Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: C0000135 The program can't start because %hs is missing. Try resintalling the program


  • This topic is locked This topic is locked
3 replies to this topic

#1 OMGage

OMGage

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:37 PM

Posted 03 March 2012 - 03:51 PM

Hi, I'm new here and excited to see if I can receive any help.

So my friends computer was working just fine until last night. We moved the computer and then got the error log every time we start it up. From what I've been reading our problem could be exactly this guys problem

http://www.bleepingcomputer.com/forums/topic444580.html

We've done the regedit method to see if anything was wrong or different, but nothing was. So I can assume it's that consrv.dll file thing that's the issue. from what I've read in that post, we need a log thing, so I've already gone ahead and used the repair program and got the dds log

Scan result of Farbar Recovery Scan Tool Version: 29-02-2012 01
Ran by SYSTEM at 03-03-2012 12:48:33
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized [104008 2010-11-16] (Logitech Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe" [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2093064 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE [4195848 2009-08-13] (Logitech Inc.)
HKLM-x32\...\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback\Razer\Diamondback\razerhid.exe [226816 2009-10-09] ()
HKLM-x32\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [3744552 2011-11-28] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [x]
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe" [238592 2010-04-13] (Razer USA Ltd.)
HKLM-x32\...\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\NagaTray.exe [810880 2010-05-11] (Razer USA Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47904 2010-12-14] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-10-09] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [460872 2011-12-24] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Razer Anansi Driver] C:\Program Files (x86)\Razer\Anansi\RazerAnansiSysTray.exe [939416 2011-10-17] (Razer USA Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [1987976 2012-02-28] (LogMeIn Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [934240 2012-02-06] (Spigot, Inc.)
HKU\Moochero\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1242448 2011-08-01] (Valve Corporation)
HKU\Moochero\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [15147400 2011-05-26] (Skype Technologies S.A.)
HKU\Moochero\...\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US [4321112 2011-05-03] (AOL Inc.)
HKU\Moochero\...\Run: [PlayNC Launcher] [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
SubSystems: [Windows] ==> ZeroAccess

==================== Services (Whitelisted) ======

2 Application Updater; "C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe" [748440 2012-02-06] (Spigot, Inc.)
2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [44768 2011-11-28] (AVAST Software)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
3 Creative Media Toolbox 6 Licensing Service; "C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe" [79360 2010-11-30] (Creative Labs)
2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd)
2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2343816 2012-02-28] (LogMeIn Inc.)
2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-02-20] (Hi-Rez Studios)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [652872 2011-12-24] (Malwarebytes Corporation)
2 RalinkRegistryWriter; "C:\Program Files (x86)\TRENDnet\Common\RaRegistry.exe" [374112 2010-11-11] (Ralink Technology, Corp.)
2 RalinkRegistryWriter64; "C:\Program Files (x86)\TRENDnet\Common\RaRegistry64.exe" [451936 2010-11-11] (Ralink Technology, Corp.)
3 RaMediaServer; C:\Program Files (x86)\TRENDnet\Common\RaMediaServer.exe [619872 2010-12-31] ()
3 aspnet_state; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [x]
2 AudioSrv32; C:\Windows\system32\spbcd32.exe [x]
2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [x]

========================== Drivers (Whitelisted) =============

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-11-28] (AVAST Software)
2 aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [66904 2011-11-28] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [591192 2011-11-28] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [304472 2011-11-28] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58712 2011-11-28] (AVAST Software)
3 bulkadi; C:\Windows\System32\DRIVERS\bulkrazer_x64.sys [25088 2011-02-09] (Windows ® Codename Longhorn DDK provider)
3 CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [230488 2010-07-07] (Creative Technology Ltd.)
3 ha20x22k; C:\Windows\System32\drivers\ha20x22k.sys [1612888 2010-07-07] (Creative Technology Ltd)
3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [22408 2009-07-14] (Logitech Inc.)
3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [16008 2009-11-23] (Logitech Inc.)
3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [20352 2009-09-30] (Razer USA Ltd.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)
3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [1597504 2011-03-23] (Ralink Technology Corp.)
3 Razerlow; C:\Windows\System32\drivers\Razerlow.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [166400 2011-10-11] (Razer USA Ltd)
0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows ® Server 2003 DDK provider)
3 WRfiltv; C:\Windows\System32\drivers\WRfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
3 dump_wmimmc; \??\C:\Program Files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
3 npggsvc; C:\Windows\system32\GameMon.des -service [x]
3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
3 X6va005; \??\C:\Users\Moochero\AppData\Local\Temp\0057476.tmp [x]

