Trojan horse Dropper.Generic_c.MMI

timestepper · 04-Aug-2012, 10:52 PM #1

Hi there,

AVG is giving me an error that comes up every 10 minutes or so saying that "C:\Windows\System32\services.exe" is white listed with the Infection labled "Trojan horse Dropper.Generic_c.MMI"

Thanks in advance for any help.

HijackThis Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:36 PM, on 4/08/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Offline Course Player\OlpSynch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Users\Flynn\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: www.facebook.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [OLPSYNCH] C:\Program Files (x86)\Offline Course Player\OlpSynch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2191417977-2566835303-1415651725-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2191417977-2566835303-1415651725-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://vsrcm5.vlab.elementk.com/rcm/...iveXClient.cab
O16 - DPF: {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} (PortDetector Control) - http://khse.vlab.elementk.com/vlab/w...PortTester.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8DD17235-3F0D-4D31-AA17-3CEAEBACAC3E}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13288 bytes

D.D.S Log

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Flynn at 12:53:23 on 2012-08-04
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.12193.8187 [GMT 10:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Offline Course Player\OlpSynch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [OLPSYNCH] C:\Program Files (x86)\Offline Course Player\OlpSynch.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - hxxp://vsrcm5.vlab.elementk.com/rcm/webcontrols/vmrc/VMRCActiveXClient.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8B0F07E1-00F9-4B1B-9A2F-456DC0F54EBF} - hxxp://khse.vlab.elementk.com/vlab/webcontrols/porttester/PortTester.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4DDFD619-EFE8-4972-B781-9D2DE7F758B4} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6B2B889F-DD59-4D6F-A465-DC75A91100B0} : DhcpNameServer = 211.29.132.12 61.88.88.88
TCP: Interfaces\{8DD17235-3F0D-4D31-AA17-3CEAEBACAC3E} : NameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO-X64: IESpeakDoc - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
mRun-x64: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [OLPSYNCH] C:\Program Files (x86)\Offline Course Player\OlpSynch.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Flynn\AppData\Roaming\Mozilla\Firefox\Profiles\bshswrh8.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bcaa70d4a-e15d-48a4-9161-a97d4fadf070%7D&mid=b5263026f9fa47d0aada854de0cc20b6-e2f4f87c691748405483a0d09eeca0669031e6f9&ds=AVG&v=11.1.0.12&lang=en&pr=pr&d =2012-07-07%2013%3A58%3A55&sap=ku&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPOlp32.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\system32\DRIVERS\mv91cons.sys --> C:\Windows\system32\DRIVERS\mv91cons.sys [?]
R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?]
R0 mvs91xx;mvs91xx;C:\Windows\system32\DRIVERS\mvs91xx.sys --> C:\Windows\system32\DRIVERS\mvs91xx.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-13 74912]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-27 13592]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-15 1258856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-6-28 382312]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-7 935008]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]
R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-6-13 2321560]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-28 136176]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [2012-1-3 28320]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys --> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys --> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\system32\Drivers\AthDfu.sys --> C:\Windows\system32\Drivers\AthDfu.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-28 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-08-02 09:38:39 -------- d-----w- C:\Users\Flynn\AppData\Roaming\Oflu
2012-08-02 09:38:39 -------- d-----w- C:\Users\Flynn\AppData\Roaming\Hyyqh
2012-08-02 07:49:12 -------- d-----w- C:\Users\Flynn\AppData\Local\CrashDumps
2012-07-30 23:47:09 -------- d-----w- C:\Users\Flynn\AppData\Local\BMExplorer
2012-07-30 23:01:55 68264 ----a-w- C:\Windows\System32\e1cmsg.dll
2012-07-30 23:01:55 328368 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2012-07-30 22:58:56 1251944 ------r- C:\Windows\RtlExUpd.dll
2012-07-30 22:58:54 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-07-30 22:53:39 -------- d-----w- C:\ProgramData\Atheros
2012-07-27 03:15:53 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-07-27 03:15:39 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2012-07-27 01:08:41 452200 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2012-07-27 01:08:40 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2012-07-27 01:08:40 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2012-07-27 01:08:36 -------- d-----w- C:\Program Files (x86)\Realtek
2012-07-27 01:08:04 -------- d-----w- C:\Program Files (x86)\Renesas Electronics
2012-07-27 01:06:50 315904 ----a-w- C:\Windows\SysWow64\Difx7eef.rra
2012-07-27 01:06:48 120408 ----a-w- C:\Windows\System32\drivers\jraid.sys
2012-07-27 01:06:05 -------- d-----w- C:\Program Files\Common Files\Intel
2012-07-27 01:06:03 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2012-07-27 01:02:09 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation
2012-07-27 01:00:18 -------- d-----w- C:\Users\Flynn\AppData\Roaming\Intel Corporation
2012-07-27 00:56:35 557848 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2012-07-27 00:48:35 -------- d-----w- C:\Windows\Chipset
2012-07-27 00:48:12 296320 ----a-w- C:\Windows\System32\drivers\volsnap.sys
2012-07-12 12:55:14 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-09 00:39:56 -------- d-----w- C:\Users\Flynn\AppData\Roaming\AVG
2012-07-07 03:59:20 -------- d-----w- C:\Users\Flynn\AppData\Roaming\AVG2012
2012-07-07 03:59:02 -------- d-----w- C:\Users\Flynn\AppData\Local\AVG Secure Search
2012-07-07 03:58:53 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-07-07 03:58:53 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-07-07 03:58:53 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-07-07 03:57:58 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-07-07 03:57:29 -------- d--h--w- C:\$AVG
2012-07-07 03:57:29 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-07-07 03:57:29 -------- d-----w- C:\ProgramData\AVG2012
2012-07-07 03:57:07 -------- d-----w- C:\Program Files (x86)\AVG
2012-07-07 03:53:54 -------- d--h--w- C:\ProgramData\Common Files
2012-07-07 03:53:38 -------- d-----w- C:\ProgramData\MFAData
.
==================== Find3M ====================
.
2012-06-28 23:56:15 2667062 ----a-w- C:\Windows\System32\nvcoproc.bin
2012-06-28 23:55:57 3266408 ----a-w- C:\Windows\System32\nvsvc64.dll
2012-06-28 23:55:46 6193000 ----a-w- C:\Windows\System32\nvcpl.dll
2012-06-28 23:55:40 118120 ----a-w- C:\Windows\System32\nvmctray.dll
2012-06-28 23:55:39 891240 ----a-w- C:\Windows\System32\nvvsvc.exe
2012-06-28 23:55:39 63336 ----a-w- C:\Windows\System32\nvshext.dll
2012-06-28 07:44:42 428904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2012-06-22 01:58:19 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-22 01:58:19 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 05:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 05:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-21 13:10:56 31080 ----a-w- C:\Windows\System32\nvhdap64.dll
2012-05-21 13:10:51 188776 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2012-05-21 07:34:41 1468264 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2012-05-18 11:44:46 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-05-18 11:44:46 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-05-18 11:33:32 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
.
============= FINISH: 12:53:39.63 ===============

kevinf80 · 05-Aug-2012, 08:11 AM #2

Do the following and post the produced logs:

Step 1

Download Farbar Recovery Scan Toolx64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options I give two methods, use whichever is convenient for you.

To enter System Recovery Options from the Advanced Boot Options:

Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select Your Country as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select Your Country as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Step 2

Boot to System Recovery Options and run FRST as you did to get the log.

Type the following in the edit box after "Search:".

services.exe

It then should look like:

Click Search button and post the log (Search.txt) it makes to your reply.

Kevin...

timestepper · 05-Aug-2012, 09:37 AM #3

Scan result of Farbar Recovery Scan Tool Version: 05-08-2012 02
Ran by SYSTEM at 04-08-2012 23:33:16
Running from F:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-07-31] (Microsoft Corporation)
HKLM\...\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe" [1873256 2011-08-09] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [168216 2011-05-31] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391960 2011-05-31] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [419096 2011-05-31] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [617120 2011-03-12] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [379552 2011-03-12] (Atheros Commnucations)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [OLPSYNCH] C:\Program Files (x86)\Offline Course Player\OlpSynch.exe [42872 2011-06-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-26] (Apple Inc.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2587008 2012-04-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1107552 2012-07-06] ()
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-16] (Renesas Electronics Corporation)
HKU\Flynn\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-08-02] (Valve Corporation)
HKU\Flynn\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\Flynn\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-04] (Safer-Networking Ltd.)
HKU\UpdatusUser\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1353080 2012-08-02] (Valve Corporation)
HKU\UpdatusUser\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3514176 2011-11-10] (DT Soft Ltd)
HKU\UpdatusUser\...\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-04] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8DD17235-3F0D-4D31-AA17-3CEAEBACAC3E}: [NameServer]192.168.1.1

==================== Services (Whitelisted) ======

2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-12] (Atheros Commnucations)
2 avgfws; "C:\Program Files (x86)\AVG\AVG2012\avgfws.exe" [2321560 2012-06-12] (AVG Technologies CZ, s.r.o.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5160568 2012-07-03] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-13] (AVG Technologies CZ, s.r.o.)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-01-02] ()
2 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [935008 2012-07-06] ()

