Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Go to first new post Memory upgrade problems.
Go to first new post windows XP OBJECT DELAY LOAD
Go to first new post YellowMoxie Redirect
Go to first new post Coordinator.exe No Disk Drive solution m ...
Go to first new post Random Audio Ads -- Need Help Removing B ...
Go to first new post CMD.exe problme after removing FBI Virus
Go to first new post NtAlpcCo... virus HELP PLEASE!
Go to first new post Laptop is acting weird
Go to first new post Firefox -> google -> url hijack
Go to first new post Help! Everything not responding!
Go to first new post BSOD ntoskrnl.exe error after FBI Cyberc ...
Go to first new post Trojan virus
Go to first new post cant connect to internet!!
Go to first new post win32.trojan.agent on Ad-Aware
Go to first new post Audio Ads Playing in the Background + Ot ...
Search Search
Search for:
Tech Support Guy Forums > > >

Trojan horse patched_c.lxt services.exe!! Plz Help.

(In Progress)
(!)

Reply
Page 2 of 2 1 2
jeffce's Avatar
jeffce   (Jeff) jeffce is offline jeffce is authorized to help remove malware.
jeffce has a Photo Album
Malware Removal Specialist with 1,714 posts.
  
Join Date: May 2011
31-Aug-2012, 03:48 PM #16
Maybe not....let's wait and see.
lucasle146's Avatar
Member with 15 posts.
THREAD STARTER
  
Join Date: Aug 2012
Experience: Beginner
31-Aug-2012, 03:53 PM #17
I updated the result in the previous post
jeffce's Avatar
jeffce   (Jeff) jeffce is offline jeffce is authorized to help remove malware.
jeffce has a Photo Album
Malware Removal Specialist with 1,714 posts.
  
Join Date: May 2011
31-Aug-2012, 04:04 PM #18
Please download the file I have attached to your Desktop and then move it on the flashdrive as fixlist.txt

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
----------
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
__________________
-Jeff-
Proud graduate of WTT Classroom. -- Member of ASAP and UNITE. -- If I am working with you and not responded in 2 days, please PM me.
lucasle146's Avatar
Member with 15 posts.
THREAD STARTER
  
Join Date: Aug 2012
Experience: Beginner
31-Aug-2012, 04:23 PM #19
Here is the result that you required:

Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 31-08-2012 01
Ran by SYSTEM at 2012-08-31 23:18:36 Run:1
Running from H:\

==============================================

C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9} moved successfully.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\L not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\L\00000004.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\00000004.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\00000008.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\000000cb.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\80000000.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\80000032.@ not found.
C:\Windows\Installer\{6e6e9c1c-fca1-3516-fb18-753f5d94a7e9}\U\80000064.@ not found.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\ser vices.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====
jeffce's Avatar
jeffce   (Jeff) jeffce is offline jeffce is authorized to help remove malware.
jeffce has a Photo Album
Malware Removal Specialist with 1,714 posts.
  
Join Date: May 2011
31-Aug-2012, 05:27 PM #20
Great job!! That seemed to work well.

Please run a new scan with FRST so that we can see if anything is left of the ZeroAccess rootkit.
lucasle146's Avatar
Member with 15 posts.
THREAD STARTER
  
Join Date: Aug 2012
Experience: Beginner
31-Aug-2012, 05:42 PM #21
It's seem work well! here is the result:

Scan result of Farbar Recovery Scan Tool Version: 31-08-2012 01
Ran by SYSTEM at 01-09-2012 00:37:46
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [2098792 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-09] (Alcor Micro Corp.)
HKLM\...\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe" [223264 2010-04-22] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [201584 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" [407920 2010-03-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [265984 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [MDS_Menu] "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [124136 2010-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2587008 2012-04-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" [1107552 2012-07-16] ()
HKLM-x32\...\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction [36960 2012-07-18] ()
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-14] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-14] ()
HKU\Lucas\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Lucas\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet [6595928 2012-05-24] (Yahoo! Inc.)
HKU\Lucas\...\Run: [Google Update] "C:\Users\Lucas\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-07-16] (Google Inc.)
HKU\Lucas\...\Run: [Spotify Web Helper] "C:\Users\Lucas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1193176 2012-07-22] ()
HKU\Lucas\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-09-06] (Google Inc.)
HKU\Lucas\...\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot [3491264 2012-08-14] (Tonec Inc.)
Tcpip\Parameters: [DhcpNameServer] 193.210.19.19 192.168.252.17

==================== Services (Whitelisted) ======

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5160568 2012-07-04] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-13] (AVG Technologies CZ, s.r.o.)
3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [2804568 2010-06-01] (Symantec Corporation)
2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-22] (Acer Incorporated)
2 RichVideo; "C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe" [244904 2010-02-24] ()
2 vToolbarUpdater11.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [935008 2012-07-16] ()

==================== Drivers (Whitelisted) ===================

3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-18] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [289872 2012-02-21] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-30] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [383808 2012-03-18] (AVG Technologies CZ, s.r.o.)
3 NvStUSB; C:\Windows\System32\Drivers\NvStUSB.sys [119912 2010-11-17] ()
3 RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2012-07-18] ()
2 TurboB; C:\Windows\System32\Drivers\TurboB.sys [13784 2009-11-02] ()

==================== NetSvcs (Whitelisted) =================


==================== One Month Created Files and Folders ======================

2012-08-31 12:13 - 2012-08-31 12:13 - 00001021 ____A C:\Users\Lucas\Downloads\FixList.txt
2012-08-31 11:47 - 2012-08-31 11:48 - 00321050 ____A C:\Users\Lucas\Desktop\SystemLook.txt
2012-08-31 11:45 - 2012-08-31 11:45 - 00139264 ____A C:\Users\Lucas\Desktop\SystemLook.exe
2012-08-31 04:27 - 2012-08-31 04:27 - 01450731 ____A (Farbar) C:\Users\Lucas\Downloads\FRST64.exe
2012-08-31 04:27 - 2012-08-31 04:27 - 01450731 ____A (Farbar) C:\Users\Lucas\Downloads\FRST64 (1).exe
2012-08-30 21:10 - 2012-08-30 21:12 - 00000000 ___SD C:\32788R22FWJFW
2012-08-30 21:10 - 2012-08-30 21:10 - 00000000 ____D C:\Windows\erdnt
2012-08-30 21:09 - 2012-08-30 21:10 - 04741772 ____R (Swearware) C:\Users\Lucas\Desktop\ComboFix.exe
2012-08-30 12:49 - 2012-08-24 02:28 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\Lucas\Desktop\TDSSKiller.exe
2012-08-30 12:49 - 2010-12-31 14:14 - 00002254 ___RA C:\Users\Lucas\Desktop\eula.txt
2012-08-30 12:48 - 2012-08-30 12:48 - 02193184 ____A C:\Users\Lucas\Downloads\tdsskiller.zip
2012-08-30 11:24 - 2012-08-30 11:24 - 00388608 ____A (Trend Micro Inc.) C:\Users\Lucas\Downloads\HijackThis.exe
2012-08-30 11:24 - 2012-08-30 11:24 - 00017498 ____A C:\Users\Lucas\Downloads\hijackthis.log
2012-08-30 11:24 - 2012-08-30 11:24 - 00017498 ____A C:\Users\Lucas\Desktop\hijackthis.log
2012-08-30 11:04 - 2012-08-30 11:04 - 00010773 ____A C:\Users\Lucas\Desktop\Attach.zip
2012-08-30 11:02 - 2012-08-30 11:02 - 00030766 ____A C:\Users\Lucas\Desktop\DDS.txt
2012-08-30 11:02 - 2012-08-30 11:02 - 00007487 ____A C:\Users\Lucas\Desktop\Attach.txt
2012-08-30 11:01 - 2012-08-30 11:01 - 00607260 ____R (Swearware) C:\Users\Lucas\Downloads\dds.com
2012-08-30 10:43 - 2012-08-30 10:44 - 04165104 ____A (PC Tools) C:\Users\Lucas\Downloads\SDAV_Online_aff_GenericRevenueWire_207_2.exe
2012-08-30 08:49 - 2012-08-30 08:49 - 00000012 ____A C:\Windows\srun.log
2012-08-26 04:26 - 2011-02-19 04:05 - 01139200 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2012-08-26 04:26 - 2011-02-19 04:04 - 00902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-08-26 04:26 - 2011-02-18 22:30 - 00739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-08-26 03:02 - 2012-08-30 09:40 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-26 03:02 - 2012-08-30 09:40 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-22 22:28 - 2012-08-23 23:29 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Skype
2012-08-22 22:28 - 2012-08-22 22:28 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-22 22:28 - 2012-08-22 22:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-08-22 22:23 - 2012-08-22 22:28 - 00000000 ____D C:\Users\All Users\Skype
2012-08-22 01:16 - 2012-08-22 01:16 - 00001107 ____A C:\Users\Public\Desktop\Rocket Mania Deluxe.lnk
2012-08-22 01:16 - 2012-08-22 01:16 - 00000194 ____A C:\Users\Public\Desktop\Play More Great Games!.url
2012-08-21 08:47 - 2012-08-26 06:20 - 00000017 ____A C:\Windows\popcinfo.dat
2012-08-21 08:42 - 2012-08-22 01:15 - 00000000 ____D C:\Users\All Users\PopCap Games
2012-08-21 08:42 - 2012-08-22 01:15 - 00000000 ____D C:\Program Files\PopCap Games
2012-08-16 11:44 - 2012-08-16 11:44 - 00751104 ____A C:\Users\Lucas\Downloads\ReferencingGuide.ppt
2012-08-15 09:53 - 2012-06-28 20:55 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-15 09:53 - 2012-06-28 20:09 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-15 09:53 - 2012-06-28 19:56 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-15 09:53 - 2012-06-28 19:49 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-15 09:53 - 2012-06-28 19:49 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-15 09:53 - 2012-06-28 19:48 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-15 09:53 - 2012-06-28 19:47 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-15 09:53 - 2012-06-28 19:45 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-15 09:53 - 2012-06-28 19:44 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-15 09:53 - 2012-06-28 19:43 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-15 09:53 - 2012-06-28 19:42 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-15 09:53 - 2012-06-28 19:40 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-15 09:53 - 2012-06-28 19:39 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-15 09:53 - 2012-06-28 19:35 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-15 09:53 - 2012-06-28 16:52 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-15 09:53 - 2012-06-28 16:27 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-15 09:53 - 2012-06-28 16:16 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-15 09:53 - 2012-06-28 16:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-15 09:53 - 2012-06-28 16:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-15 09:53 - 2012-06-28 16:08 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-15 09:53 - 2012-06-28 16:07 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-15 09:53 - 2012-06-28 16:06 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-15 09:53 - 2012-06-28 16:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-15 09:53 - 2012-06-28 16:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-15 09:53 - 2012-06-28 16:01 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-15 09:53 - 2012-06-28 16:01 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-15 09:53 - 2012-06-28 16:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-15 09:53 - 2012-06-28 15:57 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-14 22:53 - 2012-07-18 10:15 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-14 22:53 - 2012-07-04 14:16 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-14 22:53 - 2012-07-04 14:13 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-14 22:53 - 2012-07-04 14:13 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-14 22:53 - 2012-07-04 13:16 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-14 22:53 - 2012-07-04 13:14 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-14 22:53 - 2012-05-13 21:26 - 00956928 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-14 22:53 - 2012-05-05 00:36 - 00503808 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll
2012-08-14 22:53 - 2012-05-04 23:46 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2012-08-14 22:53 - 2012-02-10 22:43 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2012-08-14 22:53 - 2012-02-10 22:36 - 00559104 ____A (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2012-08-14 22:53 - 2012-02-10 22:36 - 00067072 ____A (Microsoft Corporation) C:\Windows\splwow64.exe
2012-08-14 22:53 - 2012-02-10 21:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2012-08-14 13:14 - 2012-08-14 13:14 - 00001250 ____A C:\Windows\serial
2012-08-14 13:13 - 2012-08-14 13:13 - 05721803 ____A C:\Users\Lucas\Downloads\[congdongbaclieu.info] IDM 6.11 beta.rar
2012-08-14 13:10 - 2012-08-15 06:44 - 00000000 ____D C:\Program Files (x86)\YourFileDownloader
2012-08-14 13:10 - 2012-08-14 13:10 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\YourFileDownloader
2012-08-14 13:08 - 2012-08-17 12:53 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\IDM
2012-08-14 13:08 - 2012-08-14 13:08 - 04110768 ____A (http://yourfiledownloader.com) C:\Users\Lucas\Downloads\Internet_Download_Manager_6.11.8.2_key_Patch.rar_d ownloader_224.exe
2012-08-14 13:02 - 2012-08-14 13:02 - 00027520 ____A C:\Users\Lucas\AppData\Local\dt.dat
2012-08-13 13:21 - 2012-08-13 13:35 - 124621250 ____A C:\Users\Lucas\Downloads\breaking.bad.s05e04.480p.hdtv.x264-orenji.MP4
2012-08-13 11:17 - 2012-08-13 11:17 - 00039051 ____A C:\Users\Lucas\Downloads\L5.1b_Thesis_template_word2007.dotx
2012-08-12 12:38 - 2012-08-12 12:40 - 143912514 ____A C:\Users\Lucas\Downloads\breaking.bad.s05e03.hdtv.x264-fqm.MP4
2012-08-06 13:54 - 2012-08-06 13:54 - 00000000 ____D C:\Windows\Sun
2012-08-06 13:54 - 2012-08-06 13:54 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\SystemRequirementsLab
2012-08-06 13:54 - 2012-08-06 13:54 - 00000000 ____D C:\Users\All Users\Sun
2012-08-06 13:54 - 2012-08-06 13:54 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2012-08-06 13:54 - 2012-08-06 13:54 - 00000000 ____D C:\Program Files (x86)\Oracle
2012-08-06 13:53 - 2012-08-06 13:53 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-08-06 13:53 - 2012-08-06 13:53 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-08-06 13:53 - 2012-08-06 13:53 - 00000000 ____D C:\Program Files (x86)\Java
2012-08-06 13:53 - 2012-07-05 11:06 - 00772544 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-08-06 13:53 - 2012-07-05 11:06 - 00687544 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-08-06 13:53 - 2012-07-05 11:06 - 00227760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-08-06 13:52 - 2012-08-06 13:52 - 00893936 ____A (Oracle Corporation) C:\Users\Lucas\Downloads\jxpiinstall.exe
2012-08-05 15:14 - 2012-08-05 15:25 - 200000000 ____A C:\Users\Lucas\Downloads\Hunger Game 2 - BadBoy199x.part1.rar
2012-08-05 15:13 - 2012-08-05 15:20 - 40899486 ____A C:\Users\Lucas\Downloads\Hunger Game 2 - BadBoy199x.part2.rar
2012-08-05 15:12 - 2012-08-05 15:24 - 200000000 ____A C:\Users\Lucas\Downloads\Hunger Game 1 - BadBoy199x.part1.rar
2012-08-05 15:12 - 2012-08-05 15:20 - 32084174 ____A C:\Users\Lucas\Downloads\Hunger Game 1 - BadBoy199x.part2.rar
2012-08-04 22:32 - 2012-08-04 22:32 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-08-04 08:17 - 2012-08-04 08:17 - 00000000 ____D C:\Users\Lucas\AppData\Local\visi_coupon
2012-08-03 15:01 - 2012-08-03 15:09 - 148076057 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part3.rar
2012-08-03 14:58 - 2012-08-03 15:10 - 204800000 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part2.rar
2012-08-03 14:56 - 2012-08-03 15:00 - 204800000 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part1.rar
2012-08-03 14:07 - 2012-08-03 14:22 - 256000000 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part2.rar
2012-08-03 14:05 - 2012-08-03 14:15 - 256000000 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part1.rar
2012-08-03 14:05 - 2012-08-03 14:06 - 18262156 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part3.rar
2012-08-02 03:24 - 2012-08-02 03:24 - 00288897 ____A C:\Users\Lucas\Documents\Desk 1


==================== 3 Months Modified Files ================================

2012-08-31 13:16 - 2012-07-16 07:01 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-31 13:11 - 2012-07-16 07:00 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-173249258-721920281-3489915689-1000UA.job
2012-08-31 12:25 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-31 12:25 - 2009-07-13 20:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-31 12:21 - 2012-07-16 07:01 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-31 12:19 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-31 12:19 - 2009-07-13 20:51 - 00044546 ____A C:\Windows\setupact.log
2012-08-31 12:13 - 2012-08-31 12:13 - 00001021 ____A C:\Users\Lucas\Downloads\FixList.txt
2012-08-31 11:48 - 2012-08-31 11:47 - 00321050 ____A C:\Users\Lucas\Desktop\SystemLook.txt
2012-08-31 11:45 - 2012-08-31 11:45 - 00139264 ____A C:\Users\Lucas\Desktop\SystemLook.exe
2012-08-31 06:50 - 2012-07-19 01:42 - 00376330 ____A C:\shared.log
2012-08-31 04:27 - 2012-08-31 04:27 - 01450731 ____A (Farbar) C:\Users\Lucas\Downloads\FRST64.exe
2012-08-31 04:27 - 2012-08-31 04:27 - 01450731 ____A (Farbar) C:\Users\Lucas\Downloads\FRST64 (1).exe
2012-08-30 21:10 - 2012-08-30 21:09 - 04741772 ____R (Swearware) C:\Users\Lucas\Desktop\ComboFix.exe
2012-08-30 12:48 - 2012-08-30 12:48 - 02193184 ____A C:\Users\Lucas\Downloads\tdsskiller.zip
2012-08-30 11:24 - 2012-08-30 11:24 - 00388608 ____A (Trend Micro Inc.) C:\Users\Lucas\Downloads\HijackThis.exe
2012-08-30 11:24 - 2012-08-30 11:24 - 00017498 ____A C:\Users\Lucas\Downloads\hijackthis.log
2012-08-30 11:24 - 2012-08-30 11:24 - 00017498 ____A C:\Users\Lucas\Desktop\hijackthis.log
2012-08-30 11:04 - 2012-08-30 11:04 - 00010773 ____A C:\Users\Lucas\Desktop\Attach.zip
2012-08-30 11:02 - 2012-08-30 11:02 - 00030766 ____A C:\Users\Lucas\Desktop\DDS.txt
2012-08-30 11:02 - 2012-08-30 11:02 - 00007487 ____A C:\Users\Lucas\Desktop\Attach.txt
2012-08-30 11:01 - 2012-08-30 11:01 - 00607260 ____R (Swearware) C:\Users\Lucas\Downloads\dds.com
2012-08-30 10:44 - 2012-08-30 10:43 - 04165104 ____A (PC Tools) C:\Users\Lucas\Downloads\SDAV_Online_aff_GenericRevenueWire_207_2.exe
2012-08-30 10:24 - 2012-07-16 16:10 - 00038882 ____A C:\Windows\PFRO.log
2012-08-30 09:40 - 2012-08-26 03:02 - 00696520 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-30 09:40 - 2012-08-26 03:02 - 00073416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-30 08:49 - 2012-08-30 08:49 - 00000012 ____A C:\Windows\srun.log
2012-08-30 08:49 - 2012-07-16 16:13 - 01993982 ____A C:\Windows\WindowsUpdate.log
2012-08-26 06:20 - 2012-08-21 08:47 - 00000017 ____A C:\Windows\popcinfo.dat
2012-08-24 02:28 - 2012-08-30 12:49 - 02211928 ____A (Kaspersky Lab ZAO) C:\Users\Lucas\Desktop\TDSSKiller.exe
2012-08-22 22:28 - 2012-08-22 22:28 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-22 01:16 - 2012-08-22 01:16 - 00001107 ____A C:\Users\Public\Desktop\Rocket Mania Deluxe.lnk
2012-08-22 01:16 - 2012-08-22 01:16 - 00000194 ____A C:\Users\Public\Desktop\Play More Great Games!.url
2012-08-21 14:14 - 2012-07-18 12:44 - 00002453 ____A C:\Users\Lucas\Desktop\Google Chrome.lnk
2012-08-19 20:26 - 2012-07-23 12:29 - 00002018 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk
2012-08-18 17:11 - 2012-07-16 07:00 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-173249258-721920281-3489915689-1000Core.job
2012-08-16 15:16 - 2009-07-13 21:13 - 00778834 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-16 11:44 - 2012-08-16 11:44 - 00751104 ____A C:\Users\Lucas\Downloads\ReferencingGuide.ppt
2012-08-15 09:59 - 2009-07-13 20:45 - 00414656 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-15 09:49 - 2012-07-16 10:06 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-14 13:14 - 2012-08-14 13:14 - 00001250 ____A C:\Windows\serial
2012-08-14 13:13 - 2012-08-14 13:13 - 05721803 ____A C:\Users\Lucas\Downloads\[congdongbaclieu.info] IDM 6.11 beta.rar
2012-08-14 13:08 - 2012-08-14 13:08 - 04110768 ____A (http://yourfiledownloader.com) C:\Users\Lucas\Downloads\Internet_Download_Manager_6.11.8.2_key_Patch.rar_d ownloader_224.exe
2012-08-14 13:02 - 2012-08-14 13:02 - 00027520 ____A C:\Users\Lucas\AppData\Local\dt.dat
2012-08-13 13:35 - 2012-08-13 13:21 - 124621250 ____A C:\Users\Lucas\Downloads\breaking.bad.s05e04.480p.hdtv.x264-orenji.MP4
2012-08-13 11:17 - 2012-08-13 11:17 - 00039051 ____A C:\Users\Lucas\Downloads\L5.1b_Thesis_template_word2007.dotx
2012-08-12 12:40 - 2012-08-12 12:38 - 143912514 ____A C:\Users\Lucas\Downloads\breaking.bad.s05e03.hdtv.x264-fqm.MP4
2012-08-06 13:53 - 2012-08-06 13:53 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-08-06 13:53 - 2012-08-06 13:53 - 00174064 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-08-06 13:52 - 2012-08-06 13:52 - 00893936 ____A (Oracle Corporation) C:\Users\Lucas\Downloads\jxpiinstall.exe
2012-08-05 15:25 - 2012-08-05 15:14 - 200000000 ____A C:\Users\Lucas\Downloads\Hunger Game 2 - BadBoy199x.part1.rar
2012-08-05 15:24 - 2012-08-05 15:12 - 200000000 ____A C:\Users\Lucas\Downloads\Hunger Game 1 - BadBoy199x.part1.rar
2012-08-05 15:20 - 2012-08-05 15:13 - 40899486 ____A C:\Users\Lucas\Downloads\Hunger Game 2 - BadBoy199x.part2.rar
2012-08-05 15:20 - 2012-08-05 15:12 - 32084174 ____A C:\Users\Lucas\Downloads\Hunger Game 1 - BadBoy199x.part2.rar
2012-08-03 15:10 - 2012-08-03 14:58 - 204800000 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part2.rar
2012-08-03 15:09 - 2012-08-03 15:01 - 148076057 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part3.rar
2012-08-03 15:00 - 2012-08-03 14:56 - 204800000 ____A C:\Users\Lucas\Downloads\Chocolate.2008.720p.BluRay.DTS.x264-ESiR_Tablet_HDVNBits.part1.rar
2012-08-03 14:22 - 2012-08-03 14:07 - 256000000 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part2.rar
2012-08-03 14:15 - 2012-08-03 14:05 - 256000000 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part1.rar
2012-08-03 14:06 - 2012-08-03 14:05 - 18262156 ____A C:\Users\Lucas\Downloads\Flash Point.BrripBobobo1996(2007).part3.rar
2012-08-02 03:24 - 2012-08-02 03:24 - 00288897 ____A C:\Users\Lucas\Documents\Desk 1
2012-07-30 14:36 - 2012-07-30 14:28 - 204800000 ____A C:\Users\Lucas\Downloads\Hijacker 2012.part2.rar
2012-07-30 14:36 - 2012-07-30 14:28 - 204800000 ____A C:\Users\Lucas\Downloads\Hijacker 2012.part1.rar
2012-07-30 14:34 - 2012-07-30 14:28 - 135958283 ____A C:\Users\Lucas\Downloads\Hijacker 2012.part3.rar
2012-07-30 14:28 - 2012-07-30 14:19 - 204800000 ____A C:\Users\Lucas\Downloads\The Scorpion King 3 Battle for Redemption (2012).part1.rar
2012-07-30 14:27 - 2012-07-30 14:19 - 204800000 ____A C:\Users\Lucas\Downloads\The Scorpion King 3 Battle for Redemption (2012).part2.rar
2012-07-30 14:26 - 2012-07-30 14:18 - 204800000 ____A C:\Users\Lucas\Downloads\The Scorpion King 3 Battle for Redemption (2012).part3.rar
2012-07-30 14:20 - 2012-07-30 14:19 - 18628535 ____A C:\Users\Lucas\Downloads\The Scorpion King 3 Battle for Redemption (2012).part4.rar
2012-07-29 16:08 - 2012-07-29 16:09 - 20452456 ____A (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 18580072 ____A (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 15039080 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 13029992 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2012-07-29 16:08 - 2012-07-29 16:09 - 13011560 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 12832872 ____A (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 10054248 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 07712360 ____A (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 06598248 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 05633640 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 04936808 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 03182184 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 02954856 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 02871400 ____A (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 02579560 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 02197608 ____A (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 01962600 ____A (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 01612392 ____A (NVIDIA Corporation) C:\Windows\System32\nvdispco642090.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 01359976 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco64hda.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 01359976 ____A (NVIDIA Corporation) C:\Windows\System32\nvgenco642040.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 00155752 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2012-07-29 16:08 - 2012-07-29 16:09 - 00067176 ____A (Khronos Group) C:\Windows\System32\OpenCL.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 00057960 ____A (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 00029288 ____A (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2012-07-29 16:08 - 2012-07-29 16:09 - 00011240 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvBridge.kmd
2012-07-29 16:08 - 2012-07-29 16:09 - 00007621 ____A C:\Windows\System32\nvinfo.pb
2012-07-27 14:29 - 2012-07-27 14:29 - 00001377 ____A C:\Users\Lucas\Downloads\map_005.ace
2012-07-25 14:56 - 2012-07-25 14:55 - 28056345 ____A C:\Users\Lucas\Downloads\Foot_Mana_3.4.apk
2012-07-24 16:06 - 2012-07-24 16:05 - 50992732 ____A C:\Users\Lucas\Downloads\popcap.pvz.apk
2012-07-24 15:37 - 2012-07-24 15:37 - 14823741 ____A C:\Users\Lucas\Downloads\com.outfit7.talkingtom.apk
2012-07-24 15:35 - 2012-07-24 15:35 - 02502554 ____A C:\Users\Lucas\Downloads\fireworks.ndroidz.com.apk
2012-07-24 11:08 - 2012-07-24 11:08 - 02271031 ____A C:\Users\Lucas\Downloads\app.apk
2012-07-24 10:42 - 2012-07-24 10:40 - 39334397 ____A C:\Users\Lucas\Downloads\com.subatomicstudios1.0.2.apk
2012-07-24 10:31 - 2012-07-24 10:30 - 39392968 ____A C:\Users\Lucas\Downloads\f101.apk
2012-07-24 10:17 - 2012-07-24 10:17 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-07-24 10:16 - 2012-07-24 10:16 - 03269413 ____A C:\Users\Lucas\Downloads\[ApkViet.com]Fieldrunners_HD_1.18.apk
2012-07-24 07:14 - 2012-07-24 07:14 - 07507114 ____A C:\Users\Lucas\Downloads\qui 4-2011.rar
2012-07-24 07:14 - 2012-07-24 07:14 - 03861376 ____A C:\Users\Lucas\Downloads\WP Cty TNHH DV Zim Integrated Shipping (VN) 2011.rar
2012-07-24 07:14 - 2012-07-24 07:14 - 03644530 ____A C:\Users\Lucas\Downloads\Administration.rar
2012-07-24 04:14 - 2012-07-24 04:10 - 48829954 ____A C:\Users\Lucas\Downloads\EP-3.Johnny.Cage.mp4
2012-07-24 04:13 - 2012-07-24 04:10 - 37466551 ____A C:\Users\Lucas\Downloads\EP-2.Jax,.Sonya.&.Kano.(Part.2).mp4
2012-07-24 04:12 - 2012-07-24 04:08 - 55429693 ____A C:\Users\Lucas\Downloads\EP-1.Jax,.Sonya.&.Kano.(Part.1).mp4
2012-07-23 14:58 - 2012-07-23 14:52 - 307200000 ____A C:\Users\Lucas\Downloads\300- bioix.com.part1.rar
2012-07-23 14:55 - 2012-07-23 14:52 - 86078507 ____A C:\Users\Lucas\Downloads\300- bioix.com.part3.rar
2012-07-23 14:53 - 2012-07-23 14:52 - 17112525 ____A C:\Users\Lucas\Downloads\300- bioix.com.part4.rar
2012-07-23 14:51 - 2012-07-23 14:46 - 307200000 ____A C:\Users\Lucas\Downloads\300- bioix.com.part2.rar
2012-07-22 10:57 - 2012-07-22 10:57 - 00001809 ____A C:\Users\Lucas\Desktop\Spotify.lnk
2012-07-22 10:50 - 2012-07-22 10:50 - 00001070 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-07-20 17:01 - 2012-07-18 17:06 - 00000910 ____A C:\Users\Public\Desktop\File Splitter & Joiner.lnk
2012-07-19 13:12 - 2012-07-19 13:12 - 00011130 ____A C:\Users\Lucas\Downloads\Dixvi.com - f6ea0128.htm
2012-07-19 13:10 - 2012-07-19 13:10 - 00182334 ____A C:\Users\Lucas\Downloads\abc.htm
2012-07-18 17:06 - 2012-07-18 17:06 - 00794906 ____A C:\Windows\unins000.exe
2012-07-18 17:06 - 2012-07-18 17:06 - 00004151 ____A C:\Windows\unins000.dat
2012-07-18 13:46 - 2012-07-18 13:44 - 107330965 ____A C:\Users\Lucas\Downloads\Hatchet.mp4.003
2012-07-18 13:43 - 2012-07-18 13:41 - 107330964 ____A C:\Users\Lucas\Downloads\Hatchet.mp4.002
2012-07-18 13:40 - 2012-07-18 13:38 - 107330964 ____A C:\Users\Lucas\Downloads\Hatchet.mp4.001
2012-07-18 13:12 - 2012-07-18 13:04 - 00000720 ____A C:\Users\Lucas\Downloads\Settings.ini
2012-07-18 10:50 - 2012-07-18 10:50 - 00000995 ____A C:\Users\Lucas\Desktop\SopCast.lnk
2012-07-18 10:15 - 2012-08-14 22:53 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-18 09:35 - 2012-07-18 09:33 - 06654296 ____A (Advanced Fix, Inc. ) C:\Users\Lucas\Downloads\AdvancedFix_ErrorsRepair_Setup.exe
2012-07-18 09:30 - 2012-07-18 09:30 - 02841613 ____A (Igor Pavlov) C:\Users\Lucas\Downloads\RivaTuner224c-[Guru3D.com].exe
2012-07-18 09:29 - 2012-07-18 09:29 - 01323056 ____A C:\Users\Lucas\Downloads\ADLSoft_UnCompressor_v2_3.exe
2012-07-18 08:47 - 2012-07-18 08:47 - 00000566 ____A C:\Users\Lucas\Desktop\Fraps.lnk
2012-07-18 03:25 - 2012-07-16 07:35 - 00000123 ____A C:\Windows\wininit.ini
2012-07-18 03:24 - 2012-07-18 03:24 - 00001141 ____A C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2012-07-16 17:05 - 2009-07-13 21:38 - 00025600 __ASH C:\Windows\System32\config\BCD-Template.LOG
2012-07-16 17:05 - 2009-07-13 21:32 - 00028672 ____A C:\Windows\System32\config\BCD-Template
2012-07-16 16:46 - 2009-07-13 20:46 - 00003043 ____A C:\Windows\DtcInstall.log
2012-07-16 16:34 - 2012-07-16 16:31 - 00017316 ____A C:\Users\All Users\ArcadeDeluxe4.log
2012-07-16 16:30 - 2012-07-16 16:30 - 00001024 __RAH C:\Users\Public\Documents\NTILiveUpdateV9.dll
2012-07-16 16:29 - 2012-07-16 16:29 - 00001024 __RAH C:\Users\Public\Documents\NTIMPEG-2.dll
2012-07-16 16:29 - 2012-07-16 16:29 - 00001024 __RAH C:\Users\Public\Documents\NTIMMV9REGET.dll
2012-07-16 16:29 - 2012-07-16 16:29 - 00001024 __RAH C:\Users\Public\Documents\NTIMMV9Acer.dll
2012-07-16 16:24 - 2012-07-16 16:24 - 00015772 ____A C:\Windows\devices.txt
2012-07-16 16:22 - 2012-07-16 16:22 - 00004844 ____A C:\Windows\DPINST.LOG
2012-07-16 16:22 - 2012-07-16 16:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2012-07-16 16:17 - 2012-07-16 16:17 - 00000003 ____A C:\Windows\System32\PLD_Framework.cmd
2012-07-16 16:11 - 2010-09-06 02:25 - 00003540 ____A C:\Windows\TSSysprep.log
2012-07-16 16:00 - 2012-07-16 10:40 - 00287130 ____A C:\Windows\msxml4-KB973688-enu.LOG
2012-07-16 16:00 - 2012-07-16 10:33 - 00290524 ____A C:\Windows\msxml4-KB954430-enu.LOG
2012-07-16 12:44 - 2009-07-13 18:36 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2012-07-16 12:44 - 2009-07-13 18:36 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2012-07-16 11:53 - 2012-07-16 11:53 - 00000969 ____A C:\Users\Public\Desktop\AVG 2012.lnk
2012-07-16 11:31 - 2012-07-16 11:32 - 00099056 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2012-07-16 11:31 - 2012-07-16 11:32 - 00074848 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2012-07-16 11:31 - 2012-07-16 11:32 - 00022816 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2012-07-16 10:51 - 2012-07-16 08:53 - 00772682 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-07-16 10:44 - 2012-07-16 10:44 - 00001134 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2012-07-16 10:37 - 2009-07-13 18:34 - 00000478 ____A C:\Windows\win.ini
2012-07-16 10:15 - 2012-07-16 10:13 - 00003881 ____A C:\Windows\IE9_main.log
2012-07-16 10:14 - 2012-07-16 10:14 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-07-16 10:14 - 2012-07-16 10:14 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-07-16 10:14 - 2012-07-16 10:14 - 00697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-07-16 10:14 - 2012-07-16 10:14 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-07-16 10:14 - 2012-07-16 10:14 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-07-16 10:14 - 2012-07-16 10:14 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-07-16 10:14 - 2012-07-16 10:14 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-07-16 10:14 - 2012-07-16 10:14 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-07-16 10:14 - 2012-07-16 10:14 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-07-16 09:21 - 2012-07-16 16:28 - 00058765 ____A C:\Windows\DirectX.log
2012-07-16 09:21 - 2012-07-16 09:21 - 00001238 ____A C:\Users\Public\Desktop\FIFA 12.lnk
2012-07-16 09:15 - 2012-07-16 09:15 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2012-07-16 08:13 - 2012-07-16 06:51 - 00108824 ____A C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
2012-07-16 07:35 - 2012-07-16 07:35 - 00000983 ____A C:\Users\Public\Desktop\Origin.lnk
2012-07-16 07:35 - 2012-07-16 07:35 - 00000527 ____A C:\Windows\KB893803v2.log
2012-07-16 07:34 - 2012-07-16 07:32 - 17063192 ____A (Electronic Arts, Inc.) C:\Users\Lucas\Downloads\OriginThinSetup.exe
2012-07-16 07:06 - 2012-07-16 07:06 - 04563200 ____A (Tonec Inc.) C:\Users\Lucas\Downloads\idman611.exe
2012-07-16 06:55 - 2012-07-16 06:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2012-07-16 06:54 - 2010-09-06 02:56 - 00058185 ____A C:\Windows\patch.log
2012-07-16 06:51 - 2012-07-16 06:51 - 00002609 ____A C:\Users\Public\Desktop\eBay.lnk
2012-07-16 06:50 - 2012-07-16 06:50 - 00000020 ___SH C:\Users\Lucas\ntuser.ini
2012-07-05 11:06 - 2012-08-06 13:53 - 00772544 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-07-05 11:06 - 2012-08-06 13:53 - 00687544 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-07-05 11:06 - 2012-08-06 13:53 - 00227760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-07-04 14:16 - 2012-08-14 22:53 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:13 - 2012-08-14 22:53 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:13 - 2012-08-14 22:53 - 00059392 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:16 - 2012-08-14 22:53 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:14 - 2012-08-14 22:53 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-28 20:55 - 2012-08-15 09:53 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-28 20:09 - 2012-08-15 09:53 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-28 19:56 - 2012-08-15 09:53 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-28 19:49 - 2012-08-15 09:53 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-28 19:49 - 2012-08-15 09:53 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-28 19:48 - 2012-08-15 09:53 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-28 19:47 - 2012-08-15 09:53 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-28 19:45 - 2012-08-15 09:53 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-28 19:44 - 2012-08-15 09:53 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-28 19:43 - 2012-08-15 09:53 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-28 19:42 - 2012-08-15 09:53 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-28 19:40 - 2012-08-15 09:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-28 19:39 - 2012-08-15 09:53 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-28 19:35 - 2012-08-15 09:53 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-28 16:52 - 2012-08-15 09:53 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-28 16:27 - 2012-08-15 09:53 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-28 16:16 - 2012-08-15 09:53 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-28 16:09 - 2012-08-15 09:53 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-28 16:09 - 2012-08-15 09:53 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-28 16:08 - 2012-08-15 09:53 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-28 16:07 - 2012-08-15 09:53 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-28 16:06 - 2012-08-15 09:53 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-28 16:04 - 2012-08-15 09:53 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-28 16:04 - 2012-08-15 09:53 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-28 16:01 - 2012-08-15 09:53 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-28 16:01 - 2012-08-15 09:53 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-28 16:00 - 2012-08-15 09:53 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-28 15:57 - 2012-08-15 09:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-11 10:17 - 2012-06-11 10:17 - 00071680 ____A (Beepa P/L) C:\Windows\System32\frapsv64.dll
2012-06-11 10:17 - 2012-06-11 10:17 - 00065536 ____A (Beepa P/L) C:\Windows\SysWOW64\frapsvid.dll
2012-06-08 21:43 - 2012-07-16 09:42 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-16 09:42 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-16 09:42 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-16 09:42 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-16 09:34 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-16 09:42 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-16 09:42 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-16 09:34 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-08-15 09:49:03
Restore point made on: 2012-08-22 14:04:56
Restore point made on: 2012-08-26 13:21:35
Restore point made on: 2012-08-30 11:00:16

==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 3958.76 MB
Available physical RAM: 3216.23 MB
Total Pagefile: 3956.91 MB
Available Pagefile: 3213.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

==================== Partitions ============================

1 Drive c: (Acer) (Fixed) (Total:256.35 GB) (Free:167.73 GB) NTFS
2 Drive d: (Lucas) (Fixed) (Total:195.31 GB) (Free:124.76 GB) NTFS
3 Drive f: (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.2 GB) NTFS
5 Drive h: () (Removable) (Total:7.58 GB) (Free:5.19 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 1024 KB
Disk 1 Online 7764 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 14 GB 1024 KB
Partition 2 Primary 100 MB 14 GB
Partition 3 Primary 256 GB 14 GB
Partition 0 Extended 195 GB 270 GB
Partition 4 Logical 195 GB 270 GB

=========================================================================== =======

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F PQSERVICE NTFS Partition 14 GB Healthy Hidden

=========================================================================== =======

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy

=========================================================================== =======

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Acer NTFS Partition 256 GB Healthy

=========================================================================== =======

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Lucas NTFS Partition 195 GB Healthy

=========================================================================== =======

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7762 MB 58 KB

=========================================================================== =======

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 7762 MB Healthy

=========================================================================== =======

Last Boot: 2012-08-27 06:06

==================== End Of Log =============================
jeffce's Avatar
jeffce   (Jeff) jeffce is offline jeffce is authorized to help remove malware.
jeffce has a Photo Album
Malware Removal Specialist with 1,714 posts.
  
Join Date: May 2011
31-Aug-2012, 06:26 PM #22
Download CKScanner by askey127 from Here & save it to your Desktop.
  • Right-click and Run as Administrator CKScanner.exe then click Search For Files
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply
----------
__________________
-Jeff-
Proud graduate of WTT Classroom. -- Member of ASAP and UNITE. -- If I am working with you and not responded in 2 days, please PM me.
lucasle146's Avatar
Member with 15 posts.
THREAD STARTER
  
Join Date: Aug 2012
Experience: Beginner
31-Aug-2012, 06:45 PM #23
Here it is:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\internet download manager\[congdongbaclieu.info] crack idm.exe
c:\program files (x86)\internet download manager\[congdongbaclieu.info] idm 6.11 beta\[congdongbaclieu.info] crack idm.exe
scanner sequence 3.LB.11.UUNAOE
----- EOF -----
lucasle146's Avatar
Member with 15 posts.
THREAD STARTER
  
Join Date: Aug 2012
Experience: Beginner
01-Sep-2012, 05:34 AM #24
Up
jeffce's Avatar
jeffce   (Jeff) jeffce is offline jeffce is authorized to help remove malware.
jeffce has a Photo Album
Malware Removal Specialist with 1,714 posts.
  
Join Date: May 2011
01-Sep-2012, 11:45 AM #25
Hi,

CKScanner has detected illegal software on your system. Besides being illegal, it's the number one way of infecting your system as all cracked/keygen software is infected. This forum, as well as all the other malware removal forums, do not support the use of illegal software except for their removal. If I were to continue helping you with illegal software installed, it could be construed in the eyes of the law as aiding and abetting a crime.

This may or may not be related to your computer issues, however, if you wish me to continue helping you, then you must remove both the keygen and crack files as well as the related programs. If you do not agree to this then this thread will be closed and no further help will be offered because I will never be able to tell you your malware logs are clean. Please let me know if you wish to continue.
__________________
-Jeff-
Proud graduate of WTT Classroom. -- Member of ASAP and UNITE. -- If I am working with you and not responded in 2 days, please PM me.
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 2 of 2 1 2
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join Today!

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


TECH SUPPORT GUY
WELCOME
FOLLOW US
 
You Are Using: Server ID
All times are GMT -4. The time now is 04:17 PM.
Advertisements do not imply our endorsement of that product or service.
Copyright © 1996 - 2013 TechGuy, Inc. All rights reserved. Privacy & Terms.

Trusted Website Back to the Top ↑