013-02-18 16:10 - 00000000 __HDC C:\ProgramData\Application Data\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}

2013-02-18 16:10 - 2013-02-18 16:10 - 00000000 __HDC C:\ProgramData\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}

2013-02-18 16:03 - 2013-02-18 16:03 - 00000000 __HDC C:\ProgramData\Application Data\{F2026C51-8509-47B4-816D-CCD2DB993FC1}

2013-02-18 16:03 - 2013-02-18 16:03 - 00000000 __HDC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}

2013-02-18 16:01 - 2013-02-18 16:01 - 00000000 __HDC C:\ProgramData\Application Data\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}

2013-02-18 16:01 - 2013-02-18 16:01 - 00000000 __HDC C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}

2013-02-18 15:59 - 2013-02-18 15:59 - 00000000 __HDC C:\ProgramData\Application Data\{B8AB470F-A90B-4652-A8F5-160A08FD7411}

2013-02-18 15:59 - 2013-02-18 15:59 - 00000000 __HDC C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411}

2013-02-18 15:53 - 2013-02-18 15:53 - 00000000 __HDC C:\ProgramData\Application Data\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}

2013-02-18 15:53 - 2013-02-18 15:53 - 00000000 __HDC C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}

2013-02-18 15:49 - 2013-02-18 15:49 - 00000000 __HDC C:\ProgramData\Application Data\{52C034E1-771B-4356-A948-203FDB477D22}

2013-02-18 15:49 - 2013-02-18 15:49 - 00000000 __HDC C:\ProgramData\{52C034E1-771B-4356-A948-203FDB477D22}

2013-02-18 15:44 - 2013-02-18 15:44 - 00000000 __HDC C:\ProgramData\Application Data\{1BF9E749-3F79-456F-B894-B5FC59D1664D}

2013-02-18 15:44 - 2013-02-18 15:44 - 00000000 __HDC C:\ProgramData\{1BF9E749-3F79-456F-B894-B5FC59D1664D}

2013-02-18 15:40 - 2013-02-18 15:40 - 00000000 __HDC C:\ProgramData\Application Data\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095}

2013-02-18 15:40 - 2013-02-18 15:40 - 00000000 __HDC C:\ProgramData\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095}

2013-02-18 15:36 - 2013-02-18 15:36 - 00000000 __HDC C:\ProgramData\Application Data\{AA5037F8-9B97-456B-847E-A64FEB3E393C}

2013-02-18 15:36 - 2013-02-18 15:36 - 00000000 __HDC C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C}

2013-02-18 15:32 - 2013-02-18 15:32 - 00000000 __HDC C:\ProgramData\Application Data\{80A0A482-175E-4DE8-9D32-C8C8463D1362}

2013-02-18 15:32 - 2013-02-18 15:32 - 00000000 __HDC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}

2013-02-18 15:31 - 2013-02-18 15:31 - 00000000 __HDC C:\ProgramData\Application Data\{B7CF1107-3BD9-48BA-BC77-54B909022641}

2013-02-18 15:31 - 2013-02-18 15:31 - 00000000 __HDC C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641}

2013-02-18 15:01 - 2013-02-18 15:01 - 00000000 __HDC C:\ProgramData\Application Data\{31DA0107-684A-4324-81CF-55DD516B5FDB}

2013-02-18 15:01 - 2013-02-18 15:01 - 00000000 __HDC C:\ProgramData\{31DA0107-684A-4324-81CF-55DD516B5FDB}

2013-02-18 14:25 - 2013-02-19 15:54 - 00001088 ____A C:\Users\Public\Desktop\Maschine.lnk

2013-02-18 14:25 - 2013-02-19 15:54 - 00001088 ____A C:\ProgramData\Desktop\Maschine.lnk

2013-02-18 14:11 - 2013-02-19 15:54 - 00001096 ____A C:\Users\Public\Desktop\Controller Editor.lnk

2013-02-18 14:11 - 2013-02-19 15:54 - 00001096 ____A C:\ProgramData\Desktop\Controller Editor.lnk

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{F57C376F-E7ED-4527-9EE2-4D50799418BC}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{7F3144B7-67AA-4DD7-BC11-CBA9A40B430D}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{7F3144B7-67AA-4DD7-BC11-CBA9A40B430D}

