Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2012 Ran by SYSTEM at 11-10-2012 18:26:34 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9644576 2009-12-14] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x] HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [16413288 2010-01-07] (NVIDIA Corporation) HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-06-03] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [222504 2008-01-03] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [91432 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [50472 2009-04-15] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [218408 2008-12-03] (CyberLink Corp.) HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-07-20] (CyberLink Corp.) HKLM-x32\...\Run: [APLangApp] "C:\Program Files (x86)\AnyPC Client\APLangApp.exe" [13312 2009-11-19] (DoctorSoft) HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [NPSStartup] [x] HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.) HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-05-30] (Power Software Ltd) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.) HKLM-x32\...\Run: [Brunel University Connect Assistant] C:\Program Files (x86)\Brunel University\Connect\Assistant\BrunelConnectAssistant.exe [1280864 2012-07-31] (Brunel University) HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe [x] HKU\Josh\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" [328056 2010-11-15] (BitTorrent, Inc.) HKU\Josh\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation) HKU\Josh\...\Run: [Sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon [393216 2008-07-02] (Sony Ericsson Mobile Communications AB) HKU\Josh\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17418928 2012-07-13] (Skype Technologies S.A.) HKU\Josh\...\Run: [crans] rundll32.exe "C:\Users\Josh\AppData\Local\Temp\crans.dll",CompileShader [x] HKU\Josh\...\Run: [ACFinder] "C:\Users\Josh\AppData\Local\AppCore\ACFinder\ACFinder.exe" [x] HKU\Josh\...\Run: [Facebook Update] "C:\Users\Josh\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-15] (Facebook Inc.) HKU\Josh\...\Run: [Spotify Web Helper] "C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-09-28] () HKU\Josh\...\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2234840 2012-06-18] (Eastman Kodak Company) HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 134.83.127.82 134.83.127.80 134.83.127.81 SubSystems: [Windows] ATTENTION! ====> ZeroAccess Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.) ==================== Services (Whitelisted) =================== 2 0182101349767567mcinstcleanup; C:\windows\TEMP\018210~1.EXE -cleanup -nolog [828032 2012-09-04] (McAfee, Inc.) 2 euq_monitor; C:\Windows\System32\wceusbsh.dll [6656 2009-07-13] (Oak Technology Inc.) ATTENTION! ====> ZeroAccess 2 Kodak AiO Status Monitor Service; "C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe" [777728 2012-06-19] (Eastman Kodak Company) 2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" [237008 2011-06-17] (McAfee, Inc.) 2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [383608 2012-09-10] (McAfee, Inc.) 2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [237920 2012-07-17] (McAfee, Inc.) 2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-07-17] (McAfee, Inc.) 2 mfevtp; "C:\windows\system32\mfevtps.exe" [177144 2012-07-17] (McAfee, Inc.) 2 MOBKbackup; "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" [231224 2010-04-13] (McAfee, Inc.) 2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.) 2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () 2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [247152 2009-07-07] () ==================== Drivers (Whitelisted) ===================== 3 a016bus; C:\Windows\System32\Drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation) 3 a016mdfl; C:\Windows\System32\Drivers\a016mdfl.sys [19496 2008-01-18] (MCCI Corporation) 3 a016mdm; C:\Windows\System32\Drivers\a016mdm.sys [146472 2008-01-18] (MCCI Corporation) 3 a016mgmt; C:\Windows\System32\Drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation) 3 a016obex; C:\Windows\System32\Drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation) 3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.) 3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) 0 McPvDrv; C:\Windows\System32\Drivers\McPvDrv.sys [73096 2012-09-14] (McAfee, Inc.) 3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.) 3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.) 3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.) 0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.) 3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.) 1 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.) 1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.) 3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [613888 2009-12-16] (Realtek Semiconductor Corporation ) 3 rtport; C:\Windows\SysWow64\Drivers\rtport.sys [15144 2010-05-24] (Windows (R) 2003 DDK 3790 provider) 3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () 3 mfeavfk01; [x] ==================== NetSvcs (Whitelisted) ==================== NETSVC: euq_monitor -> C:\Windows\system32\wceusbsh.dll (Oak Technology Inc.) ATTENTION! ====> ZeroAccess ==================== One Month Created Files and Folders ======== 2012-10-11 17:54 - 2009-07-13 17:15 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll 2012-10-11 17:54 - 2009-07-13 17:15 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll 2012-10-11 17:54 - 2009-06-17 17:15 - 00049480 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfesmfk.sys 2012-10-11 17:54 - 2009-06-17 17:08 - 00040904 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdk.sys 2012-10-11 17:54 - 2009-04-08 21:23 - 00176144 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\Mpfp.sys 2012-10-11 17:53 - 2009-07-13 17:41 - 01026048 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll 2012-10-11 17:53 - 2009-07-13 17:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\corpol.dll 2012-10-08 23:42 - 2012-10-08 23:43 - 00000000 ____D C:\Users\Josh\AppData\Local\Eastman_Kodak_Company 2012-10-08 23:42 - 2012-10-08 23:42 - 00002156 ____A C:\Users\Public\Desktop\KODAK AiO Home Center.lnk 2012-10-08 23:40 - 2012-10-08 23:40 - 00002075 ____A C:\Users\Public\Desktop\Get CleanPrint.lnk 2012-10-08 23:40 - 2012-10-08 23:40 - 00000000 ____D C:\Windows\SysWOW64\kodak 2012-10-08 23:39 - 2012-10-08 23:39 - 00000000 ____D C:\Program Files (x86)\Kodak 2012-10-08 23:21 - 2012-10-08 23:21 - 00000000 ____D C:\Windows\System32\kodak 2012-10-08 04:26 - 2012-10-08 04:26 - 00000000 ____D C:\Users\Josh\AppData\Local\{E0873931-0079-4430-AC6F-7F6C9EEFCC20} 2012-10-07 15:23 - 2012-10-07 15:22 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-10-07 15:23 - 2012-10-07 15:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-10-07 15:23 - 2012-10-07 15:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-10-07 15:23 - 2012-10-07 15:22 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2012-10-07 15:15 - 2012-10-07 15:15 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7 (1).exe 2012-10-07 15:07 - 2012-10-07 15:07 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7.exe 2012-10-07 15:04 - 2012-10-07 15:04 - 00002255 ____A C:\Users\Josh\Desktop\Google Chrome.lnk 2012-10-07 14:26 - 2012-10-08 23:27 - 00001828 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk 2012-10-07 14:25 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files (x86)\McAfeeMOBK 2012-10-07 14:25 - 2012-09-14 07:26 - 00073096 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys 2012-10-07 14:25 - 2012-04-20 07:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys 2012-10-07 14:25 - 2010-04-13 11:10 - 00066040 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\MOBK.sys 2012-10-07 14:24 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files\McAfee 2012-10-07 14:24 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files\Common Files\McAfee 2012-10-07 14:24 - 2012-10-07 14:24 - 00000000 ____D C:\Program Files\McAfee.com 2012-10-07 14:24 - 2012-10-07 14:24 - 00000000 ____D C:\Program Files (x86)\McAfee.com 2012-10-07 14:24 - 2012-07-17 05:55 - 00069672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys 2012-10-07 14:24 - 2012-07-17 05:51 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys 2012-10-07 14:24 - 2012-07-17 05:51 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys 2012-10-07 14:24 - 2012-07-17 05:49 - 00513456 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys 2012-10-07 14:24 - 2012-07-17 05:48 - 00300392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys 2012-10-07 14:09 - 2012-07-17 05:52 - 00177144 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe 2012-10-07 13:54 - 2012-10-07 13:55 - 04874920 ____A (McAfee, Inc.) C:\Users\Josh\Downloads\McAfeeSetup.exe 2012-10-07 13:49 - 2012-10-07 13:50 - 00000000 ____D C:\Users\Josh\AppData\Local\{FA44FDCF-D5EB-4907-88FB-D9F30C82F53C} 2012-10-07 13:48 - 2012-10-07 13:48 - 00000000 ____D C:\Users\Josh\AppData\Local\Sony Ericsson 2012-10-07 13:00 - 2012-10-07 13:00 - 00000000 ____D C:\Users\Josh\AppData\Local\{81EF6C0D-2341-47D4-B253-4F38ECB01022} 2012-10-07 12:21 - 2012-10-07 12:21 - 00000000 ____D C:\Users\Josh\AppData\Local\{73420DA8-E83C-41A0-924B-7CB4466AD86D} 2012-10-07 08:39 - 2012-10-07 14:25 - 00000000 __RSD C:\Users\Josh\Documents\McAfee Vaults 2012-10-07 08:39 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files (x86)\McAfee Online Backup 2012-10-07 08:39 - 2012-10-07 08:39 - 00000000 ____D C:\Users\Josh\AppData\Local\McAfee Anti-Theft 2012-10-07 08:15 - 2012-10-07 08:15 - 00000000 ____D C:\Users\Josh\AppData\Local\{EA091D8C-13FF-4F44-B7FC-020E6AAFBB65} 2012-10-07 07:53 - 2012-10-07 07:53 - 00000236 ____A C:\Users\Josh\AppData\Local\LaunchHomeCenter.log 2012-10-07 07:45 - 2012-10-07 07:45 - 00000000 ____D C:\Users\Josh\AppData\Local\Eastman Kodak Company 2012-10-07 07:36 - 2012-10-07 07:36 - 00000000 ____D C:\Users\Josh\AppData\Roaming\KODAK AiO Home Center853474285 2012-10-07 07:32 - 2012-10-11 01:58 - 00000000 ____D C:\Users\All Users\Kodak 2012-10-07 07:30 - 2012-10-07 07:30 - 00000000 ____D C:\Users\Josh\AppData\Local\{9D03CE4F-FF35-42D1-9874-2364A67E3C6D} 2012-10-05 14:09 - 2012-10-05 14:11 - 00000000 ____D C:\Users\Josh\Downloads\WZRD - WZRD [CD-Rip][2012] 2012-10-05 02:55 - 2012-10-07 21:12 - 00000000 ____D C:\Program Files (x86)\Ask.com 2012-10-05 02:44 - 2012-10-05 02:44 - 00000000 ____D C:\Users\All Users\Ask 2012-10-05 02:41 - 2012-10-05 02:42 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jxpiinstall(2).exe 2012-10-01 09:31 - 2012-10-01 09:31 - 00000000 ____D C:\Users\Josh\Documents\PHYSIO WORK 2012-09-29 18:57 - 2012-09-30 22:35 - 00000000 ____D C:\Users\Josh\AppData\Local\{D66296A4-3019-45FA-8AE3-3CE039D52C22} 2012-09-28 16:09 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Spotify 2012-09-28 16:09 - 2012-09-28 16:09 - 00087360 ____A (Spotify Ltd) C:\Users\Josh\Downloads\SpotifySetup.exe 2012-09-28 16:09 - 2012-09-28 16:09 - 00001799 ____A C:\Users\Josh\Desktop\Spotify.lnk 2012-09-28 16:09 - 2012-09-28 16:09 - 00000000 ____D C:\Users\Josh\AppData\Local\Spotify 2012-09-25 07:52 - 2012-09-25 07:53 - 31175144 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-i586.exe 2012-09-25 03:01 - 2012-09-25 03:01 - 00000000 ____D C:\Users\Josh\AppData\Local\{3A981D52-02A1-4469-8C23-53F5310CC80E} 2012-09-23 16:34 - 2012-09-23 16:34 - 02059280 ____A C:\Users\Josh\Downloads\WiFi-Tool.exe 2012-09-23 09:18 - 2012-09-23 09:18 - 00000000 ____D C:\Users\All Users\Brunel University 2012-09-23 09:18 - 2012-09-23 09:18 - 00000000 ____D C:\Program Files (x86)\Brunel University 2012-09-23 09:18 - 2006-04-18 07:39 - 00063488 ____A C:\Windows\SysWOW64\shdocvw.oca 2012-09-23 09:18 - 2004-03-08 17:00 - 00132880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX 2012-09-23 09:18 - 2003-03-18 12:20 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll 2012-09-23 09:18 - 2000-12-05 15:00 - 00109248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX 2012-09-23 09:18 - 2000-05-21 15:00 - 00203976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX 2012-09-23 09:18 - 1998-06-23 15:00 - 00067376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx 2012-09-23 09:17 - 2012-09-23 09:17 - 05750824 ____A C:\Users\Josh\Downloads\ConnectAssistant.exe 2012-09-23 09:02 - 2012-09-23 09:02 - 00000000 ____D C:\Users\Josh\AppData\Local\{6EDBBF54-31BD-4216-A10D-C2C33E4B6514} 2012-09-22 18:00 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-09-22 18:00 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-09-22 18:00 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-09-22 18:00 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-09-22 18:00 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-09-22 18:00 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-09-22 18:00 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-09-22 18:00 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-09-22 18:00 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-09-22 18:00 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-09-22 18:00 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-09-22 18:00 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-09-22 18:00 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-09-22 18:00 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-09-22 18:00 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-09-22 18:00 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-09-22 18:00 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-09-22 18:00 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-09-22 18:00 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-09-22 18:00 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-09-22 18:00 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-09-22 18:00 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-09-22 18:00 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-09-22 18:00 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-09-22 18:00 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-09-22 18:00 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2012-09-22 18:00 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-09-22 18:00 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2012-09-22 18:00 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-09-22 18:00 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-09-22 18:00 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-09-22 18:00 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-09-21 09:10 - 2012-09-21 09:10 - 00000000 ____D C:\Users\Josh\AppData\Local\{7A43CF56-84B7-48C7-9BE8-A7AAF4695572} 2012-09-21 08:27 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\Downloads\tenancy agreement_files 2012-09-21 08:27 - 2012-09-21 08:27 - 00017074 ____A C:\Users\Josh\Downloads\tenancy agreement.htm 2012-09-21 07:56 - 2012-09-21 07:56 - 00000000 ____D C:\Users\Josh\AppData\Local\{E18B97AC-7EA0-49D1-A00A-BEE8872BA7C0} 2012-09-18 12:01 - 2012-09-18 12:01 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Program Files\iTunes 2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Program Files (x86)\iTunes 2012-09-18 12:00 - 2012-09-18 12:00 - 00000000 ____D C:\Program Files\iPod 2012-09-18 12:00 - 2012-08-21 04:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys 2012-09-18 11:44 - 2012-09-18 11:44 - 00000000 ____D C:\Users\Josh\AppData\Local\{D5D2F4E6-1AD1-4BB6-BEA4-85EBB018136E} 2012-09-17 07:54 - 2012-09-17 07:54 - 00000000 ____D C:\Users\Josh\AppData\Local\{CFE70119-A996-4974-8A3D-75DF8EF0A145} 2012-09-15 14:33 - 2012-09-16 02:33 - 00000000 ____D C:\Users\Josh\AppData\Local\{77BE1FA7-523E-4070-9474-0EA70D867F8E} 2012-09-15 05:44 - 2012-09-15 05:44 - 00000000 ____D C:\Users\All Users\Battle.net 2012-09-15 05:22 - 2012-09-15 05:22 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk 2012-09-14 16:55 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\Downloads\Kid Cudi - Man On The Man 2 (Deluxe) CDRip -2010- [MJN] 2012-09-14 16:17 - 2012-09-14 16:16 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2012-09-14 16:17 - 2012-09-14 16:16 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2012-09-14 16:17 - 2012-09-14 16:16 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2012-09-14 16:17 - 2012-09-14 16:16 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2012-09-14 16:16 - 2012-09-14 16:16 - 00000000 ____D C:\Program Files\Java 2012-09-14 16:12 - 2012-09-14 16:14 - 