Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected, Removed After Restarting Windows Won't Start


  • This topic is locked This topic is locked
2 replies to this topic

#1 imk

imk

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:13 PM

Posted 02 April 2012 - 08:19 AM

Please Help Me With This...I Need The Fix File!

Scan result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 14-03-2012
Ran by SYSTEM at 02-04-2012 13:15:13
Running from D:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe" [348760 2010-10-01] (Kaspersky Lab)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [D-Link D-Link DWA-525] C:\Program Files\D-Link\DWA-525 revA\AirNCFG.exe [1015808 2010-04-22] (D-Link Corp.)
HKLM\...\Run: [WZCSLDR2] C:\Program Files\D-Link\DWA-525 revA\WZCSLDR2.exe [122880 2010-04-22] (Wireless Service)
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-09-23] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [173592 2009-09-23] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AutoKMS] C:\Windows\AutoKMS.exe [615936 2011-12-07] ()
HKLM\...\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [307200 2005-12-18] (Team H2O)
HKLM\...\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKU\Black Xenon\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [369200 2009-10-30] (DT Soft Ltd)
HKU\Black Xenon\...\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot [3462552 2011-12-29] (Tonec Inc.)
HKU\Black Xenon\...\Run: [Facebook Update] "C:\Users\Black Xenon\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2012-03-30] (Facebook Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
IMEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\Winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"

================================ Services (Whitelisted) ==================

2 AVP; "C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe" -r [348760 2010-10-01] (Kaspersky Lab)
2 CSObjectsSrv; "C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe" [743992 2009-12-21] (Infowatch)
2 D_Link_DWA-525; C:\Program Files\D-Link\DWA-525 revA\ANIWZCSdS.exe [126976 2010-04-22] (Wireless Service)
2 D_Link_DWA-525_WPS; C:\Program Files\D-Link\DWA-525 revA\ANIWConnService.exe [40960 2010-04-22] ()
3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [517096 2010-02-19] (Adobe Systems Incorporated)
2 TuneUp.UtilitiesSvc; "C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe" [1479488 2011-10-14] (TuneUp Software)

