Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows wont boot after using tdsskiller.exe


  • This topic is locked This topic is locked
2 replies to this topic

#1 legacyhazell

legacyhazell

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:35 PM

Posted 07 January 2012 - 08:10 AM

Greetings.
Pardon me if i'm posting this under the wrong thread.

Last few weeks, my laptop get infected by Boo/TDSS.o virus rootkit. And I've already removed it using the TDSSkiller.exe from Kaspersky.
But the poblem is, my laptop just won't boot after the removal. It shows BSOD. The system repair also does not help in fixing this.
Please help me. There are many important files in the laptop including my final year projects :(


Here is the log of Farbar Recovery Scan Tool.



Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.3.2
Ran by SYSTEM at 2012-01-07 20:51:02
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [2184808 2010-12-17] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391704 2011-01-23] (Intel Corporation)
HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1933584 2010-11-02] (Intel® Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [258512 2011-10-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ISTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI [2659256 2011-11-22] (PC Tools)
HKU\PC\...\Run: [] [x]
HKU\PC\...\Run: [AdobeBridge] [x]
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0A61802D-C217-44E0-8642-2ABD73C74CC9}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3191254C-F992-4CA8-BE57-51D7A44B55FA}: [NameServer]8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5BD05A83-3C43-44A2-A41E-E0C6052E7AC6}: [NameServer]58.71.136.10 58.71.132.10

==================== Services (Whitelisted) ======

3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [86224 2011-10-19] (Avira Operations GmbH & Co. KG)
2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [110032 2011-10-19] (Avira Operations GmbH & Co. KG)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 Browser Defender Update Service; "C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe" [546768 2011-11-14] (Threat Expert Ltd.)
2 IAStorDataMgrSvc; "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [13336 2010-09-13] (Intel Corporation)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [65824 2006-10-26] (Microsoft Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe" [398176 2010-11-27] (Sony Corporation)
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata" [257936 2010-08-12] (Sony Corporation)
2 sdAuxService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [402336 2011-11-22] (PC Tools)
2 sdCoreService; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [1117624 2011-11-22] (PC Tools)
3 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [633856 2011-06-07] (Nokia)
2 SOHCImp; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe" [108400 2010-09-10] (Sony Corporation)
2 SOHDms; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe" [423280 2010-10-12] (Sony Corporation)
2 SOHDs; "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe" [67952 2010-09-10] (Sony Corporation)
3 SpfService; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe" [303872 2010-09-27] (Sony Corporation)
3 ThreatFire; C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [71008 2011-11-22] (PC Tools)
2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
2 UI Assistant Service; C:\Program Files (x86)\Celcom Broadband\AssistantServices.exe [255800 2010-07-22] ()
2 UNS; "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" [2656280 2010-12-27] (Intel Corporation)
2 VAIO Event Service; "C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe" [95632 2010-12-23] (Sony Corporation)
2 VAIO Power Management; "C:\Program Files\Sony\VAIO Power Management\SPMService.exe" [584080 2010-12-06] (Sony Corporation)
2 VCFw; "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe" [864000 2010-09-27] (Sony Corporation)
3 VcmIAlzMgr; "C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" [549168 2010-10-25] (Sony Corporation)
3 VcmINSMgr; "C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe" [387896 2010-10-25] (Sony Corporation)
3 VcmXmlIfHelper; "C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe" [101152 2010-10-25] (Sony Corporation)
2 VSNService; "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" [923024 2010-12-09] (Sony Corporation)
3 VUAgent; "C:\Program Files\Sony\VAIO Update 5\VUAgent.exe" [1021840 2011-04-19] (Sony Corporation)
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [x]