========================== Drivers (Whitelisted) =============

3 AIDA64Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [28320 2011-10-25] ()
3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [36000 2011-03-12] (Atheros)
3 ATHDFU; C:\Windows\System32\Drivers\ATHDFU.sys [51872 2011-03-12] (Windows (R) Win 7 DDK provider)
1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [48992 2011-05-22] (AVG Technologies CZ, s.r.o.)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-22] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-22] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-18] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-21] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-22] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-30] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [383808 2012-03-18] (AVG Technologies CZ, s.r.o.)
3 BTATH_A2DP; C:\Windows\System32\Drivers\BTATH_A2DP.sys [298656 2011-03-12] (Atheros)
3 BTATH_BUS; C:\Windows\System32\Drivers\BTATH_BUS.sys [28832 2011-03-12] (Atheros)
3 BTATH_HCRP; C:\Windows\System32\Drivers\BTATH_HCRP.sys [201376 2011-03-12] (Atheros)
3 BTATH_LWFLT; C:\Windows\System32\Drivers\BTATH_LWFLT.sys [55456 2011-03-12] (Atheros)
3 BTATH_RCP; C:\Windows\System32\Drivers\BTATH_RCP.sys [154272 2011-03-12] (Atheros)
3 BtFilter; C:\Windows\System32\Drivers\BtFilter.sys [280224 2011-03-12] (Atheros)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [279616 2012-01-08] (DT Soft Ltd)
0 mv91cons; C:\Windows\System32\Drivers\mv91cons.sys [24880 2011-03-14] (Marvell Semiconductor Inc.)
0 mvs91xx; C:\Windows\System32\Drivers\mvs91xx.sys [313136 2011-03-14] (Marvell Semiconductor, Inc.)
3 MSICDSetup; \??\D:\CDriver64.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-08-04 23:33 - 2012-08-04 23:33 - 00000000 ____D C:\FRST
2012-08-04 04:56 - 2012-08-04 05:03 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E06 Homecoming HDTV x264 FQM
2012-08-04 04:55 - 2012-08-04 04:55 - 00054021 ____A C:\Users\Flynn\Downloads\Falling Skies S02E06 Homecoming HDTV x264 FQM.nzb
2012-08-04 04:16 - 2012-08-04 04:22 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E05 HDTV x264 ASAP
2012-08-04 04:16 - 2012-08-04 04:16 - 00051927 ____A C:\Users\Flynn\Downloads\Falling Skies S02E05 HDTV x264 ASAP.nzb
2012-08-04 03:37 - 2012-08-04 03:44 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E04 HDTV x264 2HD
2012-08-04 03:37 - 2012-08-04 03:37 - 00049564 ____A C:\Users\Flynn\Downloads\Falling Skies S02E04 HDTV x264 2HD.nzb
2012-08-04 01:43 - 2012-08-04 03:15 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E03 HDTV x264 ASAP
2012-08-04 01:43 - 2012-08-04 01:43 - 00058025 ____A C:\Users\Flynn\Downloads\Falling Skies S02E03 HDTV x264 ASAP.nzb
2012-08-04 00:42 - 2012-08-04 00:50 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E02 HDTV x264 ASAP
2012-08-04 00:41 - 2012-08-04 00:41 - 00059238 ____A C:\Users\Flynn\Downloads\Falling Skies S02E02 HDTV x264 ASAP.nzb
2012-08-03 21:42 - 2012-08-03 21:43 - 02136664 ____A (Kaspersky Lab ZAO) C:\Users\Flynn\Downloads\tdsskiller.exe
2012-08-03 20:46 - 2012-08-03 20:55 - 00000000 ____D C:\Users\Flynn\Downloads\Falling Skies S02E01 HDTV x264 ASAP
2012-08-03 20:44 - 2012-08-03 20:44 - 00074024 ____A C:\Users\Flynn\Downloads\Falling Skies S02E01 HDTV x264 ASAP.nzb
2012-08-03 18:54 - 2012-08-03 18:54 - 00026636 ____A C:\Users\Flynn\Desktop\DDS.txt
2012-08-03 18:54 - 2012-08-03 18:54 - 00005886 ____A C:\Users\Flynn\Desktop\Attach.txt
2012-08-03 18:51 - 2012-08-03 18:51 - 00013290 ____A C:\Users\Flynn\Desktop\hijackthis.log
2012-08-03 18:47 - 2012-08-03 18:47 - 00607260 ____R (Swearware) C:\Users\Flynn\Desktop\dds.com
2012-08-03 18:46 - 2012-08-03 18:46 - 00388608 ____A (Trend Micro Inc.) C:\Users\Flynn\Desktop\HijackThis.exe
2012-08-03 18:42 - 2012-08-03 18:43 - 04725168 ____A (Swearware) C:\Users\Flynn\Desktop\ComboFix.exe
2012-08-03 03:18 - 2012-08-03 03:18 - 00228797 ____A C:\Users\Flynn\Downloads\Bernie 2011 DVDRip XviD F0RFUN.nzb
2012-08-03 01:26 - 2012-08-03 01:41 - 00000000 ____D C:\Users\Flynn\Downloads\Suits S02E07 Sucker Punch PROPER HDTV x264 FQM
2012-08-03 01:26 - 2012-08-03 01:26 - 00048059 ____A C:\Users\Flynn\Downloads\Suits S02E07 Sucker Punch PROPER HDTV x264 FQM.nzb
2012-08-02 03:09 - 2012-08-02 07:59 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E10 HDTV x264 2HD
2012-08-02 03:04 - 2012-08-02 03:10 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E09 Ders Comes in Handy HDTV x264 FQM
2012-08-02 02:58 - 2012-08-02 03:04 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E08 HDTV x264 EVOLVE
2012-08-02 02:52 - 2012-08-02 02:58 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E07 HDTV x264 ASAP
2012-08-02 02:48 - 2012-08-02 07:59 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E06 HDTV x264 ASAP
2012-08-02 02:44 - 2012-08-02 02:49 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E05 HDTV x264 ASAP
2012-08-02 02:39 - 2012-08-02 02:45 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E04 HDTV x264 ASAP
2012-08-02 02:39 - 2012-08-02 02:39 - 00052220 ____A C:\Users\Flynn\Downloads\Workaholics S03E08 HDTV x264 EVOLVE.nzb
2012-08-02 02:37 - 2012-08-02 02:37 - 00046038 ____A C:\Users\Flynn\Downloads\Workaholics S03E09 Ders Comes in Handy HDTV x264 FQM.nzb
2012-08-02 02:37 - 2012-08-02 02:37 - 00035612 ____A C:\Users\Flynn\Downloads\Workaholics S03E10 HDTV x264 2HD.nzb
2012-08-02 02:36 - 2012-08-02 02:36 - 00043911 ____A C:\Users\Flynn\Downloads\Workaholics S03E07 HDTV x264 ASAP.nzb
2012-08-02 02:36 - 2012-08-02 02:36 - 00034907 ____A C:\Users\Flynn\Downloads\Workaholics S03E06 HDTV x264 ASAP.nzb
2012-08-02 02:35 - 2012-08-02 02:40 - 00000000 ____D C:\Users\Flynn\Downloads\Anger Management S01E07 HDTV x264 EVOLVE
2012-08-02 02:35 - 2012-08-02 02:35 - 00038421 ____A C:\Users\Flynn\Downloads\Workaholics S03E04 HDTV x264 ASAP.nzb
2012-08-02 02:35 - 2012-08-02 02:35 - 00033772 ____A C:\Users\Flynn\Downloads\Workaholics S03E05 HDTV x264 ASAP.nzb
2012-08-02 02:31 - 2012-08-02 02:36 - 00000000 ____D C:\Users\Flynn\Downloads\Anger Management S01E06 HDTV x264 EVOLVE
2012-08-02 02:27 - 2012-08-02 02:34 - 00000000 ____D C:\Users\Flynn\Downloads\Anger Management S01E05 Charlie Proves Therapy is Legit HDTV x264 FQM
2012-08-02 02:22 - 2012-08-02 02:29 - 00000000 ____D C:\Users\Flynn\Downloads\Teen Wolf S02E10 iNTERNAL HDTV x264 2HD
2012-08-02 02:22 - 2012-08-02 02:22 - 00036448 ____A C:\Users\Flynn\Downloads\Anger Management S01E06 HDTV x264 EVOLVE.nzb
2012-08-02 02:22 - 2012-08-02 02:22 - 00035923 ____A C:\Users\Flynn\Downloads\Anger Management S01E07 HDTV x264 EVOLVE.nzb
2012-08-02 02:21 - 2012-08-02 02:21 - 00032562 ____A C:\Users\Flynn\Downloads\Anger Management S01E05 Charlie Proves Therapy is Legit HDTV x264 FQM.nzb
2012-08-02 02:19 - 2012-08-02 02:24 - 00000000 ____D C:\Users\Flynn\Downloads\Wilfred US S02E06 HDTV x264 LOL
2012-08-02 02:19 - 2012-08-02 02:19 - 00038330 ____A C:\Users\Flynn\Downloads\Teen Wolf S02E10 iNTERNAL HDTV x264 2HD.nzb
2012-08-02 02:15 - 2012-08-02 02:20 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E03 HDTV x264 ASAP
2012-08-02 02:15 - 2012-08-02 02:15 - 00025838 ____A C:\Users\Flynn\Downloads\Wilfred US S02E06 HDTV x264 LOL.nzb
2012-08-02 02:09 - 2012-08-02 02:09 - 00032823 ____A C:\Users\Flynn\Downloads\Workaholics S03E03 HDTV x264 ASAP.nzb
2012-08-02 01:38 - 2012-08-02 01:40 - 00000000 ____D C:\Users\Flynn\AppData\Roaming\Hyyqh
2012-08-02 01:38 - 2012-08-02 01:38 - 00000000 ____D C:\Users\Flynn\AppData\Roaming\Oflu
2012-08-02 01:36 - 2012-08-02 01:43 - 00000000 ____D C:\Users\Flynn\Downloads\Workaholics S03E02 HDTV x264 ASAP
2012-08-02 01:36 - 2012-08-02 01:36 - 00036335 ____A C:\Users\Flynn\Downloads\Workaholics S03E02 HDTV x264 ASAP.nzb
2012-08-02 01:01 - 2012-08-02 01:01 - 00035722 ____A C:\Users\Flynn\Downloads\Workaholics S03E01 HDTV x264 ASAP.nzb
2012-08-02 00:00 - 2012-08-02 21:52 - 00000000 ____D C:\Users\Flynn\Desktop\scuba
2012-08-01 23:49 - 2012-08-01 23:49 - 00000000 ____D C:\Users\Flynn\AppData\Local\CrashDumps
2012-07-30 15:47 - 2012-07-30 15:47 - 00000000 ____D C:\Users\Flynn\AppData\Local\BMExplorer
2012-07-30 15:02 - 2012-07-30 15:02 - 00000000 ____D C:\Program Files\Intel
2012-07-30 15:01 - 2012-07-30 15:01 - 00003362 ____A C:\Windows\System32\WmiConf.txt
2012-07-30 15:01 - 2011-02-08 03:03 - 00328368 ____A (Intel Corporation) C:\Windows\System32\Drivers\e1c62x64.sys
2012-07-30 15:01 - 2011-01-20 16:59 - 00068264 ____A (Intel Corporation) C:\Windows\System32\e1cmsg.dll
2012-07-30 14:59 - 2012-07-30 15:00 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2012-07-30 14:59 - 2010-11-23 02:44 - 01247848 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2012-07-30 14:59 - 2010-11-23 02:16 - 02565736 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2012-07-30 14:59 - 2010-11-21 19:39 - 00626792 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2012-07-30 14:59 - 2010-11-17 23:01 - 02186344 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2012-07-30 14:59 - 2010-11-17 19:49 - 00121744 ____A (Sony Corporation) C:\Windows\System32\SFSS_APO.dll
2012-07-30 14:59 - 2010-11-15 06:56 - 02580824 ____A (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2012-07-30 14:59 - 2010-11-15 06:56 - 01870680 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioRealtek.dll
2012-07-30 14:59 - 2010-11-10 21:27 - 00083048 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInst64.dll
2012-07-30 14:59 - 2010-11-08 02:36 - 00544768 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes64.dat
2012-07-30 14:59 - 2010-11-07 15:31 - 00375128 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2012-07-30 14:59 - 2010-11-07 15:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2012-07-30 14:59 - 2010-11-07 15:31 - 00310104 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2012-07-30 14:59 - 2010-11-07 15:31 - 00204120 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2012-07-30 14:59 - 2010-11-07 15:31 - 00101208 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2012-07-30 14:59 - 2010-11-07 15:31 - 00078680 ____A (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2012-07-30 14:59 - 2010-11-03 02:31 - 01146984 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2012-07-30 14:59 - 2010-11-03 02:31 - 00332392 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2012-07-30 14:59 - 2010-11-03 02:30 - 00149608 ____A (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 01327208 ____A (DTS) C:\Windows\System32\DTSS2SpeakerDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 01179752 ____A (DTS) C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 01111656 ____A (DTS) C:\Windows\System32\DTSBoostDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00504936 ____A (DTS) C:\Windows\System32\DTSBassEnhancementDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00491112 ____A (DTS) C:\Windows\System32\DTSSymmetryDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00475752 ____A (DTS) C:\Windows\System32\DTSVoiceClarityDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00317032 ____A (DTS) C:\Windows\System32\DTSNeoPCDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00269928 ____A (DTS) C:\Windows\System32\DTSLimiterDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00266856 ____A (DTS) C:\Windows\System32\DTSGainCompensatorDLL64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00126056 ____A (DTS) C:\Windows\System32\DTSLFXAPO64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00125544 ____A (DTS) C:\Windows\System32\DTSGFXAPO64.dll
