Jump to content
acerrocks

Malware keeps coming back.PLSSSS HELP

Recommended Posts

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin

Share this post


Link to post
Share on other sites

Thank you sir for answering. Here are the logs you asked for:-

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by Gamers Heaven (administrator) on GAMERSHEAVEN-PC on 22-09-2013 18:14:31
Running from C:\Users\Gamers Heaven\Downloads
Windows 7 Ultimate (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(IObit) C:\Program Files (x86)\IObit\WinMetro\AutoUpdate.exe
(NVIDIA Corporation) C:\Windows\SysWOW64\nvSCPAPISvr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ValiNet Romania) C:\Program Files (x86)\Charms\Charms.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14579816 2013-09-16] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3747408 2013-08-17] (Tonec Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Gamers Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe [207728 2013-09-22] (Facebook Inc.)
HKCU\...\Run: [f96e468] - C:\Users\Gamers Heaven\AppData\Roaming\f96e468\f96e468.exe [167154 2012-11-15] (Trend Micro)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507904 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)
HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [266448 2013-05-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [214448 2013-05-13] (NVIDIA Corporation)
AlternateShell: 
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://in.msn.com/?rd=1&ucc=IN&dcc=IN&opt=0&ocid=iehp&tc=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9C58014498B6CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (IDM Integration Module) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0
CHR Extension: (Video Resizer for YT) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinnijncjdhialkjlcgkdkkfhgfjbaef\2.0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\GAMERS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
 