========================== Drivers (Whitelisted) =============

1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2010-04-22] ()
3 CLEDX; C:\Windows\System32\DRIVERS\cledx.sys [33792 2005-05-09] (Team H2O)
0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [88632 2009-12-14] (Infowatch)
1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [39352 2009-12-14] (Infowatch)
3 ggflt; C:\Windows\System32\DRIVERS\ggflt.sys [13224 2009-04-05] (Sony Ericsson Mobile Communications)
3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [25512 2009-04-05] (Sony Ericsson Mobile Communications)
2 IDMWFP; C:\Windows\System32\DRIVERS\idmwfp.sys [89376 2011-07-06] (Tonec Inc.)
1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [128016 2009-09-01] (Kaspersky Lab)
0 KLBG; C:\Windows\System32\DRIVERS\klbg.sys [36880 2009-10-14] (Kaspersky Lab)
1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [311312 2011-12-06] (Kaspersky Lab)
1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [21520 2009-09-14] (Kaspersky Lab)
3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19472 2009-10-02] (Kaspersky Lab)
3 netr28; C:\Windows\System32\DRIVERS\Dnetr28.sys [789856 2010-04-22] (Ralink Technology, Corp.)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2011-12-06] (Duplex Secure Ltd.)
3 TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-10-13] (TuneUp Software)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-04-02 13:15 - 2012-04-02 13:15 - 0000000 ____D C:\FRST
2012-03-30 16:09 - 2012-03-30 16:09 - 0000440 __ASH C:\Windows\KLIF.spi
2012-03-30 14:59 - 2012-03-30 14:59 - 329226867 ____A C:\Windows\MEMORY.DMP
2012-03-30 14:59 - 2012-03-30 14:59 - 0144432 ____A C:\Windows\Minidump\033112-33571-01.dmp
2012-03-30 12:43 - 2012-03-30 12:43 - 0371158 ____A C:\Users\Black Xenon\Downloads\the-easton-ellises-2011-ep-one.jpg
2012-03-30 08:33 - 2012-03-30 14:38 - 0000952 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2334483629-2975350228-2799375558-1000UA.job
2012-03-30 08:33 - 2012-03-30 08:38 - 0000930 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2334483629-2975350228-2799375558-1000Core.job
2012-03-30 08:33 - 2012-03-30 08:33 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Facebook
2012-03-30 08:31 - 2012-03-30 08:32 - 0493512 ____A (Facebook Inc.) C:\Users\Black Xenon\Downloads\FacebookMessengerSetup.exe
2012-03-30 05:42 - 2012-03-30 05:42 - 0074471 ____A C:\Users\Black Xenon\Downloads\Sample International Curriculum Vitae.htm
2012-03-30 05:42 - 2012-03-30 05:42 - 0000000 ____D C:\Users\Black Xenon\Downloads\Sample International Curriculum Vitae_files
2012-03-30 04:53 - 2012-03-30 04:53 - 0144432 ____A C:\Windows\Minidump\033012-42198-01.dmp
2012-03-29 23:14 - 2012-03-29 23:14 - 0144424 ____A C:\Windows\Minidump\033012-31933-01.dmp
2012-03-29 12:11 - 2012-03-29 12:11 - 0063580 ____A C:\Users\Black Xenon\Downloads\scaled.0625_EDC.008__t653.jpg
2012-03-29 09:07 - 2012-03-29 09:07 - 0154173 ____A C:\Users\Black Xenon\Downloads\deadmau5.jpeg
2012-03-29 08:26 - 2012-03-29 08:26 - 0144432 ____A C:\Windows\Minidump\032912-33134-01.dmp
2012-03-28 14:25 - 2012-03-28 14:25 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Native Instruments
2012-03-28 13:34 - 2012-03-28 13:34 - 0018986 ____A C:\Users\Black Xenon\Downloads\Spartacus.S02E09.HDTV.x264-ASAP.[eztv].torrent
2012-03-27 14:39 - 2012-03-27 14:40 - 0000000 ____D C:\Users\Black Xenon\Downloads\Do Not Open - An Encyclopedia of the World's Best-Kept Secrets -Mantesh
2012-03-27 11:21 - 2012-03-27 11:21 - 0026960 ____A C:\Users\Black Xenon\Downloads\coronastar.png
2012-03-23 00:33 - 2012-03-23 00:33 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{FFE2A49B-3242-4FC1-BC9B-D6D93D56D048}
2012-03-22 08:58 - 2012-03-22 08:58 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{1BF953BA-4DD9-4532-A9CC-74AD856CF856}
2012-03-20 11:25 - 2012-03-20 11:26 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{A5C5D79A-8858-46B2-8414-184DF70B0F51}
2012-03-19 04:22 - 2012-03-19 04:22 - 0144432 ____A C:\Windows\Minidump\031912-36098-01.dmp
2012-03-18 03:27 - 2012-03-18 03:27 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\mixlr
2012-03-18 03:27 - 2012-03-18 03:27 - 0000000 ____D C:\Program Files\Mixlr
2012-03-18 03:23 - 2012-03-18 03:26 - 10947164 ____A (Mixlr, Ltd. ) C:\Users\Black Xenon\Downloads\Mixlr-1.3.2.exe
2012-03-16 10:12 - 2012-03-16 10:12 - 0087277 ____A C:\Users\Black Xenon\Downloads\397049_305432169505450_100001160091055_738038_1475631234_n.jpg
2012-03-16 06:41 - 2012-03-16 06:41 - 0185396 ____A C:\Users\Black Xenon\Downloads\Tribal_Cat_by_My_World_Order.jpg
2012-03-16 06:41 - 2012-03-16 06:41 - 0056094 ____A C:\Users\Black Xenon\Downloads\CatDJ.jpg
2012-03-16 06:37 - 2012-03-16 06:37 - 2990904 ____A C:\Users\Black Xenon\Downloads\deadmau5_wallpaper_1920x1080_by_noisekick91-d39fnjz.png
2012-03-16 06:36 - 2012-03-16 06:35 - 0086757 ____A C:\Users\Black Xenon\Downloads\cover.jpg
2012-03-16 06:35 - 2012-03-16 06:35 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{99A934B6-CEED-4425-97CC-13293E1C0ACA}
2012-03-16 06:34 - 2012-03-16 06:34 - 0050475 ____A C:\Users\Black Xenon\Downloads\1293700631.jpg
2012-03-16 06:33 - 2012-03-16 06:33 - 0539321 ____A C:\Users\Black Xenon\Downloads\1285531953_deadmau5_477116.jpeg
2012-03-16 00:20 - 2012-03-16 00:20 - 1700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll
2012-03-16 00:20 - 2012-03-16 00:20 - 1060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2012-03-15 10:41 - 2012-03-15 10:41 - 0087076 ____A C:\Users\Black Xenon\Downloads\Spectrasonics_Trilian.6773601.TPB (1).torrent
2012-03-15 09:53 - 2012-03-15 09:53 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{C5015DE5-B6C8-41C3-9BC3-091582C1F583}
2012-03-15 09:04 - 2012-03-15 09:04 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{9773B9B5-297C-4024-A400-87AF239A067B}
2012-03-15 01:34 - 2012-03-15 01:34 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{09375AD0-BAA3-4EA6-8078-D35C44579E0B}
2012-03-15 00:29 - 2012-03-27 08:12 - 0000000 ____D C:\Users\Black Xenon\Downloads\New folder
2012-03-14 12:28 - 2012-03-14 12:28 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{154D6DAB-7E9F-4F10-8945-BA2127DF938C}
2012-03-13 07:04 - 2012-03-13 07:05 - 1506358 ____A C:\Users\Black Xenon\Downloads\voda-Absolut-glimmer-party.jpg
2012-03-12 00:27 - 2012-03-12 00:27 - 0000012 ____A C:\Users\Black Xenon\Documents\urgent.txt
2012-03-09 13:16 - 2012-03-09 13:16 - 0234842 ____A C:\Users\Black Xenon\Downloads\470196_323656367683551_100001175714293_813477_2049377892_o.jpg
2012-03-09 12:19 - 2012-03-09 12:25 - 0218945 ____A C:\Users\Black Xenon\Downloads\462782_3290055602887_1490870120_o.jpg
2012-03-09 12:11 - 2012-03-09 12:11 - 0093729 ____A C:\Users\Black Xenon\Downloads\421293_318826524847749_100001612122812_938123_58996918_n.jpg
2012-03-08 06:31 - 2012-03-08 06:31 - 0043808 ____A C:\Users\Black Xenon\Downloads\418314_3001826561057_1124107108_32678500_1898174615_n.jpg
2012-03-05 00:54 - 2012-03-05 00:35 - 1466116 ____A C:\Users\Black Xenon\Documents\Logo_Lounge.pdf
2012-03-03 14:50 - 2012-03-03 14:50 - 0017419 ____A C:\Users\Black Xenon\Downloads\430198_10150582452378333_678698332_9340234_182346093_n.jpg
2012-03-03 14:42 - 2012-03-03 14:42 - 0068911 ____A C:\Users\Black Xenon\Downloads\3037832-196182-violinist-girl-in-red-dress-isolated-on-white-background.jpg
2012-03-03 14:36 - 2012-03-03 14:36 - 0075364 ____A C:\Users\Black Xenon\Downloads\tumblr_li2i54gqHv1qi153ho1_400.jpg
2012-03-03 14:35 - 2012-03-03 14:35 - 0069471 ____A C:\Users\Black Xenon\Downloads\3037070-190201-beautiful-girl-in-red-dress-isolated-on-white-background.jpg
2012-03-03 13:54 - 2012-03-03 13:54 - 0000321 ____A C:\Users\Black Xenon\Documents\list.txt
2012-03-03 10:42 - 2012-03-03 10:42 - 0037728 ____A C:\Users\Black Xenon\Downloads\1marilyn_dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0058632 ____A C:\Users\Black Xenon\Downloads\72907-Royalty-Free-RF-Clipart-Illustration-Of-A-Sexy-Blond-Pinup-Woman-Standing-Over-An-Air-Vent-The-Wind-Blowing-Up-Her-Dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0035927 ____A C:\Users\Black Xenon\Downloads\girl-farting-blowing-up-dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0014254 ____A C:\Users\Black Xenon\Downloads\can-stock-photo_csp3647478.jpg