2013-02-13 08:35 - 2013-01-08 19:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-02-13 08:35 - 2013-01-08 19:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-02-13 08:35 - 2013-01-08 19:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-02-13 08:35 - 2013-01-08 19:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-02-13 08:35 - 2013-01-08 19:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-02-13 08:35 - 2013-01-08 19:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-02-13 08:35 - 2013-01-08 19:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-02-13 08:35 - 2013-01-08 19:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-02-13 08:35 - 2013-01-08 19:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-02-13 08:35 - 2013-01-08 19:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-02-13 08:35 - 2013-01-08 19:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-02-13 08:35 - 2013-01-08 19:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-02-13 08:35 - 2013-01-08 19:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-02-13 08:35 - 2013-01-08 19:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-02-13 08:35 - 2013-01-08 19:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-02-13 08:35 - 2013-01-08 19:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-02-13 08:35 - 2013-01-08 16:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-02-13 08:35 - 2013-01-08 16:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-02-13 08:35 - 2013-01-08 16:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-02-13 08:35 - 2013-01-08 16:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-02-13 08:35 - 2013-01-08 16:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-02-13 08:35 - 2013-01-08 16:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-02-13 08:35 - 2013-01-08 16:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-02-13 08:35 - 2013-01-08 16:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-02-13 08:35 - 2013-01-08 15:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-02-13 08:35 - 2013-01-08 15:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-02-13 08:35 - 2013-01-08 15:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-02-13 08:35 - 2013-01-08 15:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-02-13 08:35 - 2013-01-08 15:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-02-13 08:35 - 2013-01-08 15:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-02-13 08:35 - 2013-01-08 15:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-02-13 08:35 - 2013-01-08 15:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-02-13 08:01 - 2013-01-04 23:53 - 05553512 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-02-13 08:01 - 2013-01-04 23:00 - 03967848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-02-13 08:01 - 2013-01-04 23:00 - 03913064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-02-13 08:01 - 2013-01-03 23:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

2013-02-13 08:01 - 2013-01-03 22:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2013-02-13 08:01 - 2013-01-03 21:26 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-02-13 08:01 - 2013-01-03 20:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2013-02-13 08:01 - 2013-01-03 20:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2013-02-13 08:01 - 2013-01-03 20:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2013-02-13 08:01 - 2013-01-03 20:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2013-02-13 08:01 - 2013-01-03 00:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-02-13 08:01 - 2013-01-03 00:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS

2013-02-13 07:55 - 2013-02-22 22:00 - 00338581 ____A C:\Windows\WindowsUpdate.log

2013-02-10 14:26 - 2013-02-10 14:27 - 00000000 ____D C:\Users\Max\Desktop\Music Learn Pdf

2013-02-06 22:43 - 2013-02-06 22:43 - 00006824 ____A C:\Users\Max\My Documents\cc_20130206_234315.reg

2013-02-06 22:43 - 2013-02-06 22:43 - 00006824 ____A C:\Users\Max\Documents\cc_20130206_234315.reg

2013-01-27 10:17 - 2013-01-27 10:17 - 00000000 ____D C:\Windows\pss

2013-01-27 10:11 - 2013-01-27 10:11 - 04189792 ____A (Piriform Ltd) C:\Users\Max\Downloads\ccsetup327.exe

==================== One Month Modified Files and Folders =======

2013-02-24 12:54 - 2013-02-22 22:12 - 00000004 ____A C:\Users\Max\Application Data\skype.ini

2013-02-24 12:54 - 2013-02-22 22:12 - 00000004 ____A C:\Users\Max\AppData\Roaming\skype.ini

2013-02-24 12:53 - 2013-02-21 08:39 - 00001858 ____A C:\Windows\setupact.log

2013-02-24 12:53 - 2013-01-22 11:18 - 00000000 ____D C:\Users\Max\Local Settings\CrashDumps

2013-02-24 12:53 - 2013-01-22 11:18 - 00000000 ____D C:\Users\Max\Local Settings\Application Data\CrashDumps

2013-02-24 12:53 - 2013-01-22 11:18 - 00000000 ____D C:\Users\Max\AppData\Local\CrashDumps

2013-02-24 12:53 - 2010-11-09 19:41 - 00000000 ____D C:\Users\Max\Local Settings\SoftThinks

2013-02-24 12:53 - 2010-11-09 19:41 - 00000000 ____D C:\Users\Max\Local Settings\Application Data\SoftThinks

2013-02-24 12:53 - 2010-11-09 19:41 - 00000000 ____D C:\Users\Max\AppData\Local\SoftThinks

2013-02-24 12:53 - 2010-10-29 00:01 - 00000000 ____D C:\ProgramData\NVIDIA

2013-02-24 12:53 - 2010-10-29 00:01 - 00000000 ____D C:\ProgramData\Application Data\NVIDIA