==================== Services (Whitelisted) =================
 
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MetroServ; C:\Program Files (x86)\IObit\WinMetro\MetroSvc.exe [1432384 2013-09-16] (IObit)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-31] ()
R2 Stereo Service; C:\Windows\SysWOW64\nvSCPAPISvr.exe [213504 2009-04-30] (NVIDIA Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S3 FlashUSB; C:\Windows\System32\DRIVERS\FlashUSB_x64.sys [19968 2010-12-21] (Danish Wireless Design A/S)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [204568 2013-08-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
R3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
R3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-09-22 18:14 - 2013-09-22 18:14 - 00000000 ____D C:\FRST
2013-09-22 18:12 - 2013-09-22 18:14 - 01956670 _____ (Farbar) C:\Users\Gamers Heaven\Downloads\FRST64.exe
2013-09-22 18:02 - 2010-06-01 17:19 - 00000000 ____D C:\Users\Gamers Heaven\Desktop\FlashTool
2013-09-22 18:01 - 2013-09-22 18:01 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-22 18:01 - 2013-09-22 18:01 - 00000000 ____D C:\Program Files\Unlocker
2013-09-22 17:58 - 2013-09-22 18:01 - 01078591 _____ C:\Users\Gamers Heaven\Downloads\Unlocker1.9.2.exe
2013-09-22 15:33 - 2013-09-22 15:33 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 15:33 - 2013-09-22 15:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-22 15:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-22 14:56 - 2013-09-22 14:56 - 00501248 _____ (Facebook Inc.) C:\Users\Gamers Heaven\Downloads\FacebookVideoCallSetup_v1.2.205.0 (11).exe
2013-09-22 13:59 - 2013-09-22 13:59 - 00000000 ____D C:\1
2013-09-22 13:49 - 2013-09-22 13:50 - 00000000 ____D C:\bar
2013-09-22 13:37 - 2013-09-22 13:38 - 00000000 ____D C:\Users\Gamers Heaven\Documents\LG-Utils
2013-09-22 12:13 - 2013-09-22 12:13 - 00431575 _____ C:\Users\Gamers Heaven\Downloads\flashtool (1).rar
2013-09-21 21:22 - 2013-09-21 21:22 - 00000000 ____D C:\New folder (3)
2013-09-21 20:44 - 2013-09-21 20:44 - 00069827 _____ C:\Users\Gamers Heaven\Downloads\1220357907_SAStreamMemFix2.0.rar
2013-09-21 20:31 - 2013-09-21 20:34 - 01906454 _____ C:\Users\Gamers Heaven\Downloads\GTA_IV_Weapons_to_GTA_SA_2.2.rar
2013-09-21 14:29 - 2011-11-30 18:52 - 00000000 ____D C:\gta3.img
2013-09-21 14:18 - 2013-09-21 14:18 - 00035674 _____ C:\Users\Gamers Heaven\Downloads\GTA IV2SA TRAIN TRACKS.rar
2013-09-21 14:01 - 2013-09-21 14:01 - 00181760 _____ C:\Users\Gamers Heaven\Downloads\344_radar1.2IVtoSAD.rar
2013-09-21 13:59 - 2013-09-21 13:59 - 00266757 _____ C:\Users\Gamers Heaven\Downloads\1286620749_Blue and Yellow.zip
2013-09-21 13:45 - 2013-09-21 13:45 - 00030286 _____ C:\Users\Gamers Heaven\Downloads\451_IVSAPathsv2beta.rar
2013-09-21 13:34 - 2013-09-21 13:37 - 03582842 _____ C:\Users\Gamers Heaven\Downloads\SAMI_v1.1.zip
2013-09-21 13:20 - 2013-09-21 13:21 - 00479056 _____ C:\Users\Gamers Heaven\Downloads\mscomctl.cab
2013-09-21 13:17 - 2013-09-21 13:17 - 00031986 _____ C:\Users\Gamers Heaven\Downloads\CarSpawner.rar
2013-09-21 13:10 - 2013-09-21 13:16 - 10155237 _____ C:\Users\Gamers Heaven\Downloads\93104-tesla-roadster-sport-2009-gtasa.zip
2013-09-21 13:09 - 2013-09-21 13:09 - 00000000 ____D C:\4c
2013-09-21 13:04 - 2013-09-21 13:06 - 01934608 _____ C:\Users\Gamers Heaven\Downloads\1371387319_Alfa Romeo 4C 2013.rar
2013-09-21 13:00 - 2013-09-21 13:00 - 00698858 _____ C:\Users\Gamers Heaven\Downloads\148_clothes_cleo_menu (1).rar
2013-09-21 12:58 - 2013-09-21 12:58 - 00387930 _____ C:\Users\Gamers Heaven\Downloads\CLEO4_setup.exe
2013-09-20 20:47 - 2013-09-20 20:51 - 00000000 ____D C:\san modding
2013-09-20 18:46 - 2013-09-20 18:46 - 00000000 ____D C:\niko
2013-09-19 13:41 - 2013-09-19 13:41 - 00698858 _____ C:\Users\Gamers Heaven\Downloads\148_clothes_cleo_menu.rar
2013-09-19 13:29 - 2013-09-19 13:30 - 00234737 _____ C:\Users\Gamers Heaven\Downloads\imgtool20.zip
2013-09-19 13:20 - 2013-09-19 13:20 - 00008308 _____ C:\Users\Gamers Heaven\Downloads\GTA_IV_HANDLING_TEST_GTA_SA.RAR
2013-09-18 10:00 - 2013-09-18 10:00 - 00000599 _____ C:\Users\Gamers Heaven\Desktop\WindowsAndroid.lnk
2013-09-18 10:00 - 2013-09-18 10:00 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid
2013-09-18 09:59 - 2013-09-18 09:59 - 00000000 ____D C:\SocketeQ
2013-09-18 08:56 - 2013-09-18 08:56 - 00000000 ____D C:\new 918
2013-09-17 17:44 - 2013-09-17 17:44 - 00149492 _____ C:\Users\Gamers Heaven\Downloads\Bravia_Engine_2.zip
2013-09-17 17:09 - 2013-09-17 17:10 - 00600761 _____ C:\Users\Gamers Heaven\Downloads\Beats_AudioLib Ultra Addon.zip
2013-09-16 17:39 - 2013-09-16 17:40 - 00250830 _____ C:\Users\Gamers Heaven\Downloads\MUnlock.apk
2013-09-16 12:40 - 2013-09-16 12:41 - 00000000 ____D C:\Namecards
2013-09-16 12:17 - 2013-09-18 11:17 - 00000000 ____D C:\REMIX SONGS
2013-09-16 08:20 - 2013-09-16 08:20 - 00249113 _____ C:\Users\Gamers Heaven\Downloads\SA_GTA_IV_HUD.rar
2013-09-16 07:49 - 2013-09-16 07:49 - 00045635 _____ C:\Users\Gamers Heaven\Downloads\GTA SA Resolution Fix.zip
2013-09-16 07:44 - 2013-09-16 09:12 - 00000000 ____D C:\Users\Gamers Heaven\Documents\GTA San Andreas User Files
2013-09-16 07:40 - 2013-09-16 07:41 - 00000000 ____D C:\GTA SAN ANDREAS
2013-09-15 22:49 - 2013-08-04 19:47 - 420207366 _____ C:\Users\Gamers Heaven\Desktop\the_surmf_13_cam.mp4
2013-09-15 22:11 - 2013-09-15 22:11 - 00000000 ____D C:\RippedGamings GTA - SA
2013-09-15 19:29 - 2013-09-15 19:29 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Max Payne 2 Savegames
2013-09-15 15:42 - 2013-09-15 15:43 - 00000000 ____D C:\New folder (2)
2013-09-15 15:18 - 2013-09-16 12:10 - 00000000 ____D C:\123
2013-09-15 13:41 - 2013-09-15 13:45 - 340829559 _____ C:\Users\Gamers Heaven\Downloads\GTA Vice City Rip [boLdX].7z
2013-09-15 13:40 - 2013-09-15 13:41 - 00013419 _____ C:\Users\Gamers Heaven\Downloads\EE07D60C49940D8E4BD5DA576FED73CE41F6B4FA.torrent
2013-09-12 18:28 - 2013-09-22 17:55 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\New folder
2013-09-12 18:26 - 2013-09-12 18:26 - 00020754 _____ C:\Users\Gamers Heaven\Downloads\3B10A155AB10E992F2342EB5405DB4FD041B48CF.torrent
2013-09-12 18:00 - 2013-09-12 18:01 - 01617942 _____ () C:\Users\Gamers Heaven\Downloads\ipscan-win64-3.2.exe
2013-09-12 17:51 - 2013-09-12 17:51 - 00248554 _____ C:\Users\Gamers Heaven\Downloads\BluesPortScan.zip
2013-09-11 22:05 - 2012-12-01 11:32 - 16777216 _____ C:\Users\Gamers Heaven\Desktop\ftr
2013-09-10 22:10 - 2013-09-10 22:10 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11
2013-09-10 22:09 - 2013-09-10 22:09 - 01707366 _____ C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11.zip
2013-09-10 22:04 - 2013-09-10 22:05 - 01916953 _____ C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11-AMD64.zip
2013-09-10 21:48 - 2013-09-10 21:48 - 00000673 _____ C:\Users\Gamers Heaven\Downloads\WinRAR Crack (Mr7ech).zip
2013-09-10 21:45 - 2013-09-10 21:46 - 00047624 _____ C:\Users\Gamers Heaven\Downloads\VirtualDubMOD.exe
2013-09-10 21:45 - 2013-09-10 21:45 - 00099673 _____ C:\Users\Gamers Heaven\Downloads\WinRAR 5.00 BETA 8.rar
2013-09-10 21:37 - 2013-09-10 21:48 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\VirtualDubMod_1_5_10_2_b2542
2013-09-10 21:36 - 2013-09-10 21:36 - 00955801 _____ C:\Users\Gamers Heaven\Downloads\VirtualDubMod_1_5_10_2_b2542.zip
2013-09-08 17:14 - 2013-09-08 17:14 - 00554143 _____ C:\Users\Gamers Heaven\Downloads\Super_Backup_v1.7.0.1.apk
2013-09-08 15:04 - 2013-06-12 20:04 - 00000000 ____D C:\com.vividgames.realboxing
2013-09-08 15:01 - 2013-09-08 15:01 - 00000000 ____D C:\com.madfingergames.shadowgun
2013-09-08 14:55 - 2013-09-08 15:02 - 09754286 _____ C:\Users\Gamers Heaven\Downloads\Real Boxing™ v1.2.5 [Non-Tegra]-AndroidGiant.Blogspot.com.apk
2013-09-07 21:27 - 2013-09-07 21:27 - 00821892 _____ C:\Users\Gamers Heaven\Downloads\Sony_Select.apk
2013-09-07 21:02 - 2013-09-07 21:03 - 03645852 _____ C:\Users\Gamers Heaven\Downloads\UxpNxtLockScreen.apk
2013-09-07 19:34 - 2013-09-07 20:10 - 00000000 ____D C:\school
2013-09-07 16:04 - 2013-05-01 20:09 - 08705869 _____ C:\Users\Gamers Heaven\Desktop\boot.img
2013-09-07 14:15 - 2013-09-13 14:33 - 00000000 __SHD C:\Users\Gamers Heaven\AppData\Roaming\f96e468
2013-09-06 18:18 - 2013-09-06 18:18 - 00000679 _____ C:\Users\Gamers Heaven\Documents\Gamers Heaven - Shortcut.lnk
2013-09-06 11:11 - 2013-09-06 11:13 - 08158999 _____ C:\Users\Gamers Heaven\Downloads\DT1.8.2_desapk.com.apk
2013-09-06 11:07 - 2013-09-06 11:07 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Dead Trigger v1 7 0 [unlimited Money] (Android) [JOKER]
2013-09-06 11:05 - 2013-09-06 11:05 - 00013716 _____ C:\Users\Gamers Heaven\Downloads\[kickass.to]dead.trigger.v1.7.0.unlimited.money.android.joker.torrent
2013-09-06 10:54 - 2013-09-06 10:54 - 00014326 _____ C:\Users\Gamers Heaven\Downloads\Bladeslinger-1.3.1-APK+Data-andropalace.net.torrent
2013-09-06 10:44 - 2013-09-06 10:44 - 00030320 _____ C:\Users\Gamers Heaven\Downloads\thalaivaa_english-779792.zip
2013-09-06 10:44 - 2013-09-01 11:11 - 00082831 _____ C:\Users\Gamers Heaven\Documents\gufran athaEnglish Subtitle - Thalaiva.srt
2013-09-06 10:00 - 2013-09-06 10:02 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs
2013-09-06 09:57 - 2013-09-06 09:57 - 00039301 _____ C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs.7775438.TPB (2).torrent
2013-09-06 09:45 - 2013-09-08 13:28 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\gta
2013-09-06 09:25 - 2013-09-06 09:26 - 04041942 _____ C:\Users\Gamers Heaven\Downloads\GTA+Vice+City.apk
2013-09-06 09:23 - 2013-09-06 09:23 - 00014686 _____ C:\Users\Gamers Heaven\Downloads\gta.torrent
2013-09-05 21:52 - 2013-09-05 21:52 - 00039301 _____ C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs.7775438.TPB (1).torrent
2013-09-05 20:51 - 2013-09-05 20:52 - 00423065 _____ C:\Users\Gamers Heaven\Downloads\X-Reality_Engine.zip
2013-09-04 20:13 - 2013-09-04 20:13 - 00000000 ____D C:\weds
2013-09-04 12:56 - 2013-09-04 12:56 - 00000000 ____D C:\Program Files\Elantech
2013-09-04 12:55 - 2013-09-04 12:55 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Touchpad_Elantech_10.6.9.9_W7x64
2013-09-04 12:55 - 2012-03-07 19:18 - 00238384 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2013-09-04 10:21 - 2008-03-29 00:48 - 52375708 _____ C:\Users\Gamers Heaven\Documents\Spiderman 2 PC GAME.exe
2013-09-04 09:54 - 2013-09-04 09:54 - 00001705 _____ C:\Users\Gamers Heaven\Downloads\Hacksofworld - BSNL SPEED HACK.rar
2013-09-04 09:09 - 2013-09-04 09:09 - 00000856 _____ C:\Users\Gamers Heaven\Downloads\00643d329c.dlc
2013-09-04 08:51 - 2013-09-04 08:51 - 00000077 _____ C:\Users\Gamers Heaven\Documents\missing guy.txt
2013-09-03 21:30 - 2013-09-03 21:30 - 00000557 _____ C:\Users\Gamers Heaven\Downloads\Spiderman 2 The Game.zip
2013-09-03 21:00 - 2013-09-03 21:01 - 00229852 _____ C:\Users\Gamers Heaven\Downloads\Universal_KeyGen_Generator(masterhacksindia.blogspot.com.rar
2013-09-03 20:53 - 2013-09-03 20:53 - 00002637 _____ C:\Users\Public\Desktop\Angry Birds Seasons.lnk
2013-09-02 21:45 - 2013-09-02 21:45 - 00001074 _____ C:\Users\Public\Desktop\Angry Birds.lnk
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 ____D C:\Program Files (x86)\Rovio
2013-09-02 20:47 - 2013-09-02 20:47 - 00002191 _____ C:\Users\Public\Desktop\Angry Birds Rio.lnk
2013-09-02 20:42 - 2013-09-04 12:40 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Angry Birds Collection 2013 by ~SC0RPi0N~
2013-09-02 20:40 - 2013-09-03 20:56 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Rovio
