Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

farbar report log


  • This topic is locked This topic is locked

#1
whoissontop

whoissontop

    Member

  • Member
  • PipPip
  • 69 posts
Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.1
Ran by SYSTEM at 2011-08-08 00:27:41
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [1482080 2009-08-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2009-10-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [34648 2009-10-28] (TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-07-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [2838912 2010-09-07] (AVAST Software)
HKLM-x32\...\Run: [BackupNowEZtray] "C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZtray.exe" -k [562944 2009-09-19] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-09-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2010-12-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [PCPowerSpeed] "C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe" [377984 2011-07-10] (Crawler.com)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\explorer.exe\mbamgui.exe" /starttray [449584 2011-07-06] (Malwarebytes Corporation)
HKU\Prototype\...\Run: [Pareto_Update] C:\Program Files (x86)\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [x]
HKU\Prototype\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [15141768 2011-06-15] (Skype Technologies S.A.)
HKLM-x32\...\RunOnce: [OTL] "C:\Users\Prototype\Desktop\OTL.exe" [579584 2011-07-28] (OldTimer Tools)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [40384 2010-09-07] (AVAST Software)
3 avast! Mail Scanner; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [40384 2010-09-07] (AVAST Software)
3 avast! Web Scanner; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [40384 2010-09-07] (AVAST Software)
3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [1493352 2010-09-22] (Microsoft Corporation)
2 MBAMService; "C:\Program Files (x86)\explorer.exe\mbamservice.exe" [366640 2011-07-06] (Malwarebytes Corporation)
2 NTI BackupNowEZSvr; C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\BackupNowEZSvr.exe [45312 2009-09-19] (NewTech Infosystems, Inc.)
2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 nlsX86cc; C:\windows\system32\nlssrv32.exe [x]
2 srvbtcclient; C:\windows\update.5.0\svchost.exe srv [x]
2 srviecheck; C:\windows\update.2\svchost.exe srv [x]
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [x]

========================== Drivers (Whitelisted) =============

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [20048 2010-09-07] (AVAST Software)
2 aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [61008 2010-09-07] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [28752 2010-09-07] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [121936 2010-09-07] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [51280 2010-09-07] (AVAST Software)
3 MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [25912 2011-07-06] (Malwarebytes Corporation)
3 NUMARK_iDJ3_MIDI; C:\Windows\System32\drivers\nkidj3_m.sys [31296 2010-03-22] (Numark)
3 NUMARK_IDJ3_USB; C:\Windows\System32\Drivers\nkidj3_u.sys [398912 2010-03-22] (Ploytec GmbH)
3 NUMARK_iDJ3_WDM; C:\Windows\System32\drivers\nkidj3_a.sys [50240 2010-03-22] (Numark)
3 StillCam; C:\Windows\System32\DRIVERS\serscan.sys [12288 2009-07-13] (Microsoft Corporation)
3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [x]
3 cpuz132; \??\C:\Users\PROTOT~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]

