Jump to content

FBI Virus has Infected my computer!


Recommended Posts

I've been infected with the FBI Moneypak malware on a Windows 7. It is one of the versions that used my webcam to take a photo of me, which shows up on the FBI malware screen. I was infected with something similiar weeks back and was forced to restore to an earlier time. However, when I tried to do that this time, it began trying to restore for a few minutes, and then stopped and told me there was an error and to try again. When I did, it now says there are no points to restore to. Meanwhile, rebooting in Safe Mode with Networking results in the computer being restarted automatically. I am currently logged in as my wife's user profile (also an admin) and am running a Malwarebytes full scan. Assuming this won't solve the issue, I am at a loss what to do. Thanks in advance for any and all help!

Thanks,

Jason

Link to post
Share on other sites

Hello Jason and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

here it is

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2013

Ran by SYSTEM on 02-06-2013 07:54:08

Running from E:\

Windows 7 Home Premium (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet001

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated)

HKLM\...\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry [17920 2009-02-26] (Creative Technology Ltd.)

HKLM\...\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe" [196648 2009-06-03] (ActivIdentity)

HKLM\...\Run: [] [x]

HKLM\...\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [483880 2009-06-03] (ActivIdentity)

HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)

HKLM\...\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui [190536 2010-06-14] (Logitech Inc.)

HKLM\...\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)

Winlogon\Notify\ScCertProp: wlnotify.dll [X]

HKLM-x32\...\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)

HKLM-x32\...\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [218408 2008-12-03] (CyberLink Corp.)

HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)

HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)

HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-19] (ASUS)

HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r [237693 2008-12-29] (Creative Technology Ltd)

HKLM-x32\...\Run: [updReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [Turbo Gear Help] "C:\Program Files\ASUS\Turbo Gear\GearHelp.exe" [1026048 2009-08-05] ()

HKLM-x32\...\Run: [Turbo Gear] "C:\Program Files\ASUS\Turbo Gear\TurboGear.exe" -r [2987520 2009-08-05] ()

HKLM-x32\...\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd [x]

HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [200704 2007-04-09] (PowerISO Computing, Inc.)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-03-07] (Apple Inc.)

HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1226928 2013-05-31] (AVG Secure Search)

HKLM-x32\...\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2339168 2012-01-17] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot [295072 2012-12-25] (RealNetworks, Inc.)

HKLM-x32\...\Run: [inboxToolbar] "C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP [1685808 2012-12-12] (Inbox.com, Inc.)

HKLM-x32\...\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [81920 2011-08-11] (Avid Technology, Inc..)

HKLM-x32\...\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)

HKU\IJ\...\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [79664 2012-06-10] (PC Utilities Pro)

HKU\IJ\...\Run: [Facebook Update] "C:\Users\IJ\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKU\IJ\...\Run: [Yontoo Desktop] "C:\Users\IJ\AppData\Roaming\Yontoo\YontooDesktop.exe" [42784 2013-01-31] (Yontoo LLC)

HKU\IJ\...\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe [340512 2012-10-30] (PC Utilities Pro)

HKU\IJ\...\Run: [image-Line] rundll32.exe C:\Users\IJ\AppData\Local\Image-Line\agkfmjkk.dll,ncfwizwbx [773120 2013-04-17] (Mozilla Foundation) <===== ATTENTION

HKU\IJ\...\Run: [searchProtect] C:\Users\IJ\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)

HKU\IJ\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\IJ\...\Run: [wabEventSupport16] rundll32.exe "C:\Users\IJ\AppData\Roaming\wabEventSupport16\wabEventSupport16.dll",AwPath KernelUtilLibs [30208 2013-05-30] ()

HKU\IJ\...\Run: [Adobe CSS5.1 Manager] C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad\decdfcad.exe [126976 2013-05-30] ()

HKU\IJ\...\RunOnce: [Adobe CSS5.1 Manager] C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad\decdfcad.exe [126976 2013-05-30] ()

HKU\IJ\...\Winlogon: [shell] explorer.exe,C:\Users\IJ\AppData\Roaming\skype.dat [123392 2011-11-16] (VSN Software LTD) <==== ATTENTION

HKU\Matthew Ella\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)

HKU\Matthew Ella\...\Run: [Google Update] "C:\Users\Matthew Ella\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-06-04] (Google Inc.)