2013-02-24 12:53 - 2010-10-28 22:09 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup

2013-02-24 12:53 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-02-24 12:47 - 2013-02-24 12:46 - 00282528 ____A C:\Windows\Minidump\022413-22089-01.dmp

2013-02-24 12:46 - 2013-02-22 22:14 - 557702091 ____A C:\Windows\MEMORY.DMP

2013-02-24 12:46 - 2011-09-28 14:12 - 00000000 ____D C:\Windows\Minidump

2013-02-24 12:08 - 2013-02-24 12:08 - 00000000 ____D C:\FRST

2013-02-24 08:53 - 2013-02-24 08:53 - 00282528 ____A C:\Windows\Minidump\022413-25209-01.dmp

2013-02-23 09:41 - 2013-02-23 09:40 - 00282528 ____A C:\Windows\Minidump\022313-25178-01.dmp

2013-02-23 09:34 - 2013-02-23 09:34 - 00282528 ____A C:\Windows\Minidump\022313-21964-01.dmp

2013-02-23 09:27 - 2013-02-23 09:27 - 00282528 ____A C:\Windows\Minidump\022313-53976-01.dmp

2013-02-23 09:18 - 2013-02-23 09:18 - 00282528 ____A C:\Windows\Minidump\022313-21855-01.dmp

2013-02-23 09:13 - 2013-02-23 09:13 - 00283488 ____A C:\Windows\Minidump\022313-24835-01.dmp

2013-02-23 09:06 - 2013-02-23 09:06 - 00282528 ____A C:\Windows\Minidump\022313-28095-01.dmp

2013-02-22 22:18 - 2013-02-22 22:18 - 00282528 ____A C:\Windows\Minidump\022213-19156-01.dmp

2013-02-22 22:14 - 2013-02-22 22:14 - 00285944 ____A C:\Windows\Minidump\022213-24180-01.dmp

2013-02-22 22:12 - 2013-02-22 22:12 - 00089600 ____A C:\ProgramData\MigAutoPlay.exe

2013-02-22 22:12 - 2013-02-22 22:12 - 00089600 ____A C:\ProgramData\Application Data\MigAutoPlay.exe

2013-02-22 22:04 - 2009-07-13 22:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-02-22 22:04 - 2009-07-13 22:45 - 00014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-02-22 22:00 - 2013-02-13 07:55 - 00338581 ____A C:\Windows\WindowsUpdate.log

2013-02-22 22:00 - 2012-02-09 07:53 - 00000000 ____D C:\ProgramData\MFAData

2013-02-22 22:00 - 2012-02-09 07:53 - 00000000 ____D C:\ProgramData\Application Data\MFAData

2013-02-22 21:58 - 2013-02-22 21:58 - 00002016 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk

2013-02-22 21:58 - 2013-02-22 21:58 - 00002016 ____A C:\ProgramData\Desktop\Adobe Reader 9.lnk

2013-02-22 07:40 - 2009-07-13 23:13 - 00727310 ____A C:\Windows\System32\PerfStringBackup.INI

2013-02-21 12:24 - 2012-04-14 05:19 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-02-21 12:15 - 2011-10-01 16:38 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1040578106-3491599236-2989792034-1001UA.job

2013-02-21 08:39 - 2013-02-21 08:39 - 00000000 ____A C:\Windows\setuperr.log

2013-02-20 16:04 - 2013-02-20 16:04 - 00000689 ____A C:\Users\Max\Downloads\Digitally Imported - Progressive (6).pls

2013-02-20 16:04 - 2013-02-20 16:04 - 00000640 ____A C:\Users\Max\Downloads\Digitally Imported - DJ Mixes (2).pls

2013-02-20 16:04 - 2013-02-20 16:04 - 00000619 ____A C:\Users\Max\Downloads\Digitally Imported - Trance (57).pls

2013-02-20 16:04 - 2011-05-19 07:51 - 00000000 ____D C:\Users\Max\Application Data\Winamp

2013-02-20 16:04 - 2011-05-19 07:51 - 00000000 ____D C:\Users\Max\AppData\Roaming\Winamp

2013-02-20 09:33 - 2011-04-14 06:54 - 00000000 ____D C:\Users\Max\Application Data\SoftGrid Client

2013-02-20 09:33 - 2011-04-14 06:54 - 00000000 ____D C:\Users\Max\AppData\Roaming\SoftGrid Client

