think ive got a rootkit :(

virusesscareme · May 19, 2013

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.21.2

Run by SL!ghtLY St00p!D at 16:37:51 on 2013-05-19

.

============== Running Processes ================

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uWindow Title = Internet Explorer provided by Dell

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au&ibd=1080704

mStart Page = hxxp://search.shareware.pro/?lang=en

mSearch Page = hxxp://search.shareware.pro/?lang=en

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

uURLSearchHooks: <no name="">: {00A6FAF6-072E-44cf-8957-5838F569A31D} -

mURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBitT.dll

dURLSearchHooks: <no name="">: {00A6FAF6-072E-44cf-8957-5838F569A31D} -

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll

BHO: McAfee Phishing Filter: {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} -

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBitT.dll

BHO: NOW!Imaging: {9AA2F14F-E956-44B8-8694-A5B615CDF341} - c:\program files\dodo speed accelerator\components\NOWImaging.dll

BHO: AVG Security Toolbar: {A057A204-BACC-4D26-9990-79A187E2698E} -

BHO: Prefetch: {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - c:\program files\dodo speed accelerator\Prefetch.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: BitTorrentBar Toolbar: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - c:\program files\bittorrentbar\tbBitT.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: AVG Security Toolbar: {A057A204-BACC-4D26-9990-79A187E2698E} -

TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\tbBitT.dll

TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup

mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdSync.exe

mRun: [slipStream] "c:\program files\dodo speed accelerator\slipcore.exe"

mRun: [sSDMonitor] c:\program files\common files\pc tools\smonitor\SSDMonitor.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [COMODO Internet Security] c:\program files\comodo\comodo internet security\cistray.exe

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\dodosp~1.lnk - c:\program files\dodo speed accelerator\slipgui.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-Windows\System: UseOEMBackground = dword:0

LSP: c:\progra~1\dodosp~1\sliplsp.dll

Trusted Zone: dell.com

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 202.136.42.205 202.136.43.205

TCP: Interfaces\{0D78302D-01E2-45A5-BB1E-23E6796052EB} : DHCPNameServer = 202.136.42.205 202.136.43.205

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: igfxcui - igfxdev.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

=============== Created Last 30 ================

.

==================== Find3M ====================

.

2008-03-22 20:09:42 405504 --sh--r- c:\windows\system32\vshadow.exe

2005-06-08 20:10:04 364032 --sh--r- c:\windows\system32\vshadowamd64.exe

2008-03-22 20:13:22 352256 --sh--r- c:\windows\system32\vshadowXP.exe

.

============= FINISH: 16:38:45.53 ===============

malwarebytes blocked potentially malicious website:66.150.14.41

66.150.14.40 type:outgoing chrome.exe no idea whats going on happens like every 2 minutes or so

gringo_pr · May 19, 2013

Hello virusesscareme

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

Please do not run any tools unless instructed to do so.
- We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
[*]Please do not attach logs or use code boxes, just copy and paste the text.
- Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
[*]Please read every post completely before doing anything.
- Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
[*]Please provide feedback about your experience as we go.
- A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[s1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo

virusesscareme · May 19, 2013

Hi Gringo thanks for replying hears the logs.

my firewall was stopping a program called bcdboots.exe which hadn't been digitally signed from running it said it wanted unlimited access to the computer that hasn't popped up in a couple hours so maybe that's fixed.

# AdwCleaner v2.301 - Logfile created 05/20/2013 at 05:18:08

# Updated 16/05/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : SL!ghtLY St00p!D - USER-PC

# Boot Mode : Normal

# Running from : C:\Users\SL!ghtLY St00p!D\Downloads\AdwCleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : MyWebSearchService

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\BitTorrentBar

Deleted on reboot : C:\Program Files\Conduit

Deleted on reboot : C:\Program Files\ConduitEngine

Folder Deleted : C:\Program Files\FunWebProducts

Folder Deleted : C:\Program Files\MyWebSearch

Folder Deleted : C:\Program Files\PricePeep

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\BitTorrentBar

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\FunWebProducts

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\MyWebSearch

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\ShoppingReport

Folder Deleted : C:\Users\jess boddo\AppData\LocalLow\Zango

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\LocalLow\BitTorrentBar

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\LocalLow\MyWebSearch

Folder Deleted : C:\Users\SL!ghtLY St00p!D\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine

Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BitTorrentBar Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}

Key Deleted : HKLM\Software\BitTorrentBar

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25560540-9571-4D7B-9389-0F166788785A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D292-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473D296-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9571378-68A1-443D-B082-284F960C6D17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB99E195-9E94-4751-A2FF-2B73B25286F5}

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl

Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin

Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller

Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\conduitEngine

Key Deleted : HKLM\Software\FocusInteractive

Key Deleted : HKLM\Software\Fun Web Products

Key Deleted : HKLM\Software\FunWebProducts

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{036F52E6-485C-47C1-BB8C-C7A10D3C7573}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C713655-0B5D-476B-A443-6FAC84DA2DD0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss

Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin

Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EB99E195-9E94-4751-A2FF-2B73B25286F5}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mywebsearch bar uninstall

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin

Key Deleted : HKLM\Software\MyWebSearch

Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00A6FAF6-072E-44CF-8957-5838F569A31D}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07B18EA9-A523-4961-B6BB-170DE4475CCA}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [My Web Search Bar Search Scope Monitor]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\jess boddo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [18964 octets] - [20/05/2013 05:18:08]

########## EOF - C:\AdwCleaner[s1].txt - [19025 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows Vista Home Premium x86

Ran by SL!ghtLY St00p!D on Mon 20/05/2013 at 5:26:26.68

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\bittorrentbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitengine

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\clsid\{A057A204-BACC-4D26-9990-79A187E2698E}

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\bittorrentbar"

Successfully deleted: [Folder] "C:\Program Files\conduit"