========================== Drivers (Whitelisted) =============

3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97312 2011-10-19] (Avira GmbH)
1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130760 2011-12-11] (Avira GmbH)
1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-10-19] (Avira GmbH)
2 cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2010-11-08] (CPUID)
3 e1yexpress; C:\Windows\System32\DRIVERS\e1y60x64.sys [281088 2009-06-10] (Intel Corporation)
3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [249856 2010-03-23] (Huawei Technologies Co., Ltd.)
3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [120704 2010-03-24] (Huawei Technologies Co., Ltd.)
3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2010-03-19] (Huawei Technologies Co., Ltd.)
2 IDMWFP; C:\Windows\System32\DRIVERS\idmwfp.sys [145008 2011-07-06] (Tonec Inc.)
3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12252192 2011-01-23] (Intel Corporation)
3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2010-06-02] (MBB Incorporated)
3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (MagicISO, Inc.)
3 netr7364; C:\Windows\System32\DRIVERS\netr7364.sys [729152 2011-10-04] (Ralink Technology, Corp.)
3 NETwNs64; C:\Windows\System32\DRIVERS\NETwNs64.sys [8500736 2010-11-09] (Intel Corporation)
3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-05-17] (Nokia)
3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-05-17] (Nokia)
3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-27] (Nokia)
3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [70760 2011-09-27] (PC Tools)
0 pctBTFix; C:\Windows\System32\Drivers\pctBTFix64.sys [14776 2011-11-22] (PC Tools)
0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [367912 2011-11-13] (PC Tools)
0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2011-10-07] (PC Tools)
1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [230952 2011-11-22] (PC Tools)
2 rimspci; C:\Windows\System32\drivers\rimssne64.sys [102400 2010-12-17] (REDC)
2 risdsnpe; C:\Windows\System32\drivers\risdsnxc64.sys [98816 2010-12-26] (REDC)
0 TfFsMon; C:\Windows\System32\drivers\TfFsMon.sys [65664 2011-11-22] (PC Tools)
3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [41968 2011-11-22] (PC Tools)
0 TfSysMon; C:\Windows\System32\drivers\TfSysMon.sys [706776 2011-11-22] (PC Tools)
3 TPM; C:\Windows\System32\drivers\tpm.sys [38400 2009-07-13] (Microsoft Corporation)
3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-05-17] (Nokia)
3 usbser; C:\Windows\System32\drivers\usbser.sys [32768 2009-07-13] (Microsoft Corporation)
3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-05-17] (Nokia)
3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [119680 2010-05-18] (ZTE Incorporated)
3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [119680 2010-05-18] (ZTE Incorporated)
3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [119680 2010-05-18] (ZTE Incorporated)
3 dump_wmimmc; \??\E:\Games\Fifa Online 2\GameGuard\dump_wmimmc.sys [x]
3 npggsvc; C:\Windows\system32\GameMon.des -service [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-01-07 20:50 - 2012-01-07 20:51 - 0000000 ____D C:\FRST
2012-01-07 03:08 - 2012-01-07 03:09 - 0090122 ____A C:\TDSSKiller.2.6.25.0_07.01.2012_19.08.09_log.txt
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-01-06 23:02 - 2012-01-06 23:02 - 0000000 ____D C:\Users\PC\AppData\Roaming\PE Explorer
2012-01-06 22:53 - 2012-01-06 22:53 - 1558406 ____A C:\Users\PC\Desktop\tdsskiller.zip
2012-01-06 22:47 - 2012-01-07 19:12 - 0000000 ____D C:\Program Files (x86)\Resource Tuner
2012-01-06 22:47 - 2012-01-06 22:48 - 0000000 ____D C:\Users\PC\AppData\Roaming\Resource Tuner
2012-01-06 22:27 - 2012-01-07 19:12 - 0000000 ____D C:\Users\PC\Desktop\Virus Removal Tool
2012-01-06 22:27 - 2012-01-06 22:27 - 0000000 ____D C:\Users\All Users\is-MTELV
2012-01-06 22:27 - 2012-01-06 22:27 - 0000000 ____D C:\ProgramData\is-MTELV
2012-01-06 21:21 - 2012-01-06 21:28 - 0000779 ____A C:\rkill.log
2012-01-06 07:23 - 2011-11-22 02:20 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2012-01-06 07:23 - 2011-11-22 02:20 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2012-01-06 07:23 - 2011-11-22 02:20 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2012-01-06 05:37 - 2012-01-06 05:37 - 2290841 ____A C:\Windows\System32\Drivers\Cat.DB
2012-01-06 04:58 - 2011-11-14 00:07 - 2246608 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-01-06 04:58 - 2011-11-14 00:07 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-01-06 04:58 - 2011-11-14 00:07 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-01-06 04:58 - 2011-11-14 00:06 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-01-06 04:58 - 2011-09-27 21:14 - 0070760 ____A (PC Tools) C:\Windows\System32\Drivers\PCTBD64.sys
2012-01-06 04:58 - 2011-05-16 23:47 - 0003488 ____A C:\Windows\UDB.zip
2012-01-06 04:58 - 2010-08-19 18:50 - 0000882 ____A C:\Windows\RegSDImport.xml
2012-01-06 04:58 - 2010-01-21 17:44 - 0000879 ____A C:\Windows\RegISSImport.xml
2012-01-06 04:58 - 2008-11-25 20:08 - 0000131 ____A C:\Windows\IDB.zip
2012-01-06 04:57 - 2012-01-06 04:57 - 0002241 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-01-06 04:57 - 2011-11-22 03:43 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-01-06 04:57 - 2011-11-22 03:41 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2012-01-06 04:57 - 2011-11-22 03:38 - 0337048 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-01-06 04:57 - 2011-11-22 03:38 - 0141312 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-01-06 04:56 - 2012-01-06 04:56 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-01-06 04:21 - 2011-11-22 03:42 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-01-06 04:21 - 2011-11-13 23:12 - 0367912 ____A (PC Tools) C:\Windows\System32\Drivers\PCTCore64.sys
2012-01-06 04:21 - 2011-10-07 01:52 - 0816016 ____A (PC Tools) C:\Windows\System32\Drivers\pctEFA64.sys
2012-01-06 04:21 - 2011-10-07 01:52 - 0452872 ____A (PC Tools) C:\Windows\System32\Drivers\pctDS64.sys
2012-01-06 04:19 - 2012-01-06 04:19 - 0001511 ____A C:\Users\PC\Desktop\sdsetup_aff.exe.lnk
2012-01-06 04:19 - 2012-01-06 04:19 - 0000000 ____D C:\Users\PC\AppData\Roaming\TestApp
2012-01-06 04:18 - 2012-01-06 04:18 - 3834832 ____A (PC Tools) C:\Users\PC\Downloads\sdsetup_aff.exe
2012-01-06 04:14 - 2012-01-06 05:33 - 0075858 ____A C:\Windows\ntbtlog.txt
2012-01-04 06:58 - 2012-01-06 04:57 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-01-04 06:58 - 2012-01-06 04:57 - 0000000 ___HD C:\ProgramData\PC Tools
2012-01-04 06:58 - 2012-01-04 08:17 - 0000000 ____D C:\Program Files (x86)\Spyware Doctor
2012-01-04 06:58 - 2012-01-04 06:58 - 0000000 ___HD C:\Users\PC\AppData\Roaming\PC Tools
2012-01-04 06:24 - 2012-01-04 06:27 - 0000448 ___AH C:\Users\All Users\JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:27 - 0000448 ___AH C:\ProgramData\JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0358258 ___AH C:\Users\All Users\JVGxNOWW0yd40S.exe
2012-01-04 06:24 - 2012-01-04 06:24 - 0358258 ___AH C:\ProgramData\JVGxNOWW0yd40S.exe
2012-01-04 06:24 - 2012-01-04 06:24 - 0000653 ___AH C:\Users\PC\Desktop\System Check.lnk
2012-01-04 06:24 - 2012-01-04 06:24 - 0000272 ___AH C:\Users\All Users\~JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0000272 ___AH C:\ProgramData\~JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0000160 ___AH C:\Users\All Users\~JVGxNOWW0yd40Sr
2012-01-04 06:24 - 2012-01-04 06:24 - 0000160 ___AH C:\ProgramData\~JVGxNOWW0yd40Sr
2012-01-04 06:22 - 2012-01-04 06:19 - 0444274 __ASH C:\Users\All Users\FtJthnNSvuydIr.exe
2012-01-04 06:22 - 2012-01-04 06:19 - 0444274 __ASH C:\ProgramData\FtJthnNSvuydIr.exe
2012-01-01 23:00 - 2012-01-01 23:00 - 0572588 ___AH C:\Users\PC\Desktop\Trans 1 Malaysia Registration Form.docx
2011-12-28 20:41 - 2012-01-04 06:23 - 0002020 ____A C:\Windows\PFRO.log
2011-12-15 09:28 - 2011-12-15 09:30 - 17222142 ___AH C:\Users\PC\Desktop\iphone_user_guide.pdf
2011-12-15 09:10 - 2011-12-19 07:19 - 0000000 ___HD C:\Users\PC\Documents\Iphone App
2011-12-15 08:25 - 2011-12-15 08:26 - 0000000 ____D C:\Program Files\iTunes
2011-12-15 08:25 - 2011-12-15 08:26 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-12-15 08:25 - 2011-12-15 08:25 - 0000000 ____D C:\Program Files\iPod
2011-12-15 08:24 - 2011-12-15 08:24 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-12-15 08:12 - 2012-01-07 19:12 - 0000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2011-12-15 04:50 - 2009-05-17 21:17 - 0034152 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2011-12-15 04:50 - 2008-04-16 20:12 - 0126312 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
2011-12-15 04:50 - 2008-04-16 20:12 - 0107368 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2011-12-15 04:07 - 2012-01-04 08:17 - 0000000 ___HD C:\Users\PC\AppData\Roaming\MediaMonkey
2011-12-15 04:07 - 2011-12-15 04:07 - 0000000 ___HD C:\Users\All Users\MediaMonkey
2011-12-15 04:07 - 2011-12-15 04:07 - 0000000 ___HD C:\ProgramData\MediaMonkey
2011-12-15 04:06 - 2011-12-15 04:07 - 0000000 ____D C:\Program Files (x86)\MediaMonkey
2011-12-12 01:42 - 2012-01-06 07:25 - 0006228 ____A C:\Windows\setupact.log
2011-12-12 01:42 - 2011-12-12 01:42 - 0000000 ____A C:\Windows\setuperr.log
2011-12-11 00:44 - 2012-01-04 08:17 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Red Giant Link
2011-12-11 00:44 - 2011-12-11 00:48 - 0000000 ___HD C:\Users\PC\AppData\Local\LooksBuilder
2011-12-11 00:43 - 2011-12-11 00:43 - 0000000 ____D C:\Program Files (x86)\Red Giant Link
2011-12-11 00:43 - 2011-12-11 00:43 - 0000000 ____D C:\Program Files (x86)\LooksBuilder
2011-12-11 00:27 - 2012-01-04 08:17 - 0000000 ___HD C:\Users\PC\AppData\Local\Downloaded Installations
2011-12-11 00:27 - 2012-01-04 08:17 - 0000000 ___HD C:\Users\All Users\RedGiant
2011-12-11 00:27 - 2012-01-04 08:17 - 0000000 ___HD C:\ProgramData\RedGiant
2011-12-10 15:53 - 2011-12-10 15:53 - 0000000 ___HD C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-12-08 20:11 - 2012-01-04 08:17 - 0000000 ___HD C:\Program Files (x86)\Maxis Broadband
2011-12-08 20:11 - 2010-03-24 18:08 - 0120704 ____A (Huawei Technologies Co., Ltd.) C:\Windows\System32\Drivers\ewusbmdm.sys
2011-12-08 20:11 - 2010-03-23 21:58 - 0249856 ____A (Huawei Technologies Co., Ltd.) C:\Windows\System32\Drivers\ewusbnet.sys
2011-12-08 20:11 - 2010-03-19 20:06 - 0013952 ____A (Huawei Technologies Co., Ltd.) C:\Windows\System32\Drivers\ew_usbenumfilter.sys
2011-12-08 20:11 - 2010-03-19 19:56 - 0114560 ____A (Huawei Technologies Co., Ltd.) C:\Windows\System32\Drivers\ewusbdev.sys
2011-12-08 20:11 - 2010-03-16 22:34 - 1001472 ____A (DiBcom SA) C:\Windows\System32\Drivers\mod7700.sys
2011-12-08 20:11 - 2010-01-18 02:48 - 0032768 ____A (Huawei Tech. Co., Ltd.) C:\Windows\System32\Drivers\ewdcsc.sys
2011-12-08 03:22 - 2012-01-04 08:16 - 0000000 ___HD C:\Users\PC\Documents\Album

============ 3 Months Modified Files and Folders =============

2012-01-07 20:51 - 2012-01-07 20:50 - 0000000 ____D C:\FRST
2012-01-07 19:12 - 2012-01-06 22:47 - 0000000 ____D C:\Program Files (x86)\Resource Tuner
2012-01-07 19:12 - 2012-01-06 22:27 - 0000000 ____D C:\Users\PC\Desktop\Virus Removal Tool
2012-01-07 19:12 - 2011-12-15 08:12 - 0000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2012-01-07 19:12 - 2011-11-25 04:27 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Winamp
2012-01-07 19:12 - 2011-11-01 06:01 - 0000000 ___HD C:\Program Files (x86)\Celcom Broadband
2012-01-07 19:12 - 2011-09-17 01:16 - 0000000 __RHD C:\Users\PC\Documents\Virus Vault
2012-01-07 19:12 - 2011-09-17 00:55 - 0000000 ___HD C:\Program Files (x86)\FTH
2012-01-07 19:12 - 2011-08-30 02:09 - 0000000 ___HD C:\Users\PC\AppData\Roaming\TeraCopy
2012-01-07 19:12 - 2011-08-25 21:16 - 0000000 ___HD C:\Users\PC\Documents\Download
2012-01-07 19:12 - 2011-08-25 10:31 - 0000000 ____D C:\Program Files\Glary Utilities
2012-01-07 19:12 - 2011-08-23 00:02 - 0000000 ___HD C:\users\PC
2012-01-07 19:12 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-01-07 03:09 - 2012-01-07 03:08 - 0090122 ____A C:\TDSSKiller.2.6.25.0_07.01.2012_19.08.09_log.txt
2012-01-07 03:05 - 2011-08-22 23:58 - 3151392768 __ASH C:\hiberfil.sys
2012-01-07 03:04 - 2011-10-03 02:53 - 0000000 ___HD C:\Users\PC\AppData\Local\CrashDumps
2012-01-06 23:45 - 2011-08-25 10:53 - 0000000 ___HD C:\Users\PC\AppData\Roaming\DMCache
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\Users\PC\AppData\Roaming\Malwarebytes
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\Users\All Users\Malwarebytes
2012-01-06 23:33 - 2012-01-06 23:33 - 0000000 ____D C:\ProgramData\Malwarebytes
2012-01-06 23:02 - 2012-01-06 23:02 - 0000000 ____D C:\Users\PC\AppData\Roaming\PE Explorer
2012-01-06 22:53 - 2012-01-06 22:53 - 1558406 ____A C:\Users\PC\Desktop\tdsskiller.zip
2012-01-06 22:48 - 2012-01-06 22:47 - 0000000 ____D C:\Users\PC\AppData\Roaming\Resource Tuner
2012-01-06 22:27 - 2012-01-06 22:27 - 0000000 ____D C:\Users\All Users\is-MTELV
2012-01-06 22:27 - 2012-01-06 22:27 - 0000000 ____D C:\ProgramData\is-MTELV
2012-01-06 21:28 - 2012-01-06 21:21 - 0000779 ____A C:\rkill.log
2012-01-06 08:43 - 2011-08-25 16:20 - 0000844 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-739667627-1206552022-2804177893-1000Core.job
2012-01-06 08:30 - 2011-08-25 16:20 - 0000896 ___AH C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-739667627-1206552022-2804177893-1000UA.job
2012-01-06 07:35 - 2009-07-13 20:45 - 0019760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-01-06 07:35 - 2009-07-13 20:45 - 0019760 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-01-06 07:31 - 2011-08-23 00:01 - 1625225 ____A C:\Windows\WindowsUpdate.log
2012-01-06 07:26 - 2011-08-25 10:31 - 0000306 ____A C:\Windows\Tasks\GlaryInitialize.job
2012-01-06 07:25 - 2011-12-12 01:42 - 0006228 ____A C:\Windows\setupact.log
2012-01-06 07:25 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-01-06 05:37 - 2012-01-06 05:37 - 2290841 ____A C:\Windows\System32\Drivers\Cat.DB
2012-01-06 05:33 - 2012-01-06 04:14 - 0075858 ____A C:\Windows\ntbtlog.txt
2012-01-06 04:57 - 2012-01-06 04:57 - 0002241 ____A C:\Users\Public\Desktop\PC Tools Spyware Doctor.lnk
2012-01-06 04:57 - 2012-01-04 06:58 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-01-06 04:57 - 2012-01-04 06:58 - 0000000 ___HD C:\ProgramData\PC Tools
2012-01-06 04:56 - 2012-01-06 04:56 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-01-06 04:19 - 2012-01-06 04:19 - 0001511 ____A C:\Users\PC\Desktop\sdsetup_aff.exe.lnk
2012-01-06 04:19 - 2012-01-06 04:19 - 0000000 ____D C:\Users\PC\AppData\Roaming\TestApp
2012-01-06 04:18 - 2012-01-06 04:18 - 3834832 ____A (PC Tools) C:\Users\PC\Downloads\sdsetup_aff.exe
2012-01-04 08:18 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-01-04 08:17 - 2012-01-04 06:58 - 0000000 ____D C:\Program Files (x86)\Spyware Doctor
2012-01-04 08:17 - 2011-12-15 04:07 - 0000000 ___HD C:\Users\PC\AppData\Roaming\MediaMonkey
2012-01-04 08:17 - 2011-12-11 00:44 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Red Giant Link
2012-01-04 08:17 - 2011-12-11 00:27 - 0000000 ___HD C:\Users\PC\AppData\Local\Downloaded Installations
2012-01-04 08:17 - 2011-12-11 00:27 - 0000000 ___HD C:\Users\All Users\RedGiant
2012-01-04 08:17 - 2011-12-11 00:27 - 0000000 ___HD C:\ProgramData\RedGiant
2012-01-04 08:17 - 2011-12-08 20:11 - 0000000 ___HD C:\Program Files (x86)\Maxis Broadband
2012-01-04 08:17 - 2011-10-29 05:45 - 0000000 ___HD C:\Users\PC\Documents\BFBC2
2012-01-04 08:17 - 2011-10-05 00:08 - 0000000 ___HD C:\Users\PC\Documents\Savegame
2012-01-04 08:17 - 2011-10-05 00:07 - 0000000 ___HD C:\Users\PC\Documents\Software setup
2012-01-04 08:17 - 2011-09-24 07:31 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Command & Conquer 3 Tiberium Wars
2012-01-04 08:17 - 2011-09-07 20:03 - 0000000 ___HD C:\Users\PC\AppData\Roaming\vlc
2012-01-04 08:17 - 2011-09-03 17:12 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Skype
2012-01-04 08:17 - 2011-09-03 17:06 - 0000000 ___HD C:\Users\All Users\Yahoo!
2012-01-04 08:17 - 2011-09-03 17:06 - 0000000 ___HD C:\ProgramData\Yahoo!
2012-01-04 08:17 - 2011-09-03 16:27 - 0000000 ___HD C:\Users\PC\AppData\Roaming\SuperHideIP
2012-01-04 08:17 - 2011-09-01 03:26 - 0000000 ___HD C:\Users\PC\AppData\Roaming\IDM
2012-01-04 08:17 - 2011-08-26 06:17 - 0000000 ___HD C:\AMD
2012-01-04 08:17 - 2011-08-25 16:19 - 0000000 ___HD C:\Users\PC\AppData\Local\Apps\2.0
2012-01-04 08:17 - 2011-08-25 16:18 - 0000000 ___HD C:\Update
2012-01-04 08:17 - 2011-08-25 14:46 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Ubisoft
2012-01-04 08:17 - 2011-08-25 10:28 - 0000000 ___HD C:\Users\PC\AppData\Roaming\MiniLyrics
2012-01-04 08:17 - 2011-08-25 10:25 - 0000000 ____D C:\Program Files\Revo Uninstaller Pro
2012-01-04 08:17 - 2011-08-23 06:11 - 0000000 ___HD C:\Users\PC\AppData\Roaming\ArcSoft
2012-01-04 08:17 - 2011-08-23 00:02 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Sony Corporation
2012-01-04 08:17 - 2011-03-01 18:03 - 0000000 ___HD C:\SPLASH.SYS
2012-01-04 08:17 - 2011-03-01 17:36 - 0000000 ___HD C:\Users\All Users\Intel
2012-01-04 08:17 - 2011-03-01 17:36 - 0000000 ___HD C:\ProgramData\Intel
2012-01-04 08:16 - 2011-12-08 03:22 - 0000000 ___HD C:\Users\PC\Documents\Album
2012-01-04 08:16 - 2011-11-04 05:27 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Yahoo!
2012-01-04 08:16 - 2011-10-19 03:17 - 0000000 ___HD C:\Users\PC\Documents\Fax
2012-01-04 08:16 - 2011-10-18 05:08 - 0000000 ___HD C:\Users\PC\Documents\My Games
2012-01-04 08:16 - 2011-09-06 21:15 - 0000000 ___HD C:\Users\PC\Documents\UniKL 's Documents
2012-01-04 08:16 - 2011-09-03 16:17 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Xilisoft
2012-01-04 08:16 - 2011-08-25 11:19 - 0000000 ___HD C:\Users\PC\AppData\Roaming\GlarySoft
2012-01-04 08:16 - 2011-08-25 10:52 - 0000000 ___HD C:\Users\PC\AppData\Roaming\SoftGrid Client
2012-01-04 08:16 - 2011-08-25 10:23 - 0000000 ___HD C:\Users\PC\AppData\Local\VS Revo Group
2012-01-04 08:16 - 2011-08-23 00:04 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Macromedia
2012-01-04 08:16 - 2011-08-23 00:04 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Adobe
2012-01-04 08:16 - 2011-08-23 00:02 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Intel
2012-01-04 08:16 - 2011-08-23 00:02 - 0000000 ___HD C:\Users\PC\AppData\LocalLow
2012-01-04 08:16 - 2011-08-23 00:02 - 0000000 ___HD C:\Users\PC\AppData\Local\VirtualStore
2012-01-04 08:16 - 2011-01-12 17:27 - 0000000 __RHD C:\Users\Public\Recorded TV
2012-01-04 08:15 - 2011-11-04 05:20 - 0000000 ___HD C:\Users\All Users\Avira
2012-01-04 08:15 - 2011-11-04 05:20 - 0000000 ___HD C:\ProgramData\Avira
2012-01-04 08:15 - 2011-11-01 21:28 - 0000000 ___HD C:\Users\All Users\CanonBJ
2012-01-04 08:15 - 2011-11-01 21:28 - 0000000 ___HD C:\ProgramData\CanonBJ
2012-01-04 08:15 - 2011-10-21 07:38 - 0000000 ___HD C:\Users\All Users\Apple Computer
2012-01-04 08:15 - 2011-10-21 07:38 - 0000000 ___HD C:\ProgramData\Apple Computer
2012-01-04 08:15 - 2011-10-21 07:37 - 0000000 ___HD C:\Users\All Users\Apple
2012-01-04 08:15 - 2011-10-21 07:37 - 0000000 ___HD C:\ProgramData\Apple
2012-01-04 08:15 - 2011-10-13 07:06 - 0000000 ___HD C:\Users\PC\AppData\Local\Rockstar Games
2012-01-04 08:15 - 2011-10-10 20:45 - 0000000 ___HD C:\Users\All Users\Nokia
2012-01-04 08:15 - 2011-10-10 20:45 - 0000000 ___HD C:\ProgramData\Nokia
2012-01-04 08:15 - 2011-10-10 20:28 - 0000000 ___HD C:\Users\All Users\PC Suite
2012-01-04 08:15 - 2011-10-10 20:28 - 0000000 ___HD C:\ProgramData\PC Suite
2012-01-04 08:15 - 2011-10-10 20:25 - 0000000 ___HD C:\Users\All Users\NokiaInstallerCache
2012-01-04 08:15 - 2011-10-10 20:25 - 0000000 ___HD C:\ProgramData\NokiaInstallerCache
2012-01-04 08:15 - 2011-09-30 01:51 - 0000000 ___HD C:\Users\PC\AppData\Local\Microsoft Games
2012-01-04 08:15 - 2011-09-12 07:24 - 0000000 ___HD C:\Users\PC\AppData\Local\PunkBuster
2012-01-04 08:15 - 2011-09-03 17:12 - 0000000 ___HD C:\Users\All Users\Skype
2012-01-04 08:15 - 2011-09-03 17:12 - 0000000 ___HD C:\ProgramData\Skype
2012-01-04 08:15 - 2011-09-03 16:17 - 0000000 ___HD C:\Users\All Users\Xilisoft
2012-01-04 08:15 - 2011-09-03 16:17 - 0000000 ___HD C:\ProgramData\Xilisoft
2012-01-04 08:15 - 2011-08-28 04:05 - 0000000 ___HD C:\Users\PC\AppData\Local\2K Games
2012-01-04 08:15 - 2011-08-25 16:20 - 0000000 ___HD C:\Users\PC\AppData\Local\Google
2012-01-04 08:15 - 2011-08-23 06:31 - 0000000 ___HD C:\Users\PC\AppData\Local\Sony Corporation
2012-01-04 08:15 - 2011-03-01 17:43 - 0000000 ___HD C:\Users\All Users\ArcSoft
2012-01-04 08:15 - 2011-03-01 17:43 - 0000000 ___HD C:\Users\All Users\Adobe
2012-01-04 08:15 - 2011-03-01 17:43 - 0000000 ___HD C:\ProgramData\ArcSoft
2012-01-04 08:15 - 2011-03-01 17:43 - 0000000 ___HD C:\ProgramData\Adobe
2012-01-04 08:15 - 2011-03-01 17:41 - 0000000 ___HD C:\Users\All Users\Sony Corporation
2012-01-04 08:15 - 2011-03-01 17:41 - 0000000 ___HD C:\ProgramData\Sony Corporation
2012-01-04 08:15 - 2011-03-01 17:35 - 0000000 ___HD C:\Users\All Users\Downloaded Installations
2012-01-04 08:15 - 2011-03-01 17:35 - 0000000 ___HD C:\ProgramData\Downloaded Installations
2012-01-04 08:14 - 2011-08-26 06:17 - 0000000 ___HD C:\ATI
2012-01-04 06:58 - 2012-01-04 06:58 - 0000000 ___HD C:\Users\PC\AppData\Roaming\PC Tools
2012-01-04 06:27 - 2012-01-04 06:24 - 0000448 ___AH C:\Users\All Users\JVGxNOWW0yd40S
2012-01-04 06:27 - 2012-01-04 06:24 - 0000448 ___AH C:\ProgramData\JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0358258 ___AH C:\Users\All Users\JVGxNOWW0yd40S.exe
2012-01-04 06:24 - 2012-01-04 06:24 - 0358258 ___AH C:\ProgramData\JVGxNOWW0yd40S.exe
2012-01-04 06:24 - 2012-01-04 06:24 - 0000653 ___AH C:\Users\PC\Desktop\System Check.lnk
2012-01-04 06:24 - 2012-01-04 06:24 - 0000272 ___AH C:\Users\All Users\~JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0000272 ___AH C:\ProgramData\~JVGxNOWW0yd40S
2012-01-04 06:24 - 2012-01-04 06:24 - 0000160 ___AH C:\Users\All Users\~JVGxNOWW0yd40Sr
2012-01-04 06:24 - 2012-01-04 06:24 - 0000160 ___AH C:\ProgramData\~JVGxNOWW0yd40Sr
2012-01-04 06:23 - 2011-12-28 20:41 - 0002020 ____A C:\Windows\PFRO.log
2012-01-04 06:19 - 2012-01-04 06:22 - 0444274 __ASH C:\Users\All Users\FtJthnNSvuydIr.exe
2012-01-04 06:19 - 2012-01-04 06:22 - 0444274 __ASH C:\ProgramData\FtJthnNSvuydIr.exe
2012-01-04 04:17 - 2009-07-13 21:13 - 0778150 ____A C:\Windows\System32\PerfStringBackup.INI
2012-01-01 23:00 - 2012-01-01 23:00 - 0572588 ___AH C:\Users\PC\Desktop\Trans 1 Malaysia Registration Form.docx
2011-12-28 06:52 - 2011-09-03 17:12 - 0000000 ___RD C:\Program Files (x86)\Skype
2011-12-25 05:09 - 2011-09-24 05:06 - 0412996 ____A C:\test.xml
2011-12-19 07:19 - 2011-12-15 09:10 - 0000000 ___HD C:\Users\PC\Documents\Iphone App
2011-12-15 09:30 - 2011-12-15 09:28 - 17222142 ___AH C:\Users\PC\Desktop\iphone_user_guide.pdf
2011-12-15 08:26 - 2011-12-15 08:25 - 0000000 ____D C:\Program Files\iTunes
2011-12-15 08:26 - 2011-12-15 08:25 - 0000000 ____D C:\Program Files (x86)\iTunes
2011-12-15 08:25 - 2011-12-15 08:25 - 0000000 ____D C:\Program Files\iPod
2011-12-15 08:24 - 2011-12-15 08:24 - 0000000 ____D C:\Program Files\Common Files\Apple
2011-12-15 08:21 - 2009-07-13 21:08 - 0032622 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-12-15 07:53 - 2011-10-21 07:39 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Apple Computer
2011-12-15 04:07 - 2011-12-15 04:07 - 0000000 ___HD C:\Users\All Users\MediaMonkey
2011-12-15 04:07 - 2011-12-15 04:07 - 0000000 ___HD C:\ProgramData\MediaMonkey
2011-12-15 04:07 - 2011-12-15 04:06 - 0000000 ____D C:\Program Files (x86)\MediaMonkey
2011-12-15 04:07 - 2011-10-21 07:17 - 0000000 ___HD C:\Users\PC\AppData\Local\MediaMonkey
2011-12-12 01:45 - 2011-09-03 17:06 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2011-12-12 01:42 - 2011-12-12 01:42 - 0000000 ____A C:\Windows\setuperr.log
2011-12-11 03:50 - 2011-11-04 05:20 - 0130760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avipbb.sys
2011-12-11 00:48 - 2011-12-11 00:44 - 0000000 ___HD C:\Users\PC\AppData\Local\LooksBuilder
2011-12-11 00:43 - 2011-12-11 00:43 - 0000000 ____D C:\Program Files (x86)\Red Giant Link
2011-12-11 00:43 - 2011-12-11 00:43 - 0000000 ____D C:\Program Files (x86)\LooksBuilder
2011-12-11 00:43 - 2011-03-01 17:28 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2011-12-10 15:53 - 2011-12-10 15:53 - 0000000 ___HD C:\Users\PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2011-12-10 15:38 - 2011-08-25 10:51 - 0772430 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2011-12-10 15:11 - 2011-08-27 19:17 - 0000000 ___HD C:\Users\All Users\regid.1986-12.com.adobe
2011-12-10 15:11 - 2011-08-27 19:17 - 0000000 ___HD C:\ProgramData\regid.1986-12.com.adobe
2011-12-10 15:11 - 2011-08-27 19:11 - 0000000 ___HD C:\Users\PC\AppData\Local\Adobe
2011-12-10 15:10 - 2011-08-27 19:16 - 0000000 ____D C:\Program Files\Adobe
2011-12-10 15:10 - 2011-03-01 17:43 - 0000000 ____D C:\Program Files (x86)\Adobe
2011-12-10 15:09 - 2011-08-27 19:16 - 0000000 ____D C:\Program Files\Common Files\Adobe
2011-12-07 19:34 - 2011-08-26 06:07 - 0007602 ___AH C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2011-12-07 19:34 - 2009-07-13 19:20 - 0000000 ____D C:\PerfLogs
2011-11-30 08:46 - 2011-08-25 14:46 - 0000000 ___HD C:\Users\All Users\Ubisoft
2011-11-30 08:46 - 2011-08-25 14:46 - 0000000 ___HD C:\ProgramData\Ubisoft
2011-11-30 08:40 - 2011-11-30 08:40 - 0000000 ____D C:\Program Files (x86)\Ubisoft
2011-11-30 04:52 - 2011-11-30 04:35 - 0001015 ____A C:\Windows\FOE2.ini
2011-11-30 04:40 - 2011-11-30 04:33 - 0000000 ___HD C:\Users\PC\Documents\FIFAOnline2
2011-11-30 04:37 - 2011-11-30 04:30 - 0000000 ___HD C:\Log
2011-11-30 04:31 - 2011-11-30 04:31 - 0000000 ____D C:\Program Files\Common Files\INCA Shared
2011-11-25 04:28 - 2011-11-25 04:28 - 0000000 ____D C:\Program Files (x86)\Winamp Detect
2011-11-25 04:28 - 2011-11-25 04:27 - 0000000 ____D C:\Program Files (x86)\Winamp
2011-11-22 03:43 - 2012-01-06 04:57 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2011-11-22 03:42 - 2012-01-06 04:21 - 0230952 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2011-11-22 03:41 - 2012-01-06 04:57 - 0014776 ____A (PC Tools) C:\Windows\System32\Drivers\pctBTFix64.sys
2011-11-22 03:38 - 2012-01-06 04:57 - 0337048 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2011-11-22 03:38 - 2012-01-06 04:57 - 0141312 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2011-11-22 02:20 - 2012-01-06 07:23 - 0706776 ____S (PC Tools) C:\Windows\System32\Drivers\TfSysMon.sys
2011-11-22 02:20 - 2012-01-06 07:23 - 0065664 ____S (PC Tools) C:\Windows\System32\Drivers\TfFsMon.sys
2011-11-22 02:20 - 2012-01-06 07:23 - 0041968 ____S (PC Tools) C:\Windows\System32\Drivers\TfNetMon.sys
2011-11-14 00:07 - 2012-01-06 04:58 - 2246608 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2011-11-14 00:07 - 2012-01-06 04:58 - 1681360 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2011-11-14 00:07 - 2012-01-06 04:58 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2011-11-14 00:06 - 2012-01-06 04:58 - 0767952 ____A C:\Windows\BDTSupport.dll
2011-11-13 23:12 - 2012-01-06 04:21 - 0367912 ____A (PC Tools) C:\Windows\System32\Drivers\PCTCore64.sys
2011-11-04 05:22 - 2011-11-04 05:22 - 0000000 ___HD C:\Users\PC\AppData\Roaming\Avira
2011-11-04 05:20 - 2011-11-04 05:20 - 0000000 ____D C:\Program Files (x86)\Avira
2011-11-02 04:11 - 2011-09-07 21:03 - 0000600 ___AH C:\Users\PC\PUTTY.RND
2011-11-01 06:05 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\ModemLogs
2011-11-01 06:01 - 2011-11-01 06:01 - 0000000 ____D C:\Windows\SysWOW64\SupportAppXL
2011-10-29 05:45 - 2011-09-16 04:22 - 0215128 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2011-10-29 05:45 - 2011-09-16 04:22 - 0215128 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2011-10-28 23:03 - 2011-10-28 23:03 - 0012222 ____A C:\WirelessDiagLog.csv
2011-10-21 07:39 - 2011-10-21 07:39 - 0000000 ___HD C:\Users\PC\AppData\Local\Apple Computer
2011-10-21 07:39 - 2011-10-21 07:38 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-10-21 07:39 - 2011-10-21 07:38 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-10-21 07:37 - 2011-10-21 07:37 - 0000000 ___HD C:\Users\PC\AppData\Local\Apple
2011-10-21 07:37 - 2011-10-21 07:37 - 0000000 ____D C:\Program Files\Bonjour
2011-10-21 07:37 - 2011-10-21 07:37 - 0000000 ____D C:\Program Files (x86)\Bonjour
2011-10-21 07:37 - 2011-10-21 07:37 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2011-10-19 23:27 - 2011-10-18 22:18 - 0000000 ___HD C:\Users\PC\Documents\NFS Undercover
2011-10-19 03:17 - 2011-10-19 03:17 - 0000000 __RHD C:\Users\PC\Documents\Scanned Documents
2011-10-19 00:56 - 2011-11-04 05:20 - 0097312 ____A (Avira GmbH) C:\Windows\System32\Drivers\avgntflt.sys
2011-10-19 00:56 - 2011-11-04 05:20 - 0027760 ____A (Avira GmbH) C:\Windows\System32\Drivers\avkmgr.sys
2011-10-18 22:14 - 2011-10-18 22:14 - 0000000 ___HD C:\Users\All Users\ATI
2011-10-18 22:14 - 2011-10-18 22:14 - 0000000 ___HD C:\ProgramData\ATI
2011-10-18 22:14 - 2011-10-18 22:14 - 0000000 ____D C:\Program Files (x86)\AMD APP
2011-10-18 22:14 - 2011-08-26 06:18 - 0000000 ____D C:\Program Files\ATI Technologies
2011-10-17 05:22 - 2011-08-25 10:20 - 0000000 ____D C:\Program Files\CCleaner
2011-10-17 05:22 - 2010-09-06 11:32 - 0000000 ____D C:\Windows\Panther
2011-10-17 05:12 - 2011-10-17 05:12 - 0000000 ____D C:\Windows\System32\Macromed
2011-10-17 04:51 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-10-17 04:47 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2011-10-17 04:14 - 2010-09-06 11:16 - 0000000 ____D C:\Windows\SysWOW64\vi-VN
2011-10-17 04:14 - 2010-09-06 11:16 - 0000000 ____D C:\Windows\System32\vi-VN
2011-10-17 04:14 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-10-17 04:13 - 2011-10-17 04:13 - 9704960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2011-10-17 04:13 - 2011-10-17 04:13 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2011-10-17 04:13 - 2011-10-17 04:13 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-10-17 04:13 - 2011-10-17 04:13 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-10-17 04:13 - 2011-10-17 04:13 - 2309120 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 2143744 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1798144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1791488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 17781760 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1492992 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2011-10-17 04:13 - 2011-10-17 04:13 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2011-10-17 04:13 - 2011-10-17 04:13 - 1389056 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1344512 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 12275200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1126912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 1102848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 10886144 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0818176 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-10-17 04:13 - 2011-10-17 04:13 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2011-10-17 04:13 - 2011-10-17 04:13 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2011-10-17 04:13 - 2011-10-17 04:13 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2011-10-17 04:13 - 2011-10-17 04:13 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2011-10-17 04:13 - 2011-10-17 04:13 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2011-10-17 04:13 - 2011-10-17 04:13 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2011-10-17 04:13 - 2011-10-17 04:13 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2011-10-17 04:13 - 2011-10-17 04:13 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-10-17 04:07 - 2011-10-17 04:07 - 1863680 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1540608 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1495040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1133568 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2011-10-17 04:07 - 2011-10-17 04:07 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0662528 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0470016 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0283648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2011-10-17 04:07 - 2011-10-17 04:07 - 0229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2011-10-17 04:07 - 2011-10-17 04:07 - 0135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2011-10-17 04:03 - 2011-10-17 04:03 - 0000032 ____A C:\Windows\SysWOW64\setup.log
2011-10-17 04:03 - 2011-10-17 04:03 - 0000000 ____D C:\Program Files (x86)\Atheros WiFi Driver Installation
2011-10-17 04:01 - 2011-10-17 04:01 - 0000000 ___HD C:\Users\All Users\Atheros
2011-10-17 04:01 - 2011-10-17 04:01 - 0000000 ___HD C:\ProgramData\Atheros
2011-10-17 02:54 - 2011-10-17 02:54 - 0000000 ___HD C:\Users\PC\Documents\KONAMI
2011-10-14 20:20 - 2011-10-13 15:23 - 0000000 ___HD C:\Users\PC\Documents\Rockstar Games
2011-10-13 07:06 - 2011-10-13 07:06 - 0000000 __SHD C:\Users\All Users\SecuROM
2011-10-13 07:06 - 2011-10-13 07:06 - 0000000 __SHD C:\ProgramData\SecuROM
2011-10-13 07:04 - 2011-10-13 07:03 - 0000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2011-10-13 07:03 - 2011-10-13 07:03 - 0000000 ____D C:\Windows\SysWOW64\xlive
2011-10-13 05:23 - 2011-10-13 05:23 - 0000000 ___HD C:\Users\PC\Documents\Command & Conquer 3 Tiberium Wars
2011-10-12 04:05 - 2011-10-10 04:57 - 0000000 ___HD C:\Users\PC\AppData\Local\dxhr
2011-10-10 20:50 - 2011-10-10 20:50 - 0000000 ___HD C:\Users\PC\Documents\Ovi
2011-10-10 20:44 - 2011-10-10 20:44 - 0000000 ___HD C:\Users\PC\AppData\Local\NokiaAccount
2011-10-10 20:44 - 2011-10-10 20:28 - 0000000 ___HD C:\Users\PC\AppData\Roaming\PC Suite
2011-10-10 20:42 - 2011-10-10 20:42 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2011-10-10 20:42 - 2011-10-10 20:42 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2011-10-10 20:28 - 2011-10-10 20:28 - 0000000 ___HD C:\Users\PC\AppData\Local\Nokia
2011-10-10 20:27 - 2011-10-10 20:27 - 0000000 ____D C:\Program Files\DIFX
2011-10-10 20:27 - 2011-10-10 20:27 - 0000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2011-10-10 20:27 - 2011-10-10 20:25 - 0000000 ____D C:\Program Files (x86)\Nokia
2011-10-10 04:56 - 2011-10-10 04:56 - 0000000 ___HD C:\Users\PC\AppData\Local\28050

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 17%
Total physical RAM: 4007.2 MB
Available physical RAM: 3305.55 MB
Total Pagefile: 4005.35 MB
Available Pagefile: 3294.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:228.41 GB) (Free:146.81 GB) NTFS
2 Drive d: (Local Disk ) (Fixed) (Total:225.75 GB) (Free:137.53 GB) NTFS
3 Drive f: (Recovery) (Fixed) (Total:11.5 GB) (Free:1.13 GB) NTFS
5 Drive h: (HAVOCSNIPER) (Removable) (Total:15.1 GB) (Free:10.45 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 1024 KB
Disk 1 Online 15 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 11 GB 1024 KB
Partition 2 Primary 100 MB 11 GB
Partition 3 Primary 228 GB 11 GB
Partition 0 Extended 225 GB 240 GB
Partition 4 Logical 225 GB 240 GB

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F Recovery NTFS Partition 11 GB Healthy Hidden

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 228 GB Healthy

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Local Disk NTFS Partition 225 GB Healthy

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 15 GB 16 KB

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H HAVOCSNIPER FAT32 Removable 15 GB Healthy

==========================================================

Last Boot: 2012-01-06 06:28

======================= End Of Log ==========================

Edited by hamluis, 07 January 2012 - 02:48 PM.
Moved from Am I Infected to Malware Removal Logs.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 13 January 2012 - 08:15 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/436748 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:35 AM

Posted 18 January 2012 - 08:15 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users