2013-02-20 09:21 - 2013-02-20 09:21 - 00000000 __HDC C:\ProgramData\Application Data\{6773A69F-BAAF-4138-BA38-16B1C896C9B8}

2013-02-20 09:21 - 2013-02-20 09:21 - 00000000 __HDC C:\ProgramData\{6773A69F-BAAF-4138-BA38-16B1C896C9B8}

2013-02-19 18:20 - 2013-02-19 18:20 - 00000000 __HDC C:\ProgramData\Application Data\{2F30CD77-E1A1-4BD9-AA6E-296AFD04BA75}

2013-02-19 18:20 - 2013-02-19 18:20 - 00000000 __HDC C:\ProgramData\{2F30CD77-E1A1-4BD9-AA6E-296AFD04BA75}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{8BE731A3-4C9E-42CC-AC78-66742062354D}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{6C01D0A2-AD25-4414-A44B-50D3159D1D9F}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\Application Data\{0209395A-8E4A-48E1-A5E3-C830292F263C}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{6C01D0A2-AD25-4414-A44B-50D3159D1D9F}

2013-02-19 18:19 - 2013-02-19 18:19 - 00000000 __HDC C:\ProgramData\{0209395A-8E4A-48E1-A5E3-C830292F263C}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\Application Data\{68662BBC-37F9-4D7A-AF98-3BB4D33BC0F1}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\Application Data\{2E6321BB-FAC3-49D4-A09B-950445E829D2}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\{68662BBC-37F9-4D7A-AF98-3BB4D33BC0F1}

2013-02-19 18:18 - 2013-02-19 18:18 - 00000000 __HDC C:\ProgramData\{2E6321BB-FAC3-49D4-A09B-950445E829D2}

2013-02-19 18:17 - 2013-02-19 18:17 - 00000000 __HDC C:\ProgramData\Application Data\{74DB3B90-1497-4A6E-90BA-B176EFE13649}

2013-02-19 18:17 - 2013-02-19 18:17 - 00000000 __HDC C:\ProgramData\{74DB3B90-1497-4A6E-90BA-B176EFE13649}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{8D8448B4-DB2F-40BD-A53E-EA29A2EADDC4}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\Application Data\{03B61650-6A02-427E-8669-446D635453DD}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{8D8448B4-DB2F-40BD-A53E-EA29A2EADDC4}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}

2013-02-19 18:16 - 2013-02-19 18:16 - 00000000 __HDC C:\ProgramData\{03B61650-6A02-427E-8669-446D635453DD}

2013-02-19 18:15 - 2013-02-19 18:15 - 00000000 ____D C:\Program Files (x86)\Native Instruments

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\Application Data\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\Application Data\{21E31F3C-3F9E-42A7-8D5C-6B93D935F5CE}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}

2013-02-19 18:14 - 2013-02-19 18:14 - 00000000 __HDC C:\ProgramData\{21E31F3C-3F9E-42A7-8D5C-6B93D935F5CE}

2013-02-19 16:50 - 2010-12-01 15:04 - 00000000 ____D C:\Users\Max\My Documents\Native Instruments

2013-02-19 16:50 - 2010-12-01 15:04 - 00000000 ____D C:\Users\Max\Documents\Native Instruments

2013-02-19 16:49 - 2013-02-18 17:49 - 00000000 ____D C:\Users\Max\Local Settings\Native Instruments

2013-02-19 16:49 - 2013-02-18 17:49 - 00000000 ____D C:\Users\Max\Local Settings\Application Data\Native Instruments

2013-02-19 16:49 - 2013-02-18 17:49 - 00000000 ____D C:\Users\Max\AppData\Local\Native Instruments

2013-02-19 16:48 - 2013-02-19 16:48 - 00000000 __HDC C:\ProgramData\Application Data\{B2B57FBA-DA61-4D1B-A585-4D382AFF525E}

2013-02-19 16:48 - 2013-02-19 16:48 - 00000000 __HDC C:\ProgramData\{B2B57FBA-DA61-4D1B-A585-4D382AFF525E}

2013-02-19 16:48 - 2010-12-01 15:03 - 00000000 ____D C:\Program Files\Common Files\Native Instruments

2013-02-19 16:44 - 2013-02-19 16:44 - 00001085 ____A C:\Users\Max\Desktop\Service Center.lnk

2013-02-19 16:40 - 2013-02-19 16:40 - 00000000 __HDC C:\ProgramData\Application Data\{F92C204F-6C39-4D56-B100-EC929C871966}