Successfully deleted: [Folder] "C:\Program Files\conduitengine"

~~~ Chrome

Successfully deleted: [Folder] C:\Users\SL!ghtLY St00p!D\appdata\local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Mon 20/05/2013 at 5:31:05.44

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

gringo_pr · May 19, 2013

Hello virusesscareme

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

Link 1
Link 2
Link 3

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

In your next post I need the following
Log from Combofix
let me know of any problems you may have had
How is the computer doing now?

Gringo

virusesscareme · May 19, 2013

Hi Gringo i downloaded combofix ran it and it found rootkits and said it needs to reboot but nothing happens and i cant restart the computer i have to turn it off at the power button

virusesscareme · May 19, 2013

i also get an error message before it says reboot PEV.3xe has stopped working

gringo_pr · May 20, 2013

Hello virusesscareme

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.
Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it
If the forum still complains about it being to long send me everything that is at the end of the report after where it says
==================
Scan finished
==================

and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit

Quit all programs that you may have started.
Please disconnect any external drives from the computer before you run this scan!
For Vista or Windows 7, right-click and select "Run as Administrator to start"
For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
click on "delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and copy/paste the content of the Notepad into your next reply.
the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
Exit/Close RogueKiller+

send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo

virusesscareme · May 20, 2013

Hi Gringo here's the reports

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User : SL!ghtLY St00p!D [Admin rights]

Mode : Remove -- Date : 05/20/2013 18:42:52

| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDS721616PLA380 ATA Device +++++

--- User ---

[MBR] 486fa3bf342d07d4c004a3d35fedfd7c

[bSP] 597689f9fd584ba824a36be87199a262 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo

1 - [XXXXXX] NOS (0x32) [VISIBLE] Offset (sectors): 98304 | Size: 10240 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21069824 | Size: 142298 Mo

3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 250 | Size: 232 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_05202013_02d1842.txt >>

RKreport[1]_S_05202013_02d1841.txt ; RKreport[2]_D_05202013_02d1842.txt

TDSSKiller.2.8.16.0_20.05.2013_18.33.13_log.txt

gringo_pr · May 20, 2013

Hello virusesscareme

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.

If the computer is running, shut down Windows, and then turn off the power.
Wait 30 seconds, and then turn the computer on.
Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
Ensure that the Safe Mode option is selected.
Press Enter. The computer then begins to start in Safe mode.
Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo

virusesscareme · May 21, 2013

Hi Gringo

I ran combofix in safe mode and got a little bit further it gets to stage 50 complete then stops.

gringo_pr · May 21, 2013

Hello virusesscareme

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit

2.Unzip the contents to a folder in a convenient location.

3.Open the folder where the contents were unzipped and run mbar.exe

4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.

6.Wait while the system shuts down and the cleanup process is performed.

7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.

8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:

•Internet access
•Windows Update
•Windows Firewall

9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.

10.Verify that your system is now functioning normally.

Please download aswMBR to your desktop.

Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

When you are complete please send me both reports

Gringo

virusesscareme · May 21, 2013

Hi Gringo here's the reports

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.05.0.1001

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

Java version: 1.6.0_31

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED

CPU speed: 1.995000 GHz

Memory total: 2135375872, free: 873558016

------------ Kernel report ------------

05/21/2013 10:19:55

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\acpi.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\DRIVERS\intelide.sys

\SystemRoot\system32\DRIVERS\PCIIDEX.SYS

\SystemRoot\system32\drivers\pciide.sys

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\Drivers\usbvox32.sys

\SystemRoot\system32\Drivers\scssifilter32.sys

\SystemRoot\system32\Drivers\usbmp332.sys

\SystemRoot\System32\Drivers\PxHelp20.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\msrpc.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\ecache.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\system32\drivers\crcdisk.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\tunmp.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\igdkmd32.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\system32\DRIVERS\e1e6032.sys

\SystemRoot\system32\DRIVERS\usbuhci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\HSXHWBS2.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\HSX_DPV.sys

\SystemRoot\system32\DRIVERS\HSX_CNXT.sys

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\fdc.sys

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\msiscsi.sys

\SystemRoot\system32\DRIVERS\storport.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\RTKVHDA.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\System32\DRIVERS\cmderd.sys

\SystemRoot\system32\DRIVERS\cmdguard.sys

\SystemRoot\System32\Drivers\Fs_Rec.SYS

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\System32\DRIVERS\rasacd.sys

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\System32\DRIVERS\cmdhlp.sys

\SystemRoot\system32\DRIVERS\smb.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\drivers\ws2ifsl.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\inspect.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\??\C:\Windows\system32\drivers\mbam.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\system32\drivers\spsys.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\drivers\mrxdav.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\DRIVERS\mdmxsdk.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\system32\DRIVERS\xaudio.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\WUDFPf.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\system32\Drivers\usbwav32.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\mbamswissarmy.sys

\Windows\System32\ntdll.dll

----------- End -----------

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xffffffff87774030

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\00000076\

Lower Device Object: 0xffffffff86f3d428

Lower Device Driver Name: \Driver\USBSTOR\

Driver name found: USBSTOR

Initialization returned 0x0

Load Function returned 0x0

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff867ca7f0

Upper Device Driver Name: \Driver\disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\

Lower Device Object: 0xffffffff8502b528

Lower Device Driver Name: \Driver\atapi\

Driver name found: atapi

Initialization returned 0x0

Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)

Load Function returned 0x0

Downloaded database version: v2013.05.20.08

Downloaded database version: v2013.05.14.03

Initializing...

Done!

<<<2>>>

Device number: 0, partition: 3

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff867ca7f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff867ca4d8, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff867ca7f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff85de21c0, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff8502b528, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\

Upper DeviceData: 0xffffffffb75ca1f0, 0xffffffff867ca7f0, 0xffffffff856a9040

Lower DeviceData: 0xffffffffb756e430, 0xffffffff8502b528, 0xffffffff856cfc98

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning directory: C:\Windows\system32\drivers...

<<<2>>>

Device number: 0, partition: 3

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

File user open failed: C:\Windows\system32\drivers\usbmp332.sys (0x00000002)

File user open failed: C:\Windows\system32\drivers\usbvox32.sys (0x00000002)

File user open failed: C:\Windows\system32\drivers\usbwav32.sys (0x00000002)

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 8000000

Partition information:

Partition 0 type is Other (0xde)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 96327

Partition 1 type is Other (0x32)

Partition is NOT ACTIVE.

Partition starts at LBA: 98304 Numsec = 20971520

Partition 2 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 21069824 Numsec = 291426304

Partition file system is NTFS

Partition is bootable

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 250 Numsec = 475646

Disk Size: 160000000000 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-312480000-312500000)...

Physical Sector Size: 512

Drive: 1, DevicePointer: 0xffffffff87774030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86f3d7a0, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff87774030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

DevicePointer: 0xffffffff86f3d428, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\

Upper DeviceData: 0xffffffffb75f23e8, 0xffffffff87774030, 0xffffffff857d6628