HKU\Matthew Ella\...\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1632680 2013-03-15] (Valve Corporation)

HKU\Mcx1-KRIEGOR\...\Winlogon: [shell] C:\Windows\eHome\McrMgr.exe

Startup: C:\Users\Matthew Ella\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiFrame.lnk

ShortcutTarget: MultiFrame.lnk -> C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe (ASUSTek Computer Inc.)

SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File

==================== Services (Whitelisted) =================

S2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)

S2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-07] ()

S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)

S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [93984 2013-04-11] (Conduit)

S2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [81920 2011-08-11] (Avid Technology, Inc..)

S2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2013-01-29] ()

S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1455408 2013-04-07] ()

S2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)

S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-09-07] ()

S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()

S2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-02-28] ()

S2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [1015984 2013-05-31] (AVG Secure Search)

S2 WBVGAservice; C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe [72248 2009-02-06] ()

S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [x]

==================== Drivers (Whitelisted) ====================

S2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2009-12-30] ()

S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )

S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )

S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-31] (AVG Technologies)

S3 DAdderFltr; C:\Windows\System32\drivers\dadder.sys [12672 2007-08-02] (Razer (Asia-Pacific) Pte Ltd)

S1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2009-07-22] (ASUSTeK Computer Inc.)

S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )

S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2009-12-29] ()

S3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)

S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-05-20] ()

S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-12-26] (Duplex Secure Ltd.)

S3 PRLVNIC; system32\DRIVERS\prl_vnic.sys [x]

S2 prl_net; system32\DRIVERS\prl_net.sys [x]

S3 tmlwf;

S3 tmwfp;

S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-06-02 06:55 - 2013-06-02 06:55 - 00000000 ____D C:\FRST

2013-06-02 05:00 - 2013-06-02 06:12 - 00000000 ____D C:\Users\Matthew Ella\AppData\Roaming\SearchProtect

2013-06-02 05:00 - 2013-06-02 05:00 - 00000000 ____D C:\Users\Matthew Ella\AppData\Roaming\Real

2013-05-31 20:32 - 2013-05-31 20:32 - 00000000 __SHD C:\found.000

2013-05-31 04:34 - 2013-05-31 04:34 - 00126976 ____A C:\Users\IJ\windowsupdate.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00123392 ____A (VSN Software LTD) C:\Users\IJ\jucheck.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\java.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\icq.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\flashplayer.exe

2013-05-31 04:16 - 2013-06-02 04:56 - 00000004 ____A C:\Users\IJ\AppData\Roaming\skype.ini

2013-05-30 17:11 - 2013-05-30 17:11 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-05-30 17:11 - 2013-05-30 17:11 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-05-30 17:11 - 2013-05-30 17:11 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-05-30 17:11 - 2013-05-30 17:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-05-30 17:11 - 2013-05-30 17:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-05-30 17:11 - 2013-05-30 17:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-05-30 17:11 - 2013-05-30 17:11 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-05-30 17:11 - 2013-05-30 17:11 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-05-30 17:11 - 2013-05-30 17:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-05-30 17:11 - 2013-05-30 17:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-05-30 17:11 - 2013-05-30 17:11 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-05-30 17:10 - 2013-05-30 17:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-30 17:08 - 2013-05-30 17:14 - 00007985 ____A C:\Windows\IE10_main.log

2013-05-30 17:07 - 2013-06-02 06:12 - 00000000 ____D C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad

2013-05-30 17:07 - 2013-06-02 05:00 - 00000304 ___AH C:\Windows\Tasks\{E9EE4ED0-1C09-4AF4-AA8E-F87B1218B94A}.job

2013-05-30 16:35 - 2013-05-30 16:35 - 00161280 ____A (HSN Software LLC) C:\Users\IJ\mstsc.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\googleupdate.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\firefox.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\alg.exe