2013-09-02 20:37 - 2013-08-16 12:40 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Angry.Birds.Patch.v1.4.Kindly
2013-09-02 20:27 - 2013-09-03 20:53 - 00000000 ____D C:\Program Files (x86)\Rovio Entertainment Ltd
2013-09-02 20:27 - 2013-09-02 20:27 - 00002268 _____ C:\Users\Public\Desktop\Angry Birds Star Wars.lnk
2013-09-02 20:26 - 2013-09-03 20:56 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Rovio Entertainment Ltd
2013-09-02 19:55 - 2013-09-02 19:57 - 00000000 ____D C:\ProgramData\HP
2013-09-02 19:55 - 2013-09-02 19:55 - 00002236 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00001231 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00001194 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2050 J510 series.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00000000 ____D C:\Program Files (x86)\HP
2013-09-02 19:54 - 2013-09-02 19:58 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Local\HP
2013-09-02 19:54 - 2013-09-02 19:54 - 00000000 ____D C:\Program Files\HP
2013-09-02 18:53 - 2013-09-02 18:55 - 01235628 _____ C:\Users\Gamers Heaven\Downloads\IDM.6.17.8.Crack-MUFTAKiS.rar
2013-09-02 18:45 - 2013-09-02 18:47 - 05322072 _____ (Tonec Inc.) C:\Users\Gamers Heaven\Downloads\idman617b8.exe
2013-09-02 18:39 - 2013-09-02 18:39 - 00751941 _____ C:\Users\Gamers Heaven\Downloads\samkutty.jpeg
2013-09-02 18:31 - 2013-09-02 18:31 - 00058075 _____ C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar
2013-09-02 18:29 - 2013-09-02 18:29 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-02 18:28 - 2013-09-02 18:29 - 00323216 _____ (SummerSoft) C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar.exe
2013-09-01 21:11 - 2013-09-22 18:01 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA.job
2013-09-01 21:11 - 2013-09-22 15:01 - 00000938 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core.job
2013-09-01 21:11 - 2013-09-22 14:56 - 00003952 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA
2013-09-01 21:11 - 2013-09-22 14:56 - 00003584 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core
2013-09-01 21:11 - 2013-09-01 21:11 - 00570880 _____ (Facebook Inc.) C:\Users\Gamers Heaven\Downloads\FacebookVideoCallSetup_v1.2.205.0 (10).exe
2013-09-01 21:01 - 2013-09-01 21:01 - 00001304 _____ C:\Users\Gamers Heaven\Desktop\FurMark.lnk
2013-09-01 20:48 - 2013-09-01 20:51 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\NVIDIA
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\Windows\system32\NV
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-01 20:41 - 2013-05-13 02:04 - 06491936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 03514656 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 01025312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 00884512 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-09-01 20:41 - 2013-05-13 02:04 - 00237856 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 00067072 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2013-09-01 20:41 - 2013-05-13 02:04 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-09-01 20:41 - 2013-05-08 19:43 - 03165737 _____ C:\Windows\system32\nvcoproc.bin
2013-09-01 20:40 - 2013-09-01 20:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-01 20:34 - 2013-05-13 03:12 - 27775776 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 21096736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 15910736 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 15143904 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 13403168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 12426216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 11216160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-01 20:34 - 2013-05-13 03:12 - 09233688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 07682960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 07641832 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 06324360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02942240 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02935696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02754336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02597344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02363680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 02002720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432018.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432018.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 01059560 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00925648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00550176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00518944 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00443168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00421152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00266448 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00218592 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00214448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00181488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-01 20:34 - 2013-05-13 03:12 - 00030496 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2013-09-01 20:34 - 2013-05-13 03:12 - 00020536 _____ C:\Windows\system32\nvinfo.pb
2013-09-01 19:54 - 2013-09-01 19:54 - 00001330 _____ C:\Users\Gamers Heaven\Desktop\FluidMark.lnk
2013-09-01 19:54 - 2013-09-01 19:54 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-09-01 19:02 - 2013-07-22 11:37 - 00012331 _____ C:\Users\Gamers Heaven\Desktop\5A2DBBD58E8EB552D9514724A3A5B8A8F12A21D7.torrent
2013-09-01 13:04 - 2013-09-01 13:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-09-01 13:01 - 2010-12-21 11:25 - 00019968 _____ (Danish Wireless Design A/S) C:\Windows\system32\Drivers\FlashUSB_x64.sys
2013-09-01 12:59 - 2013-09-01 12:59 - 00000000 ____D C:\Program Files\SAMSUNG
2013-09-01 12:58 - 2013-09-01 12:58 - 00000000 ____D C:\ProgramData\Samsung
2013-09-01 12:58 - 2011-03-16 21:35 - 23990152 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Gamers Heaven\Documents\SAMSUNG_USB_Driver_for_Mobile_Phones_v1_3_2300_0.exe
2013-09-01 12:48 - 2013-09-01 12:51 - 00000000 ____D C:\mini recovery
2013-09-01 11:38 - 2013-09-16 17:57 - 01221348 _____ C:\arwk.exe
2013-08-31 21:13 - 2013-08-31 21:13 - 00001323 _____ C:\Users\Gamers Heaven\Desktop\setup.exe - Shortcut.lnk
2013-08-31 19:51 - 2013-08-31 19:53 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-08-31 19:26 - 2013-08-31 19:26 - 00000000 ____D C:\Users\Gamers Heaven\Documents\New folder (3)
2013-08-31 19:25 - 2013-08-31 19:25 - 00077553 _____ C:\Users\Gamers Heaven\Downloads\docsdiag.zip
2013-08-31 19:12 - 2013-08-31 19:12 - 00000000 ____D C:\ProgramData\Trymedia
2013-08-31 19:09 - 2013-08-31 19:38 - 00000000 ____D C:\Program Files (x86)\RealArcade
2013-08-31 19:08 - 2013-08-31 19:08 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Cut the Rope PC
2013-08-31 18:16 - 2013-08-31 18:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2013-08-31 18:16 - 2012-02-27 16:30 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2013-08-31 18:15 - 2012-03-09 19:53 - 00000000 ____D C:\Users\Gamers Heaven\Documents\USB3.0_Intel_1.0.4.220_W7x64
2013-08-31 18:15 - 2012-02-27 16:31 - 00788760 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2013-08-31 18:15 - 2012-02-27 16:31 - 00356120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2013-08-31 18:15 - 2012-02-27 16:31 - 00016152 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2013-08-31 17:54 - 2013-08-31 18:16 - 00000000 ____D C:\Program Files (x86)\Intel
2013-08-31 17:54 - 2012-01-31 07:52 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-31 17:53 - 2012-03-27 13:28 - 00000000 ____D C:\Users\Gamers Heaven\Desktop\Chipset_Intel_9.3.0.1020_W7x64
2013-08-31 17:40 - 2013-08-31 17:40 - 00000184 _____ C:\Windows\LMv4.UNI
2013-08-31 17:40 - 2013-08-31 17:40 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2013-08-31 17:36 - 2012-03-03 08:28 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Launch Manager_Dritek_5.1.13_W7x64
2013-08-31 17:36 - 2011-05-25 16:25 - 00281680 _____ (Dritek System Inc.) C:\Windows\UNINSTLMv4.EXE
2013-08-31 17:19 - 2013-08-31 17:19 - 00003056 _____ C:\Windows\System32\Tasks\{C5B3411B-728A-4D38-B4FA-C23C4576BE9B}
2013-08-31 17:19 - 2013-08-31 17:19 - 00003056 _____ C:\Windows\System32\Tasks\{B104EE9D-29E2-4907-8EC8-D0E1E16FE6C3}
2013-08-29 19:31 - 2013-09-01 21:12 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\MICROSOFT.WINDOWS.8.1.RTM.X64.ENGLISH.DVD-WZT
2013-08-29 19:28 - 2013-08-29 19:28 - 00000821 _____ C:\Users\Gamers Heaven\Desktop\µTorrent.lnk
2013-08-29 19:28 - 2013-08-29 19:28 - 00000801 _____ C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-08-29 19:27 - 2013-08-29 19:27 - 00037881 _____ C:\Users\Gamers Heaven\Downloads\[kickass.to]microsoft.windows.8.1.rtm.x64.english.dvd.wzt.windows.8.1.rtm.build.6.3.9600.16384.torrent
2013-08-28 11:51 - 2011-12-25 14:44 - 01281027 _____ C:\Users\Gamers Heaven\Documents\Musicbeta Win8.cskin
2013-08-28 11:50 - 2013-08-28 11:55 - 00000000 ____D C:\Program Files (x86)\CD Art Display
2013-08-28 11:50 - 2013-08-28 11:51 - 01078402 _____ C:\Users\Gamers Heaven\Downloads\windows_8_music_player_beta_by_peterrollar-d4jdj7s.rar
2013-08-28 11:50 - 2013-08-28 11:50 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\CD Art Display
2013-08-28 11:47 - 2013-08-28 11:50 - 01365572 _____ C:\Users\Gamers Heaven\Downloads\CDARTDisplaysetup201.zip
2013-08-28 11:11 - 2013-08-28 11:11 - 00051752 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2013-08-28 11:05 - 2013-08-28 11:05 - 00064473 _____ C:\Users\Gamers Heaven\Downloads\ENBSeries-BM.rar
2013-08-28 11:05 - 2013-08-28 11:05 - 00064473 _____ C:\Users\Gamers Heaven\Downloads\ENBSeries-BM (1).rar
2013-08-25 11:33 - 2013-08-25 11:33 - 00821974 _____ (                                                            ) C:\Users\Gamers Heaven\Downloads\reshack_setup.exe
2013-08-25 11:33 - 2013-08-25 11:33 - 00000000 ____D C:\Program Files (x86)\Resource Hacker
2013-08-24 20:42 - 2013-09-22 11:40 - 00000402 __RSH C:\ProgramData\ntuser.pol
2013-08-24 16:46 - 2011-09-28 17:06 - 01455104 _____ (Glenn Töws) C:\Users\Gamers Heaven\Desktop\MetroStart.exe
2013-08-24 16:44 - 2013-08-24 16:44 - 00000000 ____D C:\Windows\w7upfc
2013-08-24 16:44 - 2009-07-14 07:09 - 02871296 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-08-24 16:44 - 2009-07-14 07:09 - 02868224 _____ (Microsoft Corporation) C:\Windows\explorer_edit_w7upfc.exe
2013-08-24 16:44 - 2009-07-14 07:09 - 02868224 _____ (Microsoft Corporation) C:\Windows\explorer_backup_w7upfc.exe
2013-08-24 16:43 - 2010-07-26 02:05 - 00917504 _____ (door2windows) C:\Users\Gamers Heaven\Desktop\Windows 7 User Picture Frame Changer.exe
2013-08-24 07:58 - 2013-08-24 07:59 - 00452830 _____ C:\Users\Gamers Heaven\Downloads\Windows 7 User Picture Frame Changer.zip
2013-08-24 07:56 - 2012-08-09 13:47 - 01865728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-08-24 07:34 - 2013-08-24 07:34 - 00095080 _____ (deepxw) C:\Users\Gamers Heaven\Downloads\UniversalThemePatcher-x64.exe
2013-08-24 07:34 - 2009-07-14 07:11 - 02851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2013-08-24 07:34 - 2009-07-14 07:11 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2013-08-24 07:34 - 2009-07-14 07:11 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2013-08-24 07:27 - 2013-08-24 07:27 - 00000000 ____D C:\Users\Gamers Heaven\Documents\New folder (2)
2013-08-23 00:03 - 2013-08-24 07:28 - 00000000 ____D C:\Users\Gamers Heaven\Documents\win 8
 