Lower DeviceData: 0xffffffffaf15c9c8, 0xffffffff86f3d428, 0xffffffff857e3520

Drive 1

Scanning MBR on drive 1...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 4030201

Partition information:

Partition 0 type is Other (0xc)

Partition is NOT ACTIVE.

Partition starts at LBA: 10968 Numsec = 15361320

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 7870611456 bytes

Sector size: 512 bytes

Done!

Performing system, memory and registry scan...

Read File: File "c:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\instance.dat" is compressed (flags = 1)

Read File: File "c:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.dat" is compressed (flags = 1)

Read File: File "c:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\instance.dat" is compressed (flags = 1)

Read File: File "c:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.dat" is compressed (flags = 1)

Done!

Scan finished

=======================================

Run date: 2013-05-21 10:22:41

-----------------------------

10:22:41.007 OS Version: Windows 6.0.6002 Service Pack 2

10:22:41.008 Number of processors: 2 586 0xF0D

10:22:41.017 ComputerName: USER-PC UserName:

10:22:41.965 Initialize success

10:25:55.968 AVAST engine defs: 13052001

10:27:47.744 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

10:27:47.747 Disk 0 Vendor: Hitachi_HDS721616PLA380 P22OABNA Size: 152587MB BusType: 3

10:27:47.896 Disk 0 MBR read successfully

10:27:47.900 Disk 0 MBR scan

10:27:47.969 Disk 0 Windows VISTA default MBR code

10:27:47.974 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63

10:27:47.993 Disk 0 Partition 2 00 32 10240 MB offset 98304

10:27:48.013 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 142298 MB offset 21069824

10:27:48.047 Disk 0 scanning sectors +312496128

10:27:48.310 Disk 0 scanning C:\Windows\system32\drivers

10:28:09.997 Service scanning

10:29:08.070 Modules scanning

10:29:24.068 Disk 0 trace - called modules:

10:29:24.453 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys intelppm.sys

10:29:24.461 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867ca7f0]

10:29:24.469 3 CLASSPNP.SYS[88fa98b3] -> nt!IofCallDriver -> [0x85de21c0]

10:29:24.476 5 acpi.sys[8069a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8502b528]

10:29:26.829 AVAST engine scan C:\Windows

10:29:36.022 AVAST engine scan C:\Windows\system32

10:38:18.758 AVAST engine scan C:\Windows\system32\drivers

10:38:42.391 AVAST engine scan C:\Users\SL!ghtLY St00p!D

10:42:26.475 AVAST engine scan C:\ProgramData

10:45:34.048 Scan finished successfully

10:59:43.905 Disk 0 MBR has been saved successfully to "C:\Users\SL!ghtLY St00p!D\Documents\MBR.dat"

10:59:43.914 The log file has been saved successfully to "C:\Users\SL!ghtLY St00p!D\Documents\aswMBR.txt"

gringo_pr · May 21, 2013

OK try once more to run combofix once more in safe more

gringo

virusesscareme · May 21, 2013

Hey Gringo is it possible we could use team viewer and you could check it out yourself ? maybe you can get it to work

gringo_pr · May 21, 2013

Hello

Can't work that way - I just want you to try once more if it does not work this time I will move on

gringo

virusesscareme · May 22, 2013

Hi Gringo ran combofix again and it got up to deleting files only 1 file showed up then it froze. a help and support window keeps opening up telling me about safe mode could that be stalling combofix i read that you cant do anything while its scanning because it will stall just a thought.

gringo_pr · May 22, 2013

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

virusesscareme · May 22, 2013

Hi Gringo here they are

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2013 02

Ran by SL!ghtLY St00p!D (administrator) on 22-05-2013 21:34:14

Running from C:\Users\SL!ghtLY St00p!D\Downloads

Windows Vista Home Premium Service Pack 2 (X86) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Normal

==================== Processes (Whitelisted) ===================

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]

HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup [30192 2011-04-22] (Google)

HKLM\...\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [slipStream] "C:\Program Files\Dodo Speed Accelerator\slipcore.exe" [344064 2010-10-27] (SlipStream Data Inc.)

HKLM\...\Run: [sSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-02-03] (PC Tools)

HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)

HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)

HKLM\...\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [3012816 2013-04-15] (COMODO)

Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]

HKCU\...\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent [1631144 2013-04-20] (Valve Corporation)

HKCU\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKCU\...\Run: [uTorrent] "C:\Users\SL!ghtLY St00p!D\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [1045072 2013-05-20] (BitTorrent Inc.)

HKCU\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [68856 2008-07-04] (Google Inc.)

Startup: C:\ProgramData\Start Menu\Programs\Startup\Digital Line Detect.lnk

ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

Startup: C:\ProgramData\Start Menu\Programs\Startup\Dodo Speed Accelerator.lnk

ShortcutTarget: Dodo Speed Accelerator.lnk -> C:\Program Files\Dodo Speed Accelerator\slipgui.exe (SlipStream Data Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/'>http://www.google.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au&ibd=1080704'>http://www.google.com.au/ig/dell?hl=en&client=dell-row&channel=au&ibd=1080704

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareware.pro/?lang=en

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.shareware.pro/?lang=en

BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll No File

BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll No File

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Dodo Speed Accelerator\components\NOWImaging.dll (SlipStream Data Inc.)

BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL No File

BHO: Prefetch - {A66AA08A-9BF0-4e87-99E6-6972731D6B99} - C:\Program Files\Dodo Speed Accelerator\Prefetch.dll (SlipStream Data Inc.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

PDF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

PDF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

PDF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

PDF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

PDF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

PDF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [19968] (Microsoft Corporation)

Winsock: Catalog9 01 C:\PROGRA~1\DODOSP~1\sliplsp.dll [19968] (Microsoft Corporation)

Winsock: Catalog9 12 C:\PROGRA~1\DODOSP~1\sliplsp.dll [223232] (Microsoft Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 202.136.42.205 202.136.43.205

Chrome:

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No File

CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Google Docs) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0

CHR Extension: (Google Drive) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0

CHR Extension: (YouTube) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0

CHR Extension: (Adblock Plus) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0

CHR Extension: (Monster Energy Theme 2) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgpabepffcnnfokhecgophgabpmdecml\1_0

CHR Extension: (Google Search) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0

CHR Extension: (WOT Safe Search) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddcihbboebboehpkkdfdkhbodacmmfkk\2_0

CHR Extension: (Gmail) - C:\Users\SL!ghtLY St00p!D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

========================== Services (Whitelisted) =================

S2 .Net Crypt; C:\Windows\System32\mutex-Threads.exe [9473840 2012-11-22] ()

R2 .Net Main; C:\Windows\System32\idle-Threads.exe [9295664 2013-05-10] ()

S2 .Net Security; C:\Windows\System32\latch-Threads.exe [9478448 2012-11-22] ()

R2 .Net Semaphore; C:\Windows\System32\semaphore-Threads.exe [488752 2012-11-22] ()

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4443912 2013-04-25] (COMODO)

S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [127184 2013-04-15] (COMODO)

R2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2010-07-27] ()

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-04-22] (Google)

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-02-03] (PC Tools)

R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-14] (SupportSoft, Inc.)

S3 msiserver; %systemroot%\system32\msiexec /V [x]

==================== Drivers (Whitelisted) ====================

R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20072 2013-04-15] (COMODO)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [582960 2013-04-15] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43216 2013-04-15] (COMODO)

R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [84928 2013-04-25] (COMODO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [20080 2010-11-06] ()

S3 PCASp50; C:\Windows\System32\Drivers\PCASp50.sys [27072 2008-06-27] (Printing Communications Assoc., Inc. (PCAUSA))

S3 pgfilter; C:\Program Files\PeerGuardian2\pgfilter.sys [8192 2007-06-02] ()

S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [103552 2010-07-27] (TCT International Mobile Ltd)

R0 scssifilter; C:\Windows\System32\Drivers\scssifilter32.sys [19120 2012-11-22] (Microsoft Corporation)

R0 usbmp3; C:\Windows\System32\Drivers\usbmp332.sys [19120 2012-11-22] ()

R0 usbvox; C:\Windows\System32\Drivers\usbvox32.sys [19632 2012-11-22] ()

R0 usbwav; C:\Windows\System32\Drivers\usbwav32.sys [16048 2012-11-22] ()