2012-07-30 14:59 - 2010-11-03 02:29 - 00125032 ____A (DTS) C:\Windows\System32\DTSGFXAPONS64.dll
2012-07-30 14:59 - 2010-11-01 17:35 - 01718616 ____A (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll
2012-07-30 14:59 - 2010-11-01 17:35 - 00127832 ____A (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll
2012-07-30 14:59 - 2010-11-01 17:34 - 00421720 ____A (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll
2012-07-30 14:59 - 2010-11-01 17:34 - 00108888 ____A (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll
2012-07-30 14:59 - 2010-11-01 17:34 - 00074584 ____A (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll
2012-07-30 14:59 - 2010-10-28 18:29 - 01937312 ____A (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2012-07-30 14:59 - 2010-10-02 21:46 - 00341336 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO30.dll
2012-07-30 14:59 - 2010-09-26 17:34 - 00318808 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2012-07-30 14:59 - 2010-07-22 00:48 - 00220496 ____A (Virage Logic Corporation / Sonic Focus) C:\Windows\System32\SFNHK64.dll
2012-07-30 14:59 - 2010-07-22 00:48 - 00081232 ____A (Virage Logic Corporation / Sonic Focus) C:\Windows\System32\SFCOM64.dll
2012-07-30 14:59 - 2010-07-22 00:48 - 00078160 ____A (Virage Logic Corporation / Sonic Focus) C:\Windows\System32\SFAPO64.dll
2012-07-30 14:59 - 2010-07-22 00:48 - 00074064 ____A (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2012-07-30 14:59 - 2010-07-22 00:37 - 00200800 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2012-07-30 14:59 - 2010-05-06 01:34 - 00334680 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxVolumeSDAPO.dll
2012-07-30 14:59 - 2009-11-23 17:55 - 00518896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2012-07-30 14:59 - 2009-11-23 17:55 - 00211184 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2012-07-30 14:59 - 2009-11-23 17:55 - 00198896 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2012-07-30 14:59 - 2009-11-23 17:55 - 00155888 ____A (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2012-07-30 14:59 - 2009-11-18 02:42 - 02197264 ____A (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2012-07-30 14:59 - 2009-11-17 02:12 - 00108960 ____A (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2012-07-30 14:58 - 2010-10-27 18:46 - 01251944 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2012-07-30 14:53 - 2012-07-30 15:47 - 00000000 ____D C:\Users\All Users\Atheros
2012-07-26 19:17 - 2012-07-26 19:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2012-07-26 19:16 - 2012-07-26 19:16 - 00000000 ____D C:\Users\Flynn\Documents\Bluetooth Folder
2012-07-26 19:15 - 2012-07-26 19:16 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2012-07-26 17:12 - 2012-07-26 17:12 - 00018742 ____A C:\Windows\System32\results.xml
2012-07-26 17:08 - 2012-07-30 14:59 - 00000000 ____D C:\Program Files (x86)\Realtek
2012-07-26 17:08 - 2012-07-26 17:08 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics
2012-07-26 17:08 - 2011-03-21 05:22 - 00452200 ____A (Realtek ) C:\Windows\System32\Drivers\Rt64win7.sys
2012-07-26 17:08 - 2011-03-21 05:22 - 00107552 ____A (Realtek Semiconductor Corporation) C:\Windows\System32\RTNUninst64.dll
2012-07-26 17:08 - 2011-03-21 05:22 - 00074272 ____A C:\Windows\System32\RtNicProp64.dll
2012-07-26 17:06 - 2012-07-26 17:06 - 00000000 ____D C:\Program Files\Common Files\Intel
2012-07-26 17:06 - 2010-11-24 19:27 - 00120408 ____A (JMicron Technology Corp.) C:\Windows\System32\Drivers\jraid.sys
2012-07-26 17:06 - 2009-07-13 17:15 - 00315904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Difx7eef.rra
2012-07-26 17:05 - 2011-05-31 22:32 - 00510232 ____A (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
2012-07-26 17:05 - 2011-05-31 22:32 - 00419096 ____A (Intel Corporation) C:\Windows\System32\igfxpers.exe
2012-07-26 17:05 - 2011-05-31 22:32 - 00239384 ____A (Intel Corporation) C:\Windows\System32\igfxext.exe
2012-07-26 17:05 - 2011-05-31 22:32 - 00168216 ____A (Intel Corporation) C:\Windows\System32\igfxtray.exe
2012-07-26 17:05 - 2011-05-31 22:31 - 04370712 ____A (Intel Corporation) C:\Windows\System32\GfxUI.exe
2012-07-26 17:05 - 2011-05-31 22:31 - 00391960 ____A (Intel Corporation) C:\Windows\System32\hkcmd.exe
2012-07-26 17:05 - 2011-05-31 22:31 - 00179992 ____A C:\Windows\System32\difx64.exe
2012-07-26 17:05 - 2011-05-23 06:09 - 00013508 ____A C:\Windows\System32\iglhxs64.vp
2012-07-26 17:05 - 2011-05-23 02:22 - 00090112 ____A (Intel Corporation) C:\Windows\System32\igfxCoIn_v2405.dll
2012-07-26 17:05 - 2011-05-23 02:17 - 12259712 ____A (Intel Corporation) C:\Windows\System32\Drivers\igdkmd64.sys
2012-07-26 17:05 - 2011-05-23 02:17 - 07474688 ____A (Intel Corporation) C:\Windows\System32\igdumd64.dll
2012-07-26 17:05 - 2011-05-23 02:15 - 00963116 ____A C:\Windows\SysWOW64\igkrng600.bin
2012-07-26 17:05 - 2011-05-23 02:15 - 00963116 ____A C:\Windows\System32\igkrng600.bin
2012-07-26 17:05 - 2011-05-23 02:15 - 00216876 ____A C:\Windows\SysWOW64\igfcg600m.bin
2012-07-26 17:05 - 2011-05-23 02:15 - 00216876 ____A C:\Windows\System32\igfcg600m.bin
2012-07-26 17:05 - 2011-05-23 02:15 - 00145804 ____A C:\Windows\SysWOW64\igcompkrng600.bin
2012-07-26 17:05 - 2011-05-23 02:15 - 00145804 ____A C:\Windows\System32\igcompkrng600.bin
2012-07-26 17:05 - 2011-05-23 02:11 - 05699072 ____A (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2012-07-26 17:05 - 2011-05-23 02:08 - 00575488 ____A (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2012-07-26 17:05 - 2011-05-23 02:05 - 07384576 ____A (Intel Corporation) C:\Windows\System32\igd10umd64.dll
2012-07-26 17:05 - 2011-05-23 02:02 - 06067200 ____A (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2012-07-26 17:05 - 2011-05-23 01:55 - 19592192 ____A (Intel Corporation) C:\Windows\System32\ig4icd64.dll
2012-07-26 17:05 - 2011-05-23 01:44 - 14299648 ____A (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2012-07-26 17:05 - 2011-05-23 01:31 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrsky.lrc
2012-07-26 17:05 - 2011-05-23 01:31 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrrom.lrc
2012-07-26 17:05 - 2011-05-23 01:31 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrhrv.lrc
2012-07-26 17:05 - 2011-05-23 01:31 - 00208335 ____A C:\Windows\System32\Gfxres.th-TH.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00195681 ____A C:\Windows\System32\Gfxres.el-GR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00180246 ____A C:\Windows\System32\Gfxres.ru-RU.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00154366 ____A C:\Windows\System32\Gfxres.ar-SA.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00151350 ____A C:\Windows\System32\Gfxres.ja-JP.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00147392 ____A C:\Windows\System32\Gfxres.he-IL.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00138635 ____A C:\Windows\System32\Gfxres.it-IT.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00137000 ____A C:\Windows\System32\Gfxres.ko-KR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00136226 ____A C:\Windows\System32\Gfxres.de-DE.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00136172 ____A C:\Windows\System32\Gfxres.es-ES.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00135119 ____A C:\Windows\System32\Gfxres.ro-RO.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00134081 ____A C:\Windows\System32\Gfxres.fr-FR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00133868 ____A C:\Windows\System32\Gfxres.tr-TR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00133321 ____A C:\Windows\System32\Gfxres.pt-BR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00132876 ____A C:\Windows\System32\Gfxres.nl-NL.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00132861 ____A C:\Windows\System32\Gfxres.hu-HU.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00132422 ____A C:\Windows\System32\Gfxres.sv-SE.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00132299 ____A C:\Windows\System32\Gfxres.pt-PT.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00131897 ____A C:\Windows\System32\Gfxres.cs-CZ.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00131711 ____A C:\Windows\System32\Gfxres.pl-PL.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00131456 ____A C:\Windows\System32\Gfxres.fi-FI.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00131290 ____A C:\Windows\System32\Gfxres.sk-SK.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00130414 ____A C:\Windows\System32\Gfxres.hr-HR.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00127599 ____A C:\Windows\System32\Gfxres.sl-SI.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00127367 ____A C:\Windows\System32\Gfxres.nb-NO.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00127109 ____A C:\Windows\System32\Gfxres.da-DK.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00116413 ____A C:\Windows\System32\Gfxres.zh-TW.resources
2012-07-26 17:05 - 2011-05-23 01:31 - 00115195 ____A C:\Windows\System32\Gfxres.zh-CN.resources
2012-07-26 17:05 - 2011-05-23 01:30 - 00287232 ____A (Intel Corporation) C:\Windows\System32\igfxrfra.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00287232 ____A (Intel Corporation) C:\Windows\System32\igfxresn.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00287232 ____A (Intel Corporation) C:\Windows\System32\igfxrell.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrrus.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrptg.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrplk.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrnld.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrita.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrdeu.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286720 ____A (Intel Corporation) C:\Windows\System32\igfxrcsy.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrtrk.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrsve.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrslv.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrptb.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrnor.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrhun.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00286208 ____A (Intel Corporation) C:\Windows\System32\igfxrfin.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00285696 ____A (Intel Corporation) C:\Windows\System32\igfxrtha.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00285696 ____A (Intel Corporation) C:\Windows\System32\igfxrdan.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00285184 ____A (Intel Corporation) C:\Windows\System32\igfxrheb.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00283648 ____A (Intel Corporation) C:\Windows\System32\igfxrjpn.lrc