2013-02-19 16:40 - 2013-02-19 16:40 - 00000000 __HDC C:\ProgramData\{F92C204F-6C39-4D56-B100-EC929C871966}

2013-02-19 16:01 - 2013-02-19 16:01 - 00000000 __HDC C:\ProgramData\Application Data\{7E15FB3A-A743-4BAD-9286-E6F67959668B}

2013-02-19 16:01 - 2013-02-19 16:01 - 00000000 __HDC C:\ProgramData\{7E15FB3A-A743-4BAD-9286-E6F67959668B}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\Application Data\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\Application Data\{3B9A3AE3-5BE1-4645-A31C-753724255564}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}

2013-02-19 15:54 - 2013-02-19 15:54 - 00000000 __HDC C:\ProgramData\{3B9A3AE3-5BE1-4645-A31C-753724255564}

2013-02-19 15:54 - 2013-02-18 14:25 - 00001088 ____A C:\Users\Public\Desktop\Maschine.lnk

2013-02-19 15:54 - 2013-02-18 14:25 - 00001088 ____A C:\ProgramData\Desktop\Maschine.lnk

2013-02-19 15:54 - 2013-02-18 14:11 - 00001096 ____A C:\Users\Public\Desktop\Controller Editor.lnk

2013-02-19 15:54 - 2013-02-18 14:11 - 00001096 ____A C:\ProgramData\Desktop\Controller Editor.lnk

2013-02-19 15:54 - 2011-01-29 15:06 - 00000000 ____D C:\Program Files\Native Instruments

2013-02-19 15:53 - 2013-02-19 15:53 - 00000000 __HDC C:\ProgramData\Application Data\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}

2013-02-19 15:53 - 2013-02-19 15:53 - 00000000 __HDC C:\ProgramData\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}

2013-02-19 15:46 - 2013-02-19 15:46 - 00000000 __HDC C:\ProgramData\Application Data\{7FC0C531-2951-4500-8947-99F534D0C6CC}

2013-02-19 15:46 - 2013-02-19 15:46 - 00000000 __HDC C:\ProgramData\{7FC0C531-2951-4500-8947-99F534D0C6CC}

2013-02-19 15:32 - 2013-02-19 15:32 - 00000000 __HDC C:\ProgramData\Application Data\{E051D9C8-9503-489B-8E90-21CEB1DF11C1}

2013-02-19 15:32 - 2013-02-19 15:32 - 00000000 __HDC C:\ProgramData\{E051D9C8-9503-489B-8E90-21CEB1DF11C1}

2013-02-19 08:15 - 2011-10-01 16:38 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1040578106-3491599236-2989792034-1001Core.job

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{D01A5283-10FA-4015-B8D3-67082F335861}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{585E0006-1B4B-44EF-96C4-51D30FCCFFC6}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\Application Data\{0E79EA03-0C79-4112-89DE-58E5FFDAEDA0}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{D01A5283-10FA-4015-B8D3-67082F335861}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{585E0006-1B4B-44EF-96C4-51D30FCCFFC6}

2013-02-18 16:56 - 2013-02-18 16:56 - 00000000 __HDC C:\ProgramData\{0E79EA03-0C79-4112-89DE-58E5FFDAEDA0}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{D563D640-64F3-4192-B123-0D3D3F662FA4}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{D2FE58BA-3690-4E1E-BBEF-84E1A5802ED3}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{C971A76C-5987-4B4D-95AE-6204463C952E}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{B8969EB4-E1EB-417C-8086-EE966028415A}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{7C463C9F-A408-4FA8-B892-6EEA22220820}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\Application Data\{03697879-2B80-4810-9B4D-D8EF1EE777F0}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{DB1D6CD1-3172-48C0-B63A-490B0D2C6D72}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{D563D640-64F3-4192-B123-0D3D3F662FA4}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{D2FE58BA-3690-4E1E-BBEF-84E1A5802ED3}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{C971A76C-5987-4B4D-95AE-6204463C952E}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{B8969EB4-E1EB-417C-8086-EE966028415A}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{7C463C9F-A408-4FA8-B892-6EEA22220820}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{63F2E427-F976-4EE0-BB21-8FA7DAC2E7F2}