S3 catchme; \??\C:\Users\SL!ghtLY St00p!D\AppData\Local\Temp\catchme.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 massfilter; system32\drivers\massfilter.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]

S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [x]

S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]

S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-22 21:33 - 2013-05-22 21:33 - 01318319 ____A (Farbar) C:\Users\SL!ghtLY St00p!D\Downloads\FRST.exe

2013-05-22 21:33 - 2013-05-22 21:33 - 00000000 ____D C:\FRST

2013-05-22 20:18 - 2013-05-22 20:19 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.Torrenting.com ] - Jack The Giant Slayer CAM 2013 NEW SOURCE XviD AC3-SSDD

2013-05-22 20:17 - 2013-05-22 20:17 - 00057819 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]jack.the.giant.slayer.cam.2013.new.source.xvid.ac3.ssdd.torrent

2013-05-22 18:17 - 2013-05-22 18:17 - 00000671 ___SH C:\Windows\System32\settings.ini

2013-05-22 18:04 - 2013-05-22 18:13 - 00000000 ___SD C:\ComboFix

2013-05-22 17:57 - 2013-05-22 17:57 - 00000926 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-22 17:57 - 2013-05-22 17:57 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-05-22 17:57 - 2013-04-04 14:50 - 00022856 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys

2013-05-22 17:55 - 2013-05-22 17:56 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\SL!ghtLY St00p!D\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-05-21 10:59 - 2013-05-21 10:59 - 00002104 ____A C:\Users\SL!ghtLY St00p!D\Documents\aswMBR.txt

2013-05-21 10:59 - 2013-05-21 10:59 - 00000512 ____A C:\Users\SL!ghtLY St00p!D\Documents\MBR.dat

2013-05-21 10:19 - 2013-05-21 11:00 - 13572782 ____A C:\Users\SL!ghtLY St00p!D\Downloads\mbar-1.05.0.1001 (1).zip

2013-05-21 10:19 - 2013-05-21 10:21 - 04745728 ____A (AVAST Software) C:\Users\SL!ghtLY St00p!D\Downloads\aswMBR.exe

2013-05-21 05:26 - 2011-06-26 14:45 - 00256000 ____A C:\Windows\PEV.exe

2013-05-21 05:26 - 2010-11-08 01:20 - 00208896 ____A C:\Windows\MBR.exe

2013-05-21 05:26 - 2009-04-20 12:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe

2013-05-21 05:26 - 2000-08-31 08:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe

2013-05-21 05:26 - 2000-08-31 08:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe

2013-05-21 05:26 - 2000-08-31 08:00 - 00098816 ____A C:\Windows\sed.exe

2013-05-21 05:26 - 2000-08-31 08:00 - 00080412 ____A C:\Windows\grep.exe

2013-05-21 05:26 - 2000-08-31 08:00 - 00068096 ____A C:\Windows\zip.exe

2013-05-21 05:20 - 2013-05-21 05:20 - 05067850 ____R (Swearware) C:\Users\SL!ghtLY St00p!D\Desktop\ComboFix.exe

2013-05-20 19:40 - 2013-05-20 19:49 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Game of Thrones S03E08 HDTV x264-EVOLVE[ettv]

2013-05-20 19:40 - 2013-05-20 19:44 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Iron.Man.3.2013.R6.HDScr.LINE.NoSUBS.NoBLURS.XViD.AC3.HQ.Hive-CM8

2013-05-20 19:39 - 2013-05-20 19:39 - 00038197 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.r6.hdscr.line.nosubs.noblurs.xvid.ac3.hq.hive.cm.torrent

2013-05-20 19:39 - 2013-05-20 19:39 - 00029603 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.s03e08.hdtv.x264.evolve.ettv.torrent

2013-05-20 19:36 - 2013-05-20 19:36 - 00000810 ____A C:\Users\Public\Desktop\µTorrent.lnk

2013-05-20 19:33 - 2013-05-20 19:34 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent (2).exe

2013-05-20 18:42 - 2013-05-20 18:42 - 00001644 ____A C:\Users\SL!ghtLY St00p!D\Desktop\RKreport[2]_D_05202013_02d1842.txt

2013-05-20 18:41 - 2013-05-20 18:41 - 00001591 ____A C:\Users\SL!ghtLY St00p!D\Desktop\RKreport[1]_S_05202013_02d1841.txt

2013-05-20 18:39 - 2013-05-20 18:42 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Desktop\RK_Quarantine

2013-05-20 18:39 - 2013-05-20 18:39 - 00816128 ____A C:\Users\SL!ghtLY St00p!D\Downloads\RogueKiller (1).exe

2013-05-20 18:30 - 2013-05-20 18:30 - 00816128 ____A C:\Users\SL!ghtLY St00p!D\Downloads\RogueKiller.exe

2013-05-20 05:38 - 2013-05-20 05:38 - 00001568 ____A C:\Users\SL!ghtLY St00p!D\Documents\JRT.txt

2013-05-20 05:25 - 2013-05-20 05:25 - 00000000 ____D C:\Windows\ERUNT

2013-05-20 05:23 - 2013-05-20 05:40 - 00000000 ____D C:\JRT

2013-05-20 05:23 - 2013-05-20 05:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\SL!ghtLY St00p!D\Downloads\JRT.exe

2013-05-20 05:22 - 2013-05-20 05:22 - 00019095 ____A C:\Users\SL!ghtLY St00p!D\Desktop\AdwCleaner[s1].txt

2013-05-20 05:19 - 2013-05-20 05:19 - 00000184 ____A C:\Windows\DeleteOnReboot.bat

2013-05-20 05:18 - 2013-05-20 05:19 - 00019095 ____A C:\AdwCleaner[s1].txt

2013-05-20 05:16 - 2013-05-20 05:16 - 00632031 ____A C:\Users\SL!ghtLY St00p!D\Downloads\AdwCleaner.exe

2013-05-20 00:04 - 2013-05-20 00:16 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.Torrenting.com ] - Resident.Evil.Retribution.2012.BRRip.XviD.AC3-MAGNAT

2013-05-20 00:02 - 2013-05-20 00:02 - 00064750 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]resident.evil.retribution.2012.brrip.xvid.ac3.magnat.torrent

2013-05-19 23:43 - 2013-05-19 23:47 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Fast.And.Furious.6.2013.CAM.XviD-NYDIC

2013-05-19 23:42 - 2013-05-19 23:42 - 00040959 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]fast.and.furious.6.2013.cam.xvid.nydic.torrent

2013-05-19 23:40 - 2013-05-19 23:40 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent (1).exe

2013-05-19 17:02 - 2013-05-19 17:02 - 00000419 ____A C:\Users\SL!ghtLY St00p!D\Documents\Attach.txt

2013-05-19 16:40 - 2013-05-19 16:40 - 00000057 ____A C:\Users\SL!ghtLY St00p!D\Desktop\malware.txt

2013-05-19 16:36 - 2013-05-19 16:37 - 00688992 ____A (Swearware) C:\Users\SL!ghtLY St00p!D\Downloads\dds (1).com

2013-05-19 16:36 - 2013-05-19 16:36 - 00688992 ____R (Swearware) C:\Users\SL!ghtLY St00p!D\Downloads\dds.com

2013-05-19 16:29 - 2013-05-19 16:30 - 19275792 ____A (Bitdefender LLC) C:\Users\SL!ghtLY St00p!D\Downloads\BootkitRemoval_x64.exe

2013-05-19 00:48 - 2013-05-19 00:48 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent.exe

2013-05-18 22:56 - 2013-05-18 22:56 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\A.Good.Day.To.Die.Hard.2013.720p.WEB-DL.X264-WEBiOS [PublicHD]

2013-05-18 22:54 - 2013-05-18 22:54 - 00012640 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]a.good.day.to.die.hard.2013.720p.web.dl.x264.webios.torrent

2013-05-18 22:53 - 2013-05-18 22:53 - 00000000 ____D C:\Program Files\ESET

2013-05-18 22:52 - 2013-05-18 22:52 - 02347384 ____A (ESET) C:\Users\SL!ghtLY St00p!D\Downloads\esetsmartinstaller_enu.exe

2013-05-18 20:46 - 2013-05-19 03:11 - 00001420 ____A C:\Windows\System32\Drivers\fvstore.dat

2013-05-18 08:29 - 2013-05-18 08:30 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Dark.Circles.2013.DVDRiP.AC3.XViD-CM8

2013-05-18 08:28 - 2013-05-18 08:28 - 00020815 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dark.circles.2013.dvdrip.ac3.xvid.cm8.torrent

2013-05-18 04:13 - 2013-05-21 05:18 - 01645899 ____N C:\Windows\System32\Microsoft.mshtml.zip

2013-05-18 04:13 - 2013-05-21 05:18 - 00033112 ____N C:\Windows\System32\Interop.SHDocVw.zip

2013-05-18 02:19 - 2013-05-18 02:19 - 00000736 ____A C:\Windows\DigimaxMaster.INI

2013-05-18 02:04 - 2013-05-18 02:16 - 00000000 ____D C:\ProgramData\SecTaskMan

2013-05-18 02:02 - 2013-05-18 02:02 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Macromedia

2013-05-18 02:01 - 2013-05-18 02:01 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Google

2013-05-18 02:00 - 2013-05-19 17:55 - 00000000 ____D C:\Program Files\Security Task Manager

2013-05-18 01:59 - 2013-05-18 02:00 - 02365840 ____A C:\Users\SL!ghtLY St00p!D\Downloads\SecurityTaskManager_Setup.exe

2013-05-18 01:57 - 2013-05-18 01:57 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Mozilla

2013-05-18 01:38 - 2013-05-18 02:50 - 00000000 ____D C:\TDSSKiller_Quarantine

2013-05-18 01:21 - 2013-05-18 01:29 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\SL!ghtLY St00p!D\Downloads\tdsskiller.exe

2013-05-18 01:06 - 2013-05-18 01:06 - 00000000 ____D C:\Windows\System32\x64

2013-05-18 01:06 - 2008-02-11 20:13 - 00920088 ____A (Intel® Corporation) C:\Windows\System32\igxpun.exe

2013-05-18 01:06 - 2006-11-10 16:25 - 00319456 ____A (Microsoft Corporation) C:\Windows\System32\difxapi.dll

2013-05-18 01:01 - 2013-05-18 01:55 - 306431365 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E23.HDTV.x264-LOL.mp4

2013-05-18 01:01 - 2013-05-18 01:48 - 287685456 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E22.HDTV.x264-LOL.mp4

2013-05-18 01:00 - 2013-05-18 02:14 - 1065673036 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E20.720p.HDTV.X264-DIMENSION.mkv

2013-05-18 01:00 - 2013-05-18 01:44 - 272613482 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E21.HDTV.x264-LOL.mp4

2013-05-18 01:00 - 2013-05-18 01:00 - 00012318 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e23.hdtv.x264.lol.eztv.torrent

2013-05-18 00:59 - 2013-05-18 01:45 - 311093435 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E19.HDTV.x264-LOL.mp4

2013-05-18 00:59 - 2013-05-18 00:59 - 00011435 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e22.hdtv.x264.lol.eztv.torrent

2013-05-18 00:59 - 2013-05-18 00:59 - 00011018 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e21.hdtv.x264.lol.eztv.torrent

2013-05-18 00:58 - 2013-05-18 01:53 - 330390520 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E18.HDTV.x264-LOL.mp4

2013-05-18 00:58 - 2013-05-18 00:58 - 00041290 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e20.720p.hdtv.x264.dimension.eztv.torrent

2013-05-18 00:57 - 2013-05-18 01:06 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow S01E17 HDTV x264-LOL[ettv]

2013-05-18 00:57 - 2013-05-18 00:57 - 00013119 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e18.hdtv.x264.lol.eztv.torrent

2013-05-18 00:57 - 2013-05-18 00:57 - 00012422 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e19.hdtv.x264.lol.eztv.torrent

2013-05-18 00:56 - 2013-05-18 00:56 - 00023731 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e17.hdtv.x264.lol.ettv.torrent

2013-05-16 21:17 - 2013-05-16 21:41 - 13537812 ____A C:\Users\SL!ghtLY St00p!D\Downloads\mbar-1.05.0.1001.zip

2013-05-16 17:23 - 2013-05-16 17:26 - 00000000 ____D C:\Qoobox

2013-05-16 17:21 - 2013-05-16 17:21 - 00000000 ____D C:\Windows\erdnt

2013-05-16 03:22 - 2013-05-16 03:32 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\28.Days.Later[2002]DvDrip[Eng]-aXXo

2013-05-16 03:21 - 2013-05-16 03:21 - 00056854 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]28-days-later-2002-dvdrip-eng-axxo.torrent

2013-05-14 21:37 - 2013-05-14 21:44 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Warm.Bodies.2013.720p.WEB-DL.X264-WEBiOS [PublicHD]

2013-05-14 21:33 - 2013-05-14 21:34 - 00012523 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]warm.bodies.2013.720p.web.dl.x264.webios.torrent

2013-05-13 23:24 - 2013-05-13 23:24 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.UsaBit.com ] - Iron Man 3 2013 R6 LiNE READNFO XViD - JUSTiCE

2013-05-13 23:21 - 2013-05-13 23:21 - 00153449 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.r6.line.readnfo.xvid.justice.torrent

2013-05-13 11:27 - 2013-05-13 23:43 - 464824483 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Game.of.Thrones.S03E07.HDTV.x264-2HD.mp4

2013-05-13 11:26 - 2013-05-13 11:26 - 00018310 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.3x7.hdtv.2hd.torrent

2013-05-13 11:24 - 2013-05-13 11:24 - 00011447 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]swedish.house.mafia.don.t.you.worry.child.ft.john.martin.itunes.version.torrent

2013-05-13 11:24 - 2013-05-13 11:24 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Swedish House Mafia - Don't You Worry Child ft. John Martin

2013-05-12 01:14 - 2013-05-12 02:03 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow

2013-05-12 01:10 - 2013-05-12 01:10 - 00020898 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.episodes.1.through.16.season.1.torrent

2013-05-10 03:28 - 2012-02-29 23:11 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll

2013-05-10 03:28 - 2012-02-29 23:09 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll

2013-05-10 03:28 - 2012-02-29 21:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys

2013-05-10 03:19 - 2013-05-10 03:19 - 12268544 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 09702400 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-05-10 03:19 - 2013-05-10 03:19 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-05-10 03:19 - 2013-05-10 03:19 - 01797632 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 01785344 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 01427456 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-05-10 03:19 - 2013-05-10 03:19 - 01126912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 01102336 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-05-10 03:19 - 2013-05-10 03:19 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-05-10 03:19 - 2013-05-10 03:19 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-05-10 03:19 - 2013-05-10 03:19 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-05-10 03:19 - 2013-05-10 03:19 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-05-10 03:18 - 2013-05-10 03:20 - 00002897 ____A C:\Windows\IE9_main.log

2013-05-10 03:01 - 2013-05-10 03:01 - 00000078 ____A C:\Windows\System32\7b5764e6-6536-4fbe-8376-7b3ed3f06f3a.12.lrf

2013-05-10 02:05 - 2013-05-10 02:07 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\The.Power.of.Few.2013.WEBRip XViD juggs

2013-05-10 02:04 - 2013-05-10 02:07 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Dark Skies 2013 BRRip XviD juggs

2013-05-10 02:04 - 2013-05-10 02:04 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow S1.E3 (xCrazy0328x)

2013-05-10 02:03 - 2013-05-10 02:07 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow S01E03 HDTV x264 + Subtitles [GlowGaze]

2013-05-10 01:56 - 2012-12-16 21:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll

2013-05-10 01:56 - 2012-12-16 18:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

2013-05-10 01:53 - 2012-05-11 23:57 - 00623616 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll

2013-05-10 01:53 - 2011-10-15 00:02 - 00429056 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll

2013-05-10 01:52 - 2011-10-15 00:03 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\winmm.dll

2013-05-10 01:52 - 2011-10-15 00:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\mciseq.dll

2013-05-10 01:52 - 2011-07-30 00:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll

2013-05-10 01:52 - 2011-07-30 00:01 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax

2013-05-10 01:52 - 2011-07-30 00:00 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax

2013-05-10 01:52 - 2011-07-30 00:00 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax

2013-05-10 01:52 - 2011-04-14 22:59 - 00075264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys

2013-05-10 01:50 - 2012-11-02 18:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll

2013-05-10 01:50 - 2012-11-02 16:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe

2013-05-10 01:50 - 2011-11-19 04:23 - 01205064 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll

2013-05-10 01:49 - 2012-11-20 12:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll

2013-05-10 01:49 - 2012-09-26 00:19 - 00075776 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll

2013-05-10 01:49 - 2012-08-21 19:47 - 00224640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys

2013-05-10 01:49 - 2012-06-09 01:47 - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2013-05-10 01:49 - 2012-03-21 07:28 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys

2013-05-10 01:49 - 2011-07-06 23:31 - 00214016 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys

2013-05-10 01:49 - 2011-04-29 21:25 - 00146432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys

2013-05-10 01:49 - 2011-04-29 21:25 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys

2013-05-10 01:49 - 2011-04-29 21:24 - 00106496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys

2013-05-10 01:49 - 2011-04-29 21:24 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys

2013-05-10 01:48 - 2012-06-30 00:01 - 00467968 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll

2013-05-10 01:47 - 2013-03-04 03:07 - 01082232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-05-10 01:47 - 2011-04-21 21:58 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys

2013-05-10 01:46 - 2011-11-19 01:47 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll

2013-05-10 01:45 - 2011-12-15 00:17 - 00680448 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll

2013-05-10 01:43 - 2012-11-08 11:48 - 01314816 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll

2013-05-10 01:43 - 2012-11-02 18:19 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll

2013-05-10 01:43 - 2012-06-02 08:02 - 00985088 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll

2013-05-10 01:43 - 2012-06-02 08:02 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll

2013-05-10 01:43 - 2012-06-02 08:02 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

2013-05-10 01:43 - 2012-01-09 23:54 - 00613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll

2013-05-10 01:41 - 2011-08-26 00:15 - 00555520 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll

2013-05-10 01:41 - 2011-08-26 00:14 - 00563712 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll

2013-05-10 01:41 - 2011-08-26 00:14 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll

2013-05-10 01:41 - 2011-08-25 21:31 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll

2013-05-10 01:40 - 2012-11-22 11:54 - 00353280 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll

2013-05-10 01:40 - 2012-09-29 00:11 - 00892928 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll

2013-05-10 01:40 - 2012-08-24 23:53 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll

2013-05-10 01:39 - 2013-03-11 21:25 - 03603816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe

2013-05-10 01:39 - 2013-03-11 21:25 - 03551080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-05-10 01:39 - 2013-03-09 11:45 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-05-10 01:39 - 2013-03-09 09:28 - 00064000 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-05-10 01:39 - 2013-03-05 09:40 - 02049024 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-05-10 01:39 - 2012-06-04 23:26 - 00440704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys

2013-05-10 01:39 - 2012-06-02 08:04 - 00278528 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll

2013-05-10 01:39 - 2012-05-01 22:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys

2013-05-10 01:39 - 2011-11-17 00:23 - 00377344 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll

2013-05-10 01:39 - 2011-11-17 00:23 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll

2013-05-10 01:39 - 2011-11-17 00:21 - 01259008 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll

2013-05-10 01:39 - 2011-11-16 22:12 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe

2013-05-10 01:39 - 2011-06-16 00:12 - 00182784 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll

2013-05-10 01:38 - 2012-06-06 00:47 - 01248768 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll

2013-05-10 01:38 - 2010-02-18 21:30 - 00200704 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll

2013-05-10 01:38 - 2010-02-18 19:28 - 00025088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tunnel.sys

2013-05-10 01:37 - 2013-05-10 01:37 - 00057201 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dark.skies.2013.brrip.xvid.juggs.torrent

2013-05-10 01:28 - 2012-03-01 22:46 - 00219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-05-10 01:28 - 2012-03-01 22:46 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-05-10 01:28 - 2012-02-29 22:08 - 01172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-05-10 01:28 - 2012-02-29 21:44 - 00683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-05-10 01:28 - 2012-02-29 21:41 - 01069056 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-05-10 01:27 - 2013-05-10 01:27 - 00057656 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.power.of.few.2013.webrip.xvid.juggs.torrent

2013-05-10 01:27 - 2011-05-03 01:16 - 00739328 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll

2013-05-10 01:18 - 2013-03-08 11:52 - 02067968 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-05-10 01:18 - 2013-01-04 19:28 - 00905576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys

2013-05-10 01:18 - 2011-10-25 23:58 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll

2013-05-10 01:17 - 2013-02-12 09:57 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys

2013-05-10 01:17 - 2013-02-12 09:57 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys

2013-05-10 01:15 - 2013-05-10 01:15 - 00000000 ____D C:\Windows\pss

2013-05-10 01:09 - 2013-05-10 01:09 - 00014250 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.season.1.episode.3.xcrazy0328x (1).torrent

2013-05-10 01:07 - 2013-05-10 01:07 - 00025900 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e03.season.1.episode.3.hdtv.x264.subtitles.glowgaze.torrent

2013-05-10 01:07 - 2013-03-08 11:53 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll

2013-05-10 01:06 - 2013-05-10 01:06 - 00014250 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.season.1.episode.3.xcrazy0328x.torrent

2013-05-08 03:18 - 2013-05-08 03:23 - 39276256 ____A C:\Users\SL!ghtLY St00p!D\Downloads\R180772 (1).exe

2013-05-08 03:16 - 2013-05-08 03:18 - 39276256 ____A C:\Users\SL!ghtLY St00p!D\Downloads\R180772.exe

2013-05-08 03:14 - 2013-05-08 03:16 - 16776864 ____A C:\Users\SL!ghtLY St00p!D\Downloads\R167384.EXE

2013-05-08 03:00 - 2013-05-08 03:00 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Malwarebytes

2013-05-08 02:59 - 2013-05-08 02:59 - 00000000 ____D C:\ProgramData\Malwarebytes

2013-05-08 02:55 - 2013-05-08 02:56 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\SL!ghtLY St00p!D\Downloads\mbam-setup-1.75.0.1300.exe

2013-05-08 02:51 - 2013-05-08 02:51 - 00889416 ____A (Microsoft Corporation) C:\Users\SL!ghtLY St00p!D\Downloads\dotNetFx40_Full_setup.exe

2013-05-08 02:47 - 2013-05-08 03:13 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Local\Deployment

2013-05-08 02:47 - 2013-05-08 02:47 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Local\Apps\2.0

2013-05-08 02:45 - 2013-05-08 02:46 - 00010774 ____A C:\Users\SL!ghtLY St00p!D\Downloads\dellsystemdetect.application

2013-05-08 02:22 - 2013-05-08 02:22 - 00000000 ____D C:\Program Files\SystemRequirementsLab

2013-05-08 01:13 - 2013-05-08 01:13 - 00000034 ____A C:\Users\SL!ghtLY St00p!D\Documents\partos xbl user name.txt

2013-05-08 00:21 - 2013-05-08 00:22 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.UsaBit.com ] - Iron.Man.3.2013.NEW.Full.Source.CAM.XViD-VAiN

2013-05-08 00:20 - 2013-05-08 00:20 - 00111800 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.new.full.source.cam.xvid.vain.torrent

2013-05-07 00:43 - 2013-05-07 01:17 - 1465167872 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\The.Twilight.Saga.Breaking.Dawn.Part.2.2012.DVDRip.1400MB-GECKOS.avi

2013-05-07 00:42 - 2013-05-07 00:42 - 00056671 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.twilight.saga.breaking.dawn.part.2.2012.dvdrip.xvid.geckos.torrent

2013-05-06 14:19 - 2013-05-06 17:26 - 387687109 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Game.of.Thrones.S03E06.HDTV.x264-2HD.mp4

2013-05-06 14:13 - 2013-05-06 14:13 - 00015370 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.s03e06.hdtv.x264.2hd.eztv.torrent

2013-05-06 01:47 - 2013-05-06 01:47 - 00000778 ____A C:\Users\Public\Desktop\Speccy.lnk

2013-05-06 01:47 - 2013-05-06 01:47 - 00000000 ____D C:\Program Files\Speccy

2013-05-06 01:46 - 2013-05-06 01:46 - 04938520 ____A (Piriform Ltd) C:\Users\SL!ghtLY St00p!D\Downloads\spsetup121.exe

2013-05-05 23:26 - 2013-05-05 23:47 - 891316224 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Up In Smoke.avi

2013-05-05 23:25 - 2013-05-05 23:25 - 00017507 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]cheech.and.chong.up.in.smoke.torrent

2013-05-05 23:22 - 2013-05-10 01:16 - 00000000 ____D C:\Program Files\UberStrike HD

2013-05-05 21:00 - 2013-05-05 21:00 - 00019959 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]counter.strike.1.6.full.with.maps.and.cheats.torrent

2013-05-05 20:37 - 2013-05-05 20:43 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\IRON MAN III {2013} HDCAM AVC 1080P AC3 $MURDER$

2013-05-05 20:34 - 2013-05-05 20:34 - 00018168 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.iii.2013.hdcam.avc.1080p.ac3.murder.torrent

2013-05-05 16:06 - 2013-05-05 21:10 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Hansel.and.Gretel.Witch.Hunters.2013.DVDRip.XviD-P2P

2013-05-05 16:03 - 2013-05-05 16:03 - 00025549 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]hansel.and.gretel.witch.hunters.2013.dvdrip.xvid.p2p.torrent

2013-05-04 20:49 - 2013-05-04 22:09 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\The Numbers Station (2013)

2013-05-04 20:48 - 2013-05-04 20:48 - 00000007 ____A C:\Users\SL!ghtLY St00p!D\Documents\ps3 user.txt

2013-05-04 20:46 - 2013-05-04 20:46 - 00000680 ____A C:\Users\SL!ghtLY St00p!D\AppData\Local\d3d9caps.dat

2013-05-04 20:45 - 2013-05-04 20:45 - 00007806 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.numbers.station.2013.720p.brrip.x264.yify.torrent

2013-05-04 17:57 - 2013-05-04 18:06 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Parker.2013.BRRip.XviD-S4A

2013-05-04 17:55 - 2013-05-04 17:55 - 00029182 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]parker.2013.brrip.xvid.s4a.torrent

2013-05-04 17:48 - 2013-05-04 17:48 - 00903072 ____A (Oracle Corporation) C:\Users\SL!ghtLY St00p!D\Downloads\chromeinstall-7u21 (1).exe

2013-05-04 17:31 - 2013-05-04 17:36 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.Torrenting.com ] - The.Place.Beyond.the.Pines.2012.DVDSCR.XviD.AC3-PTpOWeR

2013-05-04 17:30 - 2013-05-04 17:30 - 00113538 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.place.beyond.the.pines.2012.dvdscr.xvid.ac3.ptpower.torrent

2013-05-04 03:06 - 2013-04-04 05:35 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll

2013-05-04 03:06 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe

2013-05-04 03:06 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe

2013-05-04 03:04 - 2013-05-04 03:06 - 00003903 ____A C:\Windows\System32\jupdate-1.7.0_21-b11.log

2013-05-04 03:01 - 2013-05-04 03:01 - 00903072 ____A (Oracle Corporation) C:\Users\SL!ghtLY St00p!D\Downloads\chromeinstall-7u21.exe

2013-05-04 00:24 - 2013-05-04 00:24 - 00022653 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]hansel.and.gretel.witch.hunters.2013.ts.xvid.mp3.ministry.torrent

2013-05-02 19:06 - 2013-05-02 19:22 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Beautiful Creatures 2013 480p WEB-DL XviD AC3-BiDA

2013-05-02 19:05 - 2013-05-02 19:06 - 00138139 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]beautiful.creatures.2013.480p.web.dl.xvid.ac3.bida.torrent

2013-04-30 15:10 - 2013-04-30 15:10 - 00021790 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.vampire.diaries.season.4.ray.torrent

2013-04-30 01:21 - 2013-04-30 01:21 - 00001745 ____A C:\Users\Public\Desktop\COMODO Firewall.lnk

2013-04-30 01:15 - 2013-04-30 14:28 - 00000000 ____D C:\ProgramData\COMODO

2013-04-30 01:14 - 2013-05-10 01:49 - 00000000 ____D C:\Program Files\Comodo

2013-04-30 01:14 - 2013-05-02 19:31 - 00047368 ____A (COMODO CA Limited) C:\Windows\System32\certsentry.dll

2013-04-30 01:14 - 2013-04-30 01:14 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Local\Comodo

2013-04-30 01:13 - 2013-04-30 01:13 - 00000000 ____D C:\ProgramData\Comodo Downloader

2013-04-30 00:28 - 2013-04-30 01:06 - 151247144 ____A (COMODO) C:\Users\SL!ghtLY St00p!D\Downloads\cfw_installer.exe

2013-04-29 12:02 - 2013-04-29 13:28 - 426193980 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Game.of.Thrones.S03E05.HDTV.x264-2HD.mp4

2013-04-29 00:59 - 2013-04-29 12:02 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Trailer Park Boys

2013-04-29 00:56 - 2013-04-29 00:56 - 00036832 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]trailer.park.boys.complete.collection.mkv.compression.yify.torrent

2013-04-28 23:36 - 2013-04-29 00:36 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Iron Man 3 2013 CAM Xvid READ NFO UnKnOwN

2013-04-28 23:34 - 2013-04-28 23:34 - 00116892 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.cam.xvid.read.nfo.unknown.torrent

2013-04-26 20:00 - 2013-04-26 20:00 - 00031276 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dexter.season.5.torrent

2013-04-26 19:49 - 2013-04-26 19:49 - 00013263 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dexter.season.6.complete.hdtv.ripper.torrent

2013-04-26 19:43 - 2013-05-18 03:59 - 00000000 ____D C:\Program Files\PeerBlock