==================== One Month Modified Files and Folders =======
 
2013-09-22 18:14 - 2013-09-22 18:14 - 00000000 ____D C:\FRST
2013-09-22 18:14 - 2013-09-22 18:12 - 01956670 _____ (Farbar) C:\Users\Gamers Heaven\Downloads\FRST64.exe
2013-09-22 18:13 - 2013-08-01 07:14 - 01964155 _____ C:\Windows\WindowsUpdate.log
2013-09-22 18:09 - 2013-07-31 19:41 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-22 18:09 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 18:09 - 2009-07-14 10:21 - 00052201 _____ C:\Windows\setupact.log
2013-09-22 18:08 - 2013-08-04 18:51 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\DMCache
2013-09-22 18:02 - 2013-07-31 19:41 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-22 18:01 - 2013-09-22 18:01 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2013-09-22 18:01 - 2013-09-22 18:01 - 00000000 ____D C:\Program Files\Unlocker
2013-09-22 18:01 - 2013-09-22 17:58 - 01078591 _____ C:\Users\Gamers Heaven\Downloads\Unlocker1.9.2.exe
2013-09-22 18:01 - 2013-09-01 21:11 - 00000960 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA.job
2013-09-22 17:57 - 2013-08-02 21:17 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\vlc
2013-09-22 17:55 - 2013-09-12 18:28 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\New folder
2013-09-22 15:33 - 2013-09-22 15:33 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-22 15:33 - 2013-09-22 15:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-22 15:32 - 2013-08-04 18:51 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Compressed
2013-09-22 15:01 - 2013-09-01 21:11 - 00000938 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core.job
2013-09-22 14:56 - 2013-09-22 14:56 - 00501248 _____ (Facebook Inc.) C:\Users\Gamers Heaven\Downloads\FacebookVideoCallSetup_v1.2.205.0 (11).exe
2013-09-22 14:56 - 2013-09-01 21:11 - 00003952 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA
2013-09-22 14:56 - 2013-09-01 21:11 - 00003584 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core
2013-09-22 13:59 - 2013-09-22 13:59 - 00000000 ____D C:\1
2013-09-22 13:50 - 2013-09-22 13:49 - 00000000 ____D C:\bar
2013-09-22 13:38 - 2013-09-22 13:37 - 00000000 ____D C:\Users\Gamers Heaven\Documents\LG-Utils
2013-09-22 12:44 - 2013-08-10 21:44 - 00000000 ____D C:\ProgramData\LGMOBILEAX
2013-09-22 12:13 - 2013-09-22 12:13 - 00431575 _____ C:\Users\Gamers Heaven\Downloads\flashtool (1).rar
2013-09-22 11:45 - 2009-07-14 10:15 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-22 11:45 - 2009-07-14 10:15 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-22 11:40 - 2013-08-24 20:42 - 00000402 __RSH C:\ProgramData\ntuser.pol
2013-09-21 21:24 - 2013-07-31 18:59 - 00076624 _____ C:\Windows\DPINST.LOG
2013-09-21 21:22 - 2013-09-21 21:22 - 00000000 ____D C:\New folder (3)
2013-09-21 21:19 - 2013-07-31 19:41 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-21 20:44 - 2013-09-21 20:44 - 00069827 _____ C:\Users\Gamers Heaven\Downloads\1220357907_SAStreamMemFix2.0.rar
2013-09-21 20:34 - 2013-09-21 20:31 - 01906454 _____ C:\Users\Gamers Heaven\Downloads\GTA_IV_Weapons_to_GTA_SA_2.2.rar
2013-09-21 14:18 - 2013-09-21 14:18 - 00035674 _____ C:\Users\Gamers Heaven\Downloads\GTA IV2SA TRAIN TRACKS.rar
2013-09-21 14:01 - 2013-09-21 14:01 - 00181760 _____ C:\Users\Gamers Heaven\Downloads\344_radar1.2IVtoSAD.rar
2013-09-21 13:59 - 2013-09-21 13:59 - 00266757 _____ C:\Users\Gamers Heaven\Downloads\1286620749_Blue and Yellow.zip
2013-09-21 13:45 - 2013-09-21 13:45 - 00030286 _____ C:\Users\Gamers Heaven\Downloads\451_IVSAPathsv2beta.rar
2013-09-21 13:37 - 2013-09-21 13:34 - 03582842 _____ C:\Users\Gamers Heaven\Downloads\SAMI_v1.1.zip
2013-09-21 13:21 - 2013-09-21 13:20 - 00479056 _____ C:\Users\Gamers Heaven\Downloads\mscomctl.cab
2013-09-21 13:17 - 2013-09-21 13:17 - 00031986 _____ C:\Users\Gamers Heaven\Downloads\CarSpawner.rar
2013-09-21 13:16 - 2013-09-21 13:10 - 10155237 _____ C:\Users\Gamers Heaven\Downloads\93104-tesla-roadster-sport-2009-gtasa.zip
2013-09-21 13:09 - 2013-09-21 13:09 - 00000000 ____D C:\4c
2013-09-21 13:06 - 2013-09-21 13:04 - 01934608 _____ C:\Users\Gamers Heaven\Downloads\1371387319_Alfa Romeo 4C 2013.rar
2013-09-21 13:00 - 2013-09-21 13:00 - 00698858 _____ C:\Users\Gamers Heaven\Downloads\148_clothes_cleo_menu (1).rar
2013-09-21 12:58 - 2013-09-21 12:58 - 00387930 _____ C:\Users\Gamers Heaven\Downloads\CLEO4_setup.exe
2013-09-20 20:51 - 2013-09-20 20:47 - 00000000 ____D C:\san modding
2013-09-20 18:46 - 2013-09-20 18:46 - 00000000 ____D C:\niko
2013-09-19 14:52 - 2009-07-14 10:43 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-19 13:41 - 2013-09-19 13:41 - 00698858 _____ C:\Users\Gamers Heaven\Downloads\148_clothes_cleo_menu.rar
2013-09-19 13:30 - 2013-09-19 13:29 - 00234737 _____ C:\Users\Gamers Heaven\Downloads\imgtool20.zip
2013-09-19 13:20 - 2013-09-19 13:20 - 00008308 _____ C:\Users\Gamers Heaven\Downloads\GTA_IV_HANDLING_TEST_GTA_SA.RAR
2013-09-18 11:17 - 2013-09-16 12:17 - 00000000 ____D C:\REMIX SONGS
2013-09-18 10:00 - 2013-09-18 10:00 - 00000599 _____ C:\Users\Gamers Heaven\Desktop\WindowsAndroid.lnk
2013-09-18 10:00 - 2013-09-18 10:00 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindowsAndroid
2013-09-18 09:59 - 2013-09-18 09:59 - 00000000 ____D C:\SocketeQ
2013-09-18 08:56 - 2013-09-18 08:56 - 00000000 ____D C:\new 918
2013-09-17 17:44 - 2013-09-17 17:44 - 00149492 _____ C:\Users\Gamers Heaven\Downloads\Bravia_Engine_2.zip
2013-09-17 17:10 - 2013-09-17 17:09 - 00600761 _____ C:\Users\Gamers Heaven\Downloads\Beats_AudioLib Ultra Addon.zip
2013-09-16 21:06 - 2013-07-31 20:14 - 00006114 _____ C:\Windows\PFRO.log
2013-09-16 17:57 - 2013-09-01 11:38 - 01221348 _____ C:\arwk.exe
2013-09-16 17:40 - 2013-09-16 17:39 - 00250830 _____ C:\Users\Gamers Heaven\Downloads\MUnlock.apk
2013-09-16 12:41 - 2013-09-16 12:40 - 00000000 ____D C:\Namecards
2013-09-16 12:10 - 2013-09-15 15:18 - 00000000 ____D C:\123
2013-09-16 09:12 - 2013-09-16 07:44 - 00000000 ____D C:\Users\Gamers Heaven\Documents\GTA San Andreas User Files
2013-09-16 08:20 - 2013-09-16 08:20 - 00249113 _____ C:\Users\Gamers Heaven\Downloads\SA_GTA_IV_HUD.rar
2013-09-16 07:49 - 2013-09-16 07:49 - 00045635 _____ C:\Users\Gamers Heaven\Downloads\GTA SA Resolution Fix.zip
2013-09-16 07:44 - 2013-08-07 07:01 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-09-16 07:41 - 2013-09-16 07:40 - 00000000 ____D C:\GTA SAN ANDREAS
2013-09-15 22:11 - 2013-09-15 22:11 - 00000000 ____D C:\RippedGamings GTA - SA
2013-09-15 19:29 - 2013-09-15 19:29 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Max Payne 2 Savegames
2013-09-15 19:26 - 2013-08-04 18:51 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\IDM
2013-09-15 15:43 - 2013-09-15 15:42 - 00000000 ____D C:\New folder (2)
2013-09-15 13:45 - 2013-09-15 13:41 - 340829559 _____ C:\Users\Gamers Heaven\Downloads\GTA Vice City Rip [boLdX].7z
2013-09-15 13:45 - 2013-08-22 11:35 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\uTorrent
2013-09-15 13:41 - 2013-09-15 13:40 - 00013419 _____ C:\Users\Gamers Heaven\Downloads\EE07D60C49940D8E4BD5DA576FED73CE41F6B4FA.torrent
2013-09-15 12:28 - 2013-08-18 14:35 - 00000000 ____D C:\Program Files (x86)\Left 4 Dead 2
2013-09-15 12:25 - 2013-08-09 13:06 - 00000000 ____D C:\Program Files (x86)\Assassins Creed III
2013-09-13 14:33 - 2013-09-07 14:15 - 00000000 __SHD C:\Users\Gamers Heaven\AppData\Roaming\f96e468
2013-09-12 18:26 - 2013-09-12 18:26 - 00020754 _____ C:\Users\Gamers Heaven\Downloads\3B10A155AB10E992F2342EB5405DB4FD041B48CF.torrent
2013-09-12 18:01 - 2013-09-12 18:00 - 01617942 _____ () C:\Users\Gamers Heaven\Downloads\ipscan-win64-3.2.exe
2013-09-12 17:51 - 2013-09-12 17:51 - 00248554 _____ C:\Users\Gamers Heaven\Downloads\BluesPortScan.zip
2013-09-10 22:10 - 2013-09-10 22:10 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11
2013-09-10 22:09 - 2013-09-10 22:09 - 01707366 _____ C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11.zip
2013-09-10 22:05 - 2013-09-10 22:04 - 01916953 _____ C:\Users\Gamers Heaven\Downloads\VirtualDub-1.9.11-AMD64.zip
2013-09-10 21:49 - 2013-07-31 19:38 - 00000000 ____D C:\Program Files\WinRAR
2013-09-10 21:48 - 2013-09-10 21:48 - 00000673 _____ C:\Users\Gamers Heaven\Downloads\WinRAR Crack (Mr7ech).zip
2013-09-10 21:48 - 2013-09-10 21:37 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\VirtualDubMod_1_5_10_2_b2542
2013-09-10 21:46 - 2013-09-10 21:45 - 00047624 _____ C:\Users\Gamers Heaven\Downloads\VirtualDubMOD.exe
2013-09-10 21:46 - 2013-07-31 18:53 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Local\VirtualStore
2013-09-10 21:45 - 2013-09-10 21:45 - 00099673 _____ C:\Users\Gamers Heaven\Downloads\WinRAR 5.00 BETA 8.rar
2013-09-10 21:36 - 2013-09-10 21:36 - 00955801 _____ C:\Users\Gamers Heaven\Downloads\VirtualDubMod_1_5_10_2_b2542.zip
2013-09-10 21:34 - 2013-08-04 18:51 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Video
2013-09-08 17:14 - 2013-09-08 17:14 - 00554143 _____ C:\Users\Gamers Heaven\Downloads\Super_Backup_v1.7.0.1.apk
2013-09-08 15:02 - 2013-09-08 14:55 - 09754286 _____ C:\Users\Gamers Heaven\Downloads\Real Boxing™ v1.2.5 [Non-Tegra]-AndroidGiant.Blogspot.com.apk
2013-09-08 15:01 - 2013-09-08 15:01 - 00000000 ____D C:\com.madfingergames.shadowgun
2013-09-08 13:28 - 2013-09-06 09:45 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\gta
2013-09-07 21:27 - 2013-09-07 21:27 - 00821892 _____ C:\Users\Gamers Heaven\Downloads\Sony_Select.apk
2013-09-07 21:03 - 2013-09-07 21:02 - 03645852 _____ C:\Users\Gamers Heaven\Downloads\UxpNxtLockScreen.apk
2013-09-07 20:10 - 2013-09-07 19:34 - 00000000 ____D C:\school
2013-09-06 18:18 - 2013-09-06 18:18 - 00000679 _____ C:\Users\Gamers Heaven\Documents\Gamers Heaven - Shortcut.lnk
2013-09-06 17:22 - 2013-07-31 19:49 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2013-09-06 17:15 - 2013-07-31 20:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-09-06 17:15 - 2013-07-31 20:09 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-09-06 17:05 - 2013-08-19 20:11 - 00000000 ____D C:\Fraps
2013-09-06 17:03 - 2013-08-03 06:52 - 00000572 _____ C:\Users\Public\Desktop\Fraps.lnk
2013-09-06 17:01 - 2013-07-31 20:09 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-09-06 11:13 - 2013-09-06 11:11 - 08158999 _____ C:\Users\Gamers Heaven\Downloads\DT1.8.2_desapk.com.apk