2013-02-18 16:55 - 2013-02-18 16:55 - 00000000 __HDC C:\ProgramData\{03697879-2B80-4810-9B4D-D8EF1EE777F0}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{F13364F6-2C7C-4CEE-9827-53409C92D829}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{D49FD676-115D-4DF5-B976-28952EB09BEB}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{9C1197E3-E0A6-47C8-8EE1-F1E9F2FD5C5F}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{86F5018B-953F-4E9F-B852-6A413B16003A}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{792288EF-B822-4482-B541-7ED490D444F7}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\Application Data\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{F13364F6-2C7C-4CEE-9827-53409C92D829}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{D49FD676-115D-4DF5-B976-28952EB09BEB}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{9C1197E3-E0A6-47C8-8EE1-F1E9F2FD5C5F}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{86F5018B-953F-4E9F-B852-6A413B16003A}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{792288EF-B822-4482-B541-7ED490D444F7}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}

2013-02-18 16:54 - 2013-02-18 16:54 - 00000000 __HDC C:\ProgramData\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{6E467D89-1963-440B-84F9-852C8150E323}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\Application Data\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{4AD6F65B-2A15-4CFF-9AF7-830F277D0157}

2013-02-18 16:53 - 2013-02-18 16:53 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}

2013-02-18 16:51 - 2013-02-18 16:51 - 00000000 __HDC C:\ProgramData\Application Data\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}

2013-02-18 16:51 - 2013-02-18 16:51 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}

2013-02-18 16:50 - 2013-02-18 16:50 - 00000000 __HDC C:\ProgramData\Application Data\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}

2013-02-18 16:50 - 2013-02-18 16:50 - 00000000 __HDC C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266}

2013-02-18 16:48 - 2013-02-18 16:48 - 00000000 __HDC C:\ProgramData\Application Data\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}

2013-02-18 16:48 - 2013-02-18 16:48 - 00000000 __HDC C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171}

2013-02-18 16:47 - 2013-02-18 16:47 - 00000000 __HDC C:\ProgramData\Application Data\{4C01754A-32F9-4A34-8B9F-E06DD553B755}

2013-02-18 16:47 - 2013-02-18 16:47 - 00000000 __HDC C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755}

2013-02-18 16:43 - 2013-02-18 16:43 - 00000000 __HDC C:\ProgramData\Application Data\{5309003E-4102-4141-A0C9-7507F0E10F52}

2013-02-18 16:43 - 2013-02-18 16:43 - 00000000 __HDC C:\ProgramData\{5309003E-4102-4141-A0C9-7507F0E10F52}

2013-02-18 16:41 - 2013-02-18 16:41 - 00000000 __HDC C:\ProgramData\Application Data\{499D67BC-046E-4931-8BFB-D5ABB500E67C}

2013-02-18 16:41 - 2013-02-18 16:41 - 00000000 __HDC C:\ProgramData\{499D67BC-046E-4931-8BFB-D5ABB500E67C}

2013-02-18 16:39 - 2013-02-18 16:39 - 00000000 __HDC C:\ProgramData\Application Data\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}

2013-02-18 16:39 - 2013-02-18 16:39 - 00000000 __HDC C:\ProgramData\{229D9A22-9BEA-4D2B-813E-85E0FACBA99C}

2013-02-18 16:35 - 2013-02-18 16:35 - 00000000 __HDC C:\ProgramData\Application Data\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}

2013-02-18 16:35 - 2013-02-18 16:35 - 00000000 __HDC C:\ProgramData\{93015F0A-7AF2-4308-A5B3-13D4FCE429C6}

2013-02-18 16:18 - 2013-02-18 16:18 - 00000000 __HDC C:\ProgramData\Application Data\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}

2013-02-18 16:18 - 2013-02-18 16:18 - 00000000 __HDC C:\ProgramData\{BA0B7444-2ABA-463C-862A-7EC7F0AD0FA2}

2013-02-18 16:13 - 2013-02-18 16:13 - 00000000 __HDC C:\ProgramData\Application Data\{727F248C-CA81-4A68-8E01-27236ED99D98}

2013-02-18 16:13 - 2013-02-18 16:13 - 00000000 __HDC C:\ProgramData\{727F248C-CA81-4A68-8E01-27236ED99D98}

2013-02-18 16:10 - 2013-02-18 16:10 - 00000000 __HDC C:\ProgramData\Application Data\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}

2013-02-18 16:10 - 2013-02-18 16:10 - 00000000 __HDC C:\ProgramData\{8A9976F0-1DB6-4A1D-823B-E9E459F6EE39}

2013-02-18 16:03 - 2013-02-18 16:03 - 00000000 __HDC C:\ProgramData\Application Data\{F2026C51-8509-47B4-816D-CCD2DB993FC1}

2013-02-18 16:03 - 2013-02-18 16:03 - 00000000 __HDC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}