2012-07-26 17:05 - 2011-05-23 01:30 - 00283136 ____A (Intel Corporation) C:\Windows\System32\igfxrkor.lrc
2012-07-26 17:05 - 2011-05-23 01:29 - 00380928 ____A (Intel Corporation) C:\Windows\System32\igfxTMM.dll
2012-07-26 17:05 - 2011-05-23 01:29 - 00335872 ____A (Intel Corporation) C:\Windows\System32\igfxpph.dll
2012-07-26 17:05 - 2011-05-23 01:29 - 00285184 ____A (Intel Corporation) C:\Windows\System32\igfxrara.lrc
2012-07-26 17:05 - 2011-05-23 01:29 - 00282624 ____A (Intel Corporation) C:\Windows\System32\igfxrcht.lrc
2012-07-26 17:05 - 2011-05-23 01:29 - 00282624 ____A (Intel Corporation) C:\Windows\System32\igfxrchs.lrc
2012-07-26 17:05 - 2011-05-23 01:29 - 00126976 ____A (Intel Corporation) C:\Windows\System32\igfxcpl.cpl
2012-07-26 17:05 - 2011-05-23 01:29 - 00122646 ____A C:\Windows\System32\Gfxres.en-US.resources
2012-07-26 17:05 - 2011-05-23 01:29 - 00028672 ____A (Intel Corporation) C:\Windows\System32\igfxexps.dll
2012-07-26 17:05 - 2011-05-23 01:28 - 00062464 ____A (Intel Corporation) C:\Windows\System32\igfxsrvc.dll
2012-07-26 17:05 - 2011-05-23 01:27 - 00385024 ____A (Intel Corporation) C:\Windows\System32\igfxdev.dll
2012-07-26 17:05 - 2011-05-23 01:27 - 00285696 ____A (Intel Corporation) C:\Windows\System32\igfxrenu.lrc
2012-07-26 17:05 - 2011-05-23 01:27 - 00144384 ____A (Intel Corporation) C:\Windows\System32\gfxSrvc.dll
2012-07-26 17:05 - 2011-05-23 01:27 - 00109056 ____A (Intel Corporation) C:\Windows\System32\hccutils.dll
2012-07-26 17:05 - 2011-05-23 01:27 - 00004096 ____A ( ) C:\Windows\System32\IGFXDEVLib.dll
2012-07-26 17:05 - 2011-05-23 01:26 - 09014784 ____A (Intel Corporation) C:\Windows\System32\igfxress.dll
2012-07-26 17:05 - 2011-05-23 01:26 - 00142336 ____A (Intel Corporation) C:\Windows\System32\igfxdo.dll
2012-07-26 17:05 - 2011-05-23 01:22 - 00024576 ____A (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2012-07-26 17:05 - 2011-05-23 01:21 - 00288768 ____A (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 01991936 ____A C:\Windows\System32\iglhxa64.cpa
2012-07-26 17:05 - 2011-05-23 01:16 - 00368640 ____A (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00364032 ____A (Intel Corporation) C:\Windows\System32\iglhsip64.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00142848 ____A (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00122368 ____A (Intel Corporation) C:\Windows\System32\igfxcmrt64.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00095744 ____A (Intel Corporation) C:\Windows\System32\iglhcp64.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00094208 ____A C:\Windows\System32\IccLibDll_x64.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00086528 ____A (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2012-07-26 17:05 - 2011-05-23 01:16 - 00060254 ____A C:\Windows\System32\iglhxg64.vp
2012-07-26 17:05 - 2011-05-23 01:16 - 00060226 ____A C:\Windows\System32\iglhxc64.vp
2012-07-26 17:05 - 2011-05-23 01:16 - 00060015 ____A C:\Windows\System32\iglhxo64.vp
2012-07-26 17:05 - 2010-10-14 09:28 - 00317440 ____A (Intel(R) Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2012-07-26 17:05 - 2010-10-14 09:27 - 00014848 ____A (Intel(R) Corporation) C:\Windows\System32\IntcDAuC.dll
2012-07-26 17:00 - 2012-07-26 17:00 - 00000000 ____D C:\Users\Flynn\AppData\Roaming\Intel Corporation
2012-07-26 16:56 - 2011-05-19 15:53 - 00557848 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStor.sys
2012-07-26 16:48 - 2011-09-18 19:33 - 00000000 ____D C:\Windows\Chipset
2012-07-26 16:48 - 2011-02-24 22:25 - 00296320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-07-12 19:07 - 2012-07-12 19:13 - 00000000 ____D C:\Users\Flynn\Downloads\Suits S02E04 HDTV x264 ASAP
2012-07-12 19:07 - 2012-07-12 19:07 - 00049236 ____A C:\Users\Flynn\Downloads\Suits S02E04 HDTV x264 ASAP.nzb
2012-07-12 17:10 - 2012-06-28 19:37 - 26226536 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 25256296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 19828072 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 18228072 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 17559912 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 13365608 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-07-12 17:10 - 2012-06-28 19:37 - 09164648 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 07699304 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 02744680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 02573160 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 02216296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 01865064 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 01472360 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco64.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 00828264 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 00247144 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-07-12 17:10 - 2012-06-28 19:37 - 00202600 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-07-12 17:10 - 2012-05-21 05:10 - 00188776 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-07-12 17:10 - 2012-05-21 05:10 - 00031080 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-07-12 17:02 - 2012-07-12 17:06 - 176792672 ____A (NVIDIA Corporation) C:\Users\Flynn\Downloads\304.79-desktop-win8-win7-winvista-64bit-english-beta.exe
2012-07-12 04:55 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-11 19:14 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-11 19:14 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-11 19:14 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-11 19:14 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-11 19:14 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-11 19:14 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-11 19:14 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-11 19:14 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-11 19:14 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-11 19:14 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-11 19:14 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-11 19:14 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-11 19:14 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-11 19:14 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-11 19:14 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-11 19:14 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-11 19:14 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-11 19:14 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-11 19:14 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-10 03:23 - 2012-08-03 03:22 - 00000000 ____D C:\Users\Flynn\Downloads\Sherlock Holmes A Game of Shadows 2011 BDRip XVID AC3 HQ Hive CM8
2012-07-10 03:22 - 2012-07-10 03:22 - 00285239 ____A C:\Users\Flynn\Downloads\Sherlock Holmes A Game of Shadows 2011 BDRip XVID AC3 HQ Hive CM8.nzb
2012-07-08 22:09 - 2012-07-08 22:09 - 00113754 ____A C:\Users\Flynn\Downloads\Chris Addison Live DVDRip XviD HAGGiS.nzb
2012-07-08 22:03 - 2012-07-08 22:03 - 00236654 ____A C:\Users\Flynn\Downloads\Frankie Boyle If I Could Reach Out Through Your TV And Strangle You I Would DVDRip XviD HAGGiS.nzb
2012-07-08 22:02 - 2012-07-08 22:02 - 00154948 ____A C:\Users\Flynn\Downloads\Doug Stanhope No Refunds DVDRip XviD MRI.nzb
2012-07-08 22:02 - 2012-07-08 22:02 - 00122536 ____A C:\Users\Flynn\Downloads\Doug Stanhope Before Turning The Gun On Himself 2012 DVDRip XviD JETSET.nzb
2012-07-08 22:00 - 2012-07-08 22:00 - 00239269 ____A C:\Users\Flynn\Downloads\Frankie Boyle Live DVDRip XviD HAGGiS.nzb
2012-07-08 16:39 - 2012-07-08 16:41 - 00000000 ____D C:\Users\Flynn\AppData\Roaming\AVG
2012-07-08 16:38 - 2012-07-08 16:38 - 08351256 ____A (AVG ) C:\Users\Flynn\Downloads\avg_pct_stf_all_10_27.exe
2012-07-08 01:08 - 2012-07-08 01:08 - 00029778 ____A C:\Users\Flynn\Downloads\Community S03E03 HDTV XviD LOL.nzb
2012-07-07 02:11 - 2012-07-07 02:11 - 00111189 ____A C:\Users\Flynn\Downloads\Tim Minchin Rock N Roll Nerd 2008 DVDRip XviD aAF.nzb
2012-07-06 22:23 - 2012-07-10 03:16 - 00000000 ____D C:\Users\Flynn\Downloads\Continuum S01E05 REPACK HDTV x264 2HD
2012-07-06 22:16 - 2012-07-11 20:24 - 00000000 ____D C:\Users\Flynn\Downloads\Continuum S01E04 HDTV x264 2HD
2012-07-06 22:09 - 2012-07-10 03:16 - 00000000 ____D C:\Users\Flynn\Downloads\Continuum S01E03 HDTV x264 2HD
2012-07-06 22:03 - 2012-07-10 03:16 - 00000000 ____D C:\Users\Flynn\Downloads\Continuum S01E02 HDTV x264 2HD
2012-07-06 21:57 - 2012-07-10 03:16 - 00000000 ____D C:\Users\Flynn\Downloads\Continuum S01E01 HDTV x264 2HD
2012-07-06 21:56 - 2012-07-06 21:56 - 00058893 ____A C:\Users\Flynn\Downloads\Continuum S01E05 REPACK HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00056185 ____A C:\Users\Flynn\Downloads\Continuum S01E04 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00054801 ____A C:\Users\Flynn\Downloads\Continuum S01E03 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00051854 ____A C:\Users\Flynn\Downloads\Continuum S01E01 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00046845 ____A C:\Users\Flynn\Downloads\Continuum S01E02 HDTV x264 2HD.nzb
2012-07-06 19:59 - 2012-07-16 19:32 - 00000965 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-06 19:59 - 2012-07-06 19:59 - 00000000 ____D C:\Users\Flynn\AppData\Roaming\AVG2012
2012-07-06 19:59 - 2012-07-06 19:59 - 00000000 ____D C:\Users\Flynn\AppData\Local\AVG Secure Search
2012-07-06 19:58 - 2012-07-06 19:59 - 00000000 ____D C:\Users\All Users\AVG Secure Search
2012-07-06 19:58 - 2012-07-06 19:59 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search
2012-07-06 19:57 - 2012-08-04 04:21 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-07-06 19:57 - 2012-08-02 01:40 - 00000000 ____D C:\Users\All Users\AVG2012
2012-07-06 19:57 - 2012-07-08 16:39 - 00000000 ____D C:\Program Files (x86)\AVG
2012-07-06 19:57 - 2012-07-06 19:57 - 00000000 ___HD C:\$AVG
2012-07-06 19:57 - 2012-07-06 19:57 - 00000000 ____D C:\Windows\SysWOW64\Drivers\AVG
2012-07-06 19:53 - 2012-08-04 04:21 - 00000000 ____D C:\Users\All Users\MFAData
2012-07-06 19:53 - 2012-07-06 19:53 - 03879304 ____A (AVG Technologies) C:\Users\Flynn\Downloads\avg_isct_stb_all_2012_2180.exe
2012-07-05 21:03 - 2012-07-05 21:03 - 00000040 ____A C:\Users\All Users\tgmnbhmmtcnvqga