2013-09-06 11:07 - 2013-09-06 11:07 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Dead Trigger v1 7 0 [unlimited Money] (Android) [JOKER]
2013-09-06 11:05 - 2013-09-06 11:05 - 00013716 _____ C:\Users\Gamers Heaven\Downloads\[kickass.to]dead.trigger.v1.7.0.unlimited.money.android.joker.torrent
2013-09-06 10:54 - 2013-09-06 10:54 - 00014326 _____ C:\Users\Gamers Heaven\Downloads\Bladeslinger-1.3.1-APK+Data-andropalace.net.torrent
2013-09-06 10:44 - 2013-09-06 10:44 - 00030320 _____ C:\Users\Gamers Heaven\Downloads\thalaivaa_english-779792.zip
2013-09-06 10:02 - 2013-09-06 10:00 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs
2013-09-06 09:57 - 2013-09-06 09:57 - 00039301 _____ C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs.7775438.TPB (2).torrent
2013-09-06 09:26 - 2013-09-06 09:25 - 04041942 _____ C:\Users\Gamers Heaven\Downloads\GTA+Vice+City.apk
2013-09-06 09:23 - 2013-09-06 09:23 - 00014686 _____ C:\Users\Gamers Heaven\Downloads\gta.torrent
2013-09-05 21:52 - 2013-09-05 21:52 - 00039301 _____ C:\Users\Gamers Heaven\Downloads\Need.for.Speed.Most.Wanted.RePack-KaOs.7775438.TPB (1).torrent
2013-09-05 20:52 - 2013-09-05 20:51 - 00423065 _____ C:\Users\Gamers Heaven\Downloads\X-Reality_Engine.zip
2013-09-04 20:13 - 2013-09-04 20:13 - 00000000 ____D C:\weds
2013-09-04 20:00 - 2013-08-22 09:51 - 00000000 ____D C:\Users\Gamers Heaven\Documents\CharmsRes
2013-09-04 12:56 - 2013-09-04 12:56 - 00000000 ____D C:\Program Files\Elantech
2013-09-04 12:55 - 2013-09-04 12:55 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Touchpad_Elantech_10.6.9.9_W7x64
2013-09-04 12:40 - 2013-09-02 20:42 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Angry Birds Collection 2013 by ~SC0RPi0N~
2013-09-04 09:54 - 2013-09-04 09:54 - 00001705 _____ C:\Users\Gamers Heaven\Downloads\Hacksofworld - BSNL SPEED HACK.rar
2013-09-04 09:09 - 2013-09-04 09:09 - 00000856 _____ C:\Users\Gamers Heaven\Downloads\00643d329c.dlc
2013-09-04 08:51 - 2013-09-04 08:51 - 00000077 _____ C:\Users\Gamers Heaven\Documents\missing guy.txt
2013-09-03 21:30 - 2013-09-03 21:30 - 00000557 _____ C:\Users\Gamers Heaven\Downloads\Spiderman 2 The Game.zip
2013-09-03 21:01 - 2013-09-03 21:00 - 00229852 _____ C:\Users\Gamers Heaven\Downloads\Universal_KeyGen_Generator(masterhacksindia.blogspot.com.rar
2013-09-03 20:56 - 2013-09-02 20:40 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Rovio
2013-09-03 20:56 - 2013-09-02 20:26 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\Rovio Entertainment Ltd
2013-09-03 20:53 - 2013-09-03 20:53 - 00002637 _____ C:\Users\Public\Desktop\Angry Birds Seasons.lnk
2013-09-03 20:53 - 2013-09-02 20:27 - 00000000 ____D C:\Program Files (x86)\Rovio Entertainment Ltd
2013-09-02 21:45 - 2013-09-02 21:45 - 00001074 _____ C:\Users\Public\Desktop\Angry Birds.lnk
2013-09-02 21:45 - 2013-09-02 21:45 - 00000000 ____D C:\Program Files (x86)\Rovio
2013-09-02 20:47 - 2013-09-02 20:47 - 00002191 _____ C:\Users\Public\Desktop\Angry Birds Rio.lnk
2013-09-02 20:27 - 2013-09-02 20:27 - 00002268 _____ C:\Users\Public\Desktop\Angry Birds Star Wars.lnk
2013-09-02 19:58 - 2013-09-02 19:54 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Local\HP
2013-09-02 19:57 - 2013-09-02 19:55 - 00000000 ____D C:\ProgramData\HP
2013-09-02 19:55 - 2013-09-02 19:55 - 00002236 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00001231 _____ C:\Users\Public\Desktop\HP Deskjet 2050 J510 series Scan.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00001194 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2050 J510 series.lnk
2013-09-02 19:55 - 2013-09-02 19:55 - 00000000 ____D C:\Program Files (x86)\HP
2013-09-02 19:54 - 2013-09-02 19:54 - 00000000 ____D C:\Program Files\HP
2013-09-02 19:49 - 2013-08-04 18:51 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2013-09-02 18:55 - 2013-09-02 18:53 - 01235628 _____ C:\Users\Gamers Heaven\Downloads\IDM.6.17.8.Crack-MUFTAKiS.rar
2013-09-02 18:47 - 2013-09-02 18:45 - 05322072 _____ (Tonec Inc.) C:\Users\Gamers Heaven\Downloads\idman617b8.exe
2013-09-02 18:39 - 2013-09-02 18:39 - 00751941 _____ C:\Users\Gamers Heaven\Downloads\samkutty.jpeg
2013-09-02 18:31 - 2013-09-02 18:31 - 00058075 _____ C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar
2013-09-02 18:29 - 2013-09-02 18:29 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-02 18:29 - 2013-09-02 18:28 - 00323216 _____ (SummerSoft) C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar.exe
2013-09-01 21:12 - 2013-08-29 19:31 - 00000000 ____D C:\Users\Gamers Heaven\Downloads\MICROSOFT.WINDOWS.8.1.RTM.X64.ENGLISH.DVD-WZT
2013-09-01 21:11 - 2013-09-01 21:11 - 00570880 _____ (Facebook Inc.) C:\Users\Gamers Heaven\Downloads\FacebookVideoCallSetup_v1.2.205.0 (10).exe
2013-09-01 21:11 - 2013-08-04 15:57 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Local\Facebook
2013-09-01 21:01 - 2013-09-01 21:01 - 00001304 _____ C:\Users\Gamers Heaven\Desktop\FurMark.lnk
2013-09-01 20:51 - 2013-09-01 20:48 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\NVIDIA
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\Windows\system32\NV
2013-09-01 20:47 - 2013-09-01 20:47 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-01 20:41 - 2013-08-22 10:41 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-09-01 20:41 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\Help
2013-09-01 20:40 - 2013-09-01 20:40 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2013-09-01 20:40 - 2013-07-31 19:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-01 19:54 - 2013-09-01 19:54 - 00001330 _____ C:\Users\Gamers Heaven\Desktop\FluidMark.lnk
2013-09-01 19:54 - 2013-09-01 19:54 - 00000000 ____D C:\Program Files (x86)\Geeks3D
2013-09-01 19:53 - 2013-08-09 16:21 - 00000000 ____D C:\Users\Gamers Heaven\Desktop\uTorrent
2013-09-01 13:04 - 2013-09-01 13:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-09-01 12:59 - 2013-09-01 12:59 - 00000000 ____D C:\Program Files\SAMSUNG
2013-09-01 12:58 - 2013-09-01 12:58 - 00000000 ____D C:\ProgramData\Samsung
2013-09-01 12:51 - 2013-09-01 12:48 - 00000000 ____D C:\mini recovery
2013-09-01 11:11 - 2013-09-06 10:44 - 00082831 _____ C:\Users\Gamers Heaven\Documents\gufran athaEnglish Subtitle - Thalaiva.srt
2013-08-31 21:13 - 2013-08-31 21:13 - 00001323 _____ C:\Users\Gamers Heaven\Desktop\setup.exe - Shortcut.lnk
2013-08-31 20:30 - 2013-08-08 13:54 - 00000000 ____D C:\Windows\system32\appmgmt
2013-08-31 20:30 - 2009-07-14 08:50 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-31 19:53 - 2013-08-31 19:51 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2013-08-31 19:38 - 2013-08-31 19:09 - 00000000 ____D C:\Program Files (x86)\RealArcade
2013-08-31 19:26 - 2013-08-31 19:26 - 00000000 ____D C:\Users\Gamers Heaven\Documents\New folder (3)
2013-08-31 19:25 - 2013-08-31 19:25 - 00077553 _____ C:\Users\Gamers Heaven\Downloads\docsdiag.zip
2013-08-31 19:12 - 2013-08-31 19:12 - 00000000 ____D C:\ProgramData\Trymedia
2013-08-31 19:08 - 2013-08-31 19:08 - 00000000 ____D C:\Users\Gamers Heaven\Documents\Cut the Rope PC
2013-08-31 18:16 - 2013-08-31 18:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2013-08-31 18:16 - 2013-08-31 17:54 - 00000000 ____D C:\Program Files (x86)\Intel
2013-08-31 17:40 - 2013-08-31 17:40 - 00000184 _____ C:\Windows\LMv4.UNI
2013-08-31 17:40 - 2013-08-31 17:40 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2013-08-31 17:19 - 2013-08-31 17:19 - 00003056 _____ C:\Windows\System32\Tasks\{C5B3411B-728A-4D38-B4FA-C23C4576BE9B}
2013-08-31 17:19 - 2013-08-31 17:19 - 00003056 _____ C:\Windows\System32\Tasks\{B104EE9D-29E2-4907-8EC8-D0E1E16FE6C3}
2013-08-29 20:59 - 2013-08-21 21:03 - 00000000 ____D C:\Users\Gamers Heaven\Desktop\bios
2013-08-29 19:28 - 2013-08-29 19:28 - 00000821 _____ C:\Users\Gamers Heaven\Desktop\µTorrent.lnk
2013-08-29 19:28 - 2013-08-29 19:28 - 00000801 _____ C:\Users\Gamers Heaven\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2013-08-29 19:27 - 2013-08-29 19:27 - 00037881 _____ C:\Users\Gamers Heaven\Downloads\[kickass.to]microsoft.windows.8.1.rtm.x64.english.dvd.wzt.windows.8.1.rtm.build.6.3.9600.16384.torrent
2013-08-28 18:20 - 2013-08-04 18:52 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2013-08-28 11:55 - 2013-08-28 11:50 - 00000000 ____D C:\Program Files (x86)\CD Art Display
2013-08-28 11:51 - 2013-08-28 11:50 - 01078402 _____ C:\Users\Gamers Heaven\Downloads\windows_8_music_player_beta_by_peterrollar-d4jdj7s.rar
2013-08-28 11:50 - 2013-08-28 11:50 - 00000000 ____D C:\Users\Gamers Heaven\AppData\Roaming\CD Art Display
2013-08-28 11:50 - 2013-08-28 11:47 - 01365572 _____ C:\Users\Gamers Heaven\Downloads\CDARTDisplaysetup201.zip
2013-08-28 11:11 - 2013-08-28 11:11 - 00051752 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2013-08-28 11:05 - 2013-08-28 11:05 - 00064473 _____ C:\Users\Gamers Heaven\Downloads\ENBSeries-BM.rar
2013-08-28 11:05 - 2013-08-28 11:05 - 00064473 _____ C:\Users\Gamers Heaven\Downloads\ENBSeries-BM (1).rar
2013-08-25 11:33 - 2013-08-25 11:33 - 00821974 _____ (                                                            ) C:\Users\Gamers Heaven\Downloads\reshack_setup.exe
2013-08-25 11:33 - 2013-08-25 11:33 - 00000000 ____D C:\Program Files (x86)\Resource Hacker
2013-08-24 20:41 - 2009-07-14 08:50 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-08-24 16:44 - 2013-08-24 16:44 - 00000000 ____D C:\Windows\w7upfc
2013-08-24 11:28 - 2013-08-19 20:11 - 03978352 _____ (Beepa Pty Ltd) C:\Fraps 3.5.99 Build 15618.exe
2013-08-24 07:59 - 2013-08-24 07:58 - 00452830 _____ C:\Users\Gamers Heaven\Downloads\Windows 7 User Picture Frame Changer.zip
2013-08-24 07:34 - 2013-08-24 07:34 - 00095080 _____ (deepxw) C:\Users\Gamers Heaven\Downloads\UniversalThemePatcher-x64.exe
2013-08-24 07:34 - 2009-07-14 05:25 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-08-24 07:34 - 2009-07-14 05:24 - 02851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-08-24 07:34 - 2009-07-14 05:24 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2013-08-24 07:28 - 2013-08-23 00:03 - 00000000 ____D C:\Users\Gamers Heaven\Documents\win 8
2013-08-24 07:27 - 2013-08-24 07:27 - 00000000 ____D C:\Users\Gamers Heaven\Documents\New folder (2)
 
