Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Boot!


  • This topic is locked This topic is locked
27 replies to this topic

#1 beerbarrel

beerbarrel

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 14 September 2011 - 12:43 PM

Hello...Im new and you probably know why IM here. I downloaded a virus and now my computer won't boot. It is a win 7 64bit machine. It will also not restore to a past version. I have no idea which way to go or where to start. I would like to try to recover this and I have no idea where my windows disk is at. Any help would be greatly appreciated!


Thanks,
Tracy

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,848 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:34 PM

Posted 14 September 2011 - 02:01 PM

Are you able to boot into Safe Mode?

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 12:23 AM

No, it just tries to automatically fix itself and fails then takes me to an advanced menu so that I can try to restore an older version of windows. I go through the restore thing and it fails. Then back to the same old thing. Also, I have run Dr. Web and F-Secure, two linux based programs, and they will not fix it. Dr Web finds stuff that it won't remove and F-Secure just says that there is MBR Malware present. Both have not fixed anything. Again, cannot boot to safe mode.

Tracy

Edited by beerbarrel, 16 September 2011 - 07:33 AM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:34 AM

Posted 16 September 2011 - 03:18 PM

Hello beerbarrel,

Welcome to Bleeping computer. I will assist you with the issue.

Just for your information I am moving the topic to the appropriate forum.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#5 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 03:50 PM

Thanks for the help....sorry was not sure where to put my first post. All I get when tapping the F8 key is "BOOTMGR is missing". I have run Dr Web and it just says that system is infected with MBR malware but does not fix it. Don't know where to go from here.

Tracy

#6 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 03:57 PM

Was able to get a command prompt and run frst64 from there but the only options that I get are scan, find file and fix. When I select fix, it asks me for a txt file and then the program quits.

#7 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:34 AM

Posted 16 September 2011 - 04:02 PM

Did I asked you to press the Fix button?

#8 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 04:03 PM

ok...got it I think....hold on. Im having a hard time reading directions because Im an idiot!

Attached Files


Edited by beerbarrel, 16 September 2011 - 04:06 PM.


#9 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 04:07 PM

I only get the three options....


Did I asked you to press the Fix button?



#10 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 04:11 PM

ok..try this. I could not quite get there how you told me to. That was where I was a little confused. sorry!

#11 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 04:33 PM

ok...here...hopefully I got it this time

Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.2.1
Ran by SYSTEM at 2011-09-16 17:04:51
Running from F:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe [443392 2008-05-06] (IDT, Inc.)
HKLM\...\Run: [M-Audio Taskbar Icon] C:\Windows\system32\M-AudioTaskBarIcon.exe [798216 2009-11-09] (Avid Technology, Inc.)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2327952 2010-07-21] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [31072 2008-10-25] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-08-18] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKU\Seth\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [357696 2010-04-01] (DT Soft Ltd)
HKU\Seth\...\Run: [Google Update] "C:\Users\Seth\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-01-03] (Google Inc.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

==================== Services (Whitelisted) ======

3 fsssvc; "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" [1493352 2010-09-22] (Microsoft Corporation)
3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [69632 2005-04-03] (Macrovision Corporation)
2 Lavasoft Ad-Aware Service; "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" [2152152 2011-09-02] (Lavasoft Limited)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [223088 2011-04-26] ()
2 MotoHelper.exe; "C:\Program Files (x86)\Motorola\Moto Helper Service\MotoHelper.exe" [6656 2010-09-14] (Motorola)
3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe "OracleMTSRecoveryService" [57616 2006-02-01] (Oracle Corporation)
3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 [45056 2006-02-01] ()
2 OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800 2006-02-01] ()
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_a5f5c1b0b5075a4a\STacSV64.exe [246272 2008-05-06] (IDT, Inc.)
3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe XE [x]
2 OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE XE [x]