============ 3 Months Modified Files ========================

2012-08-04 05:23 - 2012-06-21 17:56 - 00010395 ____A C:\Windows\setupact.log
2012-08-04 05:23 - 2011-12-27 17:50 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-04 05:23 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-04 04:55 - 2012-08-04 04:55 - 00054021 ____A C:\Users\Flynn\Downloads\Falling Skies S02E06 Homecoming HDTV x264 FQM.nzb
2012-08-04 04:18 - 2011-12-27 17:50 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-04 04:16 - 2012-08-04 04:16 - 00051927 ____A C:\Users\Flynn\Downloads\Falling Skies S02E05 HDTV x264 ASAP.nzb
2012-08-04 03:37 - 2012-08-04 03:37 - 00049564 ____A C:\Users\Flynn\Downloads\Falling Skies S02E04 HDTV x264 2HD.nzb
2012-08-04 01:43 - 2012-08-04 01:43 - 00058025 ____A C:\Users\Flynn\Downloads\Falling Skies S02E03 HDTV x264 ASAP.nzb
2012-08-04 00:41 - 2012-08-04 00:41 - 00059238 ____A C:\Users\Flynn\Downloads\Falling Skies S02E02 HDTV x264 ASAP.nzb
2012-08-03 21:43 - 2012-08-03 21:42 - 02136664 ____A (Kaspersky Lab ZAO) C:\Users\Flynn\Downloads\tdsskiller.exe
2012-08-03 20:57 - 2009-07-13 21:13 - 00730274 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-03 20:44 - 2012-08-03 20:44 - 00074024 ____A C:\Users\Flynn\Downloads\Falling Skies S02E01 HDTV x264 ASAP.nzb
2012-08-03 18:54 - 2012-08-03 18:54 - 00026636 ____A C:\Users\Flynn\Desktop\DDS.txt
2012-08-03 18:54 - 2012-08-03 18:54 - 00005886 ____A C:\Users\Flynn\Desktop\Attach.txt
2012-08-03 18:51 - 2012-08-03 18:51 - 00013290 ____A C:\Users\Flynn\Desktop\hijackthis.log
2012-08-03 18:47 - 2012-08-03 18:47 - 00607260 ____R (Swearware) C:\Users\Flynn\Desktop\dds.com
2012-08-03 18:46 - 2012-08-03 18:46 - 00388608 ____A (Trend Micro Inc.) C:\Users\Flynn\Desktop\HijackThis.exe
2012-08-03 18:43 - 2012-08-03 18:42 - 04725168 ____A (Swearware) C:\Users\Flynn\Desktop\ComboFix.exe
2012-08-03 14:33 - 2009-07-13 20:45 - 00032096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-03 14:33 - 2009-07-13 20:45 - 00032096 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-03 03:18 - 2012-08-03 03:18 - 00228797 ____A C:\Users\Flynn\Downloads\Bernie 2011 DVDRip XviD F0RFUN.nzb
2012-08-03 01:26 - 2012-08-03 01:26 - 00048059 ____A C:\Users\Flynn\Downloads\Suits S02E07 Sucker Punch PROPER HDTV x264 FQM.nzb
2012-08-02 02:39 - 2012-08-02 02:39 - 00052220 ____A C:\Users\Flynn\Downloads\Workaholics S03E08 HDTV x264 EVOLVE.nzb
2012-08-02 02:37 - 2012-08-02 02:37 - 00046038 ____A C:\Users\Flynn\Downloads\Workaholics S03E09 Ders Comes in Handy HDTV x264 FQM.nzb
2012-08-02 02:37 - 2012-08-02 02:37 - 00035612 ____A C:\Users\Flynn\Downloads\Workaholics S03E10 HDTV x264 2HD.nzb
2012-08-02 02:36 - 2012-08-02 02:36 - 00043911 ____A C:\Users\Flynn\Downloads\Workaholics S03E07 HDTV x264 ASAP.nzb
2012-08-02 02:36 - 2012-08-02 02:36 - 00034907 ____A C:\Users\Flynn\Downloads\Workaholics S03E06 HDTV x264 ASAP.nzb
2012-08-02 02:35 - 2012-08-02 02:35 - 00038421 ____A C:\Users\Flynn\Downloads\Workaholics S03E04 HDTV x264 ASAP.nzb
2012-08-02 02:35 - 2012-08-02 02:35 - 00033772 ____A C:\Users\Flynn\Downloads\Workaholics S03E05 HDTV x264 ASAP.nzb
2012-08-02 02:22 - 2012-08-02 02:22 - 00036448 ____A C:\Users\Flynn\Downloads\Anger Management S01E06 HDTV x264 EVOLVE.nzb
2012-08-02 02:22 - 2012-08-02 02:22 - 00035923 ____A C:\Users\Flynn\Downloads\Anger Management S01E07 HDTV x264 EVOLVE.nzb
2012-08-02 02:21 - 2012-08-02 02:21 - 00032562 ____A C:\Users\Flynn\Downloads\Anger Management S01E05 Charlie Proves Therapy is Legit HDTV x264 FQM.nzb
2012-08-02 02:19 - 2012-08-02 02:19 - 00038330 ____A C:\Users\Flynn\Downloads\Teen Wolf S02E10 iNTERNAL HDTV x264 2HD.nzb
2012-08-02 02:15 - 2012-08-02 02:15 - 00025838 ____A C:\Users\Flynn\Downloads\Wilfred US S02E06 HDTV x264 LOL.nzb
2012-08-02 02:09 - 2012-08-02 02:09 - 00032823 ____A C:\Users\Flynn\Downloads\Workaholics S03E03 HDTV x264 ASAP.nzb
2012-08-02 01:36 - 2012-08-02 01:36 - 00036335 ____A C:\Users\Flynn\Downloads\Workaholics S03E02 HDTV x264 ASAP.nzb
2012-08-02 01:01 - 2012-08-02 01:01 - 00035722 ____A C:\Users\Flynn\Downloads\Workaholics S03E01 HDTV x264 ASAP.nzb
2012-08-01 22:24 - 2011-12-27 17:39 - 01367650 ____A C:\Windows\WindowsUpdate.log
2012-07-30 15:42 - 2012-02-04 06:08 - 00006524 ____A C:\Windows\PFRO.log
2012-07-30 15:40 - 2011-12-27 17:43 - 00001769 ____A C:\Windows\Language_trs.ini
2012-07-30 15:01 - 2012-07-30 15:01 - 00003362 ____A C:\Windows\System32\WmiConf.txt
2012-07-30 14:55 - 2011-12-27 17:42 - 00035925 ____A C:\Windows\Ascd_tmp.ini
2012-07-26 19:17 - 2012-07-26 19:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2012-07-26 19:16 - 2011-03-12 16:53 - 00246804 ____A C:\Windows\System32\Drivers\AtherosBt.bin
2012-07-26 17:12 - 2012-07-26 17:12 - 00018742 ____A C:\Windows\System32\results.xml
2012-07-16 19:32 - 2012-07-06 19:59 - 00000965 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-12 19:07 - 2012-07-12 19:07 - 00049236 ____A C:\Users\Flynn\Downloads\Suits S02E04 HDTV x264 ASAP.nzb
2012-07-12 17:06 - 2012-07-12 17:02 - 176792672 ____A (NVIDIA Corporation) C:\Users\Flynn\Downloads\304.79-desktop-win8-win7-winvista-64bit-english-beta.exe
2012-07-12 05:44 - 2009-07-13 20:45 - 00416760 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-12 04:54 - 2012-01-01 17:11 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-10 03:22 - 2012-07-10 03:22 - 00285239 ____A C:\Users\Flynn\Downloads\Sherlock Holmes A Game of Shadows 2011 BDRip XVID AC3 HQ Hive CM8.nzb
2012-07-09 16:42 - 2012-02-15 14:50 - 00115310 ____A C:\Windows\DirectX.log
2012-07-08 22:09 - 2012-07-08 22:09 - 00113754 ____A C:\Users\Flynn\Downloads\Chris Addison Live DVDRip XviD HAGGiS.nzb
2012-07-08 22:03 - 2012-07-08 22:03 - 00236654 ____A C:\Users\Flynn\Downloads\Frankie Boyle If I Could Reach Out Through Your TV And Strangle You I Would DVDRip XviD HAGGiS.nzb
2012-07-08 22:02 - 2012-07-08 22:02 - 00154948 ____A C:\Users\Flynn\Downloads\Doug Stanhope No Refunds DVDRip XviD MRI.nzb
2012-07-08 22:02 - 2012-07-08 22:02 - 00122536 ____A C:\Users\Flynn\Downloads\Doug Stanhope Before Turning The Gun On Himself 2012 DVDRip XviD JETSET.nzb
2012-07-08 22:00 - 2012-07-08 22:00 - 00239269 ____A C:\Users\Flynn\Downloads\Frankie Boyle Live DVDRip XviD HAGGiS.nzb
2012-07-08 16:38 - 2012-07-08 16:38 - 08351256 ____A (AVG ) C:\Users\Flynn\Downloads\avg_pct_stf_all_10_27.exe
2012-07-08 01:08 - 2012-07-08 01:08 - 00029778 ____A C:\Users\Flynn\Downloads\Community S03E03 HDTV XviD LOL.nzb
2012-07-07 02:11 - 2012-07-07 02:11 - 00111189 ____A C:\Users\Flynn\Downloads\Tim Minchin Rock N Roll Nerd 2008 DVDRip XviD aAF.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00058893 ____A C:\Users\Flynn\Downloads\Continuum S01E05 REPACK HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00056185 ____A C:\Users\Flynn\Downloads\Continuum S01E04 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00054801 ____A C:\Users\Flynn\Downloads\Continuum S01E03 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00051854 ____A C:\Users\Flynn\Downloads\Continuum S01E01 HDTV x264 2HD.nzb
2012-07-06 21:56 - 2012-07-06 21:56 - 00046845 ____A C:\Users\Flynn\Downloads\Continuum S01E02 HDTV x264 2HD.nzb
2012-07-06 19:53 - 2012-07-06 19:53 - 03879304 ____A (AVG Technologies) C:\Users\Flynn\Downloads\avg_isct_stb_all_2012_2180.exe
2012-07-05 21:03 - 2012-07-05 21:03 - 00000040 ____A C:\Users\All Users\tgmnbhmmtcnvqga
2012-07-03 17:07 - 2012-07-03 17:07 - 00520523 ____A C:\Users\Flynn\Downloads\The Ricky Gervais Show S02 DVDRip XviD iNGOT.nzb
2012-07-03 01:55 - 2012-07-03 01:55 - 00001262 ____A C:\Users\Flynn\Desktop\Spybot - Search & Destroy.lnk
2012-07-03 01:49 - 2012-07-03 01:45 - 16409960 ____A (Safer Networking Limited ) C:\Users\Flynn\Downloads\spybotsd162.exe
2012-07-02 21:30 - 2012-07-02 21:30 - 01037004 ____A C:\Users\Flynn\Downloads\Scrubs S03 DVDRip XviD SAiNTS.nzb
2012-07-01 03:48 - 2012-07-01 03:46 - 02879754 ____A C:\Users\Flynn\Downloads\Scrubs S02 DVDRip XviD FoV.nzb
2012-06-30 18:21 - 2012-06-30 18:21 - 00051869 ____A C:\Users\Flynn\Downloads\Suits S02E03 HDTV x264 ASAP.nzb
2012-06-30 18:21 - 2012-06-30 18:21 - 00039780 ____A C:\Users\Flynn\Downloads\Maxim Magazine Australia May 2012.nzb
2012-06-28 19:37 - 2012-07-12 17:10 - 26226536 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 25256296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 19828072 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 18228072 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 17559912 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 13365608 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-06-28 19:37 - 2012-07-12 17:10 - 09164648 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 07699304 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 02744680 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 02573160 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 02216296 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 01865064 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 01472360 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispgenco64.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 00828264 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 00247144 ____A (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2012-06-28 19:37 - 2012-07-12 17:10 - 00202600 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2012-06-28 19:37 - 2012-06-04 18:15 - 00060776 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-06-28 19:37 - 2012-06-04 18:15 - 00052584 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-06-28 19:37 - 2012-03-14 18:56 - 00969064 ____A (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 15290216 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 14806376 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 12388712 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 02723688 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 02422120 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 01758056 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco64.dll