Some content of TEMP:
====================
C:\Users\Gamers Heaven\AppData\Local\Temp\htmlayout.dll
C:\Users\Gamers Heaven\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Gamers Heaven\AppData\Local\Temp\sfextra.dll
C:\Users\Gamers Heaven\AppData\Local\Temp\TsuC5AB0A4B.dll
C:\Users\Gamers Heaven\AppData\Local\Temp\winhhfgn.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-08-24 16:44] - [2009-07-14 07:09] - 2871296 ____A (Microsoft Corporation) 18B149A0E45D8E3D558E7AAFC17D43DD
 
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-09-22 16:00
 
==================== End Of Log ============================
 
ADDITION:-
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by Gamers Heaven at 2013-09-22 18:15:07
Running from C:\Users\Gamers Heaven\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs ======================
 
µTorrent (HKCU Version: 3.3.1.30017)
Angry Birds (x32 Version: 3.0.0)
Angry Birds Rio (x32 Version: 1.7.0)
Angry Birds Seasons (x32 Version: 3.3.0)
Angry Birds Star Wars (x32 Version: 1.3.0)
Assassin's Creed ® III (x32 Version: 1.00)
Assassins Creed III version 5.1 (x32 Version: 5.1)
Charms (x32)
Dolby Home Theater v4 (x32 Version: 7.2.7000.7)
ETDWare PS/2-X64 10.6.9.9_WHQL (Version: 10.6.9.9)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Far Cry 3 (x32 Version: 1.01)
Flashtool (x32 Version: 0.9.11.0)
Fraps (x32)
Geeks3D PhysX FluidMark v1.4.0 (x32)
Geeks3D.com FurMark 1.9.2 (x32)
Google Chrome (x32 Version: 29.0.1547.76)
Google Update Helper (x32 Version: 1.3.21.153)
GSMULTI V3.0 (x32)
HP Deskjet 2050 J510 series Basic Device Software (Version: 22.0.334.0)
HP Deskjet 2050 J510 series Help (x32 Version: 140.0.61.61)
HxD Hex Editor version 1.7.7.0 (x32 Version: 1.7.7.0)
Infineon USB driver 1.0.0.6 (x32)
Intel® USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Internet Download Manager (x32)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Launch Manager (x32 Version: 5.1.13)
Left 4 Dead 2 (x32)
LG USB Modem driver (x32 Version: 4.9.4)
LGE GSM Device Driver OMAPV1030 (x32 Version: 1.0.0.0000)
MakeMKV v1.8.4 (x32 Version: v1.8.4)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSI Afterburner 2.2.3 (x32 Version: 2.2.3)
NirSoft VideoCacheView (x32)
NVIDIA Control Panel 320.18 (Version: 320.18)
NVIDIA Graphics Driver 320.18 (Version: 320.18)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Windows Vista Stereoscopic 3D Driver (x32 Version: 7.15.11.8585)
PunkBuster Services (x32 Version: 0.993)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6543)
Recuva (Version: 1.41)
Resource Hacker Version 3.6.0 (x32)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2300.0)
SpeedFan (remove only) (x32)
Stereoscopic Player (x32 Version: 1.8.0)
Unlocker 1.9.2 (Version: 1.9.2)
VLC media player 2.0.7 (Version: 2.0.7)
Windows Driver Package - Infineon Technologies (FlashUSB) USB  (04/16/2009 1.0.0.6) (Version: 04/16/2009 1.0.0.6)
WindowsAndroid version 4.0.3 (HKCU Version: 4.0.3)
WinImage (HKCU)
WinMetro (x32 Version: 1.0)
WinRAR 5.00 beta 7 (64-bit) (Version: 5.00.7)
 
==================== Restore Points  =========================
 
11-08-2013 03:30:54 Installed LG USB Modem driver
15-09-2013 15:23:19 Scheduled Checkpoint
21-09-2013 15:53:36 Installed LG USB Modem driver
22-09-2013 09:23:36 Removed Facebook Video Calling 1.2.0.287
 