============ 3 Months Modified Files and Folders ===============

2012-04-02 13:15 - 2012-04-02 13:15 - 0000000 ____D C:\FRST
2012-03-31 02:12 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\LogFiles
2012-03-30 16:09 - 2012-03-30 16:09 - 0000440 __ASH C:\Windows\KLIF.spi
2012-03-30 16:09 - 2011-12-06 13:45 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\uTorrent
2012-03-30 16:09 - 2011-12-06 13:30 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\DMCache
2012-03-30 16:09 - 2011-12-06 12:06 - 1122030 ____A C:\Windows\WindowsUpdate.log
2012-03-30 15:07 - 2011-12-06 13:17 - 0003284 ____A C:\Windows\System32\ANIWZCS{EE54D40C-7F2B-4CC8-A7A7-F71542FD427F}
2012-03-30 15:07 - 2011-12-06 13:17 - 0003284 ____A C:\Users\Black Xenon\AppData\Roaming\ANIWZCS{EE54D40C-7F2B-4CC8-A7A7-F71542FD427F}
2012-03-30 15:04 - 2009-07-13 20:34 - 0010016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-03-30 15:04 - 2009-07-13 20:34 - 0010016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-03-30 15:00 - 2012-01-29 11:37 - 0008787 ____A C:\Windows\AutoKMS.tmp
2012-03-30 15:00 - 2011-12-06 13:13 - 0000012 ____A C:\Windows\System32\ANIWZCSUSERNAME{EE54D40C-7F2B-4CC8-A7A7-F71542FD427F}
2012-03-30 15:00 - 2011-12-06 02:36 - 0000000 ____D C:\Users\All Users\Kaspersky Lab
2012-03-30 15:00 - 2011-12-06 02:36 - 0000000 ____D C:\ProgramData\Kaspersky Lab
2012-03-30 14:59 - 2012-03-30 14:59 - 329226867 ____A C:\Windows\MEMORY.DMP
2012-03-30 14:59 - 2012-03-30 14:59 - 0144432 ____A C:\Windows\Minidump\033112-33571-01.dmp
2012-03-30 14:59 - 2012-01-28 15:00 - 0019590 ____A C:\Windows\setupact.log
2012-03-30 14:59 - 2011-12-08 15:02 - 0000000 ____D C:\Windows\Minidump
2012-03-30 14:59 - 2011-09-30 16:27 - 2005786624 __ASH C:\hiberfil.sys
2012-03-30 14:59 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-03-30 14:38 - 2012-03-30 08:33 - 0000952 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2334483629-2975350228-2799375558-1000UA.job
2012-03-30 12:43 - 2012-03-30 12:43 - 0371158 ____A C:\Users\Black Xenon\Downloads\the-easton-ellises-2011-ep-one.jpg
2012-03-30 08:38 - 2012-03-30 08:33 - 0000930 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2334483629-2975350228-2799375558-1000Core.job
2012-03-30 08:33 - 2012-03-30 08:33 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Facebook
2012-03-30 08:32 - 2012-03-30 08:31 - 0493512 ____A (Facebook Inc.) C:\Users\Black Xenon\Downloads\FacebookMessengerSetup.exe
2012-03-30 05:42 - 2012-03-30 05:42 - 0074471 ____A C:\Users\Black Xenon\Downloads\Sample International Curriculum Vitae.htm
2012-03-30 05:42 - 2012-03-30 05:42 - 0000000 ____D C:\Users\Black Xenon\Downloads\Sample International Curriculum Vitae_files
2012-03-30 05:39 - 2012-02-23 05:10 - 0049961 ____A C:\Users\Black Xenon\Documents\Familia Remane Khan.docx
2012-03-30 05:08 - 2011-12-06 02:25 - 0717892 ____A C:\Windows\System32\PerfStringBackup.INI
2012-03-30 05:06 - 2011-09-30 08:21 - 0000000 ____D C:\Users\Black Xenon\Downloads\Video
2012-03-30 04:53 - 2012-03-30 04:53 - 0144432 ____A C:\Windows\Minidump\033012-42198-01.dmp
2012-03-29 23:14 - 2012-03-29 23:14 - 0144424 ____A C:\Windows\Minidump\033012-31933-01.dmp
2012-03-29 12:11 - 2012-03-29 12:11 - 0063580 ____A C:\Users\Black Xenon\Downloads\scaled.0625_EDC.008__t653.jpg
2012-03-29 09:07 - 2012-03-29 09:07 - 0154173 ____A C:\Users\Black Xenon\Downloads\deadmau5.jpeg
2012-03-29 08:26 - 2012-03-29 08:26 - 0144432 ____A C:\Windows\Minidump\032912-33134-01.dmp
2012-03-28 14:25 - 2012-03-28 14:25 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Native Instruments
2012-03-28 14:25 - 2012-01-13 02:25 - 0000000 ____D C:\Users\Black Xenon\Documents\Native Instruments
2012-03-28 14:21 - 2012-02-16 14:42 - 0000000 ____D C:\Program Files\Native Instruments
2012-03-28 14:19 - 2012-01-13 02:23 - 0000000 ____D C:\Program Files\Common Files\Native Instruments
2012-03-28 14:19 - 2011-12-06 02:51 - 0000000 ____D C:\Program Files\VstPlugins
2012-03-28 13:34 - 2012-03-28 13:34 - 0018986 ____A C:\Users\Black Xenon\Downloads\Spartacus.S02E09.HDTV.x264-ASAP.[eztv].torrent
2012-03-27 15:33 - 2011-11-10 14:48 - 0000000 ____D C:\Users\Black Xenon\Downloads\The Listener Season 2
2012-03-27 14:42 - 2011-09-30 08:21 - 0000000 ____D C:\Users\Black Xenon\Downloads\TSV Torrents
2012-03-27 14:40 - 2012-03-27 14:39 - 0000000 ____D C:\Users\Black Xenon\Downloads\Do Not Open - An Encyclopedia of the World's Best-Kept Secrets -Mantesh
2012-03-27 11:21 - 2012-03-27 11:21 - 0026960 ____A C:\Users\Black Xenon\Downloads\coronastar.png