2012-06-28 19:37 - 2012-01-06 06:56 - 00016048 ____A C:\Windows\System32\nvinfo.pb
2012-06-28 15:56 - 2012-03-14 18:56 - 02667062 ____A C:\Windows\System32\nvcoproc.bin
2012-06-28 15:55 - 2012-01-06 06:57 - 06193000 ____A (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2012-06-28 15:55 - 2012-01-06 06:57 - 03266408 ____A (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2012-06-28 15:55 - 2012-01-06 06:57 - 00891240 ____A (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2012-06-28 15:55 - 2012-01-06 06:57 - 00118120 ____A (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2012-06-28 15:55 - 2012-01-06 06:57 - 00063336 ____A (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2012-06-27 23:44 - 2012-06-27 23:44 - 00428904 ____A C:\Windows\SysWOW64\nvStreaming.exe
2012-06-25 18:32 - 2012-06-25 18:32 - 00289815 ____A C:\Users\Flynn\Downloads\VA Sensation Wicked Wonderland DVDRip x264 2009 ASSASS1NS.nzb
2012-06-24 22:11 - 2012-06-24 22:11 - 00066599 ____A C:\Users\Flynn\Downloads\NZB-9183.zip
2012-06-24 22:11 - 2012-06-24 22:11 - 00024260 ____A C:\Users\Flynn\Downloads\NZB-9739.zip
2012-06-24 22:10 - 2012-06-24 22:10 - 00073740 ____A C:\Users\Flynn\Downloads\NZB-7229.zip
2012-06-21 21:07 - 2012-06-21 21:07 - 00149500 ____A C:\Users\Flynn\Downloads\Suits S02E02 720p HDTV x264 IMMERSE.nzb
2012-06-21 21:07 - 2012-06-21 21:07 - 00049562 ____A C:\Users\Flynn\Downloads\Suits S02E02 HDTV x264 ASAP.nzb
2012-06-21 18:22 - 2012-01-16 15:30 - 00000040 ____A C:\Users\Flynn\Desktop\Details.txt
2012-06-21 17:58 - 2012-06-21 17:58 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-21 17:58 - 2011-12-27 19:24 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-21 17:56 - 2012-06-21 17:56 - 00000000 ____A C:\Windows\setuperr.log
2012-06-21 03:53 - 2012-06-21 03:53 - 00026993 ____A C:\Users\Flynn\Downloads\PC World USA 2012 06 pdf.nzb
2012-06-21 03:53 - 2012-06-21 03:53 - 00016050 ____A C:\Users\Flynn\Downloads\PC World New Zealand 2012 06 pdf.nzb
2012-06-19 18:03 - 2012-06-19 18:03 - 00001720 ____A C:\Users\Public\Desktop\Play League of Legends.lnk
2012-06-19 16:31 - 2012-06-19 16:31 - 02353512 ____A C:\Users\Flynn\Downloads\LeagueofLegends(1).exe
2012-06-19 05:02 - 2012-06-19 05:02 - 00159644 ____A C:\Users\Flynn\Downloads\Suits S02E01 720p HDTV x264 AVS.nzb
2012-06-19 01:02 - 2012-06-19 01:02 - 00813054 ____A C:\Users\Flynn\Downloads\Garth Marenghi's Darkplace.nzb
2012-06-19 01:02 - 2012-06-19 01:01 - 00806920 ____A C:\Users\Flynn\Downloads\The IT Crowd S03 DVDRip x264 BOB.nzb
2012-06-19 01:02 - 2012-06-19 01:01 - 00776912 ____A C:\Users\Flynn\Downloads\The IT Crowd S02 DVDRip x264 BOB.nzb
2012-06-18 16:39 - 2012-06-18 16:39 - 00122201 ____A C:\Users\Flynn\Downloads\Donald Glover Weirdo 2011 DVDRip XviD iGNiTiON(1).nzb
2012-06-18 16:39 - 2012-06-18 16:39 - 00060606 ____A C:\Users\Flynn\Downloads\Comedy Central Presents S14E09 Donald Glover HDTV XviD YesTV.nzb
2012-06-18 03:49 - 2012-06-18 03:49 - 00116742 ____A C:\Users\Flynn\Downloads\Wrath of the Titans DVDRip XviD DEPRiVED.nzb
2012-06-17 21:51 - 2012-06-17 21:51 - 00153189 ____A C:\Users\Flynn\Downloads\21 Jump Street 2012 BRRip XviD AsA.nzb
2012-06-13 21:07 - 2012-06-13 21:07 - 00072265 ____A C:\Users\Flynn\Downloads\National Geographic Historys Toughest Prisons CONVERT HDTV x264 TASTETV.nzb
2012-06-12 00:14 - 2012-06-12 00:14 - 00244352 ____A C:\Users\Flynn\Downloads\Karissa Shannon Superstar XXX DVDRip XviD Jiggly.nzb
2012-06-12 00:09 - 2012-06-12 00:09 - 00164576 ____A C:\Users\Flynn\Downloads\DancingBear 11 12 14 The Bear In The House XXX REPACK 720p MP4 KTR.nzb
2012-06-12 00:09 - 2012-06-12 00:09 - 00118639 ____A C:\Users\Flynn\Downloads\DancingBear 11 07 13 Lounging With The Bear XXX 720p MP4 IEVA.nzb
2012-06-11 19:08 - 2012-07-12 04:55 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-08 21:43 - 2012-07-11 19:14 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-11 19:14 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-11 19:14 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-11 19:14 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-11 19:14 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-11 19:14 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-11 19:14 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-11 19:14 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-05 02:00 - 2012-06-05 02:00 - 00574912 ____A C:\Users\Flynn\Downloads\Californication S03 DVDRip XviD aAF.nzb
2012-06-04 17:41 - 2012-06-04 17:41 - 00924745 ____A C:\Users\Flynn\Downloads\Californication S02 DVDRip XviD REWARD.nzb
2012-06-04 00:07 - 2012-06-04 00:06 - 00536289 ____A C:\Users\Flynn\Downloads\Californication S04 DVDRip XviD CLUE.nzb
2012-06-03 19:53 - 2012-06-03 19:52 - 02324232 ____A C:\Users\Flynn\Downloads\Californication S01 iNTERNAL DVDRip XviD NODLABS.nzb
2012-06-02 19:45 - 2012-06-02 19:45 - 00432812 ____A C:\Users\Flynn\Downloads\Ross Kemp On Gangs Season 1.nzb
2012-06-02 14:53 - 2012-06-02 14:53 - 02066336 ____A C:\Users\Flynn\Downloads\Scrubs S01 DVDRip XviD FoV [REQ] 212 days old.nzb
2012-06-02 14:19 - 2012-06-21 01:52 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-21 01:52 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-21 01:52 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-21 01:51 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-21 01:51 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-21 01:52 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-21 01:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-01 21:50 - 2012-07-11 19:14 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-11 19:14 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-11 19:14 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-11 19:14 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-11 19:14 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 21:19 - 2012-06-21 01:51 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-01 21:15 - 2012-06-21 01:51 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-01 20:40 - 2012-07-11 19:14 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-11 19:14 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-11 19:14 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-11 19:14 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-05-31 16:40 - 2012-05-31 16:40 - 01594699 ____A C:\Users\Flynn\Downloads\NCIS Los Angeles S01 DVDRip XviD REWARD.nzb
2012-05-31 16:40 - 2012-05-31 16:40 - 01366369 ____A C:\Users\Flynn\Downloads\NCIS Los Angeles S02 DVDRip XviD REWARD.nzb
2012-05-30 02:16 - 2012-05-30 02:15 - 00035678 ____A C:\Users\Flynn\Downloads\History Channel The True Story Silence of the Lambs HDTV x264 DEADPiXEL.nzb
2012-05-30 01:11 - 2012-05-30 01:11 - 00120234 ____A C:\Users\Flynn\Downloads\Project X 2012 DVDRip XviD AMIABLE.nzb
2012-05-30 01:10 - 2012-05-30 01:10 - 00362846 ____A C:\Users\Flynn\Downloads\Project X 2012 DvDRiP XviD RiPRG.nzb
2012-05-30 00:21 - 2012-05-30 00:21 - 00063427 ____A C:\Users\Flynn\Downloads\Revenge S01E17 Doubt HDTV XviD 2HD.nzb
2012-05-27 17:05 - 2012-05-27 17:05 - 00069113 ____A C:\Users\Flynn\Downloads\Bikie Wars Brothers In Arms Part 1 PDTV x264 BWB.nzb
2012-05-27 17:05 - 2012-05-27 17:05 - 00061105 ____A C:\Users\Flynn\Downloads\Bikie Wars Brothers In Arms Part 2 PDTV x264 BWB.nzb
2012-05-27 00:20 - 2012-05-27 00:20 - 00057622 ____A C:\Users\Flynn\Downloads\Revenge S01E18 HDTV XviD 2HD.nzb
2012-05-27 00:20 - 2012-05-27 00:20 - 00044177 ____A C:\Users\Flynn\Downloads\Revenge S01E20 HDTV x264 LOL.nzb
2012-05-27 00:20 - 2012-05-27 00:20 - 00041595 ____A C:\Users\Flynn\Downloads\Revenge S01E19 HDTV x264 LOL.nzb
2012-05-27 00:20 - 2012-05-27 00:20 - 00041508 ____A C:\Users\Flynn\Downloads\Revenge S01E22 HDTV x264 LOL.nzb
2012-05-27 00:20 - 2012-05-27 00:20 - 00037941 ____A C:\Users\Flynn\Downloads\Revenge S01E21 HDTV x264 LOL.nzb
2012-05-25 17:29 - 2012-05-25 17:29 - 00219230 ____A C:\Users\Flynn\Downloads\Safe House 2012 BRRip XviD AC3 AQOS.nzb
2012-05-25 17:16 - 2012-05-25 17:13 - 168454136 ____A (NVIDIA Corporation) C:\Users\Flynn\Downloads\301.42-desktop-win7-winvista-64bit-english-whql.exe
2012-05-24 21:53 - 2012-05-24 21:53 - 00089656 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E03 What Is Dead May Never Die HDTV XviD FQM.nzb
2012-05-24 21:00 - 2012-05-24 21:00 - 00066504 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E02 HDTV x264 ASAP.nzb