========================== NetSvcs ========================

============ One Month Created Files and Folders ==============

2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.2.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.1.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.0.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 0065536 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.blf
2011-07-31 13:40 - 2011-07-31 13:40 - 0000000 __SHD C:\Windows\System32\Restore
2011-07-28 14:58 - 2011-07-28 14:58 - 0004977 ____A C:\Users\Prototype\Documents\mbam-log-2011-07-28 (18-58-40).txt
2011-07-28 14:32 - 2011-07-28 14:32 - 0001026 ____A C:\Users\Public\Desktop\explorer.exe.lnk
2011-07-28 14:32 - 2011-07-28 14:32 - 0000000 ____D C:\Program Files (x86)\explorer.exe
2011-07-28 14:32 - 2011-07-06 15:52 - 0041272 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-07-28 14:32 - 2011-07-06 15:52 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-07-28 13:56 - 2011-07-28 13:56 - 9466208 ____A (Malwarebytes Corporation ) C:\Users\Prototype\Desktop\explorer.exe.exe
2011-07-28 13:52 - 2011-07-28 13:53 - 0579584 ____A (OldTimer Tools) C:\Users\Prototype\Desktop\OTL.exe
2011-07-28 12:02 - 2011-07-28 12:02 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\PCPowerSpeed
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG1
2011-07-28 11:03 - 2011-07-28 15:34 - 0000000 ___SD C:\ComboFix
2011-07-28 11:03 - 2011-07-28 15:34 - 0000000 ____D C:\Windows\ERDNT
2011-07-28 11:03 - 2011-07-28 11:03 - 0000000 ____D C:\Qoobox
2011-07-28 11:02 - 2011-07-28 11:03 - 0000000 ___SD C:\32788R22FWJFW
2011-07-28 09:54 - 2011-07-28 09:55 - 0068508 ____A C:\TDSSKiller.2.5.11.0_28.07.2011_13.54.57_log.txt
2011-07-28 09:47 - 2011-07-29 17:10 - 0063524 ____A C:\Users\Prototype\Desktop\Extras.Txt
2011-07-28 09:46 - 2011-07-29 17:09 - 0107448 ____A C:\Users\Prototype\Desktop\OTL.Txt
2011-07-28 09:39 - 2011-07-28 09:41 - 0068508 ____A C:\TDSSKiller.2.5.11.0_28.07.2011_13.39.59_log.txt
2011-07-28 09:39 - 2011-07-28 09:39 - 0000000 ____D C:\Users\Prototype\Desktop\tdsskiller
2011-07-28 09:38 - 2011-07-28 09:38 - 1383430 ____A C:\Users\Prototype\Desktop\tdsskiller.zip
2011-07-28 09:26 - 2011-07-28 09:26 - 0000000 ____D C:\_OTL
2011-07-28 06:28 - 2011-07-28 06:28 - 0062414 ____A C:\Users\Prototype\Downloads\Extras.Txt
2011-07-28 06:26 - 2011-07-28 06:26 - 0110400 ____A C:\Users\Prototype\Downloads\OTL.Txt
2011-07-28 04:16 - 2011-07-28 04:16 - 0005031 ____A C:\Users\Prototype\Documents\mbam-log-2011-07-28 (08-16-18).txt
2011-07-27 17:03 - 2011-07-27 17:03 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Malwarebytes
2011-07-27 17:02 - 2011-07-27 23:04 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-27 17:02 - 2011-07-27 17:02 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-07-27 17:02 - 2011-07-27 17:02 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-07-26 18:56 - 2011-07-26 18:56 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Template
2011-07-26 11:29 - 2011-07-27 23:04 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2011-07-26 01:17 - 2011-07-26 11:17 - 0011879 ____A C:\Windows\ddh_iplist.txt
2011-07-25 23:39 - 2011-07-30 18:10 - 0010589 ____A C:\Windows\iecheck_iplist.txt
2011-07-25 23:32 - 2011-07-30 18:10 - 0010845 ____A C:\Windows\btc_client_iplist.txt
2011-07-25 23:30 - 2011-07-31 13:37 - 0011412 ____A C:\Windows\iplist.txt
2011-07-20 04:17 - 2011-07-20 04:17 - 0000000 ____D C:\Users\Prototype\AppData\Local\{58741131-D3B0-4115-9E9C-35F1B33BB71D}
2011-07-20 04:17 - 2011-07-20 04:17 - 0000000 ____D C:\Users\Prototype\AppData\Local\{5654A2FC-E153-4F6E-BFFF-7B56DB79CB6C}
2011-07-19 10:46 - 2011-07-19 10:46 - 0000000 ____D C:\Users\Prototype\AppData\Local\{F8EC0537-A786-4E69-80F0-43CC1095CA9F}
2011-07-19 10:46 - 2011-07-19 10:46 - 0000000 ____D C:\Users\Prototype\AppData\Local\{49E0FA6A-08E4-4C3E-9E95-32B08CD24837}
2011-07-18 23:20 - 2011-04-22 17:29 - 2303488 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-07-18 23:20 - 2011-04-22 17:20 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-07-18 23:20 - 2011-04-22 17:19 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-07-18 23:20 - 2011-04-22 17:19 - 2136064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-07-18 23:20 - 2011-04-22 17:19 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-07-18 23:20 - 2011-04-22 17:17 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-07-18 23:20 - 2011-04-22 15:35 - 1797632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-07-18 23:20 - 2011-04-22 15:26 - 1785344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-07-18 23:20 - 2011-04-22 15:26 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-07-18 23:20 - 2011-04-22 15:26 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-07-18 23:20 - 2011-04-22 15:25 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-07-18 23:20 - 2011-04-22 15:24 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-07-18 23:19 - 2011-04-22 17:37 - 17773568 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-07-18 23:19 - 2011-04-22 17:27 - 10885632 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-07-18 23:19 - 2011-04-22 17:23 - 1344000 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-07-18 23:19 - 2011-04-22 15:36 - 12269056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-07-18 23:19 - 2011-04-22 15:32 - 9703936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-07-18 23:19 - 2011-04-22 15:30 - 1102336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-07-17 18:24 - 2011-07-29 16:51 - 0001354 ____A C:\Windows\setupact.log
2011-07-17 18:24 - 2011-07-17 18:24 - 0000000 ____A C:\Windows\setuperr.log
2011-07-17 12:45 - 2011-07-17 12:45 - 1030024 ____A (Skype Technologies S.A.) C:\Users\Prototype\Downloads\SkypeSetup.exe