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-03-03 12:48 - 2012-03-03 12:48 - 0000000 ____D C:\FRST
2012-03-01 00:00 - 2012-03-01 00:00 - 0000000 ____D C:\Program Files (x86)\YouTube Downloader Toolbar
2012-03-01 00:00 - 2012-03-01 00:00 - 0000000 ____D C:\Program Files (x86)\Application Updater
2012-02-29 17:20 - 2012-02-29 17:24 - 0000000 ____D C:\Users\Moochero\Desktop\Alive
2012-02-29 16:41 - 2012-02-29 16:41 - 0000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2012-02-28 16:51 - 2012-02-28 16:52 - 0000000 ____D C:\Users\Moochero\Desktop\bbbbbig bang
2012-02-28 16:10 - 2012-02-28 16:55 - 0000000 ____D C:\Users\Moochero\Desktop\Folder
2012-02-28 15:51 - 2012-02-28 15:52 - 0000000 ____D C:\Users\Moochero\Desktop\optee ui
2012-02-28 15:30 - 2012-02-28 16:02 - 0000000 ____D C:\Users\Moochero\Desktop\current UI
2012-02-28 01:32 - 2012-02-28 03:21 - 0000000 ____D C:\Users\Moochero\Desktop\In Time (2012)
2012-02-24 20:15 - 2012-02-17 15:23 - 366923788 ____A C:\Users\Moochero\Desktop\Top.Chef.S09E15.HDTV.XviD-2HD.avi
2012-02-24 19:07 - 2012-02-24 19:07 - 9823205 ____A (Macrovision Corporation) C:\Users\Moochero\Desktop\WPN111_SW_v3.0_setup.exe
2012-02-24 18:40 - 2012-02-24 18:41 - 0000000 ____D C:\Users\Moochero\Documents\PS Vita
2012-02-24 18:40 - 2012-02-24 18:40 - 0002150 ____A C:\Users\All Users\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
2012-02-24 18:40 - 2012-02-24 18:40 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Sony Corporation
2012-02-24 18:40 - 2012-02-24 18:40 - 0000000 ____D C:\Program Files (x86)\Sony
2012-02-24 18:37 - 2012-02-24 18:37 - 6262445 ____A C:\Users\Moochero\Desktop\WUSB54GC_20051228_dr.exe
2012-02-21 18:14 - 2012-02-21 18:14 - 0000261 ____A C:\Users\Moochero\Desktop\demo.txt
2012-02-14 11:57 - 2012-01-13 20:06 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-14 11:57 - 2012-01-04 02:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-02-14 11:57 - 2012-01-04 02:44 - 0509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-02-14 11:57 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-02-14 11:57 - 2012-01-04 00:58 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-02-14 11:57 - 2011-12-29 22:26 - 0515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-02-14 11:57 - 2011-12-29 21:27 - 0478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-02-14 11:57 - 2011-12-27 19:59 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-02-14 11:57 - 2011-12-16 00:46 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-02-14 11:57 - 2011-12-15 23:52 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-02-14 11:56 - 2011-12-16 00:47 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-14 11:56 - 2011-12-16 00:47 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-14 11:56 - 2011-12-16 00:47 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-14 11:56 - 2011-12-16 00:45 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-14 11:56 - 2011-12-15 23:54 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-14 11:56 - 2011-12-15 23:54 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-14 11:56 - 2011-12-15 23:54 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-14 11:56 - 2011-12-15 23:52 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-14 11:56 - 2011-12-15 22:44 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-14 11:56 - 2011-12-15 22:09 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-10 14:19 - 2012-02-11 17:08 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\EnMasse
2012-02-10 13:51 - 2012-02-10 13:52 - 0000000 ____D C:\Users\All Users\TERA
2012-02-10 13:51 - 2012-02-10 13:52 - 0000000 ____D C:\ProgramData\TERA
2012-02-10 13:51 - 2012-02-10 13:51 - 0000842 ____A C:\Users\Public\Desktop\TERA Launcher.lnk
2012-02-10 13:51 - 2012-02-10 13:51 - 0000000 ____D C:\Users\Public\Games
2012-02-07 16:03 - 2012-02-07 16:11 - 0000000 ____D C:\Users\Moochero\Desktop\simc-432-1
2012-02-07 15:46 - 2012-02-21 15:27 - 0000003 ____A C:\Windows\System32\HRUPPROG.TXT
2012-02-07 15:46 - 2012-02-07 15:46 - 0000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW
2012-02-04 22:34 - 2012-02-04 22:34 - 0004032 ____A C:\Users\Moochero\.recently-used.xbel
2012-02-04 18:22 - 2012-02-21 15:27 - 0000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2012-02-04 18:22 - 2012-02-04 22:18 - 0000000 ____D C:\Users\All Users\Hi-Rez Studios
2012-02-04 18:22 - 2012-02-04 22:18 - 0000000 ____D C:\ProgramData\Hi-Rez Studios
2012-02-04 18:22 - 2012-02-04 18:22 - 0002033 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2012-02-04 18:22 - 2012-02-04 18:22 - 0002024 ____A C:\Users\Public\Desktop\Tribes Ascend Closed Beta.lnk
2012-02-04 18:03 - 2011-03-28 11:51 - 4323256 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2012-02-04 18:02 - 2012-02-04 18:02 - 0000000 ____D C:\Program Files\Common Files\INCA Shared
2012-02-04 18:02 - 2005-01-02 13:43 - 0004682 ____A (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2012-02-04 18:02 - 2003-07-18 22:17 - 0005174 ____A C:\Windows\SysWOW64\nppt9x.vxd
2012-02-04 14:37 - 2012-02-04 14:37 - 0002134 ____A C:\Users\Moochero\Desktop\Lineage II.lnk
2012-02-04 14:35 - 2012-02-04 14:37 - 0000000 ____D C:\Program Files (x86)\NCSoft
2012-02-04 14:35 - 2012-02-04 14:35 - 0002028 ____A C:\Users\Public\Desktop\NCsoft Launcher.lnk