2013-05-30 15:27 - 2013-06-02 06:12 - 00000000 ____D C:\Users\IJ\AppData\Roaming\wabEventSupport16

2013-05-30 13:37 - 2013-06-02 06:12 - 00000000 ____D C:\Users\IJ\AppData\Local\Xfinity.com

2013-05-30 13:37 - 2013-05-30 13:37 - 00005290 ____A C:\comcastrelease.log

2013-05-30 13:37 - 2013-05-30 13:37 - 00001266 ____A C:\Users\IJ\Desktop\XFINITY Connect.lnk

2013-05-30 13:37 - 2013-05-30 13:37 - 00001238 ____A C:\Users\IJ\Desktop\Constant Guard Protection Suite.lnk

2013-05-30 13:37 - 2013-05-30 13:37 - 00001232 ____A C:\Users\IJ\Desktop\XFINITY TV.lnk

2013-05-30 13:36 - 2013-05-30 13:37 - 00776792 ____A C:\Users\IJ\Downloads\Comcast_Desktop_Software_1203.exe

2013-05-19 12:40 - 2013-05-19 12:40 - 00000000 ____D C:\Users\IJ\AppData\Local\{A9C12D66-4392-4FFF-9F44-1C8E9EE27C82}

2013-05-18 21:17 - 2013-05-18 21:17 - 49800416 ____A C:\Users\IJ\Desktop\Stamped Up.wav

2013-05-18 17:32 - 2013-05-18 17:32 - 00000000 ____D C:\Users\IJ\AppData\Local\{3AAC252D-42B9-4829-A832-6B44DAE9A683}

2013-05-17 15:46 - 2013-05-17 15:46 - 00000000 ____D C:\Users\IJ\AppData\Local\{F0DFFFE8-8FC7-4418-BE94-4AA4E51566D1}

2013-05-17 15:30 - 2013-05-17 15:30 - 11474280 ____A C:\Users\IJ\Desktop\how many bars verse.wav

2013-05-17 15:14 - 2013-05-17 16:35 - 00000000 ____D C:\Users\IJ\Desktop\how many bars

2013-05-15 15:50 - 2013-05-15 15:50 - 44983156 ____A C:\Users\IJ\Desktop\The Cypher.wav

2013-05-14 18:41 - 2013-05-14 18:41 - 00000118 ____A C:\Windows\System32\MRT.INI

2013-05-14 18:16 - 2013-05-14 18:16 - 41648296 ____A C:\Users\IJ\Desktop\addicted 2.wav

2013-05-14 18:01 - 2013-05-14 18:01 - 41648296 ____A C:\Users\IJ\Desktop\Addicted feat Swizz.wav

2013-05-14 18:01 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys

2013-05-14 18:01 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys

2013-05-14 18:01 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll

2013-05-14 18:01 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll

2013-05-14 18:00 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-05-14 18:00 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll

2013-05-14 18:00 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll

2013-05-14 18:00 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe

2013-05-14 18:00 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll

2013-05-14 18:00 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll

2013-05-14 18:00 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll

2013-05-14 18:00 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2013-05-14 18:00 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2013-05-14 18:00 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2013-05-14 11:53 - 2013-05-14 11:53 - 00000000 ____D C:\Users\IJ\AppData\Local\{9DC02FAF-F627-49E4-8E7E-75406EC7E65C}

2013-05-13 11:45 - 2013-05-13 11:45 - 00000000 ____D C:\Users\IJ\AppData\Local\{23401D01-B20B-435F-AA92-2ED93153E36A}

2013-05-13 09:14 - 2013-05-13 09:14 - 00000000 ____D C:\SearchProtect

2013-05-11 21:53 - 2013-05-11 21:53 - 33700084 ____A C:\Users\IJ\Desktop\My Own Class MP3.wav

2013-05-11 21:40 - 2013-05-11 21:40 - 00000000 ____D C:\Users\IJ\Desktop\Copy of My own class