2013-04-26 19:43 - 2013-04-26 19:43 - 00001730 ____A C:\Users\SL!ghtLY St00p!D\Desktop\PeerBlock.lnk

2013-04-26 19:40 - 2013-04-26 19:41 - 02105040 ____A (PeerBlock, LLC ) C:\Users\SL!ghtLY St00p!D\Downloads\PeerBlock-Setup_v1.1_r518.exe

2013-04-26 19:38 - 2013-04-26 19:38 - 00021857 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dexter.season.6 (1).torrent

2013-04-26 19:24 - 2013-04-26 19:24 - 00021857 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dexter.season.6.torrent

2013-04-26 17:24 - 2013-04-26 17:24 - 00013149 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dexter.season.7.complete.hdtvx264.torrent

2013-04-26 15:24 - 2013-04-26 15:27 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\The Croods 2013 CAM XViD AC3-sC0rp

2013-04-26 15:22 - 2013-04-26 15:22 - 00015289 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.croods.2013.cam.xvid.ac3.sc0rp.torrent

2013-04-26 11:42 - 2013-04-26 11:42 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Desktop\DoDo H0ney1234

2013-04-25 19:29 - 2013-04-25 19:31 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\A Good Day To Die Hard

2013-04-25 19:28 - 2013-04-25 19:28 - 00092879 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]a.good.day.to.die.hard.2013.ts.xvid.mp3.ministry.torrent

2013-04-25 19:24 - 2013-04-25 19:24 - 00014176 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]superman.unbound.2013.dvd.rip.torrent

2013-04-25 19:22 - 2013-04-25 19:22 - 00008229 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]superman.unbound.2013.webrip.xvid.vip3r.torrent

2013-04-25 18:43 - 2013-04-25 18:44 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Movie.43.2013.DVDRip.XviD-3LT0N

2013-04-25 18:43 - 2013-04-25 18:43 - 00057433 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]deep.dark.canyon.2013.webrip.xvid.juggs.torrent

2013-04-25 18:41 - 2013-04-25 18:41 - 00015199 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]movie.43.2013.dvdrip.xvid.3lt0n.torrent

2013-04-25 11:05 - 2013-04-25 11:05 - 00084928 ____A (COMODO) C:\Windows\System32\Drivers\inspect.sys

2013-04-24 11:16 - 2013-04-24 11:18 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Killer Elite 2011 HDRip Cropped XVID AC3 BHRG

2013-04-24 11:12 - 2013-04-24 11:12 - 00015145 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]killer.elite.2011.hdrip.cropped.xvid.ac3.bhrg.torrent

2013-04-24 11:00 - 2013-04-24 12:13 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\X-Men First Class 2011 R5 LiNE READNFO XViD - IMAGiNE

2013-04-24 10:59 - 2013-04-24 10:59 - 00018279 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]x.men.first.class.2011.r5.line.readnfo.xvid.imagine.torrent

2013-04-24 10:45 - 2013-04-24 10:45 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\21 and Over 2013 WEBRiP CAM AUDIO XViD-sC0rp

2013-04-24 10:43 - 2013-04-24 10:43 - 00015147 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]21.and.over.2013.webrip.cam.audio.xvid.sc0rp.torrent

2013-04-23 16:14 - 2013-04-23 16:14 - 00107363 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]scary.movie.5.camriphustlehard.2013.repack (1).torrent

2013-04-23 15:58 - 2013-04-23 15:58 - 00107363 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]scary.movie.5.camriphustlehard.2013.repack.torrent

2013-04-23 15:04 - 2013-04-23 15:04 - 00348048 ____A (COMODO) C:\Windows\System32\guard32.dll

2013-04-22 15:31 - 2013-04-22 15:31 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.UsaBit.com ] - The Last Stand 2013 HDRip XviD Lum1x

2013-04-22 15:30 - 2013-04-22 15:42 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Game of Thrones S03E04 HDTV x264-EVOLVE[ettv]

2013-04-22 15:29 - 2013-04-22 15:29 - 00120564 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]the.last.stand.2013.hdrip.xvid.lum1x.torrent

2013-04-22 15:29 - 2013-04-22 15:29 - 00032273 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.s03e04.hdtv.x264.evolve.ettv.torrent

==================== One Month Modified Files and Folders ========

2013-05-22 21:34 - 2011-04-27 12:58 - 00000420 ___AH C:\Windows\Tasks\User_Feed_Synchronization-{864BB057-AA96-4EE4-98A1-10EB1AD35A6E}.job

2013-05-22 21:33 - 2013-05-22 21:33 - 01318319 ____A (Farbar) C:\Users\SL!ghtLY St00p!D\Downloads\FRST.exe

2013-05-22 21:33 - 2013-05-22 21:33 - 00000000 ____D C:\FRST

2013-05-22 21:31 - 2013-04-05 23:55 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\uTorrent

2013-05-22 21:06 - 2011-04-22 01:01 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-22 20:19 - 2013-05-22 20:18 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.Torrenting.com ] - Jack The Giant Slayer CAM 2013 NEW SOURCE XviD AC3-SSDD

2013-05-22 20:17 - 2013-05-22 20:17 - 00057819 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]jack.the.giant.slayer.cam.2013.new.source.xvid.ac3.ssdd.torrent

2013-05-22 20:17 - 2006-11-02 20:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-22 20:17 - 2006-11-02 20:47 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-22 20:14 - 2013-04-06 15:30 - 00000024 ____A C:\Users\SL!ghtLY St00p!D\random.dat

2013-05-22 20:12 - 2006-11-02 18:33 - 00755674 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-22 18:59 - 2012-03-06 20:37 - 00000284 ____A C:\Windows\Tasks\RMSchedule.job

2013-05-22 18:25 - 2013-04-06 15:30 - 00000055 ____A C:\Users\SL!ghtLY St00p!D\jagex_cl_runescape_LIVE.dat

2013-05-22 18:21 - 2013-04-05 21:20 - 00000000 ____D C:\Program Files\Steam

2013-05-22 18:21 - 2008-07-04 23:55 - 01779614 ____A C:\Windows\WindowsUpdate.log

2013-05-22 18:19 - 2011-04-21 23:19 - 00000939 __RSH C:\Windows\System32\masteraclini.enu

2013-05-22 18:19 - 2011-04-21 23:19 - 00000148 ___RH C:\Windows\System32\masteraclbini.enu

2013-05-22 18:17 - 2013-05-22 18:17 - 00000671 ___SH C:\Windows\System32\settings.ini

2013-05-22 18:17 - 2011-04-22 01:01 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2013-05-22 18:17 - 2008-01-21 10:47 - 00066920 ____A C:\Windows\PFRO.log

2013-05-22 18:17 - 2006-11-02 21:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-22 18:13 - 2013-05-22 18:04 - 00000000 ___SD C:\ComboFix

2013-05-22 18:01 - 2006-11-02 21:01 - 00032576 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-05-22 17:57 - 2013-05-22 17:57 - 00000926 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2013-05-22 17:57 - 2013-05-22 17:57 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2013-05-22 17:56 - 2013-05-22 17:55 - 10285040 ____A (Malwarebytes Corporation ) C:\Users\SL!ghtLY St00p!D\Downloads\mbam-setup-1.75.0.1300 (1).exe

2013-05-21 12:17 - 2013-04-05 21:38 - 00114688 ____A C:\Users\SL!ghtLY St00p!D\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-05-21 11:00 - 2013-05-21 10:19 - 13572782 ____A C:\Users\SL!ghtLY St00p!D\Downloads\mbar-1.05.0.1001 (1).zip

2013-05-21 10:59 - 2013-05-21 10:59 - 00002104 ____A C:\Users\SL!ghtLY St00p!D\Documents\aswMBR.txt

2013-05-21 10:59 - 2013-05-21 10:59 - 00000512 ____A C:\Users\SL!ghtLY St00p!D\Documents\MBR.dat

2013-05-21 10:21 - 2013-05-21 10:19 - 04745728 ____A (AVAST Software) C:\Users\SL!ghtLY St00p!D\Downloads\aswMBR.exe

2013-05-21 05:34 - 2011-04-21 23:19 - 00000000 ____D C:\ProgramData\Microsoft Corporation

2013-05-21 05:20 - 2013-05-21 05:20 - 05067850 ____R (Swearware) C:\Users\SL!ghtLY St00p!D\Desktop\ComboFix.exe

2013-05-21 05:18 - 2013-05-18 04:13 - 01645899 ____N C:\Windows\System32\Microsoft.mshtml.zip

2013-05-21 05:18 - 2013-05-18 04:13 - 00033112 ____N C:\Windows\System32\Interop.SHDocVw.zip

2013-05-21 01:29 - 2012-04-07 07:37 - 00000494 ___AH C:\Windows\Tasks\Norton Security Scan for USER.job

2013-05-20 19:49 - 2013-05-20 19:40 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Game of Thrones S03E08 HDTV x264-EVOLVE[ettv]

2013-05-20 19:44 - 2013-05-20 19:40 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Iron.Man.3.2013.R6.HDScr.LINE.NoSUBS.NoBLURS.XViD.AC3.HQ.Hive-CM8

2013-05-20 19:39 - 2013-05-20 19:39 - 00038197 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.r6.hdscr.line.nosubs.noblurs.xvid.ac3.hq.hive.cm.torrent

2013-05-20 19:39 - 2013-05-20 19:39 - 00029603 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.s03e08.hdtv.x264.evolve.ettv.torrent

2013-05-20 19:36 - 2013-05-20 19:36 - 00000810 ____A C:\Users\Public\Desktop\µTorrent.lnk

2013-05-20 19:34 - 2013-05-20 19:33 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent (2).exe

2013-05-20 18:42 - 2013-05-20 18:42 - 00001644 ____A C:\Users\SL!ghtLY St00p!D\Desktop\RKreport[2]_D_05202013_02d1842.txt

2013-05-20 18:42 - 2013-05-20 18:39 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Desktop\RK_Quarantine

2013-05-20 18:41 - 2013-05-20 18:41 - 00001591 ____A C:\Users\SL!ghtLY St00p!D\Desktop\RKreport[1]_S_05202013_02d1841.txt

2013-05-20 18:39 - 2013-05-20 18:39 - 00816128 ____A C:\Users\SL!ghtLY St00p!D\Downloads\RogueKiller (1).exe

2013-05-20 18:30 - 2013-05-20 18:30 - 00816128 ____A C:\Users\SL!ghtLY St00p!D\Downloads\RogueKiller.exe

2013-05-20 05:40 - 2013-05-20 05:23 - 00000000 ____D C:\JRT

2013-05-20 05:38 - 2013-05-20 05:38 - 00001568 ____A C:\Users\SL!ghtLY St00p!D\Documents\JRT.txt

2013-05-20 05:25 - 2013-05-20 05:25 - 00000000 ____D C:\Windows\ERUNT

2013-05-20 05:23 - 2013-05-20 05:23 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\SL!ghtLY St00p!D\Downloads\JRT.exe

2013-05-20 05:22 - 2013-05-20 05:22 - 00019095 ____A C:\Users\SL!ghtLY St00p!D\Desktop\AdwCleaner[s1].txt

2013-05-20 05:19 - 2013-05-20 05:19 - 00000184 ____A C:\Windows\DeleteOnReboot.bat

2013-05-20 05:19 - 2013-05-20 05:18 - 00019095 ____A C:\AdwCleaner[s1].txt

2013-05-20 05:16 - 2013-05-20 05:16 - 00632031 ____A C:\Users\SL!ghtLY St00p!D\Downloads\AdwCleaner.exe