============ 3 Months Modified Files and Folders =============

2012-03-03 12:48 - 2012-03-03 12:48 - 0000000 ____D C:\FRST
2012-03-03 12:33 - 2010-11-30 16:12 - 0063336 ____A C:\Windows\System32\BMXStateBkp-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
2012-03-03 12:33 - 2010-11-30 16:12 - 0063336 ____A C:\Windows\System32\BMXState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
2012-03-03 12:33 - 2010-11-30 16:12 - 0000820 ____A C:\Windows\System32\DVCState-{00000007-00000000-00000000-00001102-0000000B-00431102}.rfx
2012-03-03 12:33 - 2010-10-26 00:42 - 2140446720 __ASH C:\hiberfil.sys
2012-03-03 11:46 - 2011-12-17 12:29 - 0657074 ____A C:\Windows\ntbtlog.txt
2012-03-03 00:56 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-03-03 00:55 - 2012-01-11 02:25 - 0000000 ____D C:\users\UpdatusUser
2012-03-03 00:55 - 2010-10-26 00:49 - 0000000 ____D C:\users\Moochero
2012-03-03 00:54 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-03-02 20:25 - 2010-10-26 00:44 - 1706740 ____A C:\Windows\WindowsUpdate.log
2012-03-02 20:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At42.job
2012-03-02 20:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At41.job
2012-03-02 19:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At40.job
2012-03-02 19:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At39.job
2012-03-02 18:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At38.job
2012-03-02 18:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At37.job
2012-03-02 17:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At36.job
2012-03-02 17:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At35.job
2012-03-02 16:22 - 2009-07-13 20:51 - 3194457 ____A C:\Windows\setupact.log
2012-03-02 16:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At34.job
2012-03-02 16:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At33.job
2012-03-02 15:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At32.job
2012-03-02 15:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At31.job
2012-03-02 14:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At30.job
2012-03-02 14:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At29.job
2012-03-02 13:54 - 2010-11-21 16:11 - 0000000 ____D C:\Program Files (x86)\World of Warcraft
2012-03-02 13:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At28.job
2012-03-02 13:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At27.job
2012-03-02 12:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At26.job
2012-03-02 12:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At25.job
2012-03-02 11:53 - 2011-07-27 18:25 - 0000000 ____D C:\Users\Moochero\AppData\Local\PMB Files
2012-03-02 11:53 - 2011-07-27 18:25 - 0000000 ____D C:\Users\All Users\PMB Files
2012-03-02 11:53 - 2011-07-27 18:25 - 0000000 ____D C:\ProgramData\PMB Files
2012-03-02 11:53 - 2010-11-12 18:01 - 0000000 ____D C:\Program Files (x86)\Steam
2012-03-02 11:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At24.job
2012-03-02 11:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At23.job
2012-03-02 10:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At22.job
2012-03-02 10:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At21.job
2012-03-02 09:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At20.job
2012-03-02 09:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At19.job
2012-03-02 08:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At18.job
2012-03-02 08:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At17.job
2012-03-02 07:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At16.job
2012-03-02 07:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At15.job
2012-03-02 06:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At14.job
2012-03-02 06:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At13.job
2012-03-02 05:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At12.job
2012-03-02 05:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At11.job
2012-03-02 04:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At10.job
2012-03-02 04:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At9.job
2012-03-02 03:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At8.job
2012-03-02 03:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At7.job
2012-03-02 02:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At6.job
2012-03-02 02:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At5.job
2012-03-02 01:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At4.job
2012-03-02 01:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At3.job
2012-03-02 00:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At2.job
2012-03-02 00:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At1.job
2012-03-01 23:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At48.job
2012-03-01 23:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At47.job
2012-03-01 22:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At46.job
2012-03-01 22:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At45.job
2012-03-01 21:16 - 2011-12-24 08:42 - 0000352 ____A C:\Windows\Tasks\At44.job
2012-03-01 21:16 - 2011-12-24 08:42 - 0000350 ____A C:\Windows\Tasks\At43.job
2012-03-01 15:49 - 2009-07-13 20:45 - 0015040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-01 15:49 - 2009-07-13 20:45 - 0015040 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-01 00:02 - 2011-11-01 23:00 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Mumble
2012-03-01 00:00 - 2012-03-01 00:00 - 0000000 ____D C:\Program Files (x86)\YouTube Downloader Toolbar
2012-03-01 00:00 - 2012-03-01 00:00 - 0000000 ____D C:\Program Files (x86)\Application Updater
2012-03-01 00:00 - 2010-10-26 00:49 - 0000000 ____D C:\Users\Moochero\AppData\LocalLow
2012-02-29 17:24 - 2012-02-29 17:20 - 0000000 ____D C:\Users\Moochero\Desktop\Alive
2012-02-29 16:41 - 2012-02-29 16:41 - 0000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2012-02-29 16:40 - 2011-01-04 12:01 - 0000000 ____D C:\Users\Moochero\AppData\Local\LogMeIn Hamachi
2012-02-29 16:39 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-02-29 16:36 - 2010-11-12 17:25 - 0000000 ____D C:\Users\All Users\NVIDIA
2012-02-29 16:36 - 2010-11-12 17:25 - 0000000 ____D C:\ProgramData\NVIDIA
2012-02-29 02:48 - 2010-12-08 20:23 - 0000000 ____D C:\Users\Moochero\AppData\Local\Deployment
2012-02-28 23:52 - 2011-06-07 03:54 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Skype
2012-02-28 16:55 - 2012-02-28 16:10 - 0000000 ____D C:\Users\Moochero\Desktop\Folder
2012-02-28 16:54 - 2009-07-13 21:13 - 0739918 ____A C:\Windows\System32\PerfStringBackup.INI
2012-02-28 16:52 - 2012-02-28 16:51 - 0000000 ____D C:\Users\Moochero\Desktop\bbbbbig bang
2012-02-28 16:02 - 2012-02-28 15:30 - 0000000 ____D C:\Users\Moochero\Desktop\current UI
2012-02-28 15:52 - 2012-02-28 15:51 - 0000000 ____D C:\Users\Moochero\Desktop\optee ui
2012-02-28 03:21 - 2012-02-28 01:32 - 0000000 ____D C:\Users\Moochero\Desktop\In Time (2012)
2012-02-24 19:07 - 2012-02-24 19:07 - 9823205 ____A (Macrovision Corporation) C:\Users\Moochero\Desktop\WPN111_SW_v3.0_setup.exe
2012-02-24 18:41 - 2012-02-24 18:40 - 0000000 ____D C:\Users\Moochero\Documents\PS Vita
2012-02-24 18:40 - 2012-02-24 18:40 - 0002150 ____A C:\Users\All Users\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
2012-02-24 18:40 - 2012-02-24 18:40 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Sony Corporation
2012-02-24 18:40 - 2012-02-24 18:40 - 0000000 ____D C:\Program Files (x86)\Sony
2012-02-24 18:37 - 2012-02-24 18:37 - 6262445 ____A C:\Users\Moochero\Desktop\WUSB54GC_20051228_dr.exe
2012-02-24 16:08 - 2011-06-08 19:36 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\skypePM
2012-02-23 16:57 - 2011-06-08 19:36 - 0000000 ____D C:\Users\All Users\Skype Extras
2012-02-23 16:57 - 2011-06-08 19:36 - 0000000 ____D C:\ProgramData\Skype Extras
2012-02-21 18:14 - 2012-02-21 18:14 - 0000261 ____A C:\Users\Moochero\Desktop\demo.txt
2012-02-21 15:27 - 2012-02-07 15:46 - 0000003 ____A C:\Windows\System32\HRUPPROG.TXT
2012-02-21 15:27 - 2012-02-04 18:22 - 0000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2012-02-17 15:23 - 2012-02-24 20:15 - 366923788 ____A C:\Users\Moochero\Desktop\Top.Chef.S09E15.HDTV.XviD-2HD.avi
2012-02-15 03:12 - 2010-10-26 00:50 - 0000174 ___SH C:\Users\Moochero\Start Menu\Programs\Startup\desktop.ini
2012-02-15 03:12 - 2010-10-26 00:50 - 0000174 ___SH C:\Users\Moochero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-15 03:09 - 2010-11-13 23:47 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-15 03:09 - 2009-07-13 20:45 - 0335008 ____A C:\Windows\System32\FNTCACHE.DAT
2012-02-15 03:00 - 2012-01-26 12:12 - 54585368 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-02-11 17:08 - 2012-02-10 14:19 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\EnMasse
2012-02-10 13:52 - 2012-02-10 13:51 - 0000000 ____D C:\Users\All Users\TERA
2012-02-10 13:52 - 2012-02-10 13:51 - 0000000 ____D C:\ProgramData\TERA
2012-02-10 13:52 - 2010-11-12 18:25 - 0706105 ____A C:\Windows\DirectX.log
2012-02-10 13:51 - 2012-02-10 13:51 - 0000842 ____A C:\Users\Public\Desktop\TERA Launcher.lnk
2012-02-10 13:51 - 2012-02-10 13:51 - 0000000 ____D C:\Users\Public\Games
2012-02-10 13:51 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Public