2011-07-17 12:41 - 2011-07-17 12:41 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk
2011-07-17 12:39 - 2011-07-18 23:39 - 0000000 ____D C:\Users\All Users\Easybits GO
2011-07-17 12:39 - 2011-07-18 23:39 - 0000000 ____D C:\ProgramData\Easybits GO
2011-07-17 12:39 - 2011-07-18 20:09 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\go
2011-07-17 12:11 - 2011-06-01 22:39 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 22:23 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:54 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 21:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 19:45 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 19:45 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 19:45 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-17 12:11 - 2011-06-01 19:45 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-14 14:46 - 2011-06-01 22:45 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-07-14 14:46 - 2011-06-01 22:44 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-07-14 14:46 - 2011-06-01 22:35 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-07-14 14:46 - 2011-05-13 23:36 - 1162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-07-14 14:46 - 2011-05-13 22:32 - 0837120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-07-14 14:45 - 2011-06-01 22:45 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-07-14 14:45 - 2011-06-01 22:45 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-07-14 14:45 - 2011-06-01 22:42 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-07-14 14:45 - 2011-06-01 21:59 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-07-14 14:45 - 2011-06-01 21:56 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-07-14 14:45 - 2011-06-01 21:54 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-07-14 14:45 - 2011-06-01 19:51 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-07-14 14:45 - 2011-06-01 19:50 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-07-14 14:45 - 2011-05-03 21:30 - 2326016 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2011-07-14 14:45 - 2011-05-03 21:28 - 2228224 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2011-07-14 14:45 - 2011-05-03 21:28 - 0779264 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2011-07-14 14:45 - 2011-05-03 21:28 - 0491520 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2011-07-14 14:45 - 2011-05-03 21:28 - 0288256 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2011-07-14 14:45 - 2011-05-03 21:28 - 0075264 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2011-07-14 14:45 - 2011-05-03 21:24 - 0593408 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2011-07-14 14:45 - 2011-05-03 21:24 - 0249856 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2011-07-14 14:45 - 2011-05-03 21:24 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2011-07-14 14:45 - 2011-05-03 20:53 - 1553920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2011-07-14 14:45 - 2011-05-03 20:52 - 1401856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2011-07-14 14:45 - 2011-05-03 20:52 - 0666624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2011-07-14 14:45 - 2011-05-03 20:52 - 0428032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2011-07-14 14:45 - 2011-05-03 20:52 - 0337408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2011-07-14 14:45 - 2011-05-03 20:52 - 0197120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2011-07-14 14:45 - 2011-05-03 20:52 - 0164352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2011-07-14 14:45 - 2011-05-03 20:52 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2011-07-14 14:45 - 2011-05-03 20:52 - 0059392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2011-07-14 14:45 - 2011-04-28 19:13 - 0461312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-07-14 14:45 - 2011-04-28 19:12 - 0399872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-07-14 14:45 - 2011-04-28 19:12 - 0161792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-07-14 14:45 - 2011-01-16 22:17 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-07-14 14:45 - 2011-01-16 21:38 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2011-07-14 14:44 - 2011-06-10 18:56 - 3134464 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-07-14 14:44 - 2011-05-24 03:21 - 0404992 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll
2011-07-14 14:44 - 2011-05-24 02:34 - 0145920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2011-07-14 14:44 - 2011-05-24 02:34 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2011-07-14 14:44 - 2011-05-24 02:34 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2011-07-14 14:44 - 2011-05-24 02:32 - 0252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2011-07-09 06:09 - 2010-12-17 22:13 - 0861184 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2011-07-09 06:09 - 2010-12-17 21:31 - 0571904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2011-07-09 06:08 - 2011-05-03 18:51 - 0287744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-07-09 06:08 - 2011-05-03 18:51 - 0157696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-07-09 06:08 - 2011-05-03 18:51 - 0126464 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-07-09 06:08 - 2011-05-02 21:21 - 0976896 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-07-09 06:08 - 2011-05-02 20:50 - 0740864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2011-07-09 06:08 - 2011-04-26 18:57 - 0102400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dfsc.sys
2011-07-09 06:08 - 2011-04-24 21:32 - 1896832 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-07-09 06:08 - 2011-04-24 18:44 - 0499712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys


============ 3 Months Modified Files and Folders =============

2011-08-08 00:27 - 2011-08-08 00:27 - 0000000 ____D C:\FRST
2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.2.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.1.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 1048576 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.0.regtrans-ms
2011-07-31 13:47 - 2011-07-31 13:47 - 0065536 __ASH C:\Windows\System32\config\components{9f3f0042-8055-11e0-a27e-00266c3eacfe}.TxR.blf
2011-07-31 13:40 - 2011-07-31 13:40 - 0000000 __SHD C:\Windows\System32\Restore
2011-07-31 13:37 - 2011-07-25 23:30 - 0011412 ____A C:\Windows\iplist.txt
2011-07-31 13:37 - 2010-03-15 14:17 - 0000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-07-31 13:37 - 2010-03-15 14:17 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-07-31 13:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\tracing
2011-07-30 23:03 - 2010-03-15 16:47 - 1478682 ____A C:\Windows\WindowsUpdate.log
2011-07-30 21:01 - 2010-03-21 19:53 - 0000412 ____A C:\Windows\Tasks\DriverCure.job
2011-07-30 18:17 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Dism
2011-07-30 18:17 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\com
2011-07-30 18:16 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ___AD C:\Windows\System32\sysprep
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\winevt
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\spool
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Speech
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Setup
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\oobe
2011-07-30 18:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\migwiz
2011-07-30 18:10 - 2011-07-25 23:39 - 0010589 ____A C:\Windows\iecheck_iplist.txt
2011-07-30 18:10 - 2011-07-25 23:32 - 0010845 ____A C:\Windows\btc_client_iplist.txt
2011-07-30 14:22 - 2010-10-12 13:56 - 0000346 ____A C:\Windows\Tasks\Regwork.job
2011-07-30 10:47 - 2011-06-07 04:19 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{9f3f0043-8055-11e0-a27e-00266c3eacfe}.TMContainer00000000000000000002.regtrans-ms
2011-07-30 10:47 - 2011-06-07 04:19 - 0065536 __ASH C:\Windows\System32\config\COMPONENTS{9f3f0043-8055-11e0-a27e-00266c3eacfe}.TM.blf
2011-07-29 17:21 - 2010-03-15 14:39 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Skype
2011-07-29 17:10 - 2011-07-28 09:47 - 0063524 ____A C:\Users\Prototype\Desktop\Extras.Txt
2011-07-29 17:09 - 2011-07-28 09:46 - 0107448 ____A C:\Users\Prototype\Desktop\OTL.Txt
2011-07-29 17:04 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-07-29 17:04 - 2009-07-13 20:45 - 0015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-07-29 16:56 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-07-29 16:51 - 2011-07-17 18:24 - 0001354 ____A C:\Windows\setupact.log
2011-07-29 16:51 - 2010-03-15 16:42 - 3016884224 __ASH C:\hiberfil.sys
2011-07-29 16:50 - 2010-03-16 01:52 - 2150027 ___AH C:\Users\Prototype\AppData\Local\IconCache.db
2011-07-28 15:34 - 2011-07-28 11:03 - 0000000 ___SD C:\ComboFix
2011-07-28 15:34 - 2011-07-28 11:03 - 0000000 ____D C:\Windows\ERDNT
2011-07-28 15:34 - 2011-05-02 19:09 - 0000000 ____D C:\Users\All Users\PCPowerSpeed
2011-07-28 15:34 - 2011-05-02 19:09 - 0000000 ____D C:\ProgramData\PCPowerSpeed
2011-07-28 15:34 - 2011-05-02 19:09 - 0000000 ____D C:\Program Files (x86)\PCPowerSpeed
2011-07-28 15:34 - 2010-09-21 16:57 - 0000000 ____D C:\Users\Prototype\AppData\Local\Downloaded Installations
2011-07-28 15:34 - 2010-06-17 12:30 - 0000000 ____D C:\Users\All Users\Yahoo! Companion
2011-07-28 15:34 - 2010-06-17 12:30 - 0000000 ____D C:\ProgramData\Yahoo! Companion
2011-07-28 15:34 - 2010-05-26 15:15 - 0000000 ____D C:\Users\Prototype\AppData\Local\Apple
2011-07-28 15:34 - 2010-03-28 02:18 - 0000000 ____D C:\Users\Prototype\AppData\Local\PC_Drivers_Headquarters
2011-07-28 15:34 - 2010-03-23 16:18 - 0000000 ____D C:\Users\Prototype\AppData\Local\Microsoft Help
2011-07-28 15:34 - 2010-03-15 16:52 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-07-28 15:34 - 2010-03-15 16:52 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-07-28 15:34 - 2010-03-15 16:49 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2011-07-28 15:34 - 2010-03-15 15:13 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\NCH Software
2011-07-28 15:34 - 2010-03-15 14:33 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-07-28 15:34 - 2010-03-15 14:33 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-07-28 15:34 - 2010-03-15 13:40 - 0000000 ____D C:\Users\Prototype\AppData\Local\Best_Buy®
2011-07-28 15:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-07-28 15:33 - 2010-11-06 09:04 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\MixVibes
2011-07-28 15:33 - 2010-08-30 11:59 - 0000000 ____D C:\Users\Prototype\AppData\Local\Citrix
2011-07-28 15:33 - 2010-08-25 05:45 - 0000000 ____D C:\Users\Prototype\AppData\Local\Microsoft Games
2011-07-28 15:33 - 2010-07-11 10:24 - 0000000 ____D C:\Users\Prototype\AppData\Local\Mozilla
2011-07-28 15:33 - 2010-04-27 05:55 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Mozilla
2011-07-28 15:33 - 2010-03-27 17:55 - 0000000 ____D C:\Users\Prototype\AppData\Local\TOSHIBA_Corporation
2011-07-28 15:33 - 2010-03-21 19:50 - 0000000 ____D C:\Users\Prototype\AppData\Local\Adobe
2011-07-28 15:33 - 2010-03-15 13:59 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Adobe
2011-07-28 15:33 - 2010-03-15 13:21 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Roxio
2011-07-28 15:33 - 2010-03-15 13:18 - 0000000 ____D C:\Users\Prototype\AppData\LocalLow
2011-07-28 15:32 - 2010-03-15 16:52 - 0000000 __RHD C:\MSOCache
2011-07-28 15:32 - 2010-03-15 16:49 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-07-28 15:32 - 2009-07-13 19:18 - 0000000 __SHD C:\$Recycle.Bin
2011-07-28 14:58 - 2011-07-28 14:58 - 0004977 ____A C:\Users\Prototype\Documents\mbam-log-2011-07-28 (18-58-40).txt
2011-07-28 14:32 - 2011-07-28 14:32 - 0001026 ____A C:\Users\Public\Desktop\explorer.exe.lnk
2011-07-28 14:32 - 2011-07-28 14:32 - 0000000 ____D C:\Program Files (x86)\explorer.exe
2011-07-28 13:56 - 2011-07-28 13:56 - 9466208 ____A (Malwarebytes Corporation ) C:\Users\Prototype\Desktop\explorer.exe.exe
2011-07-28 13:53 - 2011-07-28 13:52 - 0579584 ____A (OldTimer Tools) C:\Users\Prototype\Desktop\OTL.exe
2011-07-28 12:02 - 2011-07-28 12:02 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\PCPowerSpeed
2011-07-28 11:47 - 2010-03-15 13:18 - 0000000 ____D C:\users\Prototype
2011-07-28 11:35 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-07-28 11:26 - 2009-07-13 18:34 - 67895296 ____A C:\Windows\System32\config\software.bak
2011-07-28 11:26 - 2009-07-13 18:34 - 20971520 ____A C:\Windows\System32\config\system.bak
2011-07-28 11:26 - 2009-07-13 18:34 - 0524288 ____A C:\Windows\System32\config\default.bak
2011-07-28 11:26 - 2009-07-13 18:34 - 0262144 ____A C:\Windows\System32\config\security.bak
2011-07-28 11:26 - 2009-07-13 18:34 - 0262144 ____A C:\Windows\System32\config\sam.bak
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\system.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\software.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\security.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\sam.tmp.LOG1
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG2
2011-07-28 11:23 - 2011-07-28 11:23 - 0000000 __ASH C:\Windows\System32\config\default.tmp.LOG1
2011-07-28 11:03 - 2011-07-28 11:03 - 0000000 ____D C:\Qoobox
2011-07-28 11:03 - 2011-07-28 11:02 - 0000000 ___SD C:\32788R22FWJFW
2011-07-28 09:55 - 2011-07-28 09:54 - 0068508 ____A C:\TDSSKiller.2.5.11.0_28.07.2011_13.54.57_log.txt
2011-07-28 09:41 - 2011-07-28 09:39 - 0068508 ____A C:\TDSSKiller.2.5.11.0_28.07.2011_13.39.59_log.txt
2011-07-28 09:39 - 2011-07-28 09:39 - 0000000 ____D C:\Users\Prototype\Desktop\tdsskiller
2011-07-28 09:38 - 2011-07-28 09:38 - 1383430 ____A C:\Users\Prototype\Desktop\tdsskiller.zip
2011-07-28 09:26 - 2011-07-28 09:26 - 0000000 ____D C:\_OTL
2011-07-28 06:28 - 2011-07-28 06:28 - 0062414 ____A C:\Users\Prototype\Downloads\Extras.Txt
2011-07-28 06:26 - 2011-07-28 06:26 - 0110400 ____A C:\Users\Prototype\Downloads\OTL.Txt
2011-07-28 04:16 - 2011-07-28 04:16 - 0005031 ____A C:\Users\Prototype\Documents\mbam-log-2011-07-28 (08-16-18).txt
2011-07-27 23:04 - 2011-07-27 17:02 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-27 23:04 - 2011-07-26 11:29 - 0000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2011-07-27 19:09 - 2010-03-15 13:21 - 0079920 ____A C:\Users\Prototype\AppData\Local\GDIPFONTCACHEV1.DAT
2011-07-27 17:03 - 2011-07-27 17:03 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Malwarebytes
2011-07-27 17:02 - 2011-07-27 17:02 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-07-27 17:02 - 2011-07-27 17:02 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-07-26 18:56 - 2011-07-26 18:56 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\Template
2011-07-26 18:36 - 2010-11-04 08:43 - 0000000 ____D C:\Users\Prototype\AppData\Local\Windows Live
2011-07-26 11:17 - 2011-07-26 01:17 - 0011879 ____A C:\Windows\ddh_iplist.txt
2011-07-20 04:17 - 2011-07-20 04:17 - 0000000 ____D C:\Users\Prototype\AppData\Local\{58741131-D3B0-4115-9E9C-35F1B33BB71D}
2011-07-20 04:17 - 2011-07-20 04:17 - 0000000 ____D C:\Users\Prototype\AppData\Local\{5654A2FC-E153-4F6E-BFFF-7B56DB79CB6C}
2011-07-20 04:01 - 2009-07-13 21:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI
2011-07-19 10:46 - 2011-07-19 10:46 - 0000000 ____D C:\Users\Prototype\AppData\Local\{F8EC0537-A786-4E69-80F0-43CC1095CA9F}
2011-07-19 10:46 - 2011-07-19 10:46 - 0000000 ____D C:\Users\Prototype\AppData\Local\{49E0FA6A-08E4-4C3E-9E95-32B08CD24837}
2011-07-18 23:43 - 2009-07-13 20:45 - 0342944 ____A C:\Windows\System32\FNTCACHE.DAT
2011-07-18 23:42 - 2009-11-12 18:58 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2011-07-18 23:41 - 2011-06-07 04:19 - 0524288 __ASH C:\Windows\System32\config\COMPONENTS{9f3f0043-8055-11e0-a27e-00266c3eacfe}.TMContainer00000000000000000001.regtrans-ms
2011-07-18 23:39 - 2011-07-17 12:39 - 0000000 ____D C:\Users\All Users\Easybits GO
2011-07-18 23:39 - 2011-07-17 12:39 - 0000000 ____D C:\ProgramData\Easybits GO
2011-07-18 20:09 - 2011-07-17 12:39 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\go
2011-07-17 18:24 - 2011-07-17 18:24 - 0000000 ____A C:\Windows\setuperr.log
2011-07-17 12:45 - 2011-07-17 12:45 - 1030024 ____A (Skype Technologies S.A.) C:\Users\Prototype\Downloads\SkypeSetup.exe
2011-07-17 12:41 - 2011-07-17 12:41 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk
2011-07-17 12:41 - 2010-03-15 14:38 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-07-17 12:40 - 2010-03-15 14:38 - 0000000 ____D C:\Users\All Users\Skype
2011-07-17 12:40 - 2010-03-15 14:38 - 0000000 ____D C:\ProgramData\Skype
2011-07-17 12:39 - 2011-05-16 18:58 - 0000000 ____D C:\Users\All Users\Skype Extras
2011-07-17 12:39 - 2011-05-16 18:58 - 0000000 ____D C:\ProgramData\Skype Extras