==================== Hosts content: ==========================
 
2009-07-14 08:04 - 2013-08-17 21:52 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {5C59D16A-0E5B-4250-80EE-B7EB6603C399} - System32\Tasks\{C5B3411B-728A-4D38-B4FA-C23C4576BE9B} => C:\Users\Gamers Heaven\Documents\Launch Manager_Dritek_5.1.13_W7x64\LManager.exe [2012-03-02] (Dritek System Inc.)
Task: {64A9808E-4A56-4A2D-A4B2-37F388FD19A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)
Task: {B6C52B20-9C74-4DFA-92AE-CFD3F24706A4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core => C:\Users\Gamers Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: {BD6C18F3-9426-4A60-B558-89E5D90B858F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {BE5280D4-EBAA-4AAE-AC0A-543C1771CA21} - System32\Tasks\{56FC1EB9-BF9E-46F9-ACD7-0E4078EB0675} => C:\New folder\UpTestEX.exe [2013-08-24] ()
Task: {D2A72024-425E-4EDC-9F9B-679A2B5A0C21} - System32\Tasks\WinMetro Updater => C:\Program Files (x86)\IObit\WinMetro\AutoUpdate.exe [2013-09-16] (IObit)
Task: {D7CD519F-D17C-4400-B243-1E8C1EBF2D49} - System32\Tasks\{B104EE9D-29E2-4907-8EC8-D0E1E16FE6C3} => C:\Users\Gamers Heaven\Documents\Launch Manager_Dritek_5.1.13_W7x64\LManager.exe [2012-03-02] (Dritek System Inc.)
Task: {EC5CD033-8CBA-413B-8C1A-F8BD910945AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-31] (Google Inc.)
Task: {FAC18FB0-479D-4028-A7CE-1B5F12092D49} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA => C:\Users\Gamers Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-22] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000Core.job => C:\Users\Gamers Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-271063553-3707833635-3792739488-1000UA.job => C:\Users\Gamers Heaven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-07-31 18:59 - 2013-07-31 18:55 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrENU.lrc
2013-07-31 18:59 - 2013-07-31 18:55 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-06-01 10:32 - 2011-06-01 10:32 - 01070424 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4c.dll
2011-06-01 10:32 - 2011-06-01 10:32 - 00034136 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\Dolby.Interop.dll
2013-08-03 17:44 - 2011-05-02 11:57 - 00118104 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2011-06-01 10:32 - 2011-06-01 10:32 - 00018264 _____ (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\en-US\pcee4c.resources.dll
2013-08-09 15:16 - 2012-10-30 15:37 - 00348032 _____ () C:\Program Files (x86)\IObit\WinMetro\madExcept_.bpl
2013-08-09 15:16 - 2012-10-30 15:37 - 00182656 _____ () C:\Program Files (x86)\IObit\WinMetro\madBasic_.bpl
2013-08-09 15:16 - 2012-10-30 15:37 - 00050048 _____ () C:\Program Files (x86)\IObit\WinMetro\madDisAsm_.bpl
2013-09-21 21:19 - 2013-09-17 08:51 - 04053456 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
2013-09-21 21:19 - 2013-09-17 08:51 - 00410576 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
2013-09-21 21:19 - 2013-09-17 08:50 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
2013-09-02 18:50 - 2013-09-02 18:50 - 00098200 _____ (Tonec Inc.) C:\Users\Gamers Heaven\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\IDMGCExt.dll
2013-09-21 21:19 - 2013-09-17 08:51 - 13611984 _____ () C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) ======
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/22/2013 06:10:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: AutoUpdate.exe, version: 1.0.0.185, time stamp: 0x50a4c859
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0x7dc
Faulting application start time: 0xAutoUpdate.exe0
Faulting application path: AutoUpdate.exe1
Faulting module path: AutoUpdate.exe2
Report Id: AutoUpdate.exe3
 
Error: (09/22/2013 06:08:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: UpTestEX.exe, version: 1.0.4.4, time stamp: 0x4ac2a689
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0x9654
Faulting application start time: 0xUpTestEX.exe0
Faulting application path: UpTestEX.exe1
Faulting module path: UpTestEX.exe2
Report Id: UpTestEX.exe3
 
Error: (09/22/2013 06:02:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: UpTestEX.exe, version: 1.0.4.4, time stamp: 0x4ac2a689
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0x8ae0
Faulting application start time: 0xUpTestEX.exe0
Faulting application path: UpTestEX.exe1
Faulting module path: UpTestEX.exe2
Report Id: UpTestEX.exe3
 
Error: (09/22/2013 05:56:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: UpTestEX.exe, version: 1.0.4.4, time stamp: 0x4ac2a689
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0x7da0
Faulting application start time: 0xUpTestEX.exe0
Faulting application path: UpTestEX.exe1
Faulting module path: UpTestEX.exe2
Report Id: UpTestEX.exe3
 
Error: (09/22/2013 02:54:22 PM) (Source: Microsoft-Windows-RestartManager) (User: GamersHeaven-PC)
Description: Application or service 'Google Chrome' could not be shut down.
 
Error: (09/22/2013 00:45:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: KP500-Utils-EN.exe, version: 0.4.2.0, time stamp: 0x4a8ab16a
Faulting module name: KP500-Utils-EN.exe, version: 0.4.2.0, time stamp: 0x4a8ab16a
Exception code: 0x40000015
Fault offset: 0x00020c4f
Faulting process id: 0x9fdc
Faulting application start time: 0xKP500-Utils-EN.exe0
Faulting application path: KP500-Utils-EN.exe1
Faulting module path: KP500-Utils-EN.exe2
Report Id: KP500-Utils-EN.exe3
 
Error: (09/22/2013 00:25:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: UpTestEX.exe, version: 1.0.4.4, time stamp: 0x4ac2a689
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0xa650
Faulting application start time: 0xUpTestEX.exe0
Faulting application path: UpTestEX.exe1
Faulting module path: UpTestEX.exe2
Report Id: UpTestEX.exe3
 
Error: (09/22/2013 00:19:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: UpTestEX.exe, version: 1.0.4.4, time stamp: 0x4ac2a689
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0xe06d7363
Fault offset: 0x0000b727
Faulting process id: 0x8658
Faulting application start time: 0xUpTestEX.exe0
Faulting application path: UpTestEX.exe1
Faulting module path: UpTestEX.exe2
Report Id: UpTestEX.exe3
 
Error: (09/22/2013 11:40:38 AM) (Source: Application Error) (User: )
Description: Faulting application name: AutoUpdate.exe, version: 1.0.0.185, time stamp: 0x50a4c859
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0x958
Faulting application start time: 0xAutoUpdate.exe0
Faulting application path: AutoUpdate.exe1
Faulting module path: AutoUpdate.exe2
Report Id: AutoUpdate.exe3
 
Error: (09/22/2013 09:00:54 AM) (Source: Application Error) (User: )
Description: Faulting application name: AutoUpdate.exe, version: 1.0.0.185, time stamp: 0x50a4c859
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdbdf
Exception code: 0x0eedfade
Fault offset: 0x0000b727
Faulting process id: 0x5a4
Faulting application start time: 0xAutoUpdate.exe0
Faulting application path: AutoUpdate.exe1
Faulting module path: AutoUpdate.exe2
Report Id: AutoUpdate.exe3
 
 
System errors:
=============
Error: (09/17/2013 06:23:26 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (09/16/2013 09:40:58 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 0.0.0.0 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.
 
Error: (09/16/2013 09:07:17 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (09/12/2013 04:59:46 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
Error: (09/11/2013 10:09:49 PM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk1\DR2, is not ready for access yet.
 
 
Microsoft Office Sessions:
=========================
Error: (09/22/2013 06:10:54 PM) (Source: Application Error)(User: )
Description: AutoUpdate.exe1.0.0.18550a4c859KERNELBASE.dll6.1.7600.163854a5bdbdf0eedfade0000b7277dc01ceb790d7bef4fbC:\Program Files (x86)\IObit\WinMetro\AutoUpdate.exeC:\Windows\syswow64\KERNELBASE.dll37e81882-2384-11e3-bb23-08edb94bc61e
 
Error: (09/22/2013 06:08:36 PM) (Source: Application Error)(User: )
Description: UpTestEX.exe1.0.4.44ac2a689KERNELBASE.dll6.1.7600.163854a5bdbdfe06d73630000b727965401ceb790a6570f29C:\Users\Gamers Heaven\Desktop\FlashTool\UpTestEX.exeC:\Windows\syswow64\KERNELBASE.dlle58bd610-2383-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 06:02:46 PM) (Source: Application Error)(User: )
Description: UpTestEX.exe1.0.4.44ac2a689KERNELBASE.dll6.1.7600.163854a5bdbdfe06d73630000b7278ae001ceb78fd5eb3197C:\Users\Gamers Heaven\Desktop\FlashTool\UpTestEX.exeC:\Windows\syswow64\KERNELBASE.dll14f8c0db-2383-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 05:56:02 PM) (Source: Application Error)(User: )
Description: UpTestEX.exe1.0.4.44ac2a689KERNELBASE.dll6.1.7600.163854a5bdbdfe06d73630000b7277da001ceb78eb59611a2C:\Users\Gamers Heaven\Desktop\FlashTool\UpTestEX.exeC:\Windows\syswow64\KERNELBASE.dll244a861e-2382-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 02:54:22 PM) (Source: Microsoft-Windows-RestartManager)(User: GamersHeaven-PC)
Description: 1C:\Program Files (x86)\Google\Chrome\Application\chrome.exeGoogle Chrome02117210520
 
Error: (09/22/2013 00:45:35 PM) (Source: Application Error)(User: )
Description: KP500-Utils-EN.exe0.4.2.04a8ab16aKP500-Utils-EN.exe0.4.2.04a8ab16a4000001500020c4f9fdc01ceb7634da1595fC:\Users\Gamers Heaven\Downloads\Compressed\AQA_files\AQA_files\LG-Utils-EN\KP500-Utils-EN.exeC:\Users\Gamers Heaven\Downloads\Compressed\AQA_files\AQA_files\LG-Utils-EN\KP500-Utils-EN.exec591343d-2356-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 00:25:26 PM) (Source: Application Error)(User: )
Description: UpTestEX.exe1.0.4.44ac2a689KERNELBASE.dll6.1.7600.163854a5bdbdfe06d73630000b727a65001ceb76011df5355C:\Users\Gamers Heaven\Desktop\FlashTool\UpTestEX.exeC:\Windows\syswow64\KERNELBASE.dllf58a43f5-2353-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 00:19:11 PM) (Source: Application Error)(User: )
Description: UpTestEX.exe1.0.4.44ac2a689KERNELBASE.dll6.1.7600.163854a5bdbdfe06d73630000b727865801ceb75fd53a4c52C:\Users\Gamers Heaven\Desktop\FlashTool\UpTestEX.exeC:\Windows\syswow64\KERNELBASE.dll15e3421c-2353-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 11:40:38 AM) (Source: Application Error)(User: )
Description: AutoUpdate.exe1.0.0.18550a4c859KERNELBASE.dll6.1.7600.163854a5bdbdf0eedfade0000b72795801ceb75a6df83f5dC:\Program Files (x86)\IObit\WinMetro\AutoUpdate.exeC:\Windows\syswow64\KERNELBASE.dllb2e24f01-234d-11e3-8bd4-08edb94bc61e
 
Error: (09/22/2013 09:00:54 AM) (Source: Application Error)(User: )
Description: AutoUpdate.exe1.0.0.18550a4c859KERNELBASE.dll6.1.7600.163854a5bdbdf0eedfade0000b7275a401ceb7440bae7380C:\Program Files (x86)\IObit\WinMetro\AutoUpdate.exeC:\Windows\syswow64\KERNELBASE.dll62ab1b74-2337-11e3-b68a-08edb94bc61e
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 39%
Total physical RAM: 3914.36 MB
Available physical RAM: 2362.57 MB
Total Pagefile: 7826.85 MB
Available Pagefile: 6111.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:175.56 GB) (Free:91.96 GB) NTFS
Drive d: () (Fixed) (Total:290.1 GB) (Free:158.19 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 79ED1B0B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=290 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=176 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

 

  •  

     

  • Double click on AdwCleaner.exe to run the tool.