2013-02-18 16:01 - 2013-02-18 16:01 - 00000000 __HDC C:\ProgramData\Application Data\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}

2013-02-18 16:01 - 2013-02-18 16:01 - 00000000 __HDC C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF}

2013-02-18 15:59 - 2013-02-18 15:59 - 00000000 __HDC C:\ProgramData\Application Data\{B8AB470F-A90B-4652-A8F5-160A08FD7411}

2013-02-18 15:59 - 2013-02-18 15:59 - 00000000 __HDC C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411}

2013-02-18 15:53 - 2013-02-18 15:53 - 00000000 __HDC C:\ProgramData\Application Data\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}

2013-02-18 15:53 - 2013-02-18 15:53 - 00000000 __HDC C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668}

2013-02-18 15:49 - 2013-02-18 15:49 - 00000000 __HDC C:\ProgramData\Application Data\{52C034E1-771B-4356-A948-203FDB477D22}

2013-02-18 15:49 - 2013-02-18 15:49 - 00000000 __HDC C:\ProgramData\{52C034E1-771B-4356-A948-203FDB477D22}

2013-02-18 15:44 - 2013-02-18 15:44 - 00000000 __HDC C:\ProgramData\Application Data\{1BF9E749-3F79-456F-B894-B5FC59D1664D}

2013-02-18 15:44 - 2013-02-18 15:44 - 00000000 __HDC C:\ProgramData\{1BF9E749-3F79-456F-B894-B5FC59D1664D}

2013-02-18 15:40 - 2013-02-18 15:40 - 00000000 __HDC C:\ProgramData\Application Data\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095}

2013-02-18 15:40 - 2013-02-18 15:40 - 00000000 __HDC C:\ProgramData\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095}

2013-02-18 15:36 - 2013-02-18 15:36 - 00000000 __HDC C:\ProgramData\Application Data\{AA5037F8-9B97-456B-847E-A64FEB3E393C}

2013-02-18 15:36 - 2013-02-18 15:36 - 00000000 __HDC C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C}

2013-02-18 15:32 - 2013-02-18 15:32 - 00000000 __HDC C:\ProgramData\Application Data\{80A0A482-175E-4DE8-9D32-C8C8463D1362}

2013-02-18 15:32 - 2013-02-18 15:32 - 00000000 __HDC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}

2013-02-18 15:31 - 2013-02-18 15:31 - 00000000 __HDC C:\ProgramData\Application Data\{B7CF1107-3BD9-48BA-BC77-54B909022641}

2013-02-18 15:31 - 2013-02-18 15:31 - 00000000 __HDC C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641}

2013-02-18 15:01 - 2013-02-18 15:01 - 00000000 __HDC C:\ProgramData\Application Data\{31DA0107-684A-4324-81CF-55DD516B5FDB}

2013-02-18 15:01 - 2013-02-18 15:01 - 00000000 __HDC C:\ProgramData\{31DA0107-684A-4324-81CF-55DD516B5FDB}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{F57C376F-E7ED-4527-9EE2-4D50799418BC}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\Application Data\{7F3144B7-67AA-4DD7-BC11-CBA9A40B430D}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}

2013-02-18 14:11 - 2013-02-18 14:11 - 00000000 __HDC C:\ProgramData\{7F3144B7-67AA-4DD7-BC11-CBA9A40B430D}

2013-02-18 14:10 - 2010-12-01 15:03 - 00000000 ____D C:\ProgramData\Native Instruments

2013-02-18 14:10 - 2010-12-01 15:03 - 00000000 ____D C:\ProgramData\Application Data\Native Instruments

2013-02-18 08:34 - 2012-09-29 15:15 - 00039768 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys

2013-02-18 08:34 - 2012-09-29 15:15 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search

2013-02-13 08:43 - 2009-07-13 22:45 - 00353072 ____A C:\Windows\System32\FNTCACHE.DAT

2013-02-13 08:39 - 2010-11-12 14:16 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-02-13 07:53 - 2009-07-13 23:08 - 00032544 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-02-10 14:27 - 2013-02-10 14:26 - 00000000 ____D C:\Users\Max\Desktop\Music Learn Pdf

2013-02-08 10:24 - 2012-04-14 05:19 - 00697712 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-02-08 10:24 - 2011-05-18 09:48 - 00074096 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-02-06 22:43 - 2013-02-06 22:43 - 00006824 ____A C:\Users\Max\My Documents\cc_20130206_234315.reg

2013-02-06 22:43 - 2013-02-06 22:43 - 00006824 ____A C:\Users\Max\Documents\cc_20130206_234315.reg

2013-02-02 08:32 - 2009-07-13 20:34 - 00000331 ____A C:\Windows\win.ini

2013-01-27 16:07 - 2012-02-04 13:10 - 00000000 ____D C:\Users\Max\Desktop\Workout

2013-01-27 11:28 - 2010-10-28 22:07 - 00000000 ____D C:\ProgramData\Application Data\Adobe

2013-01-27 11:28 - 2010-10-28 22:07 - 00000000 ____D C:\ProgramData\Adobe

2013-01-27 10:17 - 2013-01-27 10:17 - 00000000 ____D C:\Windows\pss

2013-01-27 10:12 - 2013-01-14 10:37 - 00000000 ____D C:\Program Files\CCleaner

2013-01-27 10:11 - 2013-01-27 10:11 - 04189792 ____A (Piriform Ltd) C:\Users\Max\Downloads\ccsetup327.exe

ZeroAccess:

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e\@

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e\L

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e\U

ZeroAccess:

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e\@

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e\L

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e\U

ZeroAccess:

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-01-24 16:21:23

Restore point made on: 2013-01-31 19:01:50

Restore point made on: 2013-02-11 15:56:05

Restore point made on: 2013-02-13 08:35:42

==================== Memory info ===========================

Percentage of memory in use: 10%

Total physical RAM: 8119.08 MB

Available physical RAM: 7284.34 MB

Total Pagefile: 8117.23 MB

Available Pagefile: 7281.98 MB

Total Virtual: 8192 MB

Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:920.59 GB) (Free:381.14 GB) NTFS

7 Drive i: (RECOVERY) (Fixed) (Total:10.88 GB) (Free:4.3 GB) NTFS ==>[system with boot components (obtained from reading drive)]

8 Drive j: (Cruzer) (Removable) (Total:1.86 GB) (Free:0.69 GB) FAT

9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 931 GB 0 B

Disk 1 No Media 0 B 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 Online 1907 MB 0 B

Partitions of Disk 0:

===============

Disk ID: 259D4594

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 39 MB 31 KB

Partition 2 Primary 10 GB 40 MB

Partition 3 Primary 920 GB 10 GB

==================================================================================

Disk: 0

Partition 1

Type : DE

Hidden: Yes

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 8 FAT Partition 39 MB Healthy Hidden

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 I RECOVERY NTFS Partition 10 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C OS NTFS Partition 920 GB Healthy

=========================================================

Partitions of Disk 5:

===============

Disk ID: 00000000

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 1907 MB 64 KB

==================================================================================

Disk: 5

Partition 1

Type : 06

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 7 J Cruzer FAT Removable 1907 MB Healthy

=========================================================

Last Boot: 2013-02-13 17:39

==================== End Of Log =============================

[maxsheebs]

Farbar Recovery Scan Tool (x64) Version: 23-02-2013 01

Ran by SYSTEM at 2013-02-24 12:33:41

Running from J:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

[2009-07-13 17:19] - [2009-07-13 19:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe

[2009-07-13 17:19] - [2009-07-13 19:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======

[Maniac]

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the flashdrive as fixlist.txt

start

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.

[maxsheebs]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2013 01

Ran by SYSTEM at 2013-02-26 13:58:28 Run:1

Running from M:\

==============================================

==== End of Fixlog ====

[maxsheebs]

When i rebooted the MoneyPak Virus showed up. It wasn't fixed

[maxsheebs]

Was I suppose to copy all of the contents in the box including "start" and "end" because i copied that as well as all the rest of the text in the box?

[Maniac]

Yes, the entire script. If you copy all of the script, try without start and end, I mean only:

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e

[maxsheebs]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-02-2013 01

Ran by SYSTEM at 2013-02-27 08:42:19 Run:2

Running from M:\

==============================================

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e moved successfully.

C:\$Recycle.Bin\S-1-5-21-1040578106-3491599236-2989792034-1001\$5e2f05ede7689e756a8144650b98dd2e moved successfully.

C:\$Recycle.Bin\S-1-5-18\$5e2f05ede7689e756a8144650b98dd2e not found.

==== End of Fixlog ====

[maxsheebs]

MoneyPak Virus is still on my computer.

[Maniac]

I know, step by step.

Boot in Normal mode:

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[maxsheebs]

Sorry, I got real impatient and just system restored. I've updated all my anti-virus and anti-malware programs. My computer is working now, thank you for your time and help I appreciate it.

[Maniac]

Malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

[Maurice Naggar]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.