2012-03-27 08:12 - 2012-03-15 00:29 - 0000000 ____D C:\Users\Black Xenon\Downloads\New folder
2012-03-26 10:29 - 2011-09-30 08:15 - 0000000 ____D C:\Users\Black Xenon\Downloads\Compressed
2012-03-26 00:44 - 2011-09-30 11:26 - 0000000 ____D C:\Users\Black Xenon\Documents\VirtualDJ
2012-03-25 05:17 - 2012-02-25 03:06 - 50231379 ____A C:\Users\Black Xenon\Documents\virtual mix8.mp3
2012-03-23 00:33 - 2012-03-23 00:33 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{FFE2A49B-3242-4FC1-BC9B-D6D93D56D048}
2012-03-22 08:58 - 2012-03-22 08:58 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{1BF953BA-4DD9-4532-A9CC-74AD856CF856}
2012-03-21 13:15 - 2011-12-06 02:32 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\vlc
2012-03-20 11:26 - 2012-03-20 11:25 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{A5C5D79A-8858-46B2-8414-184DF70B0F51}
2012-03-19 04:22 - 2012-03-19 04:22 - 0144432 ____A C:\Windows\Minidump\031912-36098-01.dmp
2012-03-19 02:08 - 2009-07-13 20:53 - 0032572 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-03-18 03:27 - 2012-03-18 03:27 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\mixlr
2012-03-18 03:27 - 2012-03-18 03:27 - 0000000 ____D C:\Program Files\Mixlr
2012-03-18 03:26 - 2012-03-18 03:23 - 10947164 ____A (Mixlr, Ltd. ) C:\Users\Black Xenon\Downloads\Mixlr-1.3.2.exe
2012-03-16 10:12 - 2012-03-16 10:12 - 0087277 ____A C:\Users\Black Xenon\Downloads\397049_305432169505450_100001160091055_738038_1475631234_n.jpg
2012-03-16 06:41 - 2012-03-16 06:41 - 0185396 ____A C:\Users\Black Xenon\Downloads\Tribal_Cat_by_My_World_Order.jpg
2012-03-16 06:41 - 2012-03-16 06:41 - 0056094 ____A C:\Users\Black Xenon\Downloads\CatDJ.jpg
2012-03-16 06:37 - 2012-03-16 06:37 - 2990904 ____A C:\Users\Black Xenon\Downloads\deadmau5_wallpaper_1920x1080_by_noisekick91-d39fnjz.png
2012-03-16 06:35 - 2012-03-16 06:36 - 0086757 ____A C:\Users\Black Xenon\Downloads\cover.jpg
2012-03-16 06:35 - 2012-03-16 06:35 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{99A934B6-CEED-4425-97CC-13293E1C0ACA}
2012-03-16 06:34 - 2012-03-16 06:34 - 0050475 ____A C:\Users\Black Xenon\Downloads\1293700631.jpg
2012-03-16 06:33 - 2012-03-16 06:33 - 0539321 ____A C:\Users\Black Xenon\Downloads\1285531953_deadmau5_477116.jpeg
2012-03-16 05:22 - 2011-12-06 13:30 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\IDM
2012-03-16 00:20 - 2012-03-16 00:20 - 1700352 ____A (Microsoft Corporation) C:\Windows\System32\gdiplus.dll
2012-03-16 00:20 - 2012-03-16 00:20 - 1060864 ____A (Microsoft Corporation) C:\Windows\System32\mfc71.dll
2012-03-15 10:41 - 2012-03-15 10:41 - 0087076 ____A C:\Users\Black Xenon\Downloads\Spectrasonics_Trilian.6773601.TPB (1).torrent
2012-03-15 09:53 - 2012-03-15 09:53 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{C5015DE5-B6C8-41C3-9BC3-091582C1F583}
2012-03-15 09:04 - 2012-03-15 09:04 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{9773B9B5-297C-4024-A400-87AF239A067B}
2012-03-15 08:03 - 2011-12-06 03:04 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Deckadance19
2012-03-15 08:03 - 2011-12-06 03:02 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\SongManager
2012-03-15 06:33 - 2012-03-01 02:11 - 0000471 ____A C:\Windows\System32\Datei4
2012-03-15 06:33 - 2012-03-01 02:11 - 0000471 ____A C:\Windows\System32\Datei2
2012-03-15 06:33 - 2012-03-01 02:11 - 0000470 ____A C:\Windows\System32\Datei3
2012-03-15 06:33 - 2012-03-01 02:11 - 0000470 ____A C:\Windows\System32\Datei1
2012-03-15 06:33 - 2012-03-01 02:11 - 0000469 ____A C:\Windows\System32\Datei7
2012-03-15 06:33 - 2012-03-01 02:11 - 0000469 ____A C:\Windows\System32\Datei5
2012-03-15 06:33 - 2012-03-01 02:11 - 0000468 ____A C:\Windows\System32\Datei0
2012-03-15 06:33 - 2012-03-01 02:11 - 0000467 ____A C:\Windows\System32\Datei9
2012-03-15 06:33 - 2012-03-01 02:11 - 0000467 ____A C:\Windows\System32\Datei8
2012-03-15 06:33 - 2012-03-01 02:11 - 0000467 ____A C:\Windows\System32\Datei10
2012-03-15 06:33 - 2012-03-01 02:11 - 0000465 ____A C:\Windows\System32\Datei6
2012-03-15 03:01 - 2011-12-25 15:32 - 0000000 ____D C:\Users\Black Xenon\Downloads\Futurama season 1-5 (complete) + extras
2012-03-15 02:08 - 2011-12-17 13:44 - 0000132 ____A C:\Users\Black Xenon\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-03-15 01:59 - 2012-02-16 05:12 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Windows Live
2012-03-15 01:34 - 2012-03-15 01:34 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{09375AD0-BAA3-4EA6-8078-D35C44579E0B}