2013-05-11 02:59 - 2013-05-11 02:59 - 00028317 ____A C:\Users\IJ\Downloads\the reach

2013-05-10 18:24 - 2013-05-10 18:26 - 15063368 ____A C:\Users\IJ\Downloads\Movie on 5-10-13 at 6.37 PM.mov

2013-05-03 18:32 - 2013-05-30 12:52 - 00000000 ____D C:\Program Files (x86)\The KMPlayer

2013-05-03 18:32 - 2013-05-03 18:32 - 00001041 ____A C:\Users\IJ\Desktop\KMPlayer.lnk

2013-05-03 18:32 - 2013-05-03 18:32 - 00000000 ____D C:\Program Files (x86)\PANDORA.TV

2013-05-03 18:29 - 2013-05-03 18:31 - 32642064 ____A C:\Users\IJ\Desktop\KMPlayer_3-6-0-87.exe

2013-05-03 18:29 - 2013-05-03 18:29 - 00393024 ____A (Softonic ) C:\Users\IJ\Downloads\SoftonicDownloader_for_kmplayer.exe

2013-05-03 07:57 - 2013-05-03 08:03 - 00000000 ____D C:\Users\IJ\Desktop\Piano

2013-05-03 07:46 - 2013-05-03 07:55 - 00000000 ____D C:\Users\IJ\Desktop\Keyboards

2013-05-03 07:24 - 2013-05-03 07:25 - 00000000 ____D C:\Users\IJ\AppData\Local\{44401BC5-9A61-4B4E-9DB9-9A7D1295A708}

==================== One Month Modified Files and Folders =======

2013-06-02 06:55 - 2013-06-02 06:55 - 00000000 ____D C:\FRST

2013-06-02 06:12 - 2013-06-02 05:00 - 00000000 ____D C:\Users\Matthew Ella\AppData\Roaming\SearchProtect

2013-06-02 06:12 - 2013-05-30 17:07 - 00000000 ____D C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad

2013-06-02 06:12 - 2013-05-30 15:27 - 00000000 ____D C:\Users\IJ\AppData\Roaming\wabEventSupport16

2013-06-02 06:12 - 2013-05-30 13:37 - 00000000 ____D C:\Users\IJ\AppData\Local\Xfinity.com

2013-06-02 06:12 - 2013-03-21 13:58 - 00000000 ____D C:\Users\IJ\AppData\Roaming\Digidesign

2013-06-02 06:12 - 2012-05-14 15:05 - 00000000 ____D C:\users\IJ

2013-06-02 06:12 - 2011-12-12 06:02 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search

2013-06-02 06:12 - 2009-12-26 17:09 - 00000000 ____D C:\users\Matthew Ella

2013-06-02 06:12 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\Offline Web Pages

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-06-02 06:12 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2013-06-02 05:31 - 2010-06-04 14:32 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3283913179-3707219626-3989253274-1000UA.job

2013-06-02 05:31 - 2009-09-26 15:17 - 01506842 ____A C:\Windows\WindowsUpdate.log

2013-06-02 05:28 - 2012-09-02 00:00 - 00029453 ____A C:\Windows\setupact.log

2013-06-02 05:28 - 2009-09-26 15:49 - 00000000 ____D C:\ProgramData\NVIDIA

2013-06-02 05:28 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-06-02 05:01 - 2009-12-26 17:22 - 00000000 ____D C:\Program Files (x86)\Steam

2013-06-02 05:00 - 2013-06-02 05:00 - 00000000 ____D C:\Users\Matthew Ella\AppData\Roaming\Real

2013-06-02 05:00 - 2013-05-30 17:07 - 00000304 ___AH C:\Windows\Tasks\{E9EE4ED0-1C09-4AF4-AA8E-F87B1218B94A}.job

2013-06-02 05:00 - 2009-12-26 17:09 - 00092856 ____A C:\Users\Matthew Ella\AppData\Local\GDIPFONTCACHEV1.DAT

2013-06-02 04:56 - 2013-05-31 04:16 - 00000004 ____A C:\Users\IJ\AppData\Roaming\skype.ini