2013-05-20 00:16 - 2013-05-20 00:04 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.Torrenting.com ] - Resident.Evil.Retribution.2012.BRRip.XviD.AC3-MAGNAT

2013-05-20 00:02 - 2013-05-20 00:02 - 00064750 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]resident.evil.retribution.2012.brrip.xvid.ac3.magnat.torrent

2013-05-19 23:47 - 2013-05-19 23:43 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Fast.And.Furious.6.2013.CAM.XviD-NYDIC

2013-05-19 23:42 - 2013-05-19 23:42 - 00040959 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]fast.and.furious.6.2013.cam.xvid.nydic.torrent

2013-05-19 23:40 - 2013-05-19 23:40 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent (1).exe

2013-05-19 17:55 - 2013-05-18 02:00 - 00000000 ____D C:\Program Files\Security Task Manager

2013-05-19 17:02 - 2013-05-19 17:02 - 00000419 ____A C:\Users\SL!ghtLY St00p!D\Documents\Attach.txt

2013-05-19 16:40 - 2013-05-19 16:40 - 00000057 ____A C:\Users\SL!ghtLY St00p!D\Desktop\malware.txt

2013-05-19 16:37 - 2013-05-19 16:36 - 00688992 ____A (Swearware) C:\Users\SL!ghtLY St00p!D\Downloads\dds (1).com

2013-05-19 16:36 - 2013-05-19 16:36 - 00688992 ____R (Swearware) C:\Users\SL!ghtLY St00p!D\Downloads\dds.com

2013-05-19 16:30 - 2013-05-19 16:29 - 19275792 ____A (Bitdefender LLC) C:\Users\SL!ghtLY St00p!D\Downloads\BootkitRemoval_x64.exe

2013-05-19 14:05 - 2011-07-28 19:00 - 00000506 ___AH C:\Windows\Tasks\Norton Security Scan for jess boddo.job

2013-05-19 03:11 - 2013-05-18 20:46 - 00001420 ____A C:\Windows\System32\Drivers\fvstore.dat

2013-05-19 00:48 - 2013-05-19 00:48 - 01045072 ____A (BitTorrent Inc.) C:\Users\SL!ghtLY St00p!D\Downloads\utorrent.exe

2013-05-19 00:38 - 2011-06-28 23:08 - 00000000 ____D C:\Users\jess boddo\Desktop\MPH (Aimbot) Leis Release 01

2013-05-18 22:56 - 2013-05-18 22:56 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\A.Good.Day.To.Die.Hard.2013.720p.WEB-DL.X264-WEBiOS [PublicHD]

2013-05-18 22:54 - 2013-05-18 22:54 - 00012640 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]a.good.day.to.die.hard.2013.720p.web.dl.x264.webios.torrent

2013-05-18 22:53 - 2013-05-18 22:53 - 00000000 ____D C:\Program Files\ESET

2013-05-18 22:52 - 2013-05-18 22:52 - 02347384 ____A (ESET) C:\Users\SL!ghtLY St00p!D\Downloads\esetsmartinstaller_enu.exe

2013-05-18 08:30 - 2013-05-18 08:29 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Dark.Circles.2013.DVDRiP.AC3.XViD-CM8

2013-05-18 08:28 - 2013-05-18 08:28 - 00020815 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]dark.circles.2013.dvdrip.ac3.xvid.cm8.torrent

2013-05-18 04:01 - 2006-11-02 19:18 - 00000000 ____D C:\Windows\LiveKernelReports

2013-05-18 03:59 - 2013-04-26 19:43 - 00000000 ____D C:\Program Files\PeerBlock

2013-05-18 02:50 - 2013-05-18 01:38 - 00000000 ____D C:\TDSSKiller_Quarantine

2013-05-18 02:26 - 2008-07-04 16:07 - 00000000 ____D C:\Program Files\Common Files\InstallShield

2013-05-18 02:20 - 2011-05-14 21:36 - 00000000 ____D C:\Program Files\BitTorrent

2013-05-18 02:20 - 2008-07-04 16:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

2013-05-18 02:19 - 2013-05-18 02:19 - 00000736 ____A C:\Windows\DigimaxMaster.INI

2013-05-18 02:16 - 2013-05-18 02:04 - 00000000 ____D C:\ProgramData\SecTaskMan

2013-05-18 02:14 - 2013-05-18 01:00 - 1065673036 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E20.720p.HDTV.X264-DIMENSION.mkv

2013-05-18 02:10 - 2012-11-22 20:34 - 01887536 ___RH C:\Windows\System32\wLins.exe

2013-05-18 02:10 - 2012-11-22 20:34 - 01887536 ___RH C:\Windows\System32\wLin.exe

2013-05-18 02:10 - 2012-03-20 16:36 - 00583472 ___RH C:\Windows\System32\ProgramlicenseRequired.exe

2013-05-18 02:10 - 2012-03-20 16:36 - 00097072 __RSH C:\Windows\System32\bcdboots.exe

2013-05-18 02:10 - 2012-03-20 16:36 - 00061744 ___RH C:\Windows\System32\msgPop.exe

2013-05-18 02:10 - 2011-04-21 23:19 - 00726016 ___RH C:\Windows\System32\7z.dll

2013-05-18 02:10 - 2011-04-21 23:19 - 00151040 ___RH C:\Windows\System32\SevenZipSharp.dll

2013-05-18 02:10 - 2009-03-27 15:25 - 08007680 ____N ( ) C:\Windows\System32\Microsoft.mshtml.dll

2013-05-18 02:10 - 2009-03-27 15:25 - 00126976 ____N ( ) C:\Windows\System32\Interop.SHDocVw.dll

2013-05-18 02:10 - 2007-09-08 11:48 - 00200704 ____R C:\Windows\System32\ICSharpCode.SharpZipLib.dll

2013-05-18 02:02 - 2013-05-18 02:02 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Macromedia

2013-05-18 02:01 - 2013-05-18 02:01 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Google

2013-05-18 02:01 - 2013-04-05 21:15 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Local\Google

2013-05-18 02:00 - 2013-05-18 01:59 - 02365840 ____A C:\Users\SL!ghtLY St00p!D\Downloads\SecurityTaskManager_Setup.exe

2013-05-18 01:57 - 2013-05-18 01:57 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\AppData\Roaming\Mozilla

2013-05-18 01:55 - 2013-05-18 01:01 - 306431365 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E23.HDTV.x264-LOL.mp4

2013-05-18 01:53 - 2013-05-18 00:58 - 330390520 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E18.HDTV.x264-LOL.mp4

2013-05-18 01:51 - 2006-11-02 19:18 - 00000000 ____D C:\Windows\Resources

2013-05-18 01:48 - 2013-05-18 01:01 - 287685456 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E22.HDTV.x264-LOL.mp4

2013-05-18 01:45 - 2013-05-18 00:59 - 311093435 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E19.HDTV.x264-LOL.mp4

2013-05-18 01:44 - 2013-05-18 01:00 - 272613482 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Arrow.S01E21.HDTV.x264-LOL.mp4

2013-05-18 01:29 - 2013-05-18 01:21 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\SL!ghtLY St00p!D\Downloads\tdsskiller.exe

2013-05-18 01:06 - 2013-05-18 01:06 - 00000000 ____D C:\Windows\System32\x64

2013-05-18 01:06 - 2013-05-18 00:57 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow S01E17 HDTV x264-LOL[ettv]

2013-05-18 01:00 - 2013-05-18 01:00 - 00012318 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e23.hdtv.x264.lol.eztv.torrent

2013-05-18 00:59 - 2013-05-18 00:59 - 00011435 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e22.hdtv.x264.lol.eztv.torrent

2013-05-18 00:59 - 2013-05-18 00:59 - 00011018 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e21.hdtv.x264.lol.eztv.torrent

2013-05-18 00:58 - 2013-05-18 00:58 - 00041290 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e20.720p.hdtv.x264.dimension.eztv.torrent

2013-05-18 00:57 - 2013-05-18 00:57 - 00013119 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e18.hdtv.x264.lol.eztv.torrent

2013-05-18 00:57 - 2013-05-18 00:57 - 00012422 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e19.hdtv.x264.lol.eztv.torrent

2013-05-18 00:56 - 2013-05-18 00:56 - 00023731 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.s01e17.hdtv.x264.lol.ettv.torrent

2013-05-18 00:54 - 2011-06-17 21:29 - 00000000 ____D C:\Windows\System32\mutantW

2013-05-16 21:41 - 2013-05-16 21:17 - 13537812 ____A C:\Users\SL!ghtLY St00p!D\Downloads\mbar-1.05.0.1001.zip

2013-05-16 17:26 - 2013-05-16 17:23 - 00000000 ____D C:\Qoobox

2013-05-16 17:21 - 2013-05-16 17:21 - 00000000 ____D C:\Windows\erdnt

2013-05-16 03:33 - 2013-04-06 00:18 - 00000000 ____D C:\Program Files\Counter-Strike 1.6

2013-05-16 03:32 - 2013-05-16 03:22 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\28.Days.Later[2002]DvDrip[Eng]-aXXo

2013-05-16 03:21 - 2013-05-16 03:21 - 00056854 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]28-days-later-2002-dvdrip-eng-axxo.torrent

2013-05-14 21:44 - 2013-05-14 21:37 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Warm.Bodies.2013.720p.WEB-DL.X264-WEBiOS [PublicHD]

2013-05-14 21:34 - 2013-05-14 21:33 - 00012523 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]warm.bodies.2013.720p.web.dl.x264.webios.torrent

2013-05-13 23:43 - 2013-05-13 11:27 - 464824483 ___RA C:\Users\SL!ghtLY St00p!D\Downloads\Game.of.Thrones.S03E07.HDTV.x264-2HD.mp4

2013-05-13 23:24 - 2013-05-13 23:24 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\[ www.UsaBit.com ] - Iron Man 3 2013 R6 LiNE READNFO XViD - JUSTiCE

2013-05-13 23:21 - 2013-05-13 23:21 - 00153449 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]iron.man.3.2013.r6.line.readnfo.xvid.justice.torrent

2013-05-13 11:26 - 2013-05-13 11:26 - 00018310 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]game.of.thrones.3x7.hdtv.2hd.torrent

2013-05-13 11:24 - 2013-05-13 11:24 - 00011447 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]swedish.house.mafia.don.t.you.worry.child.ft.john.martin.itunes.version.torrent

2013-05-13 11:24 - 2013-05-13 11:24 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Swedish House Mafia - Don't You Worry Child ft. John Martin

2013-05-12 02:03 - 2013-05-12 01:14 - 00000000 ____D C:\Users\SL!ghtLY St00p!D\Downloads\Arrow

2013-05-12 01:10 - 2013-05-12 01:10 - 00020898 ____A C:\Users\SL!ghtLY St00p!D\Downloads\[kat.ph]arrow.episodes.1.through.16.season.1.torrent

2013-05-10 04:32 - 2006-11-02 19:18 - 00000000 ____D C:\Windows\Microsoft.NET

2013-05-10 04:26 - 2006-11-02 19:18 - 00000000 ____D C:\Windows\rescache

2013-05-10 04:06 - 2012-03-20 16:33 - 09295664 ___RH C:\Windows\System32\idle-Threads.exe

2013-05-10 03:58 - 2013-04-06 16:58 - 00000000 ____D C:\Program Files\Common Files\Blizzard Entertainment

2013-05-10 03:58 - 2006-11-02 20:47 - 00280720 ____A C:\Windows\System32\FNTCACHE.DAT

2013-05-10 03:55 - 2006-11-02 20:37 - 00000000 ____D C:\Program Files\Windows Journal

2013-05-10 03:55 - 2006-11-02 19:18 - 00000000 ___RD C:\Windows\Offline Web Pages

2013-05-10 03:54 - 2006-11-02 20:37 - 00000000 ____D C:\Windows\System32\XPSViewer

2013-05-10 03:54 - 2006-11-02 19:18 - 00000000 ____D C:\Program Files\Common Files\System

2013-05-10 03:20 - 2013-05-10 03:18 - 00002897 ____A C:\Windows\IE9_main.log