2012-03-14 12:28 - 2012-03-14 12:28 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{154D6DAB-7E9F-4F10-8945-BA2127DF938C}
2012-03-13 07:05 - 2012-03-13 07:04 - 1506358 ____A C:\Users\Black Xenon\Downloads\voda-Absolut-glimmer-party.jpg
2012-03-12 00:27 - 2012-03-12 00:27 - 0000012 ____A C:\Users\Black Xenon\Documents\urgent.txt
2012-03-09 13:16 - 2012-03-09 13:16 - 0234842 ____A C:\Users\Black Xenon\Downloads\470196_323656367683551_100001175714293_813477_2049377892_o.jpg
2012-03-09 12:25 - 2012-03-09 12:19 - 0218945 ____A C:\Users\Black Xenon\Downloads\462782_3290055602887_1490870120_o.jpg
2012-03-09 12:11 - 2012-03-09 12:11 - 0093729 ____A C:\Users\Black Xenon\Downloads\421293_318826524847749_100001612122812_938123_58996918_n.jpg
2012-03-08 13:38 - 2012-02-17 07:42 - 0002905 ____A C:\Users\Black Xenon\Documents\Biografia.txt
2012-03-08 06:31 - 2012-03-08 06:31 - 0043808 ____A C:\Users\Black Xenon\Downloads\418314_3001826561057_1124107108_32678500_1898174615_n.jpg
2012-03-07 04:50 - 2011-12-11 17:11 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\ElevatedDiagnostics
2012-03-06 21:45 - 2011-12-06 13:46 - 0000000 ____D C:\Program Files\uTorrent
2012-03-05 00:35 - 2012-03-05 00:54 - 1466116 ____A C:\Users\Black Xenon\Documents\Logo_Lounge.pdf
2012-03-03 14:50 - 2012-03-03 14:50 - 0017419 ____A C:\Users\Black Xenon\Downloads\430198_10150582452378333_678698332_9340234_182346093_n.jpg
2012-03-03 14:42 - 2012-03-03 14:42 - 0068911 ____A C:\Users\Black Xenon\Downloads\3037832-196182-violinist-girl-in-red-dress-isolated-on-white-background.jpg
2012-03-03 14:36 - 2012-03-03 14:36 - 0075364 ____A C:\Users\Black Xenon\Downloads\tumblr_li2i54gqHv1qi153ho1_400.jpg
2012-03-03 14:35 - 2012-03-03 14:35 - 0069471 ____A C:\Users\Black Xenon\Downloads\3037070-190201-beautiful-girl-in-red-dress-isolated-on-white-background.jpg
2012-03-03 13:54 - 2012-03-03 13:54 - 0000321 ____A C:\Users\Black Xenon\Documents\list.txt
2012-03-03 10:42 - 2012-03-03 10:42 - 0037728 ____A C:\Users\Black Xenon\Downloads\1marilyn_dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0058632 ____A C:\Users\Black Xenon\Downloads\72907-Royalty-Free-RF-Clipart-Illustration-Of-A-Sexy-Blond-Pinup-Woman-Standing-Over-An-Air-Vent-The-Wind-Blowing-Up-Her-Dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0035927 ____A C:\Users\Black Xenon\Downloads\girl-farting-blowing-up-dress.jpg
2012-03-03 10:39 - 2012-03-03 10:39 - 0014254 ____A C:\Users\Black Xenon\Downloads\can-stock-photo_csp3647478.jpg
2012-03-01 23:29 - 2012-03-01 23:29 - 0144432 ____A C:\Windows\Minidump\030212-29437-01.dmp
2012-03-01 03:30 - 2012-03-01 03:30 - 0004278 ____A C:\Windows\DPINST.LOG
2012-03-01 03:30 - 2012-03-01 03:30 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_ggsemc_01007.Wdf
2012-03-01 03:30 - 2012-03-01 03:30 - 0000000 ____D C:\Program Files\Sony Ericsson
2012-03-01 03:30 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2012-03-01 02:11 - 2012-02-04 08:13 - 0335878 ____A C:\Windows\ntbtlog.txt
2012-03-01 02:11 - 2012-02-04 01:37 - 0000000 ____D C:\Program Files\Syncrosoft
2012-02-29 06:33 - 2012-02-29 06:29 - 0473556 ____A C:\Users\Black Xenon\Downloads\413521_304995576227045_100001498154051_841375_1285039618_o.jpg
2012-02-29 03:46 - 2012-02-29 03:46 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Voxengo
2012-02-28 13:07 - 2011-12-06 05:11 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Adobe
2012-02-28 13:06 - 2011-12-06 05:11 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Adobe
2012-02-28 13:05 - 2012-02-28 13:05 - 0000132 ____A C:\Users\Black Xenon\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2012-02-27 00:58 - 2012-02-27 00:58 - 0035840 ____A C:\Users\Black Xenon\Documents\Familia Remane Khan97.doc
2012-02-24 05:50 - 2012-02-24 05:50 - 0144432 ____A C:\Windows\Minidump\022412-28111-01.dmp
2012-02-22 01:36 - 2012-02-22 01:36 - 0144432 ____A C:\Windows\Minidump\022212-28953-01.dmp
2012-02-22 01:14 - 2012-02-22 01:14 - 0144424 ____A C:\Windows\Minidump\022212-37409-01.dmp
2012-02-20 14:06 - 2012-02-20 14:06 - 0014269 ____A C:\Users\Black Xenon\Downloads\[kat.ph]thrive.2011.720p.brrip.x264.aac.26k.torrent
2012-02-18 18:31 - 2012-02-16 05:47 - 0022829 ____A C:\Users\Black Xenon\Documents\split legs and BP.wlmp
2012-02-18 17:48 - 2012-02-18 17:48 - 0144432 ____A C:\Windows\Minidump\021912-36254-01.dmp
2012-02-18 10:32 - 2012-02-18 10:31 - 0000677 ____A C:\Users\Black Xenon\Documents\sticky notes.txt
2012-02-17 04:32 - 2011-09-30 11:23 - 0000000 ____D C:\Users\Black Xenon\Documents\Black Xenon Production'z
2012-02-16 13:13 - 2012-02-16 13:13 - 0144432 ____A C:\Windows\Minidump\021612-34647-01.dmp
2012-02-16 13:06 - 2012-02-16 13:06 - 0144432 ____A C:\Windows\Minidump\021612-36644-01.dmp
2012-02-16 13:02 - 2012-02-16 13:01 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{02BFC41B-E82D-4170-AE99-00A535E67B3F}
2012-02-16 11:52 - 2012-02-16 11:52 - 0144432 ____A C:\Windows\Minidump\021612-32963-01.dmp
2012-02-16 08:04 - 2012-02-16 08:04 - 1766126 ____A C:\Users\Black Xenon\Downloads\Zeitgeist_by_Menotodokukagiri.png
2012-02-16 06:52 - 2012-02-16 06:52 - 0043708 ____A C:\Users\Black Xenon\Downloads\Nokia-C3-01.jpg
2012-02-16 05:35 - 2012-02-16 05:35 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{5AFDFA30-75B5-44BA-807D-24C706DF9D65}
2012-02-16 05:28 - 2012-02-16 05:27 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\{5C009638-1265-4B48-ABA8-88D083C3ABBB}
2012-02-16 05:24 - 2012-02-16 05:23 - 0000000 ____D C:\Program Files\Windows Live
2012-02-16 05:24 - 2011-12-07 03:35 - 0000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2012-02-16 05:21 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2012-02-16 05:12 - 2012-02-16 05:12 - 0000000 ____D C:\Program Files\Common Files\Windows Live
2012-02-16 04:25 - 2012-02-16 04:25 - 0144432 ____A C:\Windows\Minidump\021612-31949-01.dmp
2012-02-14 09:53 - 2012-02-14 09:53 - 0032665 ____A C:\Users\Black Xenon\Downloads\break-dance (8).jpg
2012-02-14 09:53 - 2012-02-14 09:53 - 0024033 ____A C:\Users\Black Xenon\Downloads\break-dance (5).jpg
2012-02-14 09:53 - 2012-02-14 09:53 - 0024024 ____A C:\Users\Black Xenon\Downloads\break-dance (10).jpg
2012-02-14 09:53 - 2012-02-14 09:53 - 0020619 ____A C:\Users\Black Xenon\Downloads\break-dance (4).jpg
2012-02-14 09:52 - 2012-02-14 09:52 - 0069863 ____A C:\Users\Black Xenon\Downloads\break-dance (2).jpg
2012-02-14 09:52 - 2012-02-14 09:52 - 0035835 ____A C:\Users\Black Xenon\Downloads\break-dance (7).jpg
2012-02-14 09:52 - 2012-02-14 09:52 - 0025912 ____A C:\Users\Black Xenon\Downloads\break-dance (9).jpg
2012-02-14 09:50 - 2012-02-14 09:50 - 0023723 ____A C:\Users\Black Xenon\Downloads\8B2B472C7737F73F57D59490EEF6CB89CB75CA55.torrent
2012-02-14 09:43 - 2012-02-14 09:43 - 0087076 ____A C:\Users\Black Xenon\Downloads\Spectrasonics_Trilian.6773601.TPB.torrent
2012-02-14 09:39 - 2012-02-14 09:39 - 0010760 ____A C:\Users\Black Xenon\Downloads\Native.Instruments.FM8.VSTi.DXi.RTAS.v1.0.3.4464934.TPB.torrent
2012-02-14 09:37 - 2012-02-14 09:37 - 0031689 ____A C:\Users\Black Xenon\Downloads\Native.Instruments.Reaktor.5.HYBRID.ISO-DELiRiUM.3412184.TPB.torrent
2012-02-14 09:34 - 2012-02-14 09:34 - 0015450 ____A C:\Users\Black Xenon\Downloads\Native_Instruments_Massive_STANDALONE_VSTi_RTAS_v1.3.0_x86_x64_-.6802301.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0067262 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D1-AiRISO.6320454.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0062935 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D3-AiRISO.4437190.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0061631 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D4-AiRISO.4437198.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0056307 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D2-AiRISO.4437188.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0054239 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D5-AiRISO.4437194.TPB.torrent
2012-02-14 09:08 - 2012-02-14 09:08 - 0049603 ____A C:\Users\Black Xenon\Downloads\Spectrasonics.Omnisphere.v1.0.VSTi.RTAS.AU.PC.MAC.DVDR.D6-AiRISO.4437199.TPB.torrent
2012-02-14 08:13 - 2012-02-14 08:13 - 0024900 ____A C:\Users\Black Xenon\Downloads\mz.gif
2012-02-14 08:09 - 2012-02-14 08:08 - 0144432 ____A C:\Windows\Minidump\021412-40076-01.dmp
2012-02-14 04:43 - 2012-02-14 04:43 - 0144432 ____A C:\Windows\Minidump\021412-39109-02.dmp
2012-02-14 01:41 - 2012-01-29 18:40 - 0000000 ____D C:\Users\Black Xenon\Downloads\reFX Nexus (whole bundle) 16 GB Re-seed
2012-02-13 14:48 - 2012-02-13 14:48 - 0016662 ____A C:\Users\Black Xenon\Downloads\[kat.ph]microsoft.windows.8.rc1.iso.lz0.torrent
2012-02-13 14:33 - 2012-02-13 14:33 - 0144432 ____A C:\Windows\Minidump\021412-43976-01.dmp
2012-02-13 14:24 - 2012-02-13 14:23 - 0144432 ____A C:\Windows\Minidump\021412-39093-01.dmp
2012-02-12 08:07 - 2012-02-12 08:07 - 0350720 ____A C:\Users\Black Xenon\Downloads\PSAAZ.Final.doc
2012-02-12 05:29 - 2011-12-06 13:47 - 0000000 ____D C:\Users\Black Xenon\AppData\Local\Conduit
2012-02-12 05:29 - 2011-12-06 02:21 - 0000000 ____D C:\Users\Black Xenon\AppData\LocalLow
2012-02-12 05:10 - 2012-01-13 02:23 - 0000000 ____D C:\Users\All Users\Native Instruments
2012-02-12 05:10 - 2012-01-13 02:23 - 0000000 ____D C:\ProgramData\Native Instruments
2012-02-12 04:11 - 2012-02-12 04:10 - 0144424 ____A C:\Windows\Minidump\021212-31824-01.dmp
2012-02-10 13:00 - 2012-02-10 13:00 - 0144432 ____A C:\Windows\Minidump\021012-36192-01.dmp
2012-02-10 13:00 - 2012-02-05 16:07 - 0000750 ____A C:\Windows\PFRO.log
2012-02-10 12:01 - 2012-02-10 12:01 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2012-02-10 10:20 - 2011-12-06 05:24 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\TuneUp Software
2012-02-10 06:54 - 2012-02-10 06:54 - 1181022 ____A C:\Windows\System32\TmpA72627747
2012-02-10 04:57 - 2012-02-10 04:57 - 39153708 ____A C:\Users\Black Xenon\Downloads\instrumental.wav
2012-02-10 04:33 - 2012-02-10 04:33 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Antares
2012-02-10 04:33 - 2012-02-10 04:33 - 0000000 ____D C:\Program Files\Antares Audio Technologies
2012-02-10 04:05 - 2012-02-10 04:05 - 0006011 ____A C:\Users\Black Xenon\Downloads\Antares_Autotune_VST_v5.09_[T-Pain_Software__Sound_Like_T-Pain].4579434.TPB.torrent
2012-02-10 04:02 - 2012-02-10 04:01 - 5359104 ____A C:\Users\Black Xenon\Downloads\Beyoncé - Till the End of Time.mp3
2012-02-09 01:53 - 2012-02-09 01:43 - 0000000 ____D C:\Program Files\JPEG to PDF
2012-02-05 09:47 - 2012-02-05 09:47 - 0144432 ____A C:\Windows\Minidump\020512-27393-01.dmp
2012-02-05 09:44 - 2012-02-05 09:44 - 0144432 ____A C:\Windows\Minidump\020512-25755-01.dmp
2012-02-04 10:12 - 2012-02-04 10:12 - 0144432 ____A C:\Windows\Minidump\020412-27830-01.dmp
2012-02-04 01:55 - 2012-02-04 01:55 - 0000000 ___AD C:\Users\Black Xenon\Documents\Copy Protection Driver
2012-02-04 01:46 - 2012-02-04 01:46 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Steinberg
2012-02-04 01:34 - 2012-02-04 01:34 - 0000000 ____D C:\Program Files\Steinberg
2012-02-01 11:39 - 2012-02-01 11:39 - 0144432 ____A C:\Windows\Minidump\020112-34569-01.dmp
2012-02-01 02:51 - 2011-10-05 14:46 - 0000000 ____D C:\Users\Black Xenon\Downloads\Subs
2012-02-01 02:14 - 2012-02-01 02:14 - 0001484 ____A C:\users\Black
2012-02-01 02:14 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\NDF
2012-01-30 12:04 - 2012-01-30 12:04 - 0109624 ____A C:\Users\Black Xenon\Downloads\template-1465181514514086841 (1).xml
2012-01-30 12:02 - 2012-01-30 12:02 - 0472237 ____A C:\Users\Black Xenon\Downloads\Namisan[CustomBloggerTemplates].zip
2012-01-26 22:55 - 2012-01-26 22:55 - 0000000 ____D C:\Program Files\Edirol
2012-01-25 17:30 - 2012-01-25 17:30 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-01-22 14:14 - 2012-01-22 14:14 - 0000203 ____A C:\Users\Black Xenon\Documents\new.txt
2012-01-21 04:48 - 2012-01-21 04:48 - 0679628 ____A C:\Users\Black Xenon\Downloads\reFX_Nexus__whole_bundle__16_GB___Re_seed.torrent
2012-01-20 09:51 - 2012-01-20 09:32 - 0000000 ____D C:\Program Files\RocketDock
2012-01-20 09:20 - 2009-07-13 20:33 - 4547736 ____A C:\Windows\System32\FNTCACHE.DAT
2012-01-20 09:15 - 2012-01-20 09:00 - 0000000 ____D C:\Windows\W7SBC
2012-01-20 09:07 - 2012-01-20 08:30 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\Rainmeter
2012-01-20 09:02 - 2011-12-07 02:46 - 0419160 ____A C:\Users\Black Xenon\AppData\Local\GDIPFONTCACHEV1.DAT
2012-01-20 08:30 - 2012-01-20 08:30 - 0000000 ____D C:\Program Files\Rainmeter
2012-01-20 08:00 - 2011-09-30 08:19 - 0000000 ____D C:\Users\Black Xenon\Downloads\Saved Web Pages
2012-01-20 06:14 - 2012-01-20 06:14 - 0004034 ____A C:\Users\Black Xenon\Downloads\Eye_of_Horus.svg
2012-01-19 11:47 - 2012-01-19 11:47 - 0000268 ____A C:\Users\Black Xenon\Documents\rply.txt
2012-01-18 10:53 - 2012-01-18 10:53 - 0018776 ____A C:\Users\Black Xenon\Downloads\NSHOW.cs
2012-01-14 03:24 - 2012-01-14 03:14 - 0000287 ____A C:\Users\Black Xenon\AppData\Roaming\ANICONFIG_{EE54D40C-7F2B-4CC8-A7A7-F71542FD427F}.ini
2012-01-14 03:15 - 2009-07-13 18:37 - 0000000 __RHD C:\Users\Public\Libraries
2012-01-13 03:42 - 2011-12-06 02:21 - 0000000 ____D C:\users\Black Xenon
2012-01-12 16:34 - 2011-12-06 13:30 - 0000000 ____D C:\Program Files\Internet Download Manager
2012-01-11 13:01 - 2011-12-06 05:22 - 0000000 ____D C:\Users\Black Xenon\AppData\Roaming\DAEMON Tools Lite

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2009-07-13 15:41] - [2009-07-13 17:14] - 2613248 ____A (Microsoft Corporation) 15BC38A7492BEFE831966ADB477CF76F

C:\Windows\System32\winlogon.exe
[2009-07-13 15:37] - [2009-07-13 17:14] - 0285696 ____A (Microsoft Corporation) 8EC6A4AB12B8F3759E21F8E3A388F2CF

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\User32.dll
[2009-07-13 15:24] - [2009-07-13 17:16] - 0811520 ____A (Microsoft Corporation) 34B7E222E81FAFA885F0C5F2CFA56861

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 15%
Total physical RAM: 2550.49 MB
Available physical RAM: 2153.7 MB
Total Pagefile: 2548.77 MB
Available Pagefile: 2151.56 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.31 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:74.52 GB) (Free:25.28 GB) NTFS ==>[Drive with boot components (obtanied from BCD)]
3 Drive d: (KEVIN) (Removable) (Total:0.95 GB) (Free:0.91 GB) FAT32
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 74 GB 9 MB
Disk 1 Online 974 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 74 GB 31 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 C NTFS Partition 74 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 973 MB 120 KB

======================================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D KEVIN FAT32 Removable 973 MB Healthy

======================================================================================================
==========================================================
TDL4: custom:26000022


==========================================================

Last Boot: 2012-03-22 13:12

======================= End Of Log ==========================

Attached Files

  • Attached File  FRST.txt   37.94KB   4 downloads

Edited by Noviciate, 02 April 2012 - 02:31 PM.
Added from attachment.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:13 PM

Posted 02 April 2012 - 02:54 PM

Good evening. :)

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

TDL4: custom:26000022
CMD: bootrec /FixMbr

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

So long, and thanks for all the fish.

 

 


#3 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:09:13 PM

Posted 09 April 2012 - 04:49 PM

As there has been no response for five days this thread is now closed.

So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users