2012-05-24 20:59 - 2012-05-24 20:59 - 00188753 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E02 720p HDTV x264 IMMERSE(1).nzb
2012-05-24 20:50 - 2012-05-24 20:50 - 00192572 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E08 720p HDTV x264 IMMERSE.nzb
2012-05-21 19:21 - 2012-05-21 19:21 - 00160714 ____A C:\Users\Flynn\Downloads\CollegeRules E51 Truth Or Dare XXX 720p MP4 KTR.nzb
2012-05-21 19:21 - 2012-05-21 19:21 - 00124094 ____A C:\Users\Flynn\Downloads\CollegeRules E50 Hardcore Pranking XXX 720p MP4 KTR.nzb
2012-05-21 05:10 - 2012-07-12 17:10 - 00188776 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-05-21 05:10 - 2012-07-12 17:10 - 00031080 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-05-21 03:16 - 2012-05-21 03:16 - 00207423 ____A C:\Users\Flynn\Downloads\Too Small To Take It All 4 XXX DVDRiP XviD VBT.nzb
2012-05-21 01:16 - 2012-05-21 01:16 - 00094720 ____A C:\Users\Flynn\Documents\sl-5x5-tracker-kg.xls
2012-05-21 00:53 - 2012-05-21 00:44 - 25946570 ____A C:\Users\Flynn\Downloads\Defeating%2520Procrastination.part3.rar
2012-05-21 00:43 - 2012-05-21 00:10 - 104857600 ____A C:\Users\Flynn\Downloads\Defeating%2520Procrastination.part2.rar
2012-05-20 23:34 - 2012-03-14 18:56 - 01468264 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2012-05-20 21:59 - 2012-05-20 21:41 - 104857600 ____A C:\Users\Flynn\Downloads\Defeating%2520Procrastination.part1.rar
2012-05-20 18:43 - 2012-05-20 18:43 - 00334448 ____A C:\Users\Flynn\Downloads\Dare Dorm 4 XXX DVDRip XviD SLiEZE.nzb
2012-05-20 18:25 - 2012-05-20 18:25 - 00078488 ____A C:\Users\Flynn\Downloads\YoungSexParties E10 Four Students Play Strip Poker And **** XXX WMV InYA.nzb
2012-05-20 18:25 - 2012-05-20 18:25 - 00069744 ____A C:\Users\Flynn\Downloads\YoungSexParties E28 Sweet Strip Poker XXX WMV InYA.nzb
2012-05-18 03:44 - 2011-12-28 23:09 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2012-05-18 03:44 - 2011-12-28 23:04 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2012-05-18 03:33 - 2011-12-28 23:04 - 00280904 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2012-05-18 03:18 - 2012-05-18 03:18 - 03870984 ____A C:\Users\Flynn\Downloads\battlelog-web-plugins-1.118.0-retail-prod.exe
2012-05-18 00:39 - 2012-02-02 21:32 - 00001054 ____A C:\Windows\KB893803v2.log
2012-05-17 15:59 - 2012-05-17 15:59 - 00052961 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E20 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00052311 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E18 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00050470 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E17 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00050038 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E22 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00049783 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E15 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00048865 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E19 HDTV x264 LOL.nzb
2012-05-17 15:59 - 2012-05-17 15:59 - 00045070 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E21 HDTV x264 LOL.nzb
2012-05-17 15:58 - 2012-05-17 15:58 - 00059217 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E13 HDTV XviD LOL.nzb
2012-05-17 15:58 - 2012-05-17 15:58 - 00059129 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E12 HDTV XviD LOL.nzb
2012-05-17 15:58 - 2012-05-17 15:58 - 00051671 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E14 HDTV x264 LOL.nzb
2012-05-17 15:58 - 2012-05-17 15:58 - 00047721 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E16 HDTV x264 LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00065089 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E09 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00063615 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E10 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00061290 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E05 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00059568 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E11 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00059129 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E08 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00056629 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E07 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00056629 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E06 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:02 - 00056629 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E04 HDTV XviD LOL.nzb
2012-05-16 15:02 - 2012-05-16 15:01 - 00056629 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E01 HDTV XviD LOL.nzb
2012-05-16 15:01 - 2012-05-16 15:01 - 00060510 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E03 HDTV XviD LOL.nzb
2012-05-16 15:01 - 2012-05-16 15:01 - 00056629 ____A C:\Users\Flynn\Downloads\Once Upon a Time S01E02 HDTV XviD LOL.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00060264 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E23E24 HDTV x264 LOL.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00031375 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E18 Karma HDTV XviD FQM.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00030103 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E20 HDTV x264 LOL.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00029502 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E22 HDTV x264 LOL.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00028648 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E21 HDTV x264 LOL.nzb
2012-05-14 21:38 - 2012-05-14 21:38 - 00026151 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E19 HDTV x264 LOL.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00038330 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E15 The Burning Beekeeper PROPER HDTV XviD 2HD.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00034862 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E11 HDTV XviD ASAP.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00031834 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E16 HDTV XviD LOL.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00031834 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E14 HDTV XviD LOL.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00030493 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E13 HDTV XviD ASAP.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00030283 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E12 HDTV XviD LOL.nzb
2012-05-14 21:37 - 2012-05-14 21:37 - 00030283 ____A C:\Users\Flynn\Downloads\How I Met Your Mother S07E10 HDTV XviD LOL.nzb
2012-05-14 20:01 - 2012-06-12 11:41 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-14 19:59 - 2012-06-12 11:41 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-14 19:03 - 2012-06-12 11:41 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-14 19:00 - 2012-06-12 11:41 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-14 18:01 - 2012-05-14 17:47 - 00001193 ____A C:\Users\Public\Desktop\Diablo III.lnk
2012-05-14 00:49 - 2012-05-14 00:49 - 00150610 ____A C:\Users\Flynn\Downloads\Playboys Totally Busted Vol 1 Uncut Version DVDRip XviD.nzb
2012-05-14 00:43 - 2012-05-14 00:43 - 00388894 ____A C:\Users\Flynn\Downloads\Nitro Circus Country Fried 2009 XviD.nzb
2012-05-13 21:22 - 2012-05-13 21:22 - 00250656 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E06 720p HDTV x264 AC3 SANTi.nzb
2012-05-13 21:22 - 2012-05-13 21:22 - 00208911 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E05 720p HDTV x264 IMMERSE.nzb
2012-05-13 21:22 - 2012-05-13 21:22 - 00196781 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E04 720p HDTV x264 AVS.nzb
2012-05-13 21:22 - 2012-05-13 21:22 - 00195878 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E07 720p HDTV x264 IMMERSE.nzb
2012-05-13 21:22 - 2012-05-13 21:22 - 00187255 ____A C:\Users\Flynn\Downloads\Game of Thrones S02E03 720p HDTV x264 IMMERSE.nzb
2012-05-13 20:39 - 2012-05-13 20:38 - 00186357 ____A C:\Users\Flynn\Downloads\Underworld Awakening 2012 BDRip XVID AC3 HQ Hive CM8.nzb
2012-05-09 23:24 - 2012-05-09 23:24 - 01670550 ____A C:\Users\Flynn\Downloads\Dead Rising 2 Off the Record SKIDROW.nzb
2012-05-09 21:01 - 2012-05-09 21:01 - 00123117 ____A C:\Users\Flynn\Downloads\Man on a Ledge 2012 PROPER DVDRip XviD SPARKS.nzb
2012-05-09 21:01 - 2012-05-09 21:01 - 00112828 ____A C:\Users\Flynn\Downloads\Man on a Ledge 2012 PROPER DVDRip XviD SPARKS.nzb.part
2012-05-08 06:35 - 2012-05-08 06:35 - 00046471 ____A C:\Users\Flynn\Downloads\FHM Magazine India January 2012.nzb
2012-05-08 06:35 - 2012-05-08 06:35 - 00039062 ____A C:\Users\Flynn\Downloads\FHM Magazine South Africa May 2012.nzb
2012-05-07 17:44 - 2012-05-07 17:44 - 00044970 ____A C:\Users\Flynn\Downloads\Castle 2009 S04E23 HDTV x264 LOL.nzb
2012-05-07 03:20 - 2012-05-07 03:20 - 00037190 ____A C:\Users\Flynn\Downloads\The Big Bang Theory S05E21 The Hawking Excitation HDTV XviD FQM.nzb
2012-05-07 02:16 - 2012-05-07 02:15 - 00254076 ____A C:\Users\Flynn\Downloads\BangBus 12 05 02 Cute Tourist Rides The BangBus XXX 720p MP4 CuMBuCKeTS.nzb

ZeroAccess:
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L\00000004.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L\1afb2d56
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L\201d3dde
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L\55490ac4
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\00000004.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\00000008.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\000000cb.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000000.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000032.@
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000064.@

ZeroAccess:
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\@
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\L
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============

========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 8%
Total physical RAM: 12193.02 MB
Available physical RAM: 11182.29 MB
Total Pagefile: 12191.22 MB
Available Pagefile: 11177.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:500.48 GB) NTFS
2 Drive e: (GSP1RMCPRXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
3 Drive f: (POCKET) (Removable) (Total:3.61 GB) (Free:3.6 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 3700 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 931 GB 101 MB

=========================================================================== =======

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================================== =======

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 931 GB Healthy

=========================================================================== =======

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3699 MB 31 KB

=========================================================================== =======

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F POCKET FAT32 Removable 3699 MB Healthy

=========================================================================== =======

==========================================================

Last Boot: 2012-07-30 15:19

======================= End Of Log ==========================

kevinf80 · 05-Aug-2012, 09:48 AM #4

Do the following:

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

Code:

start
Replace: C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\Windows\System32\services.exe
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
2012-07-05 21:03 - 2012-07-05 21:03 - 00000040 ____A C:\Users\All Users\tgmnbhmmtcnvqga
end

Now please enter System Recovery Options as you did to get the log.

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Kevin...

timestepper · 05-Aug-2012, 10:09 AM #5

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 05-08-2012 02
Ran by SYSTEM at 2012-08-05 00:09:21 Run:1
Running from F:\

==============================================

C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe copied successfully to C:\Windows\System32\services.exe
C:\Windows\Installer\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7} moved successfully.
C:\Users\Flynn\AppData\Local\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Users\All Users\tgmnbhmmtcnvqga moved successfully.

==== End of Fixlog ====

kevinf80 · 05-Aug-2012, 10:13 AM #6

How is your system responding now, any difference?

timestepper · 05-Aug-2012, 10:33 AM #7

It's been 20 minutes and no AVG error has popped up. Was this a trojan? Curious to know if I should change all my passwords now.

Thanks a lot for the help!

kevinf80 · 05-Aug-2012, 10:47 AM #8

Leave the passwords for now, don`t use any financial implicated applications until we are sure your OS is clean. The infection you had was ZeroAccess, just about as bad as it gets.

Read here http://nakedsecurity.sophos.com/2012...tkit-usermode/

Do the following:

Step 1

Malwarebytes Anti-Malware and save it to your desktop.
Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.

Please download
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2

Run ESET Online Scan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on to download the ESET Smart Installer. Save it to your desktop.
Double click on the icon on your desktop.

Check
Click the button.
Accept any security warnings from your browser.
Check
Ensure remove found threats is checked
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the button.
Push

You can refer to this animation by neomage if needed.
Frequently asked questions available Here Please read them before running the scan.

Also be aware this scan can take several hours to complete depending on the size of your system.

ESET log can be found here "C:\Program Files\ESET\EsetOnlineScanner\log.txt".

Kevin

timestepper · 06-Aug-2012, 12:02 AM #9

ESET Threats Found

C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\Flynn\Downloads\SpinPalace.exe a variant of Win32/PrimeCasino application cleaned by deleting - quarantined

ESET Log

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2392cef104a7004fb9a88e6d16e8e407
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-05 03:56:48
# local_time=2012-08-05 01:56:48 (+1000, E. Australia Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 1507671 1507671 0 0
# compatibility_mode=5893 16776574 66 94 2025721 95767096 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=147489
# found=5
# cleaned=5
# scan_time=1761
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\00000008.@ Win64/Agent.BA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\000000cb.@ Win64/Conedex.B trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000000.@ Win64/Sirefef.AP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\FRST\Quarantine\{b6a1d6eb-1e9a-ffae-f878-4dbec7c4bfd7}\U\80000032.@ a variant of Win32/Sirefef.FD trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Flynn\Downloads\SpinPalace.exe a variant of Win32/PrimeCasino application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

kevinf80 · 06-Aug-2012, 03:03 AM **#10**

Did you run Malwarebytes, can I see that log please. Give an update on how your system is responding, also tell me if you have any remaining issues or concerns.

You can change all paaswords now.

Kevin

timestepper · 06-Aug-2012, 06:35 AM **#11**

Whoops sorry

Malwarebytes Log
Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.06.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Flynn :: FLYNN-PC [administrator]

Protection: Enabled

5/08/2012 12:59:49 PM
mbam-log-2012-08-05 (12-59-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217492
Time elapsed: 1 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

kevinf80 · 06-Aug-2012, 10:03 AM **#12**

How is your system responding, any issues or concerns? if none do the following:

Step 1

Remove ESET online scanner:

Click Start, type Uninstall a Program into the Search programs and files box, and then press ENTER.
Click to select ESET Online Scanner from the listing of installed products, and then click Uninstall/Change from the bar that displays the available tasks. Uninstall ESETonline Scanner, only re-boot if prompted.

Step 2

Go here http://www.filehippo.com/updatechecker/ run the FileHippo Update Checker, update all applications as suggested by the Update Checker. Ignore any Beta updates.
If Java or Adobe as updated please check under Start > Control Panel > Programs and Featues, ensure any old versions are removed. <--- Very Important

Step 3

Navigate > Start > Computer > C:\ lok for and delete this folder "FRST"

Step 4

Download

TFC to your desktop, from either of the following links
Link 1
Link 2

Save any open work. TFC will close all open application windows.
Double-click TFC.exe to run the program. Vista or Windows 7 users accept the UAC alert.
If prompted, click "Yes" to reboot.

TFC will automatically close any open programs, including your Desktop. Let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. TFC may re-boot your system, if not Re-boot it yourself to complete cleaning process <---- Very Important

Keep TFC it is an excellent, run weekly utility to keep your system optimized, it empties all user temp folders, Java cache etc etc. Always remember to re-boot after a run, even if not prompted

Step 5

Create a new restore point:

1. Right-click on Computer and go to Properties.
2. Next click on the System Protection link.
3. The System Properties dialog screen opens up and you will want to click on Create.
4. Type in a description for the restore point which will help you remember the point at which it was created. Click on create.
5. You should see the message "The restore point was created successfully

To remove all but the most recent restore point do the following:

1. Open Disk Cleanup by clicking the Start button

. In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup.
2. If prompted, select the drive that you want to clean up, and then click OK.
3. In the Disk Cleanup for (usually C:\) dialog box, click Clean up system files. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
4. If prompted, select the drive that you want to clean up, and then click OK.
5. Click the More Options tab, under System Restore and Shadow Copies, click Clean up.
6. In the Disk Cleanup dialog box, click Delete.
7. Click Delete Files, and then click OK. Re-Boot your PC.

Let me know if those steps complete OK, also if any remainiing issues or concerns....

Kevin

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Trojan horse Dropper.Generic_c.MMI

Find the solution to your computer problem!

Find the solution to your
computer problem!