2011-07-17 12:25 - 2010-03-15 14:44 - 0000000 ____D C:\Users\Prototype\AppData\Roaming\skypePM
2011-07-14 15:06 - 2010-07-11 10:24 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2011-07-07 06:11 - 2011-06-08 07:24 - 0000000 ____D C:\Windows\Minidump
2011-07-06 15:52 - 2011-07-28 14:32 - 0041272 ____A (Malwarebytes Corporation) C:\Windows\SysWOW64\Drivers\mbamswissarmy.sys
2011-07-06 15:52 - 2011-07-28 14:32 - 0025912 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-07-02 07:14 - 2011-07-02 07:14 - 0244638 ____A C:\Users\Prototype\Documents\isheka music.txt
2011-07-02 07:09 - 2011-07-02 07:09 - 0000000 ____D C:\Users\Prototype\AppData\Local\{4C9F0895-5D68-4EDC-89C8-D4AB4F10BE57}
2011-07-02 06:42 - 2011-07-02 06:42 - 0000000 ____D C:\Users\Prototype\AppData\Local\{1A44C1F9-6AC1-49CD-86FA-61BA5207EA4E}
2011-07-02 06:38 - 2011-07-02 06:38 - 0000000 ____D C:\Users\Prototype\AppData\Local\{B2F801C5-26C4-4FAD-B2E3-79319EAFE170}
2011-07-02 06:35 - 2011-07-02 06:35 - 0000000 ____D C:\Users\Prototype\AppData\Local\{1DE5CBCA-54F0-4082-B6BB-0B40EB3D2220}
2011-07-02 06:26 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-07-01 06:31 - 2010-03-16 01:40 - 50867144 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-06-13 09:08 - 2009-11-12 19:00 - 0000000 ____D C:\Program Files (x86)\Google
2011-06-10 18:56 - 2011-07-14 14:44 - 3134464 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-06-08 07:12 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\LiveKernelReports
2011-06-07 04:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-06-07 04:22 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\servicing
2011-06-07 04:21 - 2011-06-07 04:21 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-06-07 04:21 - 2011-06-07 04:21 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-06-07 04:21 - 2011-06-07 04:21 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-06-07 04:21 - 2011-06-07 04:21 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-06-07 04:21 - 2011-06-07 04:21 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-06-07 04:21 - 2011-06-07 04:21 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-06-07 04:21 - 2011-06-07 04:21 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0236544 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-06-07 04:21 - 2011-06-07 04:21 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-06-07 04:21 - 2011-06-07 04:21 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-06-07 04:21 - 2011-06-07 04:21 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-06-07 04:21 - 2011-06-07 04:21 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-06-07 04:21 - 2011-06-07 04:21 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-06-07 04:21 - 2011-06-07 04:21 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-06-01 22:45 - 2011-07-14 14:46 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-06-01 22:45 - 2011-07-14 14:45 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-06-01 22:45 - 2011-07-14 14:45 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-06-01 22:44 - 2011-07-14 14:46 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-06-01 22:42 - 2011-07-14 14:45 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-06-01 22:39 - 2011-07-17 12:11 - 0422400 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-06-01 22:35 - 2011-07-14 14:46 - 0338944 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-06-01 22:23 - 2011-07-17 12:11 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-06-01 22:23 - 2011-07-17 12:11 - 0003072 ___
  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
The report is either too long or incomplete. See if you can attach it to a reply.
  • 0

#3
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
my bad didnt notice that sorry.

Attached File  FRST.txt   60.63KB   189 downloads
  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
Run frst64 as you did before.

Type the following in the edit box after "Search:":

1394ohci.sys

Click Search button and wait a few minutes.

Post the log (Search.txt) it will produce in your next reply.
  • 0

#5
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Farbars Recovery Scan Tool 2.0.3
Ran by SYSTEM at 2011-08-08 01:17:15
Running from F:\

================== Search: 1394ohci.sys ===================

C:\_OTL\MovedFiles\07302011_221613\C_windows\system64\drivers\1394ohci.sys
[2009-07-13 16:07] - [2009-07-13 16:07] - 0227840 ____A (Microsoft Corporation) 1B00662092F9F9568B995902F0CC40D5

C:\Windows\winsxs\amd64_1394.inf_31bf3856ad364e35_6.1.7600.16385_none_572448461f98f8b9\1394ohci.sys
[2009-07-13 16:07] - [2009-07-13 16:07] - 0227840 ____A (Microsoft Corporation) 1B00662092F9F9568B995902F0CC40D5

C:\Windows\System32\DriverStore\FileRepository\1394.inf_amd64_neutral_c7fb486a9758e3d8\1394ohci.sys
[2009-07-13 16:07] - [2009-07-13 16:07] - 0227840 ____A (Microsoft Corporation) 1B00662092F9F9568B995902F0CC40D5

C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_1394.inf_31bf3856ad364e35_6.1.7601.17514_none_59555c0e1c877c53\1394ohci.sys
[2011-07-09 06:16] - [2010-11-20 02:44] - 0229888 ____A (Microsoft Corporation) A87D604AEA360176311474C87A63BB88

====== End Of Search ======
  • 0

#6
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
I want to take a look at the previous topic. BRB.
  • 0

#7
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
yep ok np =) you want me to link here so it makes it easier?
  • 0

#8
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
I need to check a few things before I can give you a quickfix.

Download the enclosed file. Attached File  Fixlist.txt   90bytes   236 downloads

Save it in the USB drive.

Run FRST64 as you did before and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post in your next reply. If too long, attach it to a reply.
  • 0

#9
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Attached File  Fixlog.txt   400.34KB   683 downloads
  • 0

#10
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
quick thing...the hard drive i am using is the possibly infected one(probably like 98% lol).
can this hard drive infect my computer by me plugging it into my computer and leaving it in for an extended amount of time?
threw my internet or something...?
the reason i am asking is because i had it plugged in to do the fixlist and when i had unplugged it i had a balloon pop up telling me some file failed to install(which i didnt download anything but the fixlist)...so i am wondering if the virus um is maybe trying to get into my computer now...?

it was a keylogger in there to...and this hard drive hasnt been worked on to be cleared or even checked if it needs to be. so i dunno it concerns me lol
  • 0

Advertisements


#11
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

quick thing...the hard drive i am using is the possibly infected one(probably like 98% lol).
can this hard drive infect my computer by me plugging it into my computer and leaving it in for an extended amount of time?
threw my internet or something...?
the reason i am asking is because i had it plugged in to do the fixlist and when i had unplugged it i had a balloon pop up telling me some file failed to install(which i didnt download anything but the fixlist)...so i am wondering if the virus um is maybe trying to get into my computer now...?

it was a keylogger in there to...and this hard drive hasnt been worked on to be cleared or even checked if it needs to be. so i dunno it concerns me lol

No. Next to 0. The infected computer at this time is inactve.
  • 0

#12
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
Another quick look:

Download the enclosed file. Attached File  Fixlist.txt   36bytes   170 downloads

Save it in the USB drive replacing the existing one.

Run FRST64 as you did before and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post in your next reply. If too long, attach it to a reply.
  • 0

#13
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
Attached File  Fixlog.txt   947bytes   123 downloads
  • 0

#14
whoissontop

whoissontop

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts
oh its rlly short this time, lol

Fix result of Farbars's Recovery Tool (FRST written by farbar version 2.2.1)
Ran by SYSTEM at 2011-08-08 12:15:16 R:2
Running from F:\

==============================================


========================= Folder: C:\Windows\erdnt ========================

2011-07-28 11:03 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\Hiv-backup
2011-07-28 11:23 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\subs
2011-07-28 11:05 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\Hiv-backup\Users
2011-07-28 11:05 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\Hiv-backup\Users\00000001
2011-07-28 11:23 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\subs\Users
2011-07-28 11:23 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\subs\Users\00000001
2011-07-28 11:23 - 2011-07-28 15:34 - 0000000 ____D () C:\Windows\erdnt\subs\Users\00000002
====== End of Folder: ======

==== End of Fixlog ====
  • 0

#15
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
And another quick look:

Seems Combofix was not able to run ERUNT, thus registry backups are not available. Lets check other locations.

Download the enclosed file. Attached File  Fixlist.txt   46bytes   170 downloads

Save it in the USB drive replacing the existing one.

Run FRST64 as you did before and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post in your next reply. If too long, attach it to a reply.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP