Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

%hs is missing - FRST.txt attached [Closed]


  • This topic is locked This topic is locked

#1
StephenN

StephenN

    New Member

  • Member
  • Pip
  • 2 posts
Title explains the issue, I've seen various scenarios resolved but they are obviously user specific. Thanks in advance.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2012
Ran by SYSTEM at 11-10-2012 18:26:34
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [9644576 2009-12-14] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup [16413288 2010-01-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-06-03] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0" [222504 2008-01-03] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [91432 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe" [50472 2009-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [APLangApp] "C:\Program Files (x86)\AnyPC Client\APLangApp.exe" [13312 2009-11-19] (DoctorSoft)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [NPSStartup] [x]
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-05-30] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Brunel University Connect Assistant] C:\Program Files (x86)\Brunel University\Connect\Assistant\BrunelConnectAssistant.exe [1280864 2012-07-31] (Brunel University)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe [x]
HKU\Josh\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" [328056 2010-11-15] (BitTorrent, Inc.)
HKU\Josh\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Josh\...\Run: [Sony Ericsson PC Suite] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon [393216 2008-07-02] (Sony Ericsson Mobile Communications AB)
HKU\Josh\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Josh\...\Run: [crans] rundll32.exe "C:\Users\Josh\AppData\Local\Temp\crans.dll",CompileShader [x]
HKU\Josh\...\Run: [ACFinder] "C:\Users\Josh\AppData\Local\AppCore\ACFinder\ACFinder.exe" [x]
HKU\Josh\...\Run: [Facebook Update] "C:\Users\Josh\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-08-15] (Facebook Inc.)
HKU\Josh\...\Run: [Spotify Web Helper] "C:\Users\Josh\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-09-28] ()
HKU\Josh\...\RunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2234840 2012-06-18] (Eastman Kodak Company)
HKLM\...\RunOnce: [*Restore] C:\windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 134.83.127.82 134.83.127.80 134.83.127.81
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)

==================== Services (Whitelisted) ===================

2 0182101349767567mcinstcleanup; C:\windows\TEMP\018210~1.EXE -cleanup -nolog [828032 2012-09-04] (McAfee, Inc.)
2 euq_monitor; C:\Windows\System32\wceusbsh.dll [6656 2009-07-13] (Oak Technology Inc.) ATTENTION! ====> ZeroAccess
2 Kodak AiO Status Monitor Service; "C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe" [777728 2012-06-19] (Eastman Kodak Company)
2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe" [237008 2011-06-17] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [383608 2012-09-10] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [237920 2012-07-17] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-07-17] (McAfee, Inc.)
2 mfevtp; "C:\windows\system32\mfevtps.exe" [177144 2012-07-17] (McAfee, Inc.)
2 MOBKbackup; "C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe" [231224 2010-04-13] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [247152 2009-07-07] ()

==================== Drivers (Whitelisted) =====================

3 a016bus; C:\Windows\System32\Drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
3 a016mdfl; C:\Windows\System32\Drivers\a016mdfl.sys [19496 2008-01-18] (MCCI Corporation)
3 a016mdm; C:\Windows\System32\Drivers\a016mdm.sys [146472 2008-01-18] (MCCI Corporation)
3 a016mgmt; C:\Windows\System32\Drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
3 a016obex; C:\Windows\System32\Drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
0 McPvDrv; C:\Windows\System32\Drivers\McPvDrv.sys [73096 2012-09-14] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.)
1 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.)
1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
3 rtl819xpn64; C:\Windows\System32\DRIVERS\rtl819xp.sys [613888 2009-12-16] (Realtek Semiconductor Corporation )
3 rtport; C:\Windows\SysWow64\Drivers\rtport.sys [15144 2010-05-24] (Windows ® 2003 DDK 3790 provider)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
3 mfeavfk01; [x]

==================== NetSvcs (Whitelisted) ====================

NETSVC: euq_monitor -> C:\Windows\system32\wceusbsh.dll (Oak Technology Inc.) ATTENTION! ====> ZeroAccess

==================== One Month Created Files and Folders ========

2012-10-11 17:54 - 2009-07-13 17:15 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2012-10-11 17:54 - 2009-07-13 17:15 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2012-10-11 17:54 - 2009-06-17 17:15 - 00049480 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfesmfk.sys
2012-10-11 17:54 - 2009-06-17 17:08 - 00040904 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdk.sys
2012-10-11 17:54 - 2009-04-08 21:23 - 00176144 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\Mpfp.sys
2012-10-11 17:53 - 2009-07-13 17:41 - 01026048 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2012-10-11 17:53 - 2009-07-13 17:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\corpol.dll
2012-10-08 23:42 - 2012-10-08 23:43 - 00000000 ____D C:\Users\Josh\AppData\Local\Eastman_Kodak_Company
2012-10-08 23:42 - 2012-10-08 23:42 - 00002156 ____A C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2012-10-08 23:40 - 2012-10-08 23:40 - 00002075 ____A C:\Users\Public\Desktop\Get CleanPrint.lnk
2012-10-08 23:40 - 2012-10-08 23:40 - 00000000 ____D C:\Windows\SysWOW64\kodak
2012-10-08 23:39 - 2012-10-08 23:39 - 00000000 ____D C:\Program Files (x86)\Kodak
2012-10-08 23:21 - 2012-10-08 23:21 - 00000000 ____D C:\Windows\System32\kodak
2012-10-08 04:26 - 2012-10-08 04:26 - 00000000 ____D C:\Users\Josh\AppData\Local\{E0873931-0079-4430-AC6F-7F6C9EEFCC20}
2012-10-07 15:23 - 2012-10-07 15:22 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-07 15:23 - 2012-10-07 15:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-07 15:23 - 2012-10-07 15:22 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-07 15:23 - 2012-10-07 15:22 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-07 15:15 - 2012-10-07 15:15 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7 (1).exe
2012-10-07 15:07 - 2012-10-07 15:07 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7.exe
2012-10-07 15:04 - 2012-10-07 15:04 - 00002255 ____A C:\Users\Josh\Desktop\Google Chrome.lnk
2012-10-07 14:26 - 2012-10-08 23:27 - 00001828 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk
2012-10-07 14:25 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files (x86)\McAfeeMOBK
2012-10-07 14:25 - 2012-09-14 07:26 - 00073096 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys
2012-10-07 14:25 - 2012-04-20 07:40 - 00196440 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2012-10-07 14:25 - 2010-04-13 11:10 - 00066040 ____A (Mozy, Inc.) C:\Windows\System32\Drivers\MOBK.sys
2012-10-07 14:24 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files\McAfee
2012-10-07 14:24 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files\Common Files\McAfee
2012-10-07 14:24 - 2012-10-07 14:24 - 00000000 ____D C:\Program Files\McAfee.com
2012-10-07 14:24 - 2012-10-07 14:24 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2012-10-07 14:24 - 2012-07-17 05:55 - 00069672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys
2012-10-07 14:24 - 2012-07-17 05:51 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2012-10-07 14:24 - 2012-07-17 05:51 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2012-10-07 14:24 - 2012-07-17 05:49 - 00513456 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys
2012-10-07 14:24 - 2012-07-17 05:48 - 00300392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2012-10-07 14:09 - 2012-07-17 05:52 - 00177144 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2012-10-07 13:54 - 2012-10-07 13:55 - 04874920 ____A (McAfee, Inc.) C:\Users\Josh\Downloads\McAfeeSetup.exe
2012-10-07 13:49 - 2012-10-07 13:50 - 00000000 ____D C:\Users\Josh\AppData\Local\{FA44FDCF-D5EB-4907-88FB-D9F30C82F53C}
2012-10-07 13:48 - 2012-10-07 13:48 - 00000000 ____D C:\Users\Josh\AppData\Local\Sony Ericsson
2012-10-07 13:00 - 2012-10-07 13:00 - 00000000 ____D C:\Users\Josh\AppData\Local\{81EF6C0D-2341-47D4-B253-4F38ECB01022}
2012-10-07 12:21 - 2012-10-07 12:21 - 00000000 ____D C:\Users\Josh\AppData\Local\{73420DA8-E83C-41A0-924B-7CB4466AD86D}
2012-10-07 08:39 - 2012-10-07 14:25 - 00000000 __RSD C:\Users\Josh\Documents\McAfee Vaults
2012-10-07 08:39 - 2012-10-07 14:25 - 00000000 ____D C:\Program Files (x86)\McAfee Online Backup
2012-10-07 08:39 - 2012-10-07 08:39 - 00000000 ____D C:\Users\Josh\AppData\Local\McAfee Anti-Theft
2012-10-07 08:15 - 2012-10-07 08:15 - 00000000 ____D C:\Users\Josh\AppData\Local\{EA091D8C-13FF-4F44-B7FC-020E6AAFBB65}
2012-10-07 07:53 - 2012-10-07 07:53 - 00000236 ____A C:\Users\Josh\AppData\Local\LaunchHomeCenter.log
2012-10-07 07:45 - 2012-10-07 07:45 - 00000000 ____D C:\Users\Josh\AppData\Local\Eastman Kodak Company
2012-10-07 07:36 - 2012-10-07 07:36 - 00000000 ____D C:\Users\Josh\AppData\Roaming\KODAK AiO Home Center853474285
2012-10-07 07:32 - 2012-10-11 01:58 - 00000000 ____D C:\Users\All Users\Kodak
2012-10-07 07:30 - 2012-10-07 07:30 - 00000000 ____D C:\Users\Josh\AppData\Local\{9D03CE4F-FF35-42D1-9874-2364A67E3C6D}
2012-10-05 14:09 - 2012-10-05 14:11 - 00000000 ____D C:\Users\Josh\Downloads\WZRD - WZRD [CD-Rip][2012]
2012-10-05 02:55 - 2012-10-07 21:12 - 00000000 ____D C:\Program Files (x86)\Ask.com
2012-10-05 02:44 - 2012-10-05 02:44 - 00000000 ____D C:\Users\All Users\Ask
2012-10-05 02:41 - 2012-10-05 02:42 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jxpiinstall(2).exe
2012-10-01 09:31 - 2012-10-01 09:31 - 00000000 ____D C:\Users\Josh\Documents\PHYSIO WORK
2012-09-29 18:57 - 2012-09-30 22:35 - 00000000 ____D C:\Users\Josh\AppData\Local\{D66296A4-3019-45FA-8AE3-3CE039D52C22}
2012-09-28 16:09 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Spotify
2012-09-28 16:09 - 2012-09-28 16:09 - 00087360 ____A (Spotify Ltd) C:\Users\Josh\Downloads\SpotifySetup.exe
2012-09-28 16:09 - 2012-09-28 16:09 - 00001799 ____A C:\Users\Josh\Desktop\Spotify.lnk
2012-09-28 16:09 - 2012-09-28 16:09 - 00000000 ____D C:\Users\Josh\AppData\Local\Spotify
2012-09-25 07:52 - 2012-09-25 07:53 - 31175144 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-i586.exe
2012-09-25 03:01 - 2012-09-25 03:01 - 00000000 ____D C:\Users\Josh\AppData\Local\{3A981D52-02A1-4469-8C23-53F5310CC80E}
2012-09-23 16:34 - 2012-09-23 16:34 - 02059280 ____A C:\Users\Josh\Downloads\WiFi-Tool.exe
2012-09-23 09:18 - 2012-09-23 09:18 - 00000000 ____D C:\Users\All Users\Brunel University
2012-09-23 09:18 - 2012-09-23 09:18 - 00000000 ____D C:\Program Files (x86)\Brunel University
2012-09-23 09:18 - 2006-04-18 07:39 - 00063488 ____A C:\Windows\SysWOW64\shdocvw.oca
2012-09-23 09:18 - 2004-03-08 17:00 - 00132880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2012-09-23 09:18 - 2003-03-18 12:20 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2012-09-23 09:18 - 2000-12-05 15:00 - 00109248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2012-09-23 09:18 - 2000-05-21 15:00 - 00203976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2012-09-23 09:18 - 1998-06-23 15:00 - 00067376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2012-09-23 09:17 - 2012-09-23 09:17 - 05750824 ____A C:\Users\Josh\Downloads\ConnectAssistant.exe
2012-09-23 09:02 - 2012-09-23 09:02 - 00000000 ____D C:\Users\Josh\AppData\Local\{6EDBBF54-31BD-4216-A10D-C2C33E4B6514}
2012-09-22 18:00 - 2012-08-24 03:15 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-09-22 18:00 - 2012-08-24 02:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-09-22 18:00 - 2012-08-24 02:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-09-22 18:00 - 2012-08-24 02:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-09-22 18:00 - 2012-08-24 02:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-09-22 18:00 - 2012-08-24 02:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-09-22 18:00 - 2012-08-24 02:18 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-09-22 18:00 - 2012-08-24 02:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-09-22 18:00 - 2012-08-24 02:14 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-09-22 18:00 - 2012-08-24 02:14 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-09-22 18:00 - 2012-08-24 02:13 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-09-22 18:00 - 2012-08-24 02:12 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-09-22 18:00 - 2012-08-24 02:11 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-09-22 18:00 - 2012-08-24 02:10 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-09-22 18:00 - 2012-08-24 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-09-22 18:00 - 2012-08-24 02:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-09-22 18:00 - 2012-08-23 23:27 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-09-22 18:00 - 2012-08-23 23:03 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-09-22 18:00 - 2012-08-23 22:59 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-09-22 18:00 - 2012-08-23 22:51 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-09-22 18:00 - 2012-08-23 22:51 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-09-22 18:00 - 2012-08-23 22:51 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-09-22 18:00 - 2012-08-23 22:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-09-22 18:00 - 2012-08-23 22:48 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-09-22 18:00 - 2012-08-23 22:47 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-09-22 18:00 - 2012-08-23 22:47 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-09-22 18:00 - 2012-08-23 22:47 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-09-22 18:00 - 2012-08-23 22:45 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-09-22 18:00 - 2012-08-23 22:44 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-09-22 18:00 - 2012-08-23 22:44 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-09-22 18:00 - 2012-08-23 22:43 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-09-22 18:00 - 2012-08-23 22:40 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-09-21 09:10 - 2012-09-21 09:10 - 00000000 ____D C:\Users\Josh\AppData\Local\{7A43CF56-84B7-48C7-9BE8-A7AAF4695572}
2012-09-21 08:27 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\Downloads\tenancy agreement_files
2012-09-21 08:27 - 2012-09-21 08:27 - 00017074 ____A C:\Users\Josh\Downloads\tenancy agreement.htm
2012-09-21 07:56 - 2012-09-21 07:56 - 00000000 ____D C:\Users\Josh\AppData\Local\{E18B97AC-7EA0-49D1-A00A-BEE8872BA7C0}
2012-09-18 12:01 - 2012-09-18 12:01 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Program Files\iTunes
2012-09-18 12:00 - 2012-10-07 21:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-09-18 12:00 - 2012-09-18 12:00 - 00000000 ____D C:\Program Files\iPod
2012-09-18 12:00 - 2012-08-21 04:01 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-09-18 11:44 - 2012-09-18 11:44 - 00000000 ____D C:\Users\Josh\AppData\Local\{D5D2F4E6-1AD1-4BB6-BEA4-85EBB018136E}
2012-09-17 07:54 - 2012-09-17 07:54 - 00000000 ____D C:\Users\Josh\AppData\Local\{CFE70119-A996-4974-8A3D-75DF8EF0A145}
2012-09-15 14:33 - 2012-09-16 02:33 - 00000000 ____D C:\Users\Josh\AppData\Local\{77BE1FA7-523E-4070-9474-0EA70D867F8E}
2012-09-15 05:44 - 2012-09-15 05:44 - 00000000 ____D C:\Users\All Users\Battle.net
2012-09-15 05:22 - 2012-09-15 05:22 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-09-14 16:55 - 2012-10-07 21:15 - 00000000 ____D C:\Users\Josh\Downloads\Kid Cudi - Man On The Man 2 (Deluxe) CDRip -2010- [MJN]
2012-09-14 16:17 - 2012-09-14 16:16 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-09-14 16:17 - 2012-09-14 16:16 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-09-14 16:17 - 2012-09-14 16:16 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-09-14 16:17 - 2012-09-14 16:16 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-14 16:16 - 2012-09-14 16:16 - 00000000 ____D C:\Program Files\Java
2012-09-14 16:12 - 2012-09-14 16:14 - 32692200 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-x64.exe
2012-09-14 15:47 - 2012-09-14 15:47 - 00933601 ____A C:\Users\Josh\Downloads\Hot girl caught pants down taking a piss.flv
2012-09-14 14:32 - 2012-08-02 09:55 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-09-14 14:32 - 2012-08-02 09:05 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-09-14 14:22 - 2012-09-14 14:23 - 00000000 ____D C:\Users\Josh\AppData\Local\{B8D4C87F-A0CB-4ADC-B977-5F08558BA28D}