     

     

  • Vista/Windows 7/8 users right-click and select Run As Administrator

     

     

  • Click on the Scan button.

     

     

  • AdwCleaner will begin...be patient as the scan may take some time to complete.

     

     

  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.

     

     

  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

     

     

  • Look over the log especially under Files/Folders for any program you want to save.

     

     

  • If there's a program you want to save, just uncheck it from AdwCleaner.

     

     

  • If you're not sure, post the log for review.

     

     

  • If you're ready to clean it all up.....click the Clean button.

     

     

  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.

     

     

  • Copy and paste the contents of that logfile in your next reply.

     

     

  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

     

     

  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine

     

     

  • To restore an item that has been deleted (if necessary):

     

     

  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

     

     

 

 

Next,

 

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if  Malwarebytes is not installed:

 

Download Malwarebytes from one of the following links and save it to your desktop.:

 

 

http://www.malwarebytes.org/mbam.php 

http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml[/url]

http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html

 

Double Click mbam-setup.exe to install the application.

 

  •  

     

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.

     

     

  • If an update is found, it will download and install the latest version.

     

     

  • Once the program has loaded, select "Perform Quick Scan", then click Scan.

     

     

  • The scan may take some time to finish,so please be patient.

     

     

  • When the scan is complete, click OK, then Show Results to view the results.

     

     

  • Make sure that everything is checked, and click Remove Selected.

     

     

  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)

     

     

  • Please save the log to a location you will remember.

     

     

  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

     

     

  • Copy and paste the entire report in your next reply.

     

     

 

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Next,

 

Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)

 

 

  •  

     

  • The file will be randomly named

     

     

  • Reboot to safe mode

     

     

  • Run Dr Web

     

     

  • Tick the I agree box and select continue

     

     

  • Click select objects for scanning

     

     

    drwebselect.JPG

     

     

  • Tick all boxes as shown

     

     

  • Click the wrench and select automatically apply actions to threats

     

     

    drwebfolders.JPG

     

     

  • Press start scan

     

     

  • The scan will now commence

     

     

    drwebscan.JPG

     

     

  • Once the scan has finished click open report

     

     

    drwebscancomplete.JPG

     

     

  • A notepad will open

     

     

  • Select File > Save as..

     

     

  • Save it to your desktop

     

     

 

 

Attach the log to your next reply…

 

 

 

Let me see those logs in next reply..

 

Kevin

fixlist.txt

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites

Unlocked at member's request...please carry on.

Share this post


Link to post
Share on other sites

Adwcleaner log:

# AdwCleaner v3.005 - Report created 03/10/2013 at 06:55:40
# Updated 22/09/2013 by Xplode
# Operating System : Windows 7 Ultimate  (64 bits)
# Username : Gamers Heaven - GAMERSHEAVEN-PC
# Running from : C:\Users\Gamers Heaven\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Google Chrome v29.0.1547.76
 
[ File : C:\Users\Gamers Heaven\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R1].txt - [774 octets] - [03/10/2013 06:53:43]
AdwCleaner[s1].txt - [696 octets] - [03/10/2013 06:55:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [755 octets] ##########
 
Malware bytes log:-
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.10.02.12
 
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Gamers Heaven :: GAMERSHEAVEN-PC [administrator]
 
Protection: Enabled
 
10/3/2013 7:01:33 AM
mbam-log-2013-10-03 (07-01-33).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195730
Time elapsed: 5 minute(s), 11 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 8
C:\Users\Gamers Heaven\AppData\Local\Temp\nskF183.tmp (PUP.Optional.Somoto.A) -> No action taken.
C:\Users\Gamers Heaven\AppData\Local\Temp\{047B5E7E-83A9-4761-A58A-CB8BDF987C88}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar (PUP.Riskware.Patcher) -> No action taken.
C:\Users\Gamers Heaven\Downloads\Angry.Birds.Patch.v1.4.Kindly.rar.exe (PUP.Optional.Installrex) -> No action taken.
C:\Users\Gamers Heaven\Downloads\Unlocker1.9.2.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Gamers Heaven\Downloads\WinRAR 5.00 BETA 8.rar (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\Gamers Heaven\Local Settings\Temporary Internet Files\Content.IE5\8IZDDPJB\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> No action taken.
C:\arwk.exe (Trojan.Malpack.Gen) -> Quarantined and deleted successfully.
 
(end)
 
 
Sir,i will soon attach the dr, webcureit logs,meanwhile please review these logs.

Share this post


Link to post
Share on other sites

Can you remove the items shown in Malwarebytes as "No action taken" Post Dr Web Cureit log when you`re ready, that log will be excessive so will have to be attached...

 

Also let me know what issues or concerns are still active...

Share this post


Link to post
Share on other sites

Sir,I have removed the 'No action objects' in Malwarebytes.

I have attached the log of Dr. Web Cureit!.

The issues that still remain are:-

* Some programs get corrupt after installing.

 

I could only think of this many issues for now.

cureit.log

Share this post


Link to post
Share on other sites

Run the following:

 

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from the following link :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
     
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
     
  • Close any open browsers and any other programs you might have running
     
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
     
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
     
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
     
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*


    If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

 

Post the log in next reply please...

 

Kevin

Share this post


Link to post
Share on other sites

Go to http://www.virustotal.com/


Click the Choose file button
Navigate to the file c:\windows\explorer.exe or just copy/paste it in.
Click the Scan it tab
If you get a message saying File has already been analyzed: click Reanalyze file now
Copy and paste the results back here please.

 

Next,

 

Download CKScanner from here: http://downloads.malwareremoval.com/CKScanner.exe

Important - Save it to your desktop.

Doubleclick CKScanner.exe (Right click and "Run as administrator" in Vista/Win7/8).
Give permission if necessary, and click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify the file saved. Please run the program once only.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

 

Let me see those results..

Share this post


Link to post
Share on other sites

Here is the virustotal result:

 

SHA256: cc89baedc42da822185ef84ccb8c71120cd3321307717e678dac1bfc96996225
SHA1: e6b3351e4d0fcdf531509f395c81c77f2cb809a2
MD5: 18b149a0e45d8e3d558e7aafc17d43dd
File size: 2.7 MB ( 2871296 bytes )
File name: explorer.exe
File type: Win32 EXE
Detection ratio: 0 / 46
Analysis date: 2013-10-04 11:46:16 UTC ( 1 minute ago )
 
ckscanner result attached.
 
Please review the logs/

 

ckfiles.txt

Share this post


Link to post
Share on other sites

Please read the following link with regards to Piracy:

 

http://forums.malwarebytes.org/index.php?showtopic=97700

 

Delete all pirated software from your Downloads folder to comply with Forum protocol, also remove any P2P software

 

Next,

 

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:

FCopy::c:\windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe | c:\windows\explorer.exeClearJavaCache::

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe

CF3.jpg

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Next,

We need to run an online AV scan to ensure there are no remnants of the infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

Run Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go to Eset web page http://www.eset.com/home/products/online-scanner/ to run an online scan from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish



When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found


If threats were found

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish



close program

copy and paste the report here

Share this post


Link to post
Share on other sites

Sality is a family of polymorphic file infectors that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web

It then creates and starts a service to load the driver. The driver blocks access to a variety of security software vendor web sites.The virus then disables security software services and ends security software processes. It also disables registry editing and the task manager.

 

In my opinion you are better off wiping your hard drive, then reinstall windows again. You could run ESET again, but this time make sure that the option Remove found threats is ticked.

 

Let ESET remove all entries, see what your system is like after that.

 

When that is complete you will have to remove Malwarebytes and Reinstall, then run a Full scan...

 

To re-install Malwarebytes….

Download and save mbam-clean.exe and save to your desktop from the following:

 

http://www.malwarebytes.org/mbam-clean.exe

 

Now do the following:

 

  •   
       
  • Click on Start and select Control Panel
       
  • Open Uninstall a Program
       
  • Uninstall Malwarebytes' Anti-Malware
       
  • Restart your computer, very important to do that!!
       
  • Run mbam-clean.exe
       
  • It will ask to restart your computer, please allow it to do so, very important!!
     
    Next, D/L and install Malwarebytes again and update as follows :-
     
    mbamicontw5.gif Please download Malwarebytes Anti-Malware and save it to your desktop.
    Alernative D/L mirror
    Alternative D/L mirror
     
    Double Click mbam-setup.exe to install the application.
     
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

 

Extra Note:

 

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Share this post


Link to post
Share on other sites

Sir, i rescanned my laptop with malware bytes and it found 3 virus BUT they were from FARBAR QUARANTINE FOLDER. I HOPE THATS OK.

Share this post


Link to post
Share on other sites

The only way to see if Sality has returned is to run an ESET online scan once more, I know these scans take several hours but the type of infection does make it necessary....

 

Run ESET one more time and post the log

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.