2013-06-02 04:52 - 2013-02-02 10:39 - 00000000 ____D C:\Users\IJ\AppData\Roaming\Yontoo

2013-06-02 04:51 - 2009-12-27 11:40 - 00045056 ____A C:\Windows\System32\acovcnt.exe

2013-05-31 20:32 - 2013-05-31 20:32 - 00000000 __SHD C:\found.000

2013-05-31 18:46 - 2009-07-13 20:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-31 18:46 - 2009-07-13 20:45 - 00010240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-31 18:40 - 2009-09-26 15:48 - 00002793 ____A C:\Windows\System32\ServiceFilter.ini

2013-05-31 18:39 - 2012-11-21 16:23 - 00045856 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx64.sys

2013-05-31 07:16 - 2012-10-18 16:35 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-31 04:34 - 2013-05-31 04:34 - 00126976 ____A C:\Users\IJ\windowsupdate.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00123392 ____A (VSN Software LTD) C:\Users\IJ\jucheck.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\java.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\icq.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\flashplayer.exe

2013-05-31 04:15 - 2009-09-26 15:48 - 00002728 ____A C:\Windows\System32\AutoRunFilter.ini

2013-05-30 17:14 - 2013-05-30 17:08 - 00007985 ____A C:\Windows\IE10_main.log

2013-05-30 17:11 - 2013-05-30 17:11 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-05-30 17:11 - 2013-05-30 17:11 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-05-30 17:11 - 2013-05-30 17:11 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-05-30 17:11 - 2013-05-30 17:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-05-30 17:11 - 2013-05-30 17:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-05-30 17:11 - 2013-05-30 17:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-05-30 17:11 - 2013-05-30 17:11 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-05-30 17:11 - 2013-05-30 17:11 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-05-30 17:11 - 2013-05-30 17:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-05-30 17:11 - 2013-05-30 17:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-05-30 17:11 - 2013-05-30 17:11 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-05-30 17:11 - 2013-05-30 17:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-05-30 17:11 - 2013-05-30 17:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-05-30 17:10 - 2013-05-30 17:10 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-30 17:10 - 2013-05-30 17:10 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-05-30 16:35 - 2013-05-30 16:35 - 00161280 ____A (HSN Software LLC) C:\Users\IJ\mstsc.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\googleupdate.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\firefox.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\alg.exe

2013-05-30 13:37 - 2013-05-30 13:37 - 00005290 ____A C:\comcastrelease.log

2013-05-30 13:37 - 2013-05-30 13:37 - 00001266 ____A C:\Users\IJ\Desktop\XFINITY Connect.lnk

2013-05-30 13:37 - 2013-05-30 13:37 - 00001238 ____A C:\Users\IJ\Desktop\Constant Guard Protection Suite.lnk

2013-05-30 13:37 - 2013-05-30 13:37 - 00001232 ____A C:\Users\IJ\Desktop\XFINITY TV.lnk

2013-05-30 13:37 - 2013-05-30 13:36 - 00776792 ____A C:\Users\IJ\Downloads\Comcast_Desktop_Software_1203.exe

2013-05-30 12:52 - 2013-05-03 18:32 - 00000000 ____D C:\Program Files (x86)\The KMPlayer

2013-05-27 09:59 - 2013-03-23 16:54 - 00000000 ____D C:\Users\IJ\Desktop\test

2013-05-27 09:32 - 2012-10-06 22:38 - 00000000 __AHD C:\Users\IJ\AppData\Local\ooH0bP9Zvtp1Rp

2013-05-27 09:29 - 2013-05-02 10:10 - 00000000 ____D C:\Users\IJ\Desktop\TRIFECTA

2013-05-23 15:41 - 2009-07-13 21:13 - 00732638 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-22 19:31 - 2010-06-04 14:32 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3283913179-3707219626-3989253274-1000Core.job

2013-05-19 12:40 - 2013-05-19 12:40 - 00000000 ____D C:\Users\IJ\AppData\Local\{A9C12D66-4392-4FFF-9F44-1C8E9EE27C82}

2013-05-18 21:17 - 2013-05-18 21:17 - 49800416 ____A C:\Users\IJ\Desktop\Stamped Up.wav

2013-05-18 17:32 - 2013-05-18 17:32 - 00000000 ____D C:\Users\IJ\AppData\Local\{3AAC252D-42B9-4829-A832-6B44DAE9A683}

2013-05-17 16:35 - 2013-05-17 15:14 - 00000000 ____D C:\Users\IJ\Desktop\how many bars

2013-05-17 15:46 - 2013-05-17 15:46 - 00000000 ____D C:\Users\IJ\AppData\Local\{F0DFFFE8-8FC7-4418-BE94-4AA4E51566D1}

2013-05-17 15:30 - 2013-05-17 15:30 - 11474280 ____A C:\Users\IJ\Desktop\how many bars verse.wav

2013-05-17 14:23 - 2009-07-13 21:08 - 00032612 ____A C:\Windows\Tasks\SCHEDLGU.TXT

2013-05-15 16:52 - 2013-04-30 10:29 - 00000000 ____D C:\Users\IJ\Desktop\Cypher3

2013-05-15 15:50 - 2013-05-15 15:50 - 44983156 ____A C:\Users\IJ\Desktop\The Cypher.wav

2013-05-15 14:34 - 2009-07-13 20:45 - 00374176 ____A C:\Windows\System32\FNTCACHE.DAT

2013-05-14 18:41 - 2013-05-14 18:41 - 00000118 ____A C:\Windows\System32\MRT.INI

2013-05-14 18:38 - 2009-12-27 11:33 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-05-14 18:19 - 2012-10-18 16:35 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-05-14 18:19 - 2011-12-11 14:26 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-05-14 18:16 - 2013-05-14 18:16 - 41648296 ____A C:\Users\IJ\Desktop\addicted 2.wav

2013-05-14 18:01 - 2013-05-14 18:01 - 41648296 ____A C:\Users\IJ\Desktop\Addicted feat Swizz.wav

2013-05-14 11:56 - 2013-04-26 06:00 - 00000000 ____D C:\Users\IJ\Desktop\New folder

2013-05-14 11:53 - 2013-05-14 11:53 - 00000000 ____D C:\Users\IJ\AppData\Local\{9DC02FAF-F627-49E4-8E7E-75406EC7E65C}

2013-05-13 11:59 - 2013-04-30 11:32 - 00123904 ____A C:\Users\IJ\AppData\Local\svcxdcl32.exe

2013-05-13 11:45 - 2013-05-13 11:45 - 00000000 ____D C:\Users\IJ\AppData\Local\{23401D01-B20B-435F-AA92-2ED93153E36A}

2013-05-13 09:14 - 2013-05-13 09:14 - 00000000 ____D C:\SearchProtect

2013-05-11 21:53 - 2013-05-11 21:53 - 33700084 ____A C:\Users\IJ\Desktop\My Own Class MP3.wav

2013-05-11 21:40 - 2013-05-11 21:40 - 00000000 ____D C:\Users\IJ\Desktop\Copy of My own class

2013-05-11 02:59 - 2013-05-11 02:59 - 00028317 ____A C:\Users\IJ\Downloads\the reach

2013-05-10 18:26 - 2013-05-10 18:24 - 15063368 ____A C:\Users\IJ\Downloads\Movie on 5-10-13 at 6.37 PM.mov

2013-05-08 17:36 - 2012-11-05 17:21 - 00000000 ____D C:\Users\IJ\AppData\Roaming\dvdcss

2013-05-05 08:01 - 2012-09-06 18:14 - 00000000 ____D C:\Users\IJ\AppData\Roaming\vlc

2013-05-03 18:46 - 2012-12-19 09:52 - 00000000 ____D C:\Users\IJ\Desktop\AVO Mixtape

2013-05-03 18:46 - 2012-12-13 00:17 - 00000000 ____D C:\Users\IJ\Desktop\Fall Fashions Mixtape

2013-05-03 18:32 - 2013-05-03 18:32 - 00001041 ____A C:\Users\IJ\Desktop\KMPlayer.lnk

2013-05-03 18:32 - 2013-05-03 18:32 - 00000000 ____D C:\Program Files (x86)\PANDORA.TV

2013-05-03 18:31 - 2013-05-03 18:29 - 32642064 ____A C:\Users\IJ\Desktop\KMPlayer_3-6-0-87.exe

2013-05-03 18:29 - 2013-05-03 18:29 - 00393024 ____A (Softonic ) C:\Users\IJ\Downloads\SoftonicDownloader_for_kmplayer.exe

2013-05-03 08:03 - 2013-05-03 07:57 - 00000000 ____D C:\Users\IJ\Desktop\Piano

2013-05-03 07:56 - 2013-03-21 14:02 - 00000000 ____D C:\Users\IJ\Desktop\Empty Session

2013-05-03 07:55 - 2013-05-03 07:46 - 00000000 ____D C:\Users\IJ\Desktop\Keyboards

2013-05-03 07:25 - 2013-05-03 07:24 - 00000000 ____D C:\Users\IJ\AppData\Local\{44401BC5-9A61-4B4E-9DB9-9A7D1295A708}

Files to move or delete:

====================

C:\Users\IJ\1427586.exe

C:\Users\IJ\4696883.exe

C:\Users\IJ\alg.exe

C:\Users\IJ\firefox.exe

C:\Users\IJ\flashplayer.exe

C:\Users\IJ\googleupdate.exe

C:\Users\IJ\icq.exe

C:\Users\IJ\java.exe

C:\Users\IJ\jucheck.exe

C:\Users\IJ\mstsc.exe

C:\Users\IJ\windowsupdate.exe

C:\Users\IJ\AppData\Roaming\skype.dat

C:\Users\IJ\AppData\Roaming\skype.ini

C:\Windows\Tasks\{E9EE4ED0-1C09-4AF4-AA8E-F87B1218B94A}.job

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-05-11 03:13:02

Restore point made on: 2013-05-11 23:46:54

Restore point made on: 2013-05-12 22:07:43

Restore point made on: 2013-05-13 17:59:24

Restore point made on: 2013-05-14 18:32:20

Restore point made on: 2013-05-15 16:52:36

Restore point made on: 2013-05-16 11:37:07

Restore point made on: 2013-05-16 12:25:28

Restore point made on: 2013-05-17 16:36:23

Restore point made on: 2013-05-19 14:44:17

Restore point made on: 2013-05-20 06:56:05

Restore point made on: 2013-05-20 08:29:18

Restore point made on: 2013-05-21 02:00:30

Restore point made on: 2013-05-21 03:39:26

Restore point made on: 2013-05-21 13:28:31

Restore point made on: 2013-05-21 20:30:47

Restore point made on: 2013-05-22 15:18:52

Restore point made on: 2013-05-22 20:48:48

Restore point made on: 2013-05-23 10:45:33

Restore point made on: 2013-05-23 13:20:09

Restore point made on: 2013-05-23 19:15:34

Restore point made on: 2013-05-24 19:15:45

Restore point made on: 2013-05-26 00:19:35

Restore point made on: 2013-05-26 16:39:06

Restore point made on: 2013-05-27 11:03:26

Restore point made on: 2013-05-30 17:08:03

Restore point made on: 2013-05-31 07:30:13

Restore point made on: 2013-06-02 04:55:42

Restore point made on: 2013-06-02 05:30:48

==================== Memory info ===========================

Percentage of memory in use: 14%

Total physical RAM: 6143.04 MB

Available physical RAM: 5239.82 MB

Total Pagefile: 6141.18 MB

Available Pagefile: 5383.09 MB

Total Virtual: 8192 MB

Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.11 GB) (Free:298.51 GB) NTFS (Disk=0 Partition=2) ==>[Drive with boot components (obtained from BCD)]

Drive e: (IJASON) (Removable) (Total:1.87 GB) (Free:1.86 GB) FAT (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: D9B3496E)

Partition 1: (Not Active) - (Size=15 GB) - (Type=1C)

Partition 2: (Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 2 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=2 GB) - (Type=06)

Last Boot: 2013-05-27 07:07

==================== End Of Log ============================

Link to post
Share on other sites

Open Notepad (Start => All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open Notepad and select Paste). Save it on the flashdrive as fixlist.txt

HKLM\...\Run: [] [x]

HKU\IJ\...\Run: [image-Line] rundll32.exe C:\Users\IJ\AppData\Local\Image-Line\agkfmjkk.dll,ncfwizwbx [773120 2013-04-17] (Mozilla Foundation) <===== ATTENTION

HKU\IJ\...\Winlogon: [shell] explorer.exe,C:\Users\IJ\AppData\Roaming\skype.dat [123392 2011-11-16] (VSN Software LTD) <==== ATTENTION

HKU\IJ\...\Run: [Adobe CSS5.1 Manager] C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad\decdfcad.exe [126976 2013-05-30] ()

HKU\IJ\...\RunOnce: [Adobe CSS5.1 Manager] C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad\decdfcad.exe [126976 2013-05-30] ()

2013-05-31 04:34 - 2013-05-31 04:34 - 00123392 ____A (VSN Software LTD) C:\Users\IJ\jucheck.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\java.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\icq.exe

2013-05-31 04:34 - 2013-05-31 04:34 - 00000000 ____A C:\Users\IJ\flashplayer.exe

2013-05-31 04:16 - 2013-06-02 04:56 - 00000004 ____A C:\Users\IJ\AppData\Roaming\skype.ini

2013-05-30 17:07 - 2013-06-02 06:12 - 00000000 ____D C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad

2013-05-30 17:07 - 2013-06-02 05:00 - 00000304 ___AH C:\Windows\Tasks\{E9EE4ED0-1C09-4AF4-AA8E-F87B1218B94A}.job

2013-05-30 16:35 - 2013-05-30 16:35 - 00161280 ____A (HSN Software LLC) C:\Users\IJ\mstsc.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\googleupdate.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\firefox.exe

2013-05-30 16:35 - 2013-05-30 16:35 - 00000000 ____A C:\Users\IJ\alg.exe

C:\Users\IJ\1427586.exe

C:\Users\IJ\4696883.exe

C:\Users\IJ\windowsupdate.exe

C:\Users\IJ\AppData\Roaming\skype.dat

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST (or FRST64 if you have the 64bit version) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Reboot Normally.

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2013

Ran by SYSTEM at 2013-06-02 08:17:42 Run:1

Running from E:\

Boot Mode: Recovery

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.

HKEY_USERS\IJ\Software\Microsoft\Windows\CurrentVersion\Run\\Image-Line => Value deleted successfully.

HKEY_USERS\IJ\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.

HKEY_USERS\IJ\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe CSS5.1 Manager => Value deleted successfully.

HKEY_USERS\IJ\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe CSS5.1 Manager => Value deleted successfully.

C:\Users\IJ\jucheck.exe => Moved successfully.

C:\Users\IJ\java.exe => Moved successfully.

C:\Users\IJ\icq.exe => Moved successfully.

C:\Users\IJ\flashplayer.exe => Moved successfully.

C:\Users\IJ\AppData\Roaming\skype.ini => Moved successfully.

C:\Users\IJ\AppData\Local\43394d62-0264-46ec-9656-d56f00c49010ad => Moved successfully.

C:\Windows\Tasks\{E9EE4ED0-1C09-4AF4-AA8E-F87B1218B94A}.job => Moved successfully.

C:\Users\IJ\mstsc.exe => Moved successfully.

C:\Users\IJ\googleupdate.exe => Moved successfully.

C:\Users\IJ\firefox.exe => Moved successfully.

C:\Users\IJ\alg.exe => Moved successfully.

C:\Users\IJ\1427586.exe => Moved successfully.

C:\Users\IJ\4696883.exe => Moved successfully.

C:\Users\IJ\windowsupdate.exe => Moved successfully.

C:\Users\IJ\AppData\Roaming\skype.dat => Moved successfully.

==== End of Fixlog ====

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.