32692200 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-x64.exe 2012-09-14 15:47 - 2012-09-14 15:47 - 00933601 ____A C:\Users\Josh\Downloads\Hot girl caught pants down taking a piss.flv 2012-09-14 14:32 - 2012-08-02 09:55 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2012-09-14 14:32 - 2012-08-02 09:05 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2012-09-14 14:22 - 2012-09-14 14:23 - 00000000 ____D C:\Users\Josh\AppData\Local\{B8D4C87F-A0CB-4ADC-B977-5F08558BA28D} ==================== 3 Months Modified Files ================== 2012-10-11 09:01 - 2010-03-14 20:50 - 00702656 ____A C:\Windows\PFRO.log 2012-10-11 02:00 - 2010-03-14 19:55 - 01748913 ____A C:\Windows\WindowsUpdate.log 2012-10-11 01:58 - 2012-08-15 15:44 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3849805104-749619427-1806466223-1001UA.job 2012-10-11 01:58 - 2012-08-14 15:13 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-10-11 01:57 - 2011-10-10 11:45 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-10-10 17:08 - 2011-10-10 11:45 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-10-10 16:14 - 2009-07-13 20:51 - 00068548 ____A C:\Windows\setupact.log 2012-10-10 16:12 - 2012-08-15 15:43 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3849805104-749619427-1806466223-1001Core.job 2012-10-08 23:47 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI 2012-10-08 23:42 - 2012-10-08 23:42 - 00002156 ____A C:\Users\Public\Desktop\KODAK AiO Home Center.lnk 2012-10-08 23:40 - 2012-10-08 23:40 - 00002075 ____A C:\Users\Public\Desktop\Get CleanPrint.lnk 2012-10-08 23:27 - 2012-10-07 14:26 - 00001828 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk 2012-10-08 23:18 - 2012-08-14 15:13 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-10-08 23:18 - 2011-11-06 08:40 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-10-08 03:42 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2012-10-08 03:42 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2012-10-08 03:34 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2012-10-07 15:22 - 2012-10-07 15:23 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2012-10-07 15:22 - 2012-10-07 15:23 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2012-10-07 15:22 - 2012-10-07 15:23 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2012-10-07 15:22 - 2012-10-07 15:23 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2012-10-07 15:22 - 2012-08-14 15:29 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2012-10-07 15:22 - 2011-02-02 16:41 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2012-10-07 15:15 - 2012-10-07 15:15 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7 (1).exe 2012-10-07 15:07 - 2012-10-07 15:07 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7.exe 2012-10-07 15:04 - 2012-10-07 15:04 - 00002255 ____A C:\Users\Josh\Desktop\Google Chrome.lnk 2012-10-07 13:55 - 2012-10-07 13:54 - 04874920 ____A (McAfee, Inc.) C:\Users\Josh\Downloads\McAfeeSetup.exe 2012-10-07 07:53 - 2012-10-07 07:53 - 00000236 ____A C:\Users\Josh\AppData\Local\LaunchHomeCenter.log 2012-10-05 02:42 - 2012-10-05 02:41 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jxpiinstall(2).exe 2012-09-28 16:09 - 2012-09-28 16:09 - 00087360 ____A (Spotify Ltd) C:\Users\Josh\Downloads\SpotifySetup.exe 2012-09-28 16:09 - 2012-09-28 16:09 - 00001799 ____A C:\Users\Josh\Desktop\Spotify.lnk 2012-09-25 07:53 - 2012-09-25 07:52 - 31175144 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-i586.exe 2012-09-23 16:34 - 2012-09-23 16:34 - 02059280 ____A C:\Users\Josh\Downloads\WiFi-Tool.exe 2012-09-23 09:17 - 2012-09-23 09:17 - 05750824 ____A C:\Users\Josh\Downloads\ConnectAssistant.exe 2012-09-21 08:27 - 2012-09-21 08:27 - 00017074 ____A C:\Users\Josh\Downloads\tenancy agreement.htm 2012-09-18 12:01 - 2012-09-18 12:01 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-09-15 05:22 - 2012-09-15 05:22 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk 2012-09-14 16:16 - 2012-09-14 16:17 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2012-09-14 16:16 - 2012-09-14 16:17 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2012-09-14 16:16 - 2012-09-14 16:17 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2012-09-14 16:16 - 2012-09-14 16:17 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll 2012-09-14 16:16 - 2012-08-14 15:28 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll 2012-09-14 16:16 - 2012-08-14 15:28 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll 2012-09-14 16:14 - 2012-09-14 16:12 - 32692200 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-x64.exe 2012-09-14 15:47 - 2012-09-14 15:47 - 00933601 ____A C:\Users\Josh\Downloads\Hot girl caught pants down taking a piss.flv 2012-09-14 07:26 - 2012-10-07 14:25 - 00073096 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys 2012-08-24 03:15 - 2012-09-22 18:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-08-24 02:39 - 2012-09-22 18:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-08-24 02:31 - 2012-09-22 18:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-08-24 02:22 - 2012-09-22 18:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-08-24 02:21 - 2012-09-22 18:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-08-24 02:20 - 2012-09-22 18:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-08-24 02:18 - 2012-09-22 18:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-08-24 02:17 - 2012-09-22 18:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-08-24 02:14 - 2012-09-22 18:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-08-24 02:14 - 2012-09-22 18:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-08-24 02:13 - 2012-09-22 18:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-08-24 02:12 - 2012-09-22 18:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-08-24 02:11 - 2012-09-22 18:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-08-24 02:10 - 2012-09-22 18:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-08-24 02:09 - 2012-09-22 18:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-08-24 02:04 - 2012-09-22 18:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-08-23 23:27 - 2012-09-22 18:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2012-08-23 23:03 - 2012-09-22 18:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2012-08-23 22:59 - 2012-09-22 18:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2012-08-23 22:51 - 2012-09-22 18:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2012-08-23 22:51 - 2012-09-22 18:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2012-08-23 22:51 - 2012-09-22 18:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2012-08-23 22:49 - 2012-09-22 18:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2012-08-23 22:48 - 2012-09-22 18:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2012-08-23 22:47 - 2012-09-22 18:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2012-08-23 22:47 - 2012-09-22 18:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2012-08-23 22:47 - 2012-09-22 18:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2012-08-23 22:45 - 2012-09-22 18:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2012-08-23 22:44 - 2012-09-22 18:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2012-08-23 22:44 - 2012-09-22 18:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2012-08-23 22:43 - 2012-09-22 18:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2012-08-23 22:40 - 2012-09-22 18:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2012-08-21 04:01 - 2012-09-18 12:00 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys 2012-08-21 04:01 - 2012-05-10 07:54 - 00125872 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll 2012-08-21 04:01 - 2012-05-10 07:54 - 00106928 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll 2012-08-17 17:26 - 2010-10-19 15:40 - 00002094 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2012-08-15 19:15 - 2009-07-13 20:45 - 00352952 ____A C:\Windows\System32\FNTCACHE.DAT 2012-08-15 15:43 - 2012-08-15 15:43 - 00501248 ____A (Facebook Inc.) C:\Users\Josh\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe 2012-08-14 15:22 - 2012-08-14 15:15 - 21869552 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u5-windows-x64.exe 2012-08-14 15:22 - 2012-08-14 15:15 - 21055472 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u5-windows-i586.exe 2012-08-03 05:28 - 2012-08-03 05:27 - 02032252 ____A C:\Users\Josh\Downloads\AtlasLoot-v6.03.02(1).zip 2012-08-03 05:18 - 2012-08-03 05:18 - 00402280 ____A () C:\Users\Josh\Downloads\setup(6).exe 2012-08-02 11:19 - 2012-08-02 11:18 - 02032252 ____A C:\Users\Josh\Downloads\AtlasLoot-v6.03.02.zip 2012-08-02 09:55 - 2012-09-14 14:32 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2012-08-02 09:05 - 2012-09-14 14:32 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2012-07-29 19:07 - 2012-07-29 19:07 - 00001038 ____A C:\Users\Public\Desktop\Alarm Clock.lnk 2012-07-29 19:06 - 2012-07-29 19:06 - 01088193 ____A ( ) C:\Users\Josh\Downloads\setup(5).exe 2012-07-29 14:20 - 2012-07-29 14:20 - 00402280 ____A () C:\Users\Josh\Downloads\setup(4).exe 2012-07-28 06:22 - 2010-07-29 03:07 - 00063374 ____A C:\Windows\DirectX.log 2012-07-26 14:56 - 2012-07-26 14:56 - 00001467 ____A C:\Users\Josh\Desktop\Launcher - Shortcut.lnk 2012-07-22 08:19 - 2012-07-22 08:06 - 112963366 ____A C:\Users\Josh\Downloads\stevie wonder - Greatest Hits - 1996.rar 2012-07-18 09:31 - 2012-08-14 18:09 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-18 03:41 - 2012-07-18 03:40 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk 2012-07-18 03:36 - 2012-03-30 16:58 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-07-17 05:55 - 2012-10-07 14:24 - 00069672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys 2012-07-17 05:52 - 2012-10-07 14:09 - 00177144 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe 2012-07-17 05:52 - 2012-07-17 05:52 - 00335784 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys 2012-07-17 05:51 - 2012-10-07 14:24 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys 2012-07-17 05:51 - 2012-10-07 14:24 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys 2012-07-17 05:50 - 2012-07-17 05:50 - 00752672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys 2012-07-17 05:49 - 2012-10-07 14:24 - 00513456 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys 2012-07-17 05:48 - 2012-10-07 14:24 - 00300392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys 2012-07-17 05:48 - 2012-07-17 05:48 - 00169320 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys ZeroAccess: C:\Windows\assembly\GAC_32\Desktop.ini ZeroAccess: C:\Windows\assembly\GAC_64\Desktop.ini ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2012-10-11 02:00:36 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3949.63 MB Available physical RAM: 3334.93 MB Total Pagefile: 3947.77 MB Available Pagefile: 3333.88 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:431.13 GB) (Free:332.44 GB) NTFS 2 Drive d: () (Fixed) (Total:19.53 GB) (Free:17.33 GB) NTFS 3 Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.7 GB) NTFS ==>[System with boot components (obtained from reading drive)] 5 Drive h: () (Removable) (Total:3.73 GB) (Free:2.23 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 1024 KB Disk 1 Online 3824 MB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Recovery 15 GB 1024 KB Partition 2 Primary 100 MB 15 GB Partition 3 Primary 431 GB 15 GB Partition 0 Extended 19 GB 446 GB Partition 4 Logical 19 GB 446 GB ================================================================================== Disk: 0 Partition 1 Type : 27 Hidden: Yes Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F RECOVERY NTFS Partition 15 GB Healthy Hidden ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 431 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 D NTFS Partition 19 GB Healthy ========================================================= Partitions of Disk 1: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- * Partition 1 Primary 3824 MB 0 B ================================================================================== Disk: 1 There is no partition selected. There is no partition selected. Please select a partition and try again. ========================================================= Last Boot: 2012-09-26 07:47 ==================== End Of Log =============================