2012-02-10 13:50 - 2011-09-02 13:31 - 0000000 ____D C:\Users\Moochero\Desktop\paynusPRIME
2012-02-07 16:11 - 2012-02-07 16:03 - 0000000 ____D C:\Users\Moochero\Desktop\simc-432-1
2012-02-07 15:46 - 2012-02-07 15:46 - 0000003 ____A C:\Windows\System32\HRUPPROG.DIE.NOW
2012-02-04 22:34 - 2012-02-04 22:34 - 0004032 ____A C:\Users\Moochero\.recently-used.xbel
2012-02-04 22:34 - 2011-10-29 23:56 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\gtk-2.0
2012-02-04 22:34 - 2011-10-29 23:55 - 0000000 ____D C:\Users\Moochero\.gimp-2.6
2012-02-04 22:18 - 2012-02-04 18:22 - 0000000 ____D C:\Users\All Users\Hi-Rez Studios
2012-02-04 22:18 - 2012-02-04 18:22 - 0000000 ____D C:\ProgramData\Hi-Rez Studios
2012-02-04 22:18 - 2010-11-12 20:51 - 0000000 ____D C:\Users\Moochero\Documents\My Games
2012-02-04 18:22 - 2012-02-04 18:22 - 0002033 ____A C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2012-02-04 18:22 - 2012-02-04 18:22 - 0002024 ____A C:\Users\Public\Desktop\Tribes Ascend Closed Beta.lnk
2012-02-04 18:22 - 2010-11-12 17:45 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-02-04 18:02 - 2012-02-04 18:02 - 0000000 ____D C:\Program Files\Common Files\INCA Shared
2012-02-04 14:37 - 2012-02-04 14:37 - 0002134 ____A C:\Users\Moochero\Desktop\Lineage II.lnk
2012-02-04 14:37 - 2012-02-04 14:35 - 0000000 ____D C:\Program Files (x86)\NCSoft
2012-02-04 14:35 - 2012-02-04 14:35 - 0002028 ____A C:\Users\Public\Desktop\NCsoft Launcher.lnk
2012-01-29 15:26 - 2012-01-29 15:26 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\RenPy
2012-01-29 15:14 - 2012-01-29 15:14 - 0001107 ____A C:\Users\Moochero\Desktop\Katawa Shoujo.lnk
2012-01-29 15:14 - 2012-01-29 15:13 - 0000000 ____D C:\Program Files (x86)\Katawa Shoujo
2012-01-29 15:14 - 2011-04-05 18:51 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\uTorrent
2012-01-29 15:09 - 2012-01-29 15:05 - 441375029 ____A C:\Users\Moochero\Downloads\[4ls]_katawa_shoujo_[windows][C3798628].exe
2012-01-29 15:05 - 2012-01-01 20:39 - 0000000 ____D C:\Users\Moochero\Downloads\Vampire Diaries Season 3 Episode 3 - The End of the Affair
2012-01-29 15:05 - 2012-01-01 20:39 - 0000000 ____D C:\Users\Moochero\Downloads\Vampire Diaries Season 3 Episode 2 - The Hybrid
2012-01-29 15:05 - 2012-01-01 20:39 - 0000000 ____D C:\Users\Moochero\Downloads\The Vampire Diaries S03E04
2012-01-29 03:04 - 2010-11-12 17:27 - 0023026 ____A C:\Windows\PFRO.log
2012-01-28 11:21 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2012-01-26 12:16 - 2009-07-13 23:45 - 0000000 ____D C:\Program Files\Windows Journal
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Portable Devices
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Defender
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\DVD Maker
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-01-26 12:16 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\sppui
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Setup
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\oobe
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\manifeststore
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\es-ES
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\da-DK
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\cs-CZ
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sppui
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Setup
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\oobe
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\manifeststore
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\es-ES
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\da-DK
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\cs-CZ
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\AdvancedInstallers
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\servicing
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-01-26 12:16 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2012-01-26 12:15 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\migwiz
2012-01-26 12:15 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Dism
2012-01-26 12:14 - 2012-01-26 12:13 - 0002400 ____A C:\Windows\IE9_main.log
2012-01-26 12:12 - 2010-12-02 17:03 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2012-01-26 12:10 - 2009-07-13 18:36 - 0175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2012-01-26 12:10 - 2009-07-13 18:36 - 0152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2012-01-26 12:03 - 2012-01-26 12:03 - 0000000 ____D C:\Windows\System32\SPReview
2012-01-26 12:02 - 2012-01-26 12:02 - 0000000 ____D C:\Windows\System32\EventProviders
2012-01-17 15:04 - 2012-01-17 13:43 - 0000000 ____D C:\Users\Moochero\Documents\DragonNest
2012-01-17 13:43 - 2012-01-17 13:43 - 0000000 ____D C:\Users\All Users\Nexon
2012-01-17 13:43 - 2012-01-17 13:43 - 0000000 ____D C:\ProgramData\Nexon
2012-01-17 13:39 - 2012-01-17 13:39 - 0000175 ____A C:\Users\Public\Desktop\DragonNest.url
2012-01-17 13:37 - 2012-01-17 13:12 - 2156928925 ____A (Nexon) C:\Users\Moochero\Desktop\DragonNestSetupV73.exe
2012-01-17 13:37 - 2011-07-27 18:44 - 0000000 ____D C:\Nexon
2012-01-16 13:13 - 2012-01-16 13:13 - 0000913 ____A C:\Users\Moochero\Desktop\Ventrilo.lnk
2012-01-16 13:13 - 2012-01-16 13:13 - 0000262 ____A C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2012-01-16 13:13 - 2012-01-16 13:13 - 0000000 ____D C:\Program Files\Ventrilo
2012-01-14 21:37 - 2012-01-14 21:37 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-01-14 21:37 - 2010-12-13 01:35 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Apple Computer
2012-01-13 20:06 - 2012-02-14 11:57 - 3145728 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-01-11 02:25 - 2012-01-11 02:25 - 0000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\Templates
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\Start Menu
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\PrintHood
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\NetHood
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\My Documents
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Videos
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Pictures
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\Documents\My Music
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 __SHD C:\Users\UpdatusUser\AppData\Local\History
2012-01-11 02:25 - 2012-01-11 02:25 - 0000000 ____D C:\Users\UpdatusUser\AppData\LocalLow
2012-01-11 02:25 - 2011-09-30 14:46 - 0000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2012-01-11 02:25 - 2010-11-12 17:24 - 0000000 ____D C:\Program Files\NVIDIA Corporation
2012-01-10 15:13 - 2012-01-10 15:13 - 0000000 ____D C:\Users\Moochero\AppData\Local\.inapptracking
2012-01-08 17:09 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-01-04 02:44 - 2012-02-14 11:57 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-01-04 02:44 - 2012-02-14 11:57 - 0509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-01-04 00:59 - 2012-02-14 11:57 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-01-04 00:58 - 2012-02-14 11:57 - 0442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-01-03 04:25 - 2012-01-03 04:21 - 367634084 ____A C:\Users\Moochero\Downloads\The Vampire Diaries S03E05 the reckoning.avi
2012-01-03 03:07 - 2011-10-01 21:35 - 0000000 ____D C:\Users\Moochero\riotsGamesLogs
2012-01-01 20:43 - 2012-01-01 20:39 - 0000000 ____D C:\Users\Moochero\Downloads\Vampire Diaries Season 3 Episode 1 - The Birthday
2011-12-31 12:20 - 2010-11-30 16:04 - 0466456 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2011-12-31 12:20 - 2010-11-30 16:04 - 0444952 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2011-12-31 12:20 - 2010-11-30 16:04 - 0122904 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2011-12-31 12:20 - 2010-11-30 16:04 - 0109080 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2011-12-31 11:19 - 2011-12-31 11:19 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Broken Rules
2011-12-31 11:13 - 2011-12-31 11:03 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\AtomZombieData
2011-12-31 09:16 - 2011-12-09 15:00 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-31 09:14 - 2011-12-31 09:14 - 0001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2011-12-30 02:45 - 2010-11-12 18:22 - 0000000 ___HD C:\Windows\msdownld.tmp
2011-12-30 02:45 - 2010-11-12 18:22 - 0000000 ____D C:\Windows\SysWOW64\directx
2011-12-30 02:34 - 2011-12-30 02:34 - 0000000 ____D C:\Perfect World Entertainment
2011-12-30 02:34 - 2011-12-30 02:34 - 0000000 ____D C:\Down
2011-12-30 02:32 - 2009-07-13 21:08 - 0032598 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-12-29 22:26 - 2012-02-14 11:57 - 0515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2011-12-29 21:27 - 2012-02-14 11:57 - 0478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2011-12-27 19:59 - 2012-02-14 11:57 - 0498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2011-12-26 17:49 - 2011-12-26 17:49 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Beat Hazard
2011-12-25 16:55 - 2010-11-12 17:30 - 0075704 ____A C:\Users\Moochero\AppData\Local\GDIPFONTCACHEV1.DAT
2011-12-25 15:40 - 2011-12-25 15:40 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_RzSynapse_01009.Wdf
2011-12-25 15:40 - 2010-11-12 18:58 - 0040682 ____A C:\Windows\DPINST.LOG
2011-12-25 15:40 - 2010-11-12 18:58 - 0000000 ____D C:\Program Files (x86)\Razer
2011-12-24 08:42 - 2011-12-24 08:42 - 0000000 ____A C:\Users\All Users\530A5o.dat
2011-12-24 08:42 - 2011-12-24 08:42 - 0000000 ____A C:\ProgramData\530A5o.dat
2011-12-18 12:48 - 2011-12-18 12:48 - 0000000 ____D C:\Windows\system64
2011-12-18 12:48 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\sysprep
2011-12-16 22:07 - 2011-12-15 12:53 - 0002029 ____A C:\Users\Moochero\Desktop\Spotify.lnk
2011-12-16 03:03 - 2010-12-02 17:03 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-12-16 03:03 - 2010-12-02 17:03 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-12-16 00:47 - 2012-02-14 11:56 - 1494016 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-12-16 00:47 - 2012-02-14 11:56 - 1188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-12-16 00:47 - 2012-02-14 11:56 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2011-12-16 00:46 - 2012-02-14 11:57 - 0634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 9019904 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 2454528 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 12263936 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 0702464 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-12-16 00:45 - 2012-02-14 11:56 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-12-15 23:54 - 2012-02-14 11:56 - 1231360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2011-12-15 23:54 - 2012-02-14 11:56 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2011-12-15 23:54 - 2012-02-14 11:56 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2011-12-15 23:52 - 2012-02-14 11:57 - 0690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 2073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 10992128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2011-12-15 23:52 - 2012-02-14 11:56 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2011-12-15 22:44 - 2012-02-14 11:56 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-12-15 22:09 - 2012-02-14 11:56 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2011-12-15 14:25 - 2011-12-15 14:25 - 0012984 ____A C:\Users\Moochero\Documents\xmasollololo.docx
2011-12-15 14:25 - 2011-12-15 14:25 - 0000162 ___AH C:\Users\Moochero\Documents\~$asollololo.docx
2011-12-15 13:01 - 2011-12-15 12:53 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Spotify
2011-12-15 12:53 - 2011-12-15 12:53 - 0000000 ____D C:\Users\Moochero\AppData\Local\Spotify
2011-12-10 15:24 - 2011-12-09 15:00 - 0023152 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-12-09 15:00 - 2011-12-09 15:00 - 0000000 ____D C:\Users\Moochero\AppData\Roaming\Malwarebytes
2011-12-09 15:00 - 2011-12-09 15:00 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-12-09 15:00 - 2011-12-09 15:00 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-12-09 14:56 - 2011-12-09 14:56 - 9851496 ____A (Malwarebytes Corporation ) C:\Users\Moochero\Desktop\mbam-setup.exe
2011-12-09 14:53 - 2011-12-09 14:52 - 0000361 ____A C:\rkill.log
2011-12-09 14:50 - 2011-12-09 14:50 - 1008120 ____A C:\Users\Moochero\Desktop\iExplore.exe
2011-12-09 14:48 - 2011-12-09 14:49 - 1008120 ____A C:\Users\Moochero\Desktop\rkill.com
2011-12-09 14:46 - 2011-12-09 14:47 - 0001205 ____A C:\Users\Moochero\Desktop\FixNCR.reg
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\Users\Moochero\AppData\Local\ywrueq5u4qhe1dyx0coe5q142c6o
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\Users\All Users\ywrueq5u4qhe1dyx0coe5q142c6o
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\ProgramData\ywrueq5u4qhe1dyx0coe5q142c6o
2011-12-09 01:41 - 2010-11-13 15:10 - 0000000 ____A C:\Windows\SysWOW64\config.nt
2011-12-09 01:34 - 2011-12-09 01:23 - 0000000 ____D C:\Users\All Users\PC Tools
2011-12-09 01:34 - 2011-12-09 01:23 - 0000000 ____D C:\ProgramData\PC Tools
2011-12-09 01:24 - 2011-12-09 01:24 - 1775402 ____A C:\Windows\System32\Drivers\Cat.DB
2011-12-09 01:22 - 2011-12-09 01:23 - 0512992 ____A C:\Users\Moochero\Desktop\sdasetup_revwire207.exe
2011-12-09 00:54 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2011-12-09 00:49 - 2011-12-09 00:44 - 0012914 __ASH C:\Users\Moochero\AppData\Local\mhtfmr8x6jir8grs7csn2k884t7j
2011-12-09 00:49 - 2011-12-09 00:44 - 0012914 __ASH C:\Users\All Users\mhtfmr8x6jir8grs7csn2k884t7j
2011-12-09 00:49 - 2011-12-09 00:44 - 0012914 __ASH C:\ProgramData\mhtfmr8x6jir8grs7csn2k884t7j
2011-12-07 16:01 - 2011-12-07 15:54 - 0005608 __ASH C:\Users\Moochero\AppData\Local\pshpdm0h1loo1mfe5pww1k168t3s
2011-12-07 16:01 - 2011-12-07 15:54 - 0005608 __ASH C:\Users\All Users\pshpdm0h1loo1mfe5pww1k168t3s
2011-12-07 16:01 - 2011-12-07 15:54 - 0005608 __ASH C:\ProgramData\pshpdm0h1loo1mfe5pww1k168t3s

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 9%
Total physical RAM: 8183.05 MB
Available physical RAM: 7382.55 MB
Total Pagefile: 8181.2 MB
Available Pagefile: 7363.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:287.92 GB) NTFS
2 Drive e: (GRMCHPXFREO_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
3 Drive f: () (Removable) (Total:3.77 GB) (Free:0 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 Online 3864 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 931 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
* Partition 1 Primary 3864 MB 0 B

======================================================================================================

Disk: 1
There is no partition selected.

There is no partition selected.
Please select a partition and try again.

======================================================================================================

==========================================================

Last Boot: 2012-03-01 04:38

======================= End Of Log ==========================

If this is the same problem and I can be helped. That would be amaaaaazing and thanks in advanced

BC AdBot (Login to Remove)

 


#2 OMGage

OMGage
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:37 PM

Posted 03 March 2012 - 05:06 PM

Oops didn't mean to post here. Sorry for double post >_>

Edited by OMGage, 03 March 2012 - 05:06 PM.


#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:37 AM

Posted 03 March 2012 - 07:57 PM

Hello OMGage,

Welcome to the forum.

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
3 X6va005; \??\C:\Users\Moochero\AppData\Local\Temp\0057476.tmp [x]
SubSystems: [Windows] ==> ZeroAccess
cmd: del /a/f/q c:\windows\tasks\at*.job
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\Users\Moochero\AppData\Local\ywrueq5u4qhe1dyx0coe5q142c6o
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\Users\All Users\ywrueq5u4qhe1dyx0coe5q142c6o
2011-12-09 14:43 - 2011-12-09 14:38 - 0011422 __ASH C:\ProgramData\ywrueq5u4qhe1dyx0coe5q142c6o
end

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options and select Command Prompt.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Please restart, let it boot normally and tell me how it went.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:37 AM

Posted 09 March 2012 - 02:45 AM

This thread will now be closed due to lack of activity.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users