========================== Drivers (Whitelisted) =============

3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [72648 2010-07-12] (FTDI Ltd.)
3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [85320 2010-07-12] (FTDI Ltd.)
0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69152 2010-12-03] (Lavasoft AB)
3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2009-11-09] (Avid Technology, Inc.)
0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [333864 2009-02-09] (Silicon Image, Inc)
0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22568 2009-02-09] (Silicon Image, Inc.)
0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [16936 2009-02-09] (Silicon Image, Inc.)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-08-05] (Duplex Secure Ltd.)
3 motccgp; C:\Windows\System32\DRIVERS\motccgp.sys [x]
3 motccgpfl; C:\Windows\System32\DRIVERS\motccgpfl.sys [x]
3 MotDev; C:\Windows\System32\DRIVERS\motodrv.sys [x]
3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [x]
3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [x]
3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2011-09-15 16:32 - 2011-09-16 08:24 - 524288000 ____A C:\REMOVE_THIS_FILE.livecd.swap
2011-09-13 07:59 - 2011-09-13 12:13 - 0000000 ___HD C:\Users\Seth\AppData\Local\MicrosoftNT
2011-09-13 07:59 - 2011-09-13 08:00 - 0000900 ____A C:\Users\Seth\AppData\Roaming\BF20.E66
2011-09-13 06:06 - 2011-09-13 06:06 - 2532701 ____A C:\Users\Seth\Downloads\mitchell on demand (1).nzb
2011-09-13 06:06 - 2011-09-13 06:06 - 0000000 ____A C:\Steam.log
2011-09-13 06:06 - 2011-09-13 06:06 - 0000000 ____A C:\ClientRegistry.blob
2011-09-13 06:05 - 2011-09-13 06:05 - 0001556 ____A C:\Users\Seth\Downloads\mitchell on demand.nzb
2011-09-02 12:53 - 2011-09-02 12:53 - 0000000 ____D C:\Windows\System32\SPReview
2011-09-02 12:52 - 2011-09-02 12:52 - 0000000 ____D C:\Windows\System32\EventProviders
2011-08-31 18:21 - 2011-08-31 18:21 - 0251702 ____A C:\Users\Seth\Downloads\dire straits.nzb
2011-08-31 13:52 - 2011-08-31 13:52 - 16275904 ____A (Nullsoft, Inc.) C:\Users\Seth\Downloads\winamp5621_pro_all.exe
2011-08-24 13:18 - 2011-08-24 13:18 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-08-24 12:57 - 2011-08-24 12:57 - 9704448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-08-24 12:57 - 2011-08-24 12:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-08-24 12:57 - 2011-08-24 12:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-24 12:57 - 2011-08-24 12:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-24 12:57 - 2011-08-24 12:57 - 2303488 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 2143232 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1797632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 17782272 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-08-24 12:57 - 2011-08-24 12:57 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-08-24 12:57 - 2011-08-24 12:57 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 12273664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe(4234).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-08-24 12:57 - 2011-08-24 12:57 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-08-24 12:57 - 2011-08-24 12:57 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui(4233).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng(4232).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-08-24 12:57 - 2011-08-24 12:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-08-24 12:57 - 2011-08-24 12:57 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-08-24 12:57 - 2011-08-24 12:57 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-08-24 12:57 - 2011-08-24 12:57 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-08-24 12:54 - 2011-08-24 13:00 - 0004239 ____A C:\Windows\IE9_main.log
2011-08-24 12:45 - 2011-08-24 12:45 - 0002491 ____A C:\Users\Public\Desktop\Safari.lnk
2011-08-24 12:45 - 2011-08-24 12:45 - 0000000 ____D C:\Program Files (x86)\Safari
2011-08-24 11:14 - 2011-09-16 00:23 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-08-24 11:14 - 2011-08-24 11:14 - 0001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-08-24 11:14 - 2011-08-24 11:14 - 0000000 ____D C:\Program Files\iTunes
2011-08-24 11:14 - 2011-08-24 11:14 - 0000000 ____D C:\Program Files\iPod
2011-08-23 13:54 - 2011-07-08 21:26 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-08-23 13:54 - 2011-07-08 20:29 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-08-17 07:06 - 2011-08-17 07:06 - 0000857 ____A C:\Users\Public\Desktop\Pandora.lnk
2011-08-17 07:06 - 2011-08-17 07:06 - 0000000 ____D C:\Users\Seth\AppData\Roaming\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
2011-08-17 07:06 - 2011-08-17 07:06 - 0000000 ____D C:\Program Files (x86)\Pandora


============ 3 Months Modified Files and Folders =============

2011-09-16 17:04 - 2011-09-16 16:52 - 0000000 ____D C:\FRST
2011-09-16 08:24 - 2011-09-15 16:32 - 524288000 ____A C:\REMOVE_THIS_FILE.livecd.swap
2011-09-16 00:27 - 2010-07-20 17:23 - 0000000 ____D C:\users\Seth
2011-09-16 00:27 - 2009-07-13 23:47 - 0000000 ____D C:\Program Files\Windows Journal
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\addins
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Portable Devices
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Defender
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\DVD Maker
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2011-09-16 00:27 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Defender
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 __RSD C:\Windows\Media
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 __RHD C:\Users\Public\Libraries
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Public
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\TAPI
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\zh-TW
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sppui
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ras
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\hu-HU
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\hr-HR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\he-IL
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\fr-FR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\fi-FI
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\et-EE
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\el-GR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\de-DE
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\com
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\bg-BG
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\ar-SA
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-TW
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-HK
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\zh-CN
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\uk-UA
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\tr-TR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\th-TH
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sysprep
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sv-SE
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sr-Latn-CS
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sppui
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sl-SI
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Setup
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ru-RU
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ras
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-PT
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pt-BR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\pl-PL
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\oobe
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nl-NL
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\nb-NO
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Msdtc
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\migwiz
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\manifeststore
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lv-LV
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\lt-LT
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ko-KR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ja-JP
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\it-IT
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hu-HU
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\hr-HR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\he-IL
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fr-FR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\fi-FI
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\et-EE
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\es-ES
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\el-GR
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Dism
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\de-DE
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\da-DK
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\com
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\bg-BG
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ar-SA
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\servicing
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Cursors
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2011-09-16 00:27 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Services
2011-09-16 00:24 - 2010-08-24 11:11 - 0000000 ____D C:\Windows\Minidump
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\winrm
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\WCN
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\slmgr
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\winrm
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\WCN
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\slmgr
2011-09-16 00:24 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2011-09-16 00:24 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\Setup
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Msdtc
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\spp
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Speech
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\SMI
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Speech
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\security
2011-09-16 00:24 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\schemas
2011-09-16 00:23 - 2011-08-24 11:14 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-09-16 00:23 - 2011-01-28 12:45 - 0000000 ____D C:\Program Files (x86)\Avanquest update
2011-09-16 00:23 - 2011-01-28 12:43 - 0000000 ____D C:\Program Files (x86)\Motorola Phone Tools
2011-09-16 00:23 - 2011-01-10 17:35 - 0000000 ____D C:\Program Files (x86)\GrabIt
2011-09-16 00:23 - 2011-01-10 15:16 - 0000000 ____D C:\Program Files (x86)\TidySongs
2011-09-16 00:23 - 2011-01-03 07:36 - 0000000 ____D C:\Users\Seth\AppData\Roaming\Winamp
2011-09-16 00:23 - 2011-01-03 07:36 - 0000000 ____D C:\Program Files (x86)\Winamp Detect
2011-09-16 00:23 - 2011-01-03 07:36 - 0000000 ____D C:\Program Files (x86)\Winamp
2011-09-16 00:23 - 2011-01-02 15:53 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-09-16 00:23 - 2010-08-24 05:20 - 0000000 ____D C:\Program Files (x86)\ImgBurn
2011-09-16 00:23 - 2010-08-05 13:21 - 0000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2011-09-16 00:23 - 2010-08-02 10:12 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2011-09-16 00:23 - 2010-07-28 19:03 - 0000000 ____D C:\Users\Seth\AppData\Roaming\vlc
2011-09-16 00:23 - 2010-07-27 13:57 - 0000000 ____D C:\Program Files (x86)\Microsoft Works
2011-09-16 00:23 - 2010-07-27 13:53 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-09-16 00:23 - 2010-07-27 13:53 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-09-16 00:23 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-09-16 00:23 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2011-09-16 00:22 - 2010-09-07 20:04 - 0000000 ____D C:\df491298bf768ef24faa51293606f197
2011-09-16 00:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2011-09-16 00:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Web
2011-09-16 00:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Vss
2011-09-16 00:00 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WindowsPowerShell
2011-09-16 00:00 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2011-09-15 23:54 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Performance
2011-09-15 23:54 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Resources
2011-09-15 23:54 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PLA
2011-09-15 23:53 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Branding
2011-09-15 23:50 - 2010-07-20 17:23 - 0000000 ____D C:\Users\Seth\AppData\LocalLow
2011-09-15 23:50 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Default
2011-09-15 23:49 - 2010-08-30 17:22 - 0000000 ____D C:\Program Files\M-Audio
2011-09-15 23:49 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Windows NT
2011-09-15 23:49 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\SpeechEngines
2011-09-15 23:43 - 2010-07-27 13:53 - 0000000 __RHD C:\MSOCache
2011-09-13 12:35 - 2009-07-13 23:45 - 0000000 ___RD C:\Users\Public\Recorded TV
2011-09-13 12:13 - 2011-09-13 07:59 - 0000000 ___HD C:\Users\Seth\AppData\Local\MicrosoftNT
2011-09-13 08:00 - 2011-09-13 07:59 - 0000900 ____A C:\Users\Seth\AppData\Roaming\BF20.E66
2011-09-13 06:10 - 2011-01-30 13:15 - 0000000 ____D C:\Users\Seth\AppData\Roaming\GrabIt
2011-09-13 06:06 - 2011-09-13 06:06 - 2532701 ____A C:\Users\Seth\Downloads\mitchell on demand (1).nzb
2011-09-13 06:06 - 2011-09-13 06:06 - 0000000 ____A C:\Steam.log
2011-09-13 06:06 - 2011-09-13 06:06 - 0000000 ____A C:\ClientRegistry.blob
2011-09-13 06:05 - 2011-09-13 06:05 - 0001556 ____A C:\Users\Seth\Downloads\mitchell on demand.nzb
2011-09-13 04:38 - 2011-01-28 13:48 - 0111688 ____A C:\Incoming Mails.csv
2011-09-06 23:00 - 2010-07-20 20:14 - 1861559 ____A C:\Windows\WindowsUpdate.log
2011-09-06 22:49 - 2011-01-03 07:19 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3549504995-3795689551-1692166654-1000UA.job
2011-09-06 13:49 - 2011-01-03 07:19 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3549504995-3795689551-1692166654-1000Core.job
2011-09-06 05:07 - 2009-07-13 20:45 - 0013664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-09-06 05:07 - 2009-07-13 20:45 - 0013664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-09-05 12:50 - 2011-01-03 07:20 - 0002358 ____A C:\Users\Seth\Desktop\Google Chrome.lnk
2011-09-05 12:49 - 2010-07-20 17:23 - 0000174 __ASH C:\Users\Seth\Start Menu\Programs\Startup\desktop.ini
2011-09-05 12:49 - 2010-07-20 17:23 - 0000174 __ASH C:\Users\Seth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2011-09-05 06:35 - 2011-05-02 06:34 - 0000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2011-09-05 06:35 - 2011-05-02 06:34 - 0000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2011-09-03 23:09 - 2009-07-13 21:13 - 0736578 ____A C:\Windows\System32\PerfStringBackup.INI
2011-09-03 23:04 - 2010-07-20 20:11 - 2414682112 __ASH C:\hiberfil.sys
2011-09-03 23:04 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-09-03 23:04 - 2009-07-13 20:51 - 0047337 ____A C:\Windows\setupact.log
2011-09-02 23:08 - 2009-07-13 20:45 - 4977280 ____A C:\Windows\System32\FNTCACHE.DAT
2011-09-02 23:04 - 2010-07-27 16:33 - 0147916 ____A C:\Windows\PFRO.log
2011-09-02 13:57 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2011-09-02 13:07 - 2010-07-27 13:53 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2011-09-02 13:04 - 2009-07-13 18:36 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2011-09-02 13:04 - 2009-07-13 18:36 - 0152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2011-09-02 12:53 - 2011-09-02 12:53 - 0000000 ____D C:\Windows\System32\SPReview
2011-09-02 12:52 - 2011-09-02 12:52 - 0000000 ____D C:\Windows\System32\EventProviders
2011-08-31 18:21 - 2011-08-31 18:21 - 0251702 ____A C:\Users\Seth\Downloads\dire straits.nzb
2011-08-31 13:54 - 2011-01-03 07:36 - 0000983 ____A C:\Users\Public\Desktop\Winamp.lnk
2011-08-31 13:52 - 2011-08-31 13:52 - 16275904 ____A (Nullsoft, Inc.) C:\Users\Seth\Downloads\winamp5621_pro_all.exe
2011-08-24 13:18 - 2011-08-24 13:18 - 0404640 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-08-24 13:18 - 2010-08-16 14:56 - 0000000 ____D C:\Users\Seth\AppData\Local\Deployment
2011-08-24 13:00 - 2011-08-24 12:54 - 0004239 ____A C:\Windows\IE9_main.log
2011-08-24 12:57 - 2011-08-24 12:57 - 9704448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-08-24 12:57 - 2011-08-24 12:57 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-08-24 12:57 - 2011-08-24 12:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-08-24 12:57 - 2011-08-24 12:57 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-08-24 12:57 - 2011-08-24 12:57 - 2303488 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 2143232 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1797632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 17782272 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-08-24 12:57 - 2011-08-24 12:57 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-08-24 12:57 - 2011-08-24 12:57 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 12273664 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe(4234).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-08-24 12:57 - 2011-08-24 12:57 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-08-24 12:57 - 2011-08-24 12:57 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui(4233).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng(4232).dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-08-24 12:57 - 2011-08-24 12:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-08-24 12:57 - 2011-08-24 12:57 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-08-24 12:57 - 2011-08-24 12:57 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-08-24 12:57 - 2011-08-24 12:57 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-08-24 12:57 - 2011-08-24 12:57 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-08-24 12:57 - 2011-08-24 12:57 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-08-24 12:45 - 2011-08-24 12:45 - 0002491 ____A C:\Users\Public\Desktop\Safari.lnk
2011-08-24 12:45 - 2011-08-24 12:45 - 0000000 ____D C:\Program Files (x86)\Safari
2011-08-24 12:44 - 2010-07-26 15:01 - 0000000 ____D C:\Users\Seth\AppData\Local\Apple Computer
2011-08-24 11:14 - 2011-08-24 11:14 - 0001783 ____A C:\Users\Public\Desktop\iTunes.lnk
2011-08-24 11:14 - 2011-08-24 11:14 - 0000000 ____D C:\Program Files\iTunes
2011-08-24 11:14 - 2011-08-24 11:14 - 0000000 ____D C:\Program Files\iPod
2011-08-17 07:06 - 2011-08-17 07:06 - 0000857 ____A C:\Users\Public\Desktop\Pandora.lnk
2011-08-17 07:06 - 2011-08-17 07:06 - 0000000 ____D C:\Users\Seth\AppData\Roaming\com.pandora.desktop.FB9956FD96E03239939108614098AD95535EE674.1
2011-08-17 07:06 - 2011-08-17 07:06 - 0000000 ____D C:\Program Files (x86)\Pandora
2011-08-15 17:16 - 2011-08-15 17:16 - 0341403 ____A C:\Users\Seth\Downloads\10.jpg
2011-08-09 23:08 - 2010-07-29 16:05 - 54065608 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2011-08-05 09:33 - 2011-08-05 09:33 - 0734837 ____A C:\Users\Seth\Documents\car5.jpg
2011-08-05 09:33 - 2011-08-05 09:27 - 0001456 ____A C:\Users\Seth\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-08-05 09:32 - 2011-08-05 09:32 - 0769730 ____A C:\Users\Seth\Documents\car4.jpg
2011-08-05 09:29 - 2011-08-05 09:29 - 1773831 ____A C:\Users\Seth\Documents\car3.gif
2011-08-05 09:28 - 2011-08-05 09:28 - 1855587 ____A C:\Users\Seth\Documents\car2.gif
2011-08-05 09:27 - 2011-08-05 09:27 - 1734082 ____A C:\Users\Seth\Documents\car1.gif
2011-08-05 09:26 - 2010-07-20 18:14 - 0000000 ____D C:\Users\Seth\AppData\Roaming\Adobe
2011-08-05 09:25 - 2010-08-03 23:14 - 0000000 ____D C:\Users\Seth\AppData\Local\Adobe
2011-08-05 09:18 - 2011-08-05 09:18 - 0003673 ____A C:\Windows\SysWOW64\jupdate-1.6.0_26-b03.log
2011-08-05 09:18 - 2011-01-19 23:46 - 0000000 ____D C:\Program Files (x86)\Java
2011-08-05 09:15 - 2011-08-05 09:15 - 0910112 ____A (Sun Microsystems, Inc.) C:\Users\Seth\Downloads\chromeinstall-6u26 (1).exe
2011-08-05 09:14 - 2011-08-05 09:14 - 0910112 ____A (Sun Microsystems, Inc.) C:\Users\Seth\Downloads\chromeinstall-6u26.exe
2011-08-04 14:47 - 2011-08-04 14:47 - 0000000 ____D C:\Program Files\Motorola Inc
2011-08-04 14:10 - 2011-08-04 14:10 - 0000000 ____D C:\Program Files\Bonjour
2011-08-04 14:10 - 2011-08-04 14:10 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-08-04 14:09 - 2011-08-04 14:09 - 0001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2011-08-04 14:09 - 2011-08-04 14:09 - 0000000 ____D C:\Program Files (x86)\QuickTime
2011-08-04 13:50 - 2011-08-04 13:50 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-07-15 21:41 - 2011-08-09 17:10 - 0362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2011-07-15 21:41 - 2011-08-09 17:10 - 0243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2011-07-15 21:41 - 2011-08-09 17:10 - 0013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2011-07-15 21:39 - 2011-08-09 17:10 - 0016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2011-07-15 21:37 - 2011-08-09 17:10 - 1162752 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2011-07-15 21:37 - 2011-08-09 17:10 - 0421888 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-15 21:21 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2011-07-15 20:29 - 2011-08-09 17:10 - 0014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2011-07-15 20:25 - 2011-08-09 17:10 - 0025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2011-07-15 20:24 - 2011-08-09 17:10 - 1114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2011-07-15 20:24 - 2011-08-09 17:10 - 0272384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2011-07-15 20:24 - 2011-08-09 17:10 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-15 20:15 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-15 18:21 - 2011-08-09 17:10 - 0007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2011-07-15 18:21 - 2011-08-09 17:10 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2011-07-15 18:17 - 2011-08-09 17:10 - 0006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-15 18:17 - 2011-08-09 17:10 - 0004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-15 18:17 - 2011-08-09 17:10 - 0003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-15 18:17 - 2011-08-09 17:10 - 0003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0212840 ____A (Apple Inc.) C:\Windows\System32\dnssdX.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0096104 ____A (Apple Inc.) C:\Windows\System32\dns-sd.exe
2011-07-12 07:34 - 2011-07-12 07:34 - 0085864 ____A (Apple Inc.) C:\Windows\System32\dnssd.dll
2011-07-12 07:34 - 2011-07-12 07:34 - 0061288 ____A (Apple Inc.) C:\Windows\System32\jdns_sd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0178536 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssdX.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0083816 ____A (Apple Inc.) C:\Windows\SysWOW64\dns-sd.exe
2011-07-12 07:20 - 2011-07-12 07:20 - 0073064 ____A (Apple Inc.) C:\Windows\SysWOW64\dnssd.dll
2011-07-12 07:20 - 2011-07-12 07:20 - 0050536 ____A (Apple Inc.) C:\Windows\SysWOW64\jdns_sd.dll
2011-07-08 21:26 - 2011-08-23 13:54 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2011-07-08 20:29 - 2011-08-23 13:54 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2011-07-08 18:46 - 2011-08-09 17:10 - 0288768 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-07-05 14:37 - 2011-07-05 14:37 - 0094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx
2011-07-05 14:37 - 2011-07-05 14:37 - 0069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts
2011-06-30 06:34 - 2011-01-03 07:32 - 0055384 ____A (Sunbelt Software) C:\Windows\System32\Drivers\SBREDrv.sys
2011-06-23 21:34 - 2011-08-09 17:10 - 0214528 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2011-06-23 21:25 - 2011-08-09 17:10 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2011-06-23 21:25 - 2011-08-09 17:10 - 0338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost(4115).exe
2011-06-22 21:43 - 2011-08-09 17:09 - 5561216 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2011-06-22 20:33 - 2011-08-09 17:09 - 3967872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2011-06-22 20:33 - 2011-08-09 17:09 - 3912576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2011-06-20 22:34 - 2011-08-09 17:10 - 1923968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2011-06-19 19:40 - 2011-01-02 15:49 - 0000000 ____D C:\Users\Seth\AppData\Local\Windows Live

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 23%
Total physical RAM: 3070.41 MB
Available physical RAM: 2346.99 MB
Total Pagefile: 3068.56 MB
Available Pagefile: 2429.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:232.79 GB) (Free:150.54 GB) NTFS
3 Drive f: () (Removable) (Total:3.91 GB) (Free:3.86 GB) NTFS
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==========================================================

Last Boot: 2011-09-11 20:30

======================= End Of Log ==========================

Edited by farbar, 16 September 2011 - 04:45 PM.


#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:34 AM

Posted 16 September 2011 - 04:48 PM

Well done. :thumbup2:

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
cmd: bootrec /FixMbr
Control: 
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Also please restart, let the computer boot normally and tell me how it went.

#13 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 05:02 PM

WOW! Looks like I have a working system again! You guys rock! What happened?

Attached Files



#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:34 AM

Posted 16 September 2011 - 05:10 PM

Great. :thumbsup:

We just got rid of the MBR infection. Let's check the system for any remaining issue.

Please download Malwarebytes' Anti-Malware from one of these locations:
malwarebytes.org
majorgeeks.com
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the MBAM log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


#15 beerbarrel

beerbarrel
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 16 September 2011 - 05:11 PM

Im a registered MBAM user. It is running now....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users