==================== 3 Months Modified Files ==================

2012-10-11 09:01 - 2010-03-14 20:50 - 00702656 ____A C:\Windows\PFRO.log
2012-10-11 02:00 - 2010-03-14 19:55 - 01748913 ____A C:\Windows\WindowsUpdate.log
2012-10-11 01:58 - 2012-08-15 15:44 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3849805104-749619427-1806466223-1001UA.job
2012-10-11 01:58 - 2012-08-14 15:13 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-11 01:57 - 2011-10-10 11:45 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-10 17:08 - 2011-10-10 11:45 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-10 16:14 - 2009-07-13 20:51 - 00068548 ____A C:\Windows\setupact.log
2012-10-10 16:12 - 2012-08-15 15:43 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3849805104-749619427-1806466223-1001Core.job
2012-10-08 23:47 - 2009-07-13 21:13 - 00726444 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-08 23:42 - 2012-10-08 23:42 - 00002156 ____A C:\Users\Public\Desktop\KODAK AiO Home Center.lnk
2012-10-08 23:40 - 2012-10-08 23:40 - 00002075 ____A C:\Users\Public\Desktop\Get CleanPrint.lnk
2012-10-08 23:27 - 2012-10-07 14:26 - 00001828 ____A C:\Users\Public\Desktop\McAfee Total Protection.lnk
2012-10-08 23:18 - 2012-08-14 15:13 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-08 23:18 - 2011-11-06 08:40 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-08 03:42 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-08 03:42 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-08 03:34 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-07 15:22 - 2012-10-07 15:23 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-07 15:22 - 2012-10-07 15:23 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-07 15:22 - 2012-10-07 15:23 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-07 15:22 - 2012-10-07 15:23 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-07 15:22 - 2012-08-14 15:29 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-10-07 15:22 - 2011-02-02 16:41 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-10-07 15:15 - 2012-10-07 15:15 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7 (1).exe
2012-10-07 15:07 - 2012-10-07 15:07 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\chromeinstall-7u7.exe
2012-10-07 15:04 - 2012-10-07 15:04 - 00002255 ____A C:\Users\Josh\Desktop\Google Chrome.lnk
2012-10-07 13:55 - 2012-10-07 13:54 - 04874920 ____A (McAfee, Inc.) C:\Users\Josh\Downloads\McAfeeSetup.exe
2012-10-07 07:53 - 2012-10-07 07:53 - 00000236 ____A C:\Users\Josh\AppData\Local\LaunchHomeCenter.log
2012-10-05 02:42 - 2012-10-05 02:41 - 00894952 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jxpiinstall(2).exe
2012-09-28 16:09 - 2012-09-28 16:09 - 00087360 ____A (Spotify Ltd) C:\Users\Josh\Downloads\SpotifySetup.exe
2012-09-28 16:09 - 2012-09-28 16:09 - 00001799 ____A C:\Users\Josh\Desktop\Spotify.lnk
2012-09-25 07:53 - 2012-09-25 07:52 - 31175144 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-i586.exe
2012-09-23 16:34 - 2012-09-23 16:34 - 02059280 ____A C:\Users\Josh\Downloads\WiFi-Tool.exe
2012-09-23 09:17 - 2012-09-23 09:17 - 05750824 ____A C:\Users\Josh\Downloads\ConnectAssistant.exe
2012-09-21 08:27 - 2012-09-21 08:27 - 00017074 ____A C:\Users\Josh\Downloads\tenancy agreement.htm
2012-09-18 12:01 - 2012-09-18 12:01 - 00001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-09-15 05:22 - 2012-09-15 05:22 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-09-14 16:16 - 2012-09-14 16:17 - 00289768 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2012-09-14 16:16 - 2012-09-14 16:17 - 00189416 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2012-09-14 16:16 - 2012-09-14 16:17 - 00188904 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2012-09-14 16:16 - 2012-09-14 16:17 - 00108008 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-14 16:16 - 2012-08-14 15:28 - 01034216 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2012-09-14 16:16 - 2012-08-14 15:28 - 00916456 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2012-09-14 16:14 - 2012-09-14 16:12 - 32692200 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u7-windows-x64.exe
2012-09-14 15:47 - 2012-09-14 15:47 - 00933601 ____A C:\Users\Josh\Downloads\Hot girl caught pants down taking a piss.flv
2012-09-14 07:26 - 2012-10-07 14:25 - 00073096 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys
2012-08-24 03:15 - 2012-09-22 18:00 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-22 18:00 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-22 18:00 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-22 18:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-22 18:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-22 18:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-22 18:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-22 18:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-22 18:00 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-22 18:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-22 18:00 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-22 18:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-22 18:00 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-22 18:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-22 18:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-22 18:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 23:27 - 2012-09-22 18:00 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-22 18:00 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-22 18:00 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-22 18:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-22 18:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-22 18:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-22 18:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-22 18:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-22 18:00 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-22 18:00 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-22 18:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-22 18:00 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-22 18:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-22 18:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-22 18:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-22 18:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-21 04:01 - 2012-09-18 12:00 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-08-21 04:01 - 2012-05-10 07:54 - 00125872 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
2012-08-21 04:01 - 2012-05-10 07:54 - 00106928 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2012-08-17 17:26 - 2010-10-19 15:40 - 00002094 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2012-08-15 19:15 - 2009-07-13 20:45 - 00352952 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-15 15:43 - 2012-08-15 15:43 - 00501248 ____A (Facebook Inc.) C:\Users\Josh\Downloads\FacebookVideoCallSetup_v1.2.205.0.exe
2012-08-14 15:22 - 2012-08-14 15:15 - 21869552 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u5-windows-x64.exe
2012-08-14 15:22 - 2012-08-14 15:15 - 21055472 ____A (Oracle Corporation) C:\Users\Josh\Downloads\jre-7u5-windows-i586.exe
2012-08-03 05:28 - 2012-08-03 05:27 - 02032252 ____A C:\Users\Josh\Downloads\AtlasLoot-v6.03.02(1).zip
2012-08-03 05:18 - 2012-08-03 05:18 - 00402280 ____A () C:\Users\Josh\Downloads\setup(6).exe
2012-08-02 11:19 - 2012-08-02 11:18 - 02032252 ____A C:\Users\Josh\Downloads\AtlasLoot-v6.03.02.zip
2012-08-02 09:55 - 2012-09-14 14:32 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 09:05 - 2012-09-14 14:32 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2012-07-29 19:07 - 2012-07-29 19:07 - 00001038 ____A C:\Users\Public\Desktop\Alarm Clock.lnk
2012-07-29 19:06 - 2012-07-29 19:06 - 01088193 ____A ( ) C:\Users\Josh\Downloads\setup(5).exe
2012-07-29 14:20 - 2012-07-29 14:20 - 00402280 ____A () C:\Users\Josh\Downloads\setup(4).exe
2012-07-28 06:22 - 2010-07-29 03:07 - 00063374 ____A C:\Windows\DirectX.log
2012-07-26 14:56 - 2012-07-26 14:56 - 00001467 ____A C:\Users\Josh\Desktop\Launcher - Shortcut.lnk
2012-07-22 08:19 - 2012-07-22 08:06 - 112963366 ____A C:\Users\Josh\Downloads\stevie wonder - Greatest Hits - 1996.rar
2012-07-18 09:31 - 2012-08-14 18:09 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-18 03:41 - 2012-07-18 03:40 - 00002014 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-07-18 03:36 - 2012-03-30 16:58 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-17 05:55 - 2012-10-07 14:24 - 00069672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\cfwids.sys
2012-07-17 05:52 - 2012-10-07 14:09 - 00177144 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2012-07-17 05:52 - 2012-07-17 05:52 - 00335784 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2012-07-17 05:51 - 2012-10-07 14:24 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2012-07-17 05:51 - 2012-10-07 14:24 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2012-07-17 05:50 - 2012-07-17 05:50 - 00752672 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2012-07-17 05:49 - 2012-10-07 14:24 - 00513456 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfefirek.sys
2012-07-17 05:48 - 2012-10-07 14:24 - 00300392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2012-07-17 05:48 - 2012-07-17 05:48 - 00169320 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys


ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-11 02:00:36

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 3949.63 MB
Available physical RAM: 3334.93 MB
Total Pagefile: 3947.77 MB
Available Pagefile: 3333.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:431.13 GB) (Free:332.44 GB) NTFS
2 Drive d: () (Fixed) (Total:19.53 GB) (Free:17.33 GB) NTFS
3 Drive f: (RECOVERY) (Fixed) (Total:15 GB) (Free:0.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive h: () (Removable) (Total:3.73 GB) (Free:2.23 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 1024 KB
Disk 1 Online 3824 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 15 GB 1024 KB
Partition 2 Primary 100 MB 15 GB
Partition 3 Primary 431 GB 15 GB
Partition 0 Extended 19 GB 446 GB
Partition 4 Logical 19 GB 446 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F RECOVERY NTFS Partition 15 GB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 431 GB Healthy

=========================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 19 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 3824 MB 0 B

==================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

=========================================================

Last Boot: 2012-09-26 07:47

==================== End Of Log =============================

Attached Files

  • Attached File  FRST.txt   39.5KB   35 downloads

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi, I assume the system is not booting at the moment

Download the attached fixlist.txt to the same USB as FRST

Run FRST as before and press fix
Reboot the computer normally and run OTL

Download OTL to your Desktop
Secondary link
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    winsock.*
    /md5stop
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
StephenN

StephenN

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
EDIT: I've managed to get it to start up normally however I now cannot open any applications without getting error messages saying the application was unable to start correctly.

Edited by StephenN, 11 October 2012 - 05:39 PM.

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Have you tried right clicking the Icon and selecting run as Administrator ?

Failing that reboot to the recovery environment
Select command prompt and type the following command :
chkdsk C: /R
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP