Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help in removing Trojan.ZeroaccessB


  • This topic is locked This topic is locked
12 replies to this topic

#1 MattC13

MattC13

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 April 2012 - 02:27 PM

Hello, I have a problem that I need help in dealing with:

I use Norton Anti-Virus on a 64 bit Windows 7 laptop. Yesterday a message appeared telling me that Norton was unable to remove this virus, Trojan.ZeroaccessB, and it had to be removed manually. They recommended using the Norton Power Eraser and a program specifically for removing this type of virus, however the eraser tool did not detect it and the program only works on 32 bit computers. All I know is that it has infected consrv.dll.

I have already read through all the steps in the preparation topic. Here are the DDS and Attach files:

Thank you in advance for your assistance.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Matt at 14:56:13 on 2012-04-05
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.4023.1589 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Rogers\SelfHealing\shs.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Matt\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uURLSearchHooks: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe
BHO: MRI_DISABLED - No File
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: af0.Adblock.BHO: {90eff544-3981-4d46-85c9-c0361d0931d6} - mscoree.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: MP3 Rocket Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: MP3 Rocket Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
EB: MRI_DISABLED - No File
uRun: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [Rogers SHS] C:\Program Files (x86)\rogers\selfhealing\shs.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Matt\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Matt\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Matt\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\148756D616E6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\2454C4C4638313 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\34F6E6E65636470527F602F4E4C495 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\353686E6569646562733 : DhcpNameServer = 66.79.51.85 66.79.78.47
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\443374E4F53535944403 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\84359414 : DhcpNameServer = 64.89.70.2
TCP: Interfaces\{80A1C2EC-8FFA-4649-9A2D-7D1E6CE673EE}\C696E6B6379737 : DhcpNameServer = 66.79.51.85 66.79.78.47
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4Com.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: MRI_DISABLED - No File
BHO-X64: HP Print Enhancer - No File
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: HP Smart BHO Class - No File
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: af0.Adblock.BHO: {90EFF544-3981-4d46-85C9-C0361D0931D6} - mscoree.dll
BHO-X64: AdblockIE - No File
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO-X64: MP3 Rocket Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB-X64: Messenger Plus Live CA-EN Toolbar: {437c4386-9237-441f-a940-009430030ee0} - C:\Program Files (x86)\Messenger_Plus_Live_CA-EN\tbMess.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB-X64: MP3 Rocket Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
EB-X64: MRI_DISABLED - No File
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun-x64: [Rogers SHS] C:\Program Files (x86)\rogers\selfhealing\shs.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\kl6jp9m2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535290&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2535290&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\kl6jp9m2.default\extensions\{437c4386-9237-441f-a940-009430030ee0}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\kl6jp9m2.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\kl6jp9m2.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.67\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Matt\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-3-20 1157240]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120404.002\IDSviA64.sys [2012-4-4 488568]
R1 networx;networx;C:\Windows\system32\drivers\networx.sys --> C:\Windows\system32\drivers\networx.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-2-28 2343816]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [2011-10-11 126400]
R2 RogersSelfHelpService;Rogers SHS Service;C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe [2010-1-19 139264]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-4 138360]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-21 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253600]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-1-11 228408]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-21 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
regfile="regedit.exe" "%1"
.
=============== Created Last 30 ================
.
2012-04-05 18:06:23 -------- d-----w- C:\Users\Matt\AppData\Local\{CD19E513-2F6E-45CF-BB3F-90DB8EE97A06}
2012-04-04 23:55:39 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2012-04-04 23:19:36 -------- d-----w- C:\Users\Matt\AppData\Local\NPE
2012-04-04 17:45:55 -------- d-----w- C:\Users\Matt\AppData\Local\{215AC035-B978-4AE7-BE9D-B6B55A6CEC1B}
2012-04-03 17:47:47 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-03 17:47:17 -------- d-----w- C:\Users\Matt\AppData\Local\{733B7555-9C39-4833-BB2C-991CB014FB78}
2012-04-02 17:52:43 -------- d-----w- C:\Users\Matt\AppData\Local\{54F1BF3E-7434-4E3A-AB65-56991F7A4D44}
2012-04-01 20:31:45 -------- d-----w- C:\Program Files\iTunes
2012-04-01 20:31:45 -------- d-----w- C:\Program Files\iPod
2012-04-01 15:39:12 -------- d-----w- C:\Users\Matt\AppData\Local\{CB17BA29-8F86-4009-BAB9-3016ED18E8D0}
2012-03-31 14:35:47 -------- d-----w- C:\Users\Matt\AppData\Local\{093B8A77-4FDE-40D9-94AE-8C215FAB503F}
2012-03-30 17:47:20 -------- d-----w- C:\Users\Matt\AppData\Local\{2A70FB32-AF70-4F65-B211-19A1363741B3}
2012-03-29 14:36:14 -------- d-----w- C:\Users\Matt\AppData\Local\{D2217BDD-BB4C-45BC-9F8E-6B8A6F285617}
2012-03-28 17:44:23 -------- d-----w- C:\Users\Matt\AppData\Local\{8E63CFE1-F550-456A-BF63-BA7EAD184149}
2012-03-28 17:43:51 -------- d-----w- C:\Users\Matt\AppData\Local\{88143266-FA8F-4399-AADA-C4B4AA7334BE}
2012-03-27 17:50:13 -------- d-----w- C:\Users\Matt\AppData\Local\{ADBF48F2-FC1E-4351-BBD1-0FC4017CEBA9}
2012-03-27 17:49:53 -------- d-----w- C:\Users\Matt\AppData\Local\{B590CE57-9A40-416D-A022-29BBBC06A38F}
2012-03-26 17:44:53 -------- d-----w- C:\Users\Matt\AppData\Local\{9C0B8AB3-3DD6-4C54-91B1-075EE9ABF081}
2012-03-26 17:44:32 -------- d-----w- C:\Users\Matt\AppData\Local\{58ACC166-CBF9-4565-9B84-8891E3F6734E}
2012-03-25 14:33:14 -------- d-----w- C:\Users\Matt\AppData\Local\{FAF45F2A-AEEE-4A84-9188-09BD467EB5B6}
2012-03-25 14:32:46 -------- d-----w- C:\Users\Matt\AppData\Local\{BE588E12-7BA5-401F-8633-521668D8FCDC}
2012-03-24 21:18:48 -------- d-----w- C:\Users\Matt\AppData\Local\{D978390E-3F18-4618-8D69-F1F7BFD2AAE1}
2012-03-24 21:18:32 -------- d-----w- C:\Users\Matt\AppData\Local\{2A0B6299-8CDA-47A6-BB19-C0E2FB280A39}
2012-03-24 14:42:00 -------- d-----w- C:\Users\Matt\AppData\Local\{7398D1ED-B0A4-4749-8A1D-9F7F1BA2F12C}
2012-03-24 14:41:28 -------- d-----w- C:\Users\Matt\AppData\Local\{33D543D3-0743-4FF7-9C3B-849FA78E8A59}
2012-03-24 00:28:10 -------- d-----w- C:\Users\Matt\AppData\Local\{7A97E2FB-ACBB-448E-B582-AA0B1369E80F}
2012-03-24 00:27:49 -------- d-----w- C:\Users\Matt\AppData\Local\{6D4A2420-3D8B-4733-B76F-C4DC1649340B}
2012-03-23 14:27:50 -------- d-----w- C:\Users\Matt\AppData\Local\{181FAE8E-396D-416F-ACF3-C07432E0613A}
2012-03-23 14:27:28 -------- d-----w- C:\Users\Matt\AppData\Local\{9DA9039B-5635-457A-9B8F-0D9E6112C0DA}
2012-03-22 22:43:37 -------- d-----w- C:\Users\Matt\AppData\Roaming\LOVE
2012-03-22 19:35:38 -------- d-----w- C:\Users\Matt\AppData\Local\{EEF561B6-6A4E-440C-AB5B-D71F395E981C}
2012-03-22 19:35:16 -------- d-----w- C:\Users\Matt\AppData\Local\{8DF051CC-B9A5-4EC8-8D1D-5C8DEFA780D9}
2012-03-21 17:45:20 -------- d-----w- C:\Users\Matt\AppData\Local\{795EC239-5569-4F26-AC86-7CF6E89E38FF}
2012-03-21 17:44:49 -------- d-----w- C:\Users\Matt\AppData\Local\{30A98ED2-7206-490B-ABB9-73D6461C6B97}
2012-03-21 04:11:45 -------- d-----w- C:\4ce4c0d9d07003a39c452d9bb2
2012-03-21 01:20:41 -------- d-----w- C:\Users\Matt\AppData\Local\{EB04BC9B-E21D-41D1-A539-0566DFCA377D}
2012-03-21 01:20:24 -------- d-----w- C:\Users\Matt\AppData\Local\{DE47B5F4-3FF9-4D99-91F3-8FFE41302365}
2012-03-20 18:08:07 -------- d-----w- C:\Users\Matt\AppData\Local\{D4BA11FC-F330-4C4F-94E3-541304DC8412}
2012-03-20 18:07:48 -------- d-----w- C:\Users\Matt\AppData\Local\{F6AFAD78-CB54-4DE3-98F2-16E450608E81}
2012-03-20 00:06:05 -------- d-----w- C:\Program Files (x86)\fbphotozoom
2012-03-20 00:05:45 -------- d-----w- C:\Program Files (x86)\1ClickDownload
2012-03-19 17:47:32 -------- d-----w- C:\Users\Matt\AppData\Local\{7C967C43-74D4-4F56-BA03-01DE43BA4B7D}
2012-03-19 17:47:02 -------- d-----w- C:\Users\Matt\AppData\Local\{ECDC7476-9693-49D6-90F2-D4B7A79F8918}
2012-03-18 15:38:48 -------- d-----w- C:\Users\Matt\AppData\Local\{0215D187-5FEF-4090-A396-B33EEC04F55E}
2012-03-18 15:38:23 -------- d-----w- C:\Users\Matt\AppData\Local\{989DF6EE-47CD-46D8-993E-D67481C7292C}
2012-03-16 14:39:50 -------- d-----w- C:\Users\Matt\AppData\Local\{8183609F-36EF-4DD9-864B-864ACF38A2C6}
2012-03-16 14:39:33 -------- d-----w- C:\Users\Matt\AppData\Local\{3470E422-920A-4288-BBE8-A250E5A5ED65}
2012-03-16 05:23:59 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2012-03-15 20:41:16 -------- d-----w- C:\Users\Matt\AppData\Local\{7B69EFD3-8946-4DA0-BB34-1D726CF86E12}
2012-03-15 20:41:00 -------- d-----w- C:\Users\Matt\AppData\Local\{7CA1A3E2-B0A5-4166-AF11-660983CBE050}
2012-03-15 15:30:10 5504880 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 15:30:09 3957616 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 15:30:06 3902320 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-15 15:18:07 -------- d-----w- C:\Users\Matt\AppData\Local\{A201E111-58F6-466D-9091-B0B71E81D9AE}
2012-03-15 15:17:49 -------- d-----w- C:\Users\Matt\AppData\Local\{9B1F0C0D-DD09-486D-9F1C-45336B232C74}
2012-03-15 05:12:54 -------- d-----w- C:\9ce7f1adca54d7da68ec18fcf5
2012-03-14 14:54:02 3143168 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 14:54:00 1541120 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 14:41:58 -------- d-----w- C:\Users\Matt\AppData\Local\{E3D0A898-69CA-4790-A52A-A27AE5D6BDF7}
2012-03-14 14:41:43 -------- d-----w- C:\Users\Matt\AppData\Local\{EA76F277-88CB-44D0-879C-26C2D309CE25}
2012-03-13 14:47:03 -------- d-----w- C:\Users\Matt\AppData\Local\{C30CE803-28C3-42E3-B319-0A26A5AA9558}
2012-03-13 14:46:36 -------- d-----w- C:\Users\Matt\AppData\Local\{0C3102FA-2386-40BC-92E0-F74BABD73951}
2012-03-12 14:35:28 -------- d-----w- C:\Users\Matt\AppData\Local\{759358F1-DB0F-4ED0-9B8D-BBDDFE129F1B}
2012-03-12 14:35:01 -------- d-----w- C:\Users\Matt\AppData\Local\{9B6E8211-0F21-47DB-A313-580BA53615EF}
2012-03-11 15:44:29 -------- d-----w- C:\Users\Matt\AppData\Local\{8C69BF80-27B6-44D4-B911-676EF31D8933}
2012-03-11 15:44:03 -------- d-----w- C:\Users\Matt\AppData\Local\{C86D5C3D-3562-46DE-B78D-12B2710744EB}
2012-03-10 15:17:36 -------- d-----w- C:\Users\Matt\AppData\Local\{5B18A695-A2C6-49BB-BE2F-1C5B4F78FAC4}
2012-03-10 15:17:02 -------- d-----w- C:\Users\Matt\AppData\Local\{0793238F-ECF7-4F19-B590-F95900A566BA}
2012-03-09 18:45:17 -------- d-----w- C:\Users\Matt\AppData\Local\{3148DDF6-868C-420F-BE50-098F28F84D06}
2012-03-09 18:45:00 -------- d-----w- C:\Users\Matt\AppData\Local\{FE472818-4911-4C73-AF59-7C5ABAB32D31}
2012-03-09 02:01:42 -------- d-----w- C:\Users\Matt\AppData\Local\Skyrim NPC Editor
2012-03-09 02:00:45 -------- d-----w- C:\Program Files (x86)\Skyrim NPC Editor
2012-03-08 18:42:52 -------- d-----w- C:\Users\Matt\AppData\Local\{6AF815D9-4019-459E-A3D7-ED1987464FCA}
2012-03-08 18:42:35 -------- d-----w- C:\Users\Matt\AppData\Local\{95342C68-7AD9-43CC-96A5-1A3C6AE06982}
2012-03-07 23:00:42 -------- d-----w- C:\Users\Matt\AppData\Local\{727D9BE1-49DC-41A0-B88B-D114852E282C}
2012-03-07 23:00:27 -------- d-----w- C:\Users\Matt\AppData\Local\{6DF001E5-98B9-468E-A414-36D05492FFA5}
.
==================== Find3M ====================
.
2012-04-03 17:47:47 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-16 05:23:59 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2012-03-16 05:23:59 85504 ----a-w- C:\Windows\System32\iesetup.dll
2012-03-16 05:23:59 76800 ----a-w- C:\Windows\System32\tdc.ocx
2012-03-16 05:23:59 603648 ----a-w- C:\Windows\System32\vbscript.dll
2012-03-16 05:23:59 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2012-03-16 05:23:59 448512 ----a-w- C:\Windows\System32\html.iec
2012-03-16 05:23:59 30720 ----a-w- C:\Windows\System32\licmgr10.dll
2012-03-16 05:23:59 165888 ----a-w- C:\Windows\System32\iexpress.exe
2012-03-16 05:23:59 160256 ----a-w- C:\Windows\System32\wextract.exe
2012-03-16 05:23:59 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-03-16 05:23:59 135168 ----a-w- C:\Windows\System32\IEAdvpack.dll
2012-03-16 05:23:59 111616 ----a-w- C:\Windows\System32\iesysprep.dll
2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-02-15 06:27:54 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-15 05:44:57 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-15 04:47:21 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-15 04:46:59 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-10 06:17:55 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-02-10 06:17:54 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-10 06:17:54 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-02-10 06:17:54 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-02-10 05:41:38 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-10 05:41:20 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41:20 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-02-10 05:41:20 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-02-10 05:41:19 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-05 04:20:08 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-02-05 04:20:08 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-02-05 04:20:08 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-02-05 04:20:08 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-01-25 06:27:11 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-01-25 06:27:11 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:20:59 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
.
============= FINISH: 14:59:12.78 ===============

Attached Files


Edited by MattC13, 05 April 2012 - 02:54 PM.


BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 05 April 2012 - 05:25 PM

Hi,

Please run the following:



For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]type exit and reboot the computer normally
[*]FRST will make a log (FRST.txt) on the flash drive, please copy and paste the log in your reply.[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 MattC13

MattC13
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 05 April 2012 - 06:40 PM

Hello, here is the FRST.txt file:

Scan result of Farbar Recovery Scan Tool Version: 15-03-2012
Ran by SYSTEM at 05-04-2012 19:21:21
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16395880 2009-11-28] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto [2871808 2011-08-22] (SoftPerfect Research)
HKLM-x32\...\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [307200 2011-06-14] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [Rogers SHS] C:\Program Files (x86)\rogers\selfhealing\shs.exe [2732032 2010-01-21] (Rogers Cable Communications Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKU\Matt\...\Run: [Google Update] "C:\Users\Matt\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-11-10] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

==================== Services (Whitelisted) ======

2 !SASCORE; "C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" [128752 2010-06-29] (SUPERAntiSpyware.com)
3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253600 2012-04-03] (Adobe Systems Incorporated)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-30] (Apple Inc.)
2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2343816 2012-02-28] (LogMeIn Inc.)
2 hpsrv; C:\Windows\System32\Hpservice.exe [30520 2010-07-16] (Hewlett-Packard Company)
3 IDriverT; "C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" [69632 2005-04-03] (Macrovision Corporation)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll" /prefetch:1 [135032 2010-04-29] (Symantec Corporation)
2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [247152 2009-07-06] ()
2 RogersSelfHelpService; C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe [139264 2010-01-19] (Rogers Cable Communications)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
4 NetMsmqActivator; "c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [x]
4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]
4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [x]

========================== Drivers (Whitelisted) =============

3 Accelerometer; C:\Windows\System32\Drivers\Accelerometer.sys [43320 2010-07-16] (Hewlett-Packard Company)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
1 ccHP; C:\Windows\System32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-03] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-04] (Symantec Corporation)
3 enecir; C:\Windows\System32\Drivers\enecir.sys [70656 2009-06-29] (ENE TECHNOLOGY INC.)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-02-04] (Symantec Corporation)
3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
0 hpdskflt; C:\Windows\System32\Drivers\hpdskflt.sys [30008 2010-07-16] (Hewlett-Packard Company)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120404.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120405.002\ENG64.SYS [117880 2011-12-23] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120405.002\EX64.SYS [2048632 2011-12-23] (Symantec Corporation)
1 networx; C:\Windows\System32\Drivers\networx.sys [57480 2011-08-22] (NetFilterSDK.com)
1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
1 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-21] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-21] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-29] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-21] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-09-16] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-28] (Symantec Corporation)
1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-21] (Symantec Corporation)

========================== NetSvcs (Whitelisted) ===========

============ One Month Created Files and Folders ==============

2012-04-05 19:21 - 2012-04-05 19:21 - 0000000 ____D C:\FRST
2012-04-05 14:37 - 2012-04-05 14:37 - 1385843 ____A C:\Users\Matt\Downloads\FRST64.exe
2012-04-05 11:06 - 2012-04-05 11:06 - 0036347 ____A C:\Users\Matt\Desktop\DDS.txt
2012-04-05 11:06 - 2012-04-05 11:06 - 0011828 ____A C:\Users\Matt\Desktop\Attach.txt
2012-04-05 10:49 - 2012-04-05 10:49 - 0607260 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr
2012-04-05 10:47 - 2012-04-05 10:47 - 0050477 ____A C:\Users\Matt\Downloads\Defogger.exe
2012-04-05 10:47 - 2012-04-05 10:47 - 0000470 ____A C:\Users\Matt\Downloads\defogger_disable.log
2012-04-05 10:47 - 2012-04-05 10:47 - 0000000 ____A C:\Users\Matt\defogger_reenable
2012-04-05 10:06 - 2012-04-05 10:06 - 0000000 ____D C:\Users\Matt\AppData\Local\{CD19E513-2F6E-45CF-BB3F-90DB8EE97A06}
2012-04-04 17:20 - 2012-04-04 17:20 - 0056320 ____A C:\Users\Matt\Downloads\2.12 -- Short Data Analysis 2012.doc
2012-04-04 15:55 - 2012-04-04 15:55 - 1805736 ____A (Symantec Corporation) C:\Users\Matt\Downloads\FixZeroAccess.exe
2012-04-04 15:55 - 2012-04-04 15:55 - 0027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys
2012-04-04 15:37 - 2012-04-05 15:10 - 0115854 ____A C:\Windows\ntbtlog.txt
2012-04-04 15:19 - 2012-04-04 15:49 - 0000000 ____D C:\Users\Matt\AppData\Local\NPE
2012-04-04 15:19 - 2012-04-04 15:19 - 2804712 ____A (Symantec Corporation) C:\Users\Matt\Downloads\NPE.exe
2012-04-04 14:39 - 2012-04-04 14:39 - 0044032 ____A C:\Users\Matt\Downloads\2.2 - Excel Examples (1).xls
2012-04-04 10:40 - 2012-04-04 10:45 - 0000000 ____D C:\Users\Matt\Downloads\Cloud Nothings - Attack on Memory (2012)
2012-04-04 09:45 - 2012-04-04 09:46 - 0000000 ____D C:\Users\Matt\AppData\Local\{215AC035-B978-4AE7-BE9D-B6B55A6CEC1B}
2012-04-03 09:57 - 2012-04-03 09:58 - 44299492 ____A C:\Users\Matt\Downloads\forumology3.mp3
2012-04-03 09:48 - 2012-04-05 14:45 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-04-03 09:47 - 2012-04-03 09:47 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-04-03 09:47 - 2012-04-03 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{733B7555-9C39-4833-BB2C-991CB014FB78}
2012-04-02 13:37 - 2012-04-02 13:37 - 0025144 ____A C:\Users\Matt\Downloads\Lukewarm Angina.docx
2012-04-02 10:32 - 2012-04-02 10:38 - 0000000 ____D C:\Users\Matt\Downloads\[2006] The Black Keys - Magic Potion
2012-04-02 10:13 - 2012-04-02 10:13 - 0000041 ____A C:\Users\Matt\Documents\webadvisor.txt
2012-04-02 09:52 - 2012-04-02 09:52 - 0000000 ____D C:\Users\Matt\AppData\Local\{54F1BF3E-7434-4E3A-AB65-56991F7A4D44}
2012-04-01 19:36 - 2012-04-01 19:36 - 0017510 ____A C:\Users\Matt\Documents\plutoquestions.docx
2012-04-01 15:25 - 2012-04-01 15:25 - 0050176 ____A C:\Users\Matt\Downloads\solar system project (1).doc
2012-04-01 12:32 - 2012-04-01 12:32 - 0001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-04-01 12:31 - 2012-04-01 12:32 - 0000000 ____D C:\Program Files\iTunes
2012-04-01 12:31 - 2012-04-01 12:31 - 0000000 ____D C:\Program Files\iPod
2012-04-01 11:45 - 2012-04-01 11:45 - 0041984 ____A C:\Users\Matt\Downloads\2.12 - Olympic Data for Students 2012.xls
2012-04-01 07:53 - 2012-04-01 16:34 - 3738162 ____A C:\Users\Matt\Downloads\Pluto – The ‘not actually a planet.pptx
2012-04-01 07:39 - 2012-04-01 07:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{CB17BA29-8F86-4009-BAB9-3016ED18E8D0}
2012-03-31 06:35 - 2012-03-31 06:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{093B8A77-4FDE-40D9-94AE-8C215FAB503F}
2012-03-30 09:47 - 2012-03-30 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{2A70FB32-AF70-4F65-B211-19A1363741B3}
2012-03-29 16:24 - 2012-03-29 16:45 - 0016778 ____A C:\Users\Matt\Documents\favoritesmenu.cfg
2012-03-29 16:24 - 2012-03-29 16:24 - 0026670 ____A C:\Users\Matt\Documents\categorized_favorites_menu_config_guide.html
2012-03-29 16:24 - 2012-03-29 16:24 - 0000296 ____A C:\Users\Matt\Documents\README (2).txt
2012-03-29 09:14 - 2012-03-29 09:19 - 0000000 ____D C:\Users\Matt\Downloads\Visiter
2012-03-29 06:36 - 2012-03-29 06:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{D2217BDD-BB4C-45BC-9F8E-6B8A6F285617}
2012-03-28 09:44 - 2012-03-28 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{8E63CFE1-F550-456A-BF63-BA7EAD184149}
2012-03-28 09:43 - 2012-03-28 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{88143266-FA8F-4399-AADA-C4B4AA7334BE}
2012-03-27 10:20 - 2012-03-27 10:21 - 0000000 ____D C:\Users\Matt\Downloads\The Cure - Seventeen Seconds
2012-03-27 09:50 - 2012-03-27 09:50 - 0000000 ____D C:\Users\Matt\AppData\Local\{ADBF48F2-FC1E-4351-BBD1-0FC4017CEBA9}
2012-03-27 09:49 - 2012-03-27 09:50 - 0000000 ____D C:\Users\Matt\AppData\Local\{B590CE57-9A40-416D-A022-29BBBC06A38F}
2012-03-26 17:42 - 2012-03-26 17:42 - 0051200 ____A C:\Users\Matt\Downloads\2.6a -- Validity In Statistics Note.doc
2012-03-26 09:44 - 2012-03-26 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{9C0B8AB3-3DD6-4C54-91B1-075EE9ABF081}
2012-03-26 09:44 - 2012-03-26 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{58ACC166-CBF9-4565-9B84-8891E3F6734E}
2012-03-25 10:23 - 2012-03-25 10:23 - 0050176 ____A C:\Users\Matt\Downloads\solar system project.doc
2012-03-25 06:33 - 2012-03-25 06:33 - 0000000 ____D C:\Users\Matt\AppData\Local\{FAF45F2A-AEEE-4A84-9188-09BD467EB5B6}
2012-03-25 06:32 - 2012-03-25 06:33 - 0000000 ____D C:\Users\Matt\AppData\Local\{BE588E12-7BA5-401F-8633-521668D8FCDC}
2012-03-24 13:18 - 2012-03-24 13:19 - 0000000 ____D C:\Users\Matt\AppData\Local\{D978390E-3F18-4618-8D69-F1F7BFD2AAE1}
2012-03-24 13:18 - 2012-03-24 13:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{2A0B6299-8CDA-47A6-BB19-C0E2FB280A39}
2012-03-24 06:42 - 2012-03-24 06:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{7398D1ED-B0A4-4749-8A1D-9F7F1BA2F12C}
2012-03-24 06:41 - 2012-03-24 06:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{33D543D3-0743-4FF7-9C3B-849FA78E8A59}
2012-03-23 16:28 - 2012-03-23 16:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{7A97E2FB-ACBB-448E-B582-AA0B1369E80F}
2012-03-23 16:27 - 2012-03-23 16:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{6D4A2420-3D8B-4733-B76F-C4DC1649340B}
2012-03-23 09:05 - 2012-03-23 09:08 - 0000000 ____D C:\Users\Matt\Downloads\The Shins - Port of Morrow (2012)
2012-03-23 08:43 - 2012-03-23 09:03 - 118005508 ____A C:\Users\Matt\Downloads\The.Shins_Port.Of.Morrow_2012.rar
2012-03-23 06:27 - 2012-03-23 06:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{181FAE8E-396D-416F-ACF3-C07432E0613A}
2012-03-23 06:27 - 2012-03-23 06:27 - 0000000 ____D C:\Users\Matt\AppData\Local\{9DA9039B-5635-457A-9B8F-0D9E6112C0DA}
2012-03-22 14:43 - 2012-03-22 14:43 - 5565454 ____A C:\Users\Matt\Downloads\mari0-win.zip
2012-03-22 14:43 - 2012-03-22 14:43 - 0000000 ____D C:\Users\Matt\AppData\Roaming\LOVE
2012-03-22 11:35 - 2012-03-22 11:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{EEF561B6-6A4E-440C-AB5B-D71F395E981C}
2012-03-22 11:35 - 2012-03-22 11:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{8DF051CC-B9A5-4EC8-8D1D-5C8DEFA780D9}
2012-03-21 09:45 - 2012-03-21 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{795EC239-5569-4F26-AC86-7CF6E89E38FF}
2012-03-21 09:44 - 2012-03-21 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{30A98ED2-7206-490B-ABB9-73D6461C6B97}
2012-03-20 20:11 - 2012-03-20 20:11 - 0000000 ____D C:\4ce4c0d9d07003a39c452d9bb2
2012-03-20 17:20 - 2012-03-20 17:20 - 0000000 ____D C:\Users\Matt\AppData\Local\{EB04BC9B-E21D-41D1-A539-0566DFCA377D}
2012-03-20 17:20 - 2012-03-20 17:20 - 0000000 ____D C:\Users\Matt\AppData\Local\{DE47B5F4-3FF9-4D99-91F3-8FFE41302365}
2012-03-20 17:17 - 2012-03-20 17:17 - 1219952 ____A C:\Windows\Minidump\032012-73476-01.dmp
2012-03-20 10:51 - 2012-03-20 10:51 - 0000165 ___AH C:\Users\Matt\Documents\~$craft.xlsx
2012-03-20 10:08 - 2012-03-20 10:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{D4BA11FC-F330-4C4F-94E3-541304DC8412}
2012-03-20 10:07 - 2012-03-20 10:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{F6AFAD78-CB54-4DE3-98F2-16E450608E81}
2012-03-19 16:06 - 2012-03-19 16:06 - 0000000 ____D C:\Program Files (x86)\fbphotozoom
2012-03-19 16:05 - 2012-03-19 16:06 - 0000000 ____D C:\Program Files (x86)\1ClickDownload
2012-03-19 12:20 - 2012-03-19 12:20 - 0000090 ____A C:\Users\Matt\Documents\banking.txt
2012-03-19 09:47 - 2012-03-19 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{ECDC7476-9693-49D6-90F2-D4B7A79F8918}
2012-03-19 09:47 - 2012-03-19 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{7C967C43-74D4-4F56-BA03-01DE43BA4B7D}
2012-03-18 07:59 - 2012-03-18 08:02 - 106065456 ____A C:\Users\Matt\Downloads\The_New_Pornographers-Together-2010-SiNGULARiTY.rar
2012-03-18 07:52 - 2012-03-19 10:18 - 0000000 ____D C:\Users\Matt\Downloads\Elbow - Cast Of Thousands
2012-03-18 07:52 - 2012-03-18 07:52 - 0019565 ____A C:\Users\Matt\Downloads\[kat.ph]elbow.cast.of.thousands.mp3.cdrip.sizzler.torrent
2012-03-18 07:50 - 2012-03-18 07:50 - 0019502 ____A C:\Users\Matt\Downloads\[kat.ph]elbow.cast.of.thousands.torrent
2012-03-18 07:38 - 2012-03-18 07:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{989DF6EE-47CD-46D8-993E-D67481C7292C}
2012-03-18 07:38 - 2012-03-18 07:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{0215D187-5FEF-4090-A396-B33EEC04F55E}
2012-03-17 09:58 - 2012-03-17 09:58 - 0000424 ____A C:\Users\Matt\Downloads\FasterHorses_Sprint_x1_5-934.zip
2012-03-16 06:49 - 2012-03-16 06:50 - 0205943 ____A C:\Users\Matt\Downloads\Enhanced_Dynamic_Weather_System_Version_1dot3-8739-1-3.rar
2012-03-16 06:39 - 2012-03-16 06:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{8183609F-36EF-4DD9-864B-864ACF38A2C6}
2012-03-16 06:39 - 2012-03-16 06:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{3470E422-920A-4288-BBE8-A250E5A5ED65}
2012-03-15 21:24 - 2012-03-15 21:24 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 21:24 - 2012-03-15 21:24 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 21:24 - 2012-03-15 21:24 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 21:24 - 2012-03-15 21:24 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 21:24 - 2012-03-15 21:24 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 21:24 - 2012-03-15 21:24 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 21:24 - 2012-03-15 21:24 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 21:24 - 2012-03-15 21:24 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 21:23 - 2012-03-15 21:23 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 21:23 - 2012-03-15 21:23 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 21:23 - 2012-03-15 21:23 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 21:23 - 2012-03-15 21:23 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 21:23 - 2012-03-15 21:23 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 21:19 - 2012-03-15 21:25 - 0004058 ____A C:\Windows\IE9_main.log
2012-03-15 12:41 - 2012-03-15 12:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{7CA1A3E2-B0A5-4166-AF11-660983CBE050}
2012-03-15 12:41 - 2012-03-15 12:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{7B69EFD3-8946-4DA0-BB34-1D726CF86E12}
2012-03-15 09:01 - 2012-03-15 09:10 - 0000000 ____D C:\Users\Matt\Downloads\Talking Heads - Talking Heads-77 (1977)
2012-03-15 08:58 - 2012-03-15 08:58 - 0015749 ____A C:\Users\Matt\Downloads\[isoHunt] Talking_Heads_-_Talking_Heads-77_(1977).torrent
2012-03-15 07:30 - 2011-11-19 10:30 - 5504880 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-15 07:30 - 2011-11-19 06:25 - 3957616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-15 07:30 - 2011-11-19 06:25 - 3902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-15 07:18 - 2012-03-15 07:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{A201E111-58F6-466D-9091-B0B71E81D9AE}
2012-03-15 07:17 - 2012-03-15 07:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{9B1F0C0D-DD09-486D-9F1C-45336B232C74}
2012-03-14 21:12 - 2012-03-14 21:12 - 0000000 ____D C:\9ce7f1adca54d7da68ec18fcf5
2012-03-14 17:14 - 2012-03-14 17:14 - 0019037 ____A C:\Users\Matt\Downloads\17735E905702BB7048EFF346978F2457AD58AC96.torrent
2012-03-14 06:54 - 2012-02-09 22:18 - 1541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-03-14 06:54 - 2012-02-02 20:16 - 3143168 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-14 06:53 - 2012-02-14 22:27 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-03-14 06:53 - 2012-02-14 21:44 - 0826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-03-14 06:53 - 2012-02-14 20:47 - 0204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-03-14 06:53 - 2012-02-14 20:46 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-03-14 06:53 - 2012-02-09 22:17 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-03-14 06:53 - 2012-02-09 22:17 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-03-14 06:53 - 2012-02-09 22:17 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-03-14 06:53 - 2012-02-09 22:17 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-03-14 06:53 - 2012-02-09 21:41 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-03-14 06:53 - 2012-02-09 21:41 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-03-14 06:53 - 2012-02-09 21:41 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-03-14 06:53 - 2012-02-09 21:41 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-03-14 06:53 - 2012-02-09 21:41 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-03-14 06:53 - 2012-01-24 22:27 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-03-14 06:53 - 2012-01-24 22:27 - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-03-14 06:53 - 2012-01-24 22:20 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-03-14 06:41 - 2012-03-14 06:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{E3D0A898-69CA-4790-A52A-A27AE5D6BDF7}
2012-03-14 06:41 - 2012-03-14 06:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{EA76F277-88CB-44D0-879C-26C2D309CE25}
2012-03-13 17:47 - 2012-03-13 17:47 - 1593416 ____A C:\Users\Matt\Downloads\BOSS_Archive-6-1-9-1.7z
2012-03-13 06:47 - 2012-03-13 06:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{C30CE803-28C3-42E3-B319-0A26A5AA9558}
2012-03-13 06:46 - 2012-03-13 06:46 - 0000000 ____D C:\Users\Matt\AppData\Local\{0C3102FA-2386-40BC-92E0-F74BABD73951}
2012-03-12 06:35 - 2012-03-12 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{9B6E8211-0F21-47DB-A313-580BA53615EF}
2012-03-12 06:35 - 2012-03-12 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{759358F1-DB0F-4ED0-9B8D-BBDDFE129F1B}
2012-03-11 10:45 - 2012-03-11 10:45 - 0162801 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheDungeons_Readme.rtf
2012-03-11 10:45 - 2012-03-11 10:45 - 0074446 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheWilds_Readme.rtf
2012-03-11 10:45 - 2012-03-11 10:45 - 0013589 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheWilds_Readme.txt
2012-03-11 10:45 - 2012-03-11 10:45 - 0012395 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheDungeons_Readme.txt
2012-03-11 09:21 - 2012-03-11 10:38 - 0000000 ____D C:\Users\Matt\Downloads\White Rabbits - Fort Nightly [2007]
2012-03-11 09:19 - 2012-03-11 09:19 - 0019938 ____A C:\Users\Matt\Downloads\[kat.ph]white.rabbits.fort.nightly.2007.torrent
2012-03-11 07:44 - 2012-03-11 07:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{C86D5C3D-3562-46DE-B78D-12B2710744EB}
2012-03-11 07:44 - 2012-03-11 07:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{8C69BF80-27B6-44D4-B911-676EF31D8933}
2012-03-10 14:52 - 2012-03-10 14:52 - 0004886 ____A C:\Users\Matt\Documents\readme.txt
2012-03-10 07:17 - 2012-03-10 07:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{5B18A695-A2C6-49BB-BE2F-1C5B4F78FAC4}
2012-03-10 07:17 - 2012-03-10 07:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{0793238F-ECF7-4F19-B590-F95900A566BA}
2012-03-09 18:31 - 2012-03-09 18:32 - 62429944 ____A C:\Users\Matt\Downloads\Better_Followers_-_Main-7554.7z
2012-03-09 10:45 - 2012-03-09 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{FE472818-4911-4C73-AF59-7C5ABAB32D31}
2012-03-09 10:45 - 2012-03-09 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{3148DDF6-868C-420F-BE50-098F28F84D06}
2012-03-08 18:04 - 2012-03-08 18:05 - 0000000 ____D C:\Users\Matt\Documents\NPC edits
2012-03-08 18:01 - 2012-03-08 18:01 - 0000000 ____D C:\Users\Matt\AppData\Local\Skyrim NPC Editor
2012-03-08 18:00 - 2012-03-08 18:00 - 0000000 ____D C:\Program Files (x86)\Skyrim NPC Editor
2012-03-08 17:59 - 2012-03-08 14:14 - 0000000 ____D C:\Users\Matt\Downloads\Skyrim NPC Editor 0.70 - Beta 7
2012-03-08 17:56 - 2012-03-08 17:58 - 50079247 ____A C:\Users\Matt\Downloads\Skyrim_NPC_Editor_0_70_-_Beta_7-4554-0-70-0-7.rar
2012-03-08 12:24 - 2012-03-08 12:24 - 0311756 ____A (http://magiclauncher.com) C:\Users\Matt\Downloads\MagicLauncher_0.9.7.exe
2012-03-08 11:16 - 2012-03-08 11:30 - 0000000 ____D C:\Users\Matt\Downloads\Xiu Xiu- Always- [2012]- Mp3ViLLe
2012-03-08 11:15 - 2012-03-08 11:15 - 0015862 ____A C:\Users\Matt\Downloads\[kat.ph]xiu.xiu.always.2012.mp3ville.torrent
2012-03-08 10:42 - 2012-03-08 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{6AF815D9-4019-459E-A3D7-ED1987464FCA}
2012-03-08 10:42 - 2012-03-08 10:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{95342C68-7AD9-43CC-96A5-1A3C6AE06982}
2012-03-07 20:50 - 2012-03-07 20:52 - 4829632 ____A C:\Users\Matt\Downloads\2012-03-07-21-39-catancraft.zip
2012-03-07 20:22 - 2012-03-07 20:22 - 0051200 ____A C:\Users\Matt\Downloads\2.1a Understanding DATA Concepts.doc
2012-03-07 17:50 - 2012-03-14 14:48 - 0044644 ____A C:\Users\Matt\Downloads\soulsToPerks_v1-3-2063.zip
2012-03-07 15:00 - 2012-03-07 15:00 - 0000000 ____D C:\Users\Matt\AppData\Local\{727D9BE1-49DC-41A0-B88B-D114852E282C}
2012-03-07 15:00 - 2012-03-07 15:00 - 0000000 ____D C:\Users\Matt\AppData\Local\{6DF001E5-98B9-468E-A414-36D05492FFA5}
2012-03-06 20:09 - 2012-03-06 20:10 - 0052224 ____A C:\Users\Matt\Downloads\2.2 - Excel Examples.xls
2012-03-06 20:09 - 2012-03-06 20:09 - 0159806 ____A C:\Users\Matt\Downloads\1.14 -- Studying For Summative2.pptx
2012-03-06 10:45 - 2012-03-06 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{9D298B85-FCAE-4570-A0B1-3BF9909EE0F9}
2012-03-06 10:45 - 2012-03-06 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{4C97F461-7E7D-4FD3-8118-FE8E1AD12EC4}

============ 3 Months Modified Files and Folders =============

2012-04-05 19:21 - 2012-04-05 19:21 - 0000000 ____D C:\FRST
2012-04-05 19:05 - 2010-09-16 08:05 - 0000000 ____D C:\ProgramData\Recovery
2012-04-05 15:14 - 2010-01-26 01:23 - 1569889 ____A C:\Windows\WindowsUpdate.log
2012-04-05 15:14 - 2009-07-13 20:45 - 0023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-04-05 15:14 - 2009-07-13 20:45 - 0023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-05 15:10 - 2012-04-04 15:37 - 0115854 ____A C:\Windows\ntbtlog.txt
2012-04-05 15:09 - 2011-09-21 17:16 - 0000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-04-05 15:08 - 2010-09-16 05:43 - 0042939 ____A C:\Windows\setupact.log
2012-04-05 15:08 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-04-05 15:07 - 2010-09-16 08:10 - 3163709440 __ASH C:\hiberfil.sys
2012-04-05 14:45 - 2012-04-03 09:48 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-04-05 14:40 - 2010-12-18 17:58 - 0000000 ____D C:\Users\Matt\Documents\Personal
2012-04-05 14:37 - 2012-04-05 14:37 - 1385843 ____A C:\Users\Matt\Downloads\FRST64.exe
2012-04-05 13:50 - 2011-09-21 17:16 - 0000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-04-05 13:44 - 2010-11-10 16:15 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2085868418-4075155538-3846461469-1000UA.job
2012-04-05 11:30 - 2011-08-26 07:55 - 0000000 ____D C:\Windows\pss
2012-04-05 11:07 - 2011-07-12 16:44 - 0000000 ____D C:\Users\Matt\Documents\Visual Studio 2010
2012-04-05 11:06 - 2012-04-05 11:06 - 0036347 ____A C:\Users\Matt\Desktop\DDS.txt
2012-04-05 11:06 - 2012-04-05 11:06 - 0011828 ____A C:\Users\Matt\Desktop\Attach.txt
2012-04-05 10:49 - 2012-04-05 10:49 - 0607260 ____R (Swearware) C:\Users\Matt\Downloads\dds.scr
2012-04-05 10:47 - 2012-04-05 10:47 - 0050477 ____A C:\Users\Matt\Downloads\Defogger.exe
2012-04-05 10:47 - 2012-04-05 10:47 - 0000470 ____A C:\Users\Matt\Downloads\defogger_disable.log
2012-04-05 10:47 - 2012-04-05 10:47 - 0000000 ____A C:\Users\Matt\defogger_reenable
2012-04-05 10:47 - 2010-09-16 03:14 - 0000000 ____D C:\users\Matt
2012-04-05 10:06 - 2012-04-05 10:06 - 0000000 ____D C:\Users\Matt\AppData\Local\{CD19E513-2F6E-45CF-BB3F-90DB8EE97A06}
2012-04-05 10:06 - 2011-07-22 17:24 - 0000000 ___RD C:\Users\Matt\Dropbox
2012-04-05 10:06 - 2011-07-22 17:22 - 0000000 ____D C:\Users\Matt\AppData\Roaming\Dropbox
2012-04-05 10:05 - 2011-08-20 19:00 - 0000000 ____D C:\Users\Matt\AppData\Local\LogMeIn Hamachi
2012-04-04 19:40 - 2011-09-29 12:33 - 0000000 ____D C:\Users\Matt\Downloads\Ant Videos
2012-04-04 19:39 - 2011-11-26 17:08 - 0154624 __ASH C:\Users\Matt\Downloads\Thumbs.db
2012-04-04 17:20 - 2012-04-04 17:20 - 0056320 ____A C:\Users\Matt\Downloads\2.12 -- Short Data Analysis 2012.doc
2012-04-04 17:12 - 2009-07-13 21:13 - 0779266 ____A C:\Windows\System32\PerfStringBackup.INI
2012-04-04 15:55 - 2012-04-04 15:55 - 1805736 ____A (Symantec Corporation) C:\Users\Matt\Downloads\FixZeroAccess.exe
2012-04-04 15:55 - 2012-04-04 15:55 - 0027256 ____A (Symantec Corporation) C:\Windows\System32\Drivers\FixZeroAccess.sys
2012-04-04 15:49 - 2012-04-04 15:19 - 0000000 ____D C:\Users\Matt\AppData\Local\NPE
2012-04-04 15:33 - 2011-09-26 11:13 - 0000000 ____D C:\Users\Matt\AppData\Roaming\uTorrent
2012-04-04 15:19 - 2012-04-04 15:19 - 2804712 ____A (Symantec Corporation) C:\Users\Matt\Downloads\NPE.exe
2012-04-04 15:19 - 2010-01-26 01:41 - 0000000 ____D C:\ProgramData\Norton
2012-04-04 14:44 - 2010-11-10 16:15 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2085868418-4075155538-3846461469-1000Core.job
2012-04-04 14:39 - 2012-04-04 14:39 - 0044032 ____A C:\Users\Matt\Downloads\2.2 - Excel Examples (1).xls
2012-04-04 10:45 - 2012-04-04 10:40 - 0000000 ____D C:\Users\Matt\Downloads\Cloud Nothings - Attack on Memory (2012)
2012-04-04 09:46 - 2012-04-04 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{215AC035-B978-4AE7-BE9D-B6B55A6CEC1B}
2012-04-03 09:58 - 2012-04-03 09:57 - 44299492 ____A C:\Users\Matt\Downloads\forumology3.mp3
2012-04-03 09:47 - 2012-04-03 09:47 - 0418464 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-04-03 09:47 - 2012-04-03 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{733B7555-9C39-4833-BB2C-991CB014FB78}
2012-04-03 09:47 - 2011-05-13 20:05 - 0070304 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-04-02 13:37 - 2012-04-02 13:37 - 0025144 ____A C:\Users\Matt\Downloads\Lukewarm Angina.docx
2012-04-02 13:19 - 2012-02-24 21:50 - 0000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim
2012-04-02 10:38 - 2012-04-02 10:32 - 0000000 ____D C:\Users\Matt\Downloads\[2006] The Black Keys - Magic Potion
2012-04-02 10:13 - 2012-04-02 10:13 - 0000041 ____A C:\Users\Matt\Documents\webadvisor.txt
2012-04-02 09:52 - 2012-04-02 09:52 - 0000000 ____D C:\Users\Matt\AppData\Local\{54F1BF3E-7434-4E3A-AB65-56991F7A4D44}
2012-04-01 19:44 - 2011-12-23 15:28 - 0045092 ____A C:\Users\Matt\Documents\MPF stats.xlsx
2012-04-01 19:36 - 2012-04-01 19:36 - 0017510 ____A C:\Users\Matt\Documents\plutoquestions.docx
2012-04-01 16:34 - 2012-04-01 07:53 - 3738162 ____A C:\Users\Matt\Downloads\Pluto – The ‘not actually a planet.pptx
2012-04-01 15:25 - 2012-04-01 15:25 - 0050176 ____A C:\Users\Matt\Downloads\solar system project (1).doc
2012-04-01 12:32 - 2012-04-01 12:32 - 0001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-04-01 12:32 - 2012-04-01 12:31 - 0000000 ____D C:\Program Files\iTunes
2012-04-01 12:32 - 2010-09-16 05:32 - 0000000 ____D C:\Program Files (x86)\iTunes
2012-04-01 12:31 - 2012-04-01 12:31 - 0000000 ____D C:\Program Files\iPod
2012-04-01 11:45 - 2012-04-01 11:45 - 0041984 ____A C:\Users\Matt\Downloads\2.12 - Olympic Data for Students 2012.xls
2012-04-01 07:39 - 2012-04-01 07:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{CB17BA29-8F86-4009-BAB9-3016ED18E8D0}
2012-03-31 06:36 - 2012-03-31 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{093B8A77-4FDE-40D9-94AE-8C215FAB503F}
2012-03-30 09:47 - 2012-03-30 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{2A70FB32-AF70-4F65-B211-19A1363741B3}
2012-03-29 16:45 - 2012-03-29 16:24 - 0016778 ____A C:\Users\Matt\Documents\favoritesmenu.cfg
2012-03-29 16:24 - 2012-03-29 16:24 - 0026670 ____A C:\Users\Matt\Documents\categorized_favorites_menu_config_guide.html
2012-03-29 16:24 - 2012-03-29 16:24 - 0000296 ____A C:\Users\Matt\Documents\README (2).txt
2012-03-29 09:19 - 2012-03-29 09:14 - 0000000 ____D C:\Users\Matt\Downloads\Visiter
2012-03-29 06:36 - 2012-03-29 06:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{D2217BDD-BB4C-45BC-9F8E-6B8A6F285617}
2012-03-28 09:44 - 2012-03-28 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{8E63CFE1-F550-456A-BF63-BA7EAD184149}
2012-03-28 09:44 - 2012-03-28 09:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{88143266-FA8F-4399-AADA-C4B4AA7334BE}
2012-03-27 10:21 - 2012-03-27 10:20 - 0000000 ____D C:\Users\Matt\Downloads\The Cure - Seventeen Seconds
2012-03-27 09:50 - 2012-03-27 09:50 - 0000000 ____D C:\Users\Matt\AppData\Local\{ADBF48F2-FC1E-4351-BBD1-0FC4017CEBA9}
2012-03-27 09:50 - 2012-03-27 09:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{B590CE57-9A40-416D-A022-29BBBC06A38F}
2012-03-26 17:42 - 2012-03-26 17:42 - 0051200 ____A C:\Users\Matt\Downloads\2.6a -- Validity In Statistics Note.doc
2012-03-26 09:45 - 2012-03-26 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{9C0B8AB3-3DD6-4C54-91B1-075EE9ABF081}
2012-03-26 09:44 - 2012-03-26 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{58ACC166-CBF9-4565-9B84-8891E3F6734E}
2012-03-25 19:03 - 2010-12-27 11:08 - 0000000 ____D C:\Users\Matt\AppData\Roaming\Skype
2012-03-25 10:23 - 2012-03-25 10:23 - 0050176 ____A C:\Users\Matt\Downloads\solar system project.doc
2012-03-25 08:33 - 2012-02-12 19:45 - 0033357 ____A C:\Users\Matt\Documents\craft.xlsx
2012-03-25 06:33 - 2012-03-25 06:33 - 0000000 ____D C:\Users\Matt\AppData\Local\{FAF45F2A-AEEE-4A84-9188-09BD467EB5B6}
2012-03-25 06:33 - 2012-03-25 06:32 - 0000000 ____D C:\Users\Matt\AppData\Local\{BE588E12-7BA5-401F-8633-521668D8FCDC}
2012-03-24 13:19 - 2012-03-24 13:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{D978390E-3F18-4618-8D69-F1F7BFD2AAE1}
2012-03-24 13:18 - 2012-03-24 13:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{2A0B6299-8CDA-47A6-BB19-C0E2FB280A39}
2012-03-24 09:14 - 2012-02-25 18:43 - 0000000 ____D C:\Program Files\Nexus Mod Manager
2012-03-24 06:42 - 2012-03-24 06:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{7398D1ED-B0A4-4749-8A1D-9F7F1BA2F12C}
2012-03-24 06:41 - 2012-03-24 06:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{33D543D3-0743-4FF7-9C3B-849FA78E8A59}
2012-03-23 16:28 - 2012-03-23 16:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{7A97E2FB-ACBB-448E-B582-AA0B1369E80F}
2012-03-23 16:28 - 2012-03-23 16:27 - 0000000 ____D C:\Users\Matt\AppData\Local\{6D4A2420-3D8B-4733-B76F-C4DC1649340B}
2012-03-23 09:08 - 2012-03-23 09:05 - 0000000 ____D C:\Users\Matt\Downloads\The Shins - Port of Morrow (2012)
2012-03-23 09:03 - 2012-03-23 08:43 - 118005508 ____A C:\Users\Matt\Downloads\The.Shins_Port.Of.Morrow_2012.rar
2012-03-23 06:28 - 2012-03-23 06:27 - 0000000 ____D C:\Users\Matt\AppData\Local\{181FAE8E-396D-416F-ACF3-C07432E0613A}
2012-03-23 06:27 - 2012-03-23 06:27 - 0000000 ____D C:\Users\Matt\AppData\Local\{9DA9039B-5635-457A-9B8F-0D9E6112C0DA}
2012-03-22 14:43 - 2012-03-22 14:43 - 5565454 ____A C:\Users\Matt\Downloads\mari0-win.zip
2012-03-22 14:43 - 2012-03-22 14:43 - 0000000 ____D C:\Users\Matt\AppData\Roaming\LOVE
2012-03-22 14:24 - 2011-09-28 13:27 - 0000000 ____D C:\Users\Matt\Documents\MINECRAFT RELATED
2012-03-22 11:35 - 2012-03-22 11:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{EEF561B6-6A4E-440C-AB5B-D71F395E981C}
2012-03-22 11:35 - 2012-03-22 11:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{8DF051CC-B9A5-4EC8-8D1D-5C8DEFA780D9}
2012-03-21 10:07 - 2011-04-05 16:52 - 0765178 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-03-21 09:45 - 2012-03-21 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{795EC239-5569-4F26-AC86-7CF6E89E38FF}
2012-03-21 09:45 - 2012-03-21 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{30A98ED2-7206-490B-ABB9-73D6461C6B97}
2012-03-20 20:11 - 2012-03-20 20:11 - 0000000 ____D C:\4ce4c0d9d07003a39c452d9bb2
2012-03-20 17:20 - 2012-03-20 17:20 - 0000000 ____D C:\Users\Matt\AppData\Local\{EB04BC9B-E21D-41D1-A539-0566DFCA377D}
2012-03-20 17:20 - 2012-03-20 17:20 - 0000000 ____D C:\Users\Matt\AppData\Local\{DE47B5F4-3FF9-4D99-91F3-8FFE41302365}
2012-03-20 17:17 - 2012-03-20 17:17 - 1219952 ____A C:\Windows\Minidump\032012-73476-01.dmp
2012-03-20 17:17 - 2011-11-22 15:11 - 0000000 ____D C:\Windows\Minidump
2012-03-20 17:17 - 2011-11-22 15:10 - 596066045 ____A C:\Windows\MEMORY.DMP
2012-03-20 10:51 - 2012-03-20 10:51 - 0000165 ___AH C:\Users\Matt\Documents\~$craft.xlsx
2012-03-20 10:08 - 2012-03-20 10:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{D4BA11FC-F330-4C4F-94E3-541304DC8412}
2012-03-20 10:08 - 2012-03-20 10:07 - 0000000 ____D C:\Users\Matt\AppData\Local\{F6AFAD78-CB54-4DE3-98F2-16E450608E81}
2012-03-19 16:06 - 2012-03-19 16:06 - 0000000 ____D C:\Program Files (x86)\fbphotozoom
2012-03-19 16:06 - 2012-03-19 16:05 - 0000000 ____D C:\Program Files (x86)\1ClickDownload
2012-03-19 12:20 - 2012-03-19 12:20 - 0000090 ____A C:\Users\Matt\Documents\banking.txt
2012-03-19 10:18 - 2012-03-18 07:52 - 0000000 ____D C:\Users\Matt\Downloads\Elbow - Cast Of Thousands
2012-03-19 09:47 - 2012-03-19 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{ECDC7476-9693-49D6-90F2-D4B7A79F8918}
2012-03-19 09:47 - 2012-03-19 09:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{7C967C43-74D4-4F56-BA03-01DE43BA4B7D}
2012-03-18 11:00 - 2011-03-30 14:03 - 0000000 ____D C:\Program Files (x86)\Steam
2012-03-18 08:02 - 2012-03-18 07:59 - 106065456 ____A C:\Users\Matt\Downloads\The_New_Pornographers-Together-2010-SiNGULARiTY.rar
2012-03-18 07:52 - 2012-03-18 07:52 - 0019565 ____A C:\Users\Matt\Downloads\[kat.ph]elbow.cast.of.thousands.mp3.cdrip.sizzler.torrent
2012-03-18 07:50 - 2012-03-18 07:50 - 0019502 ____A C:\Users\Matt\Downloads\[kat.ph]elbow.cast.of.thousands.torrent
2012-03-18 07:38 - 2012-03-18 07:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{989DF6EE-47CD-46D8-993E-D67481C7292C}
2012-03-18 07:38 - 2012-03-18 07:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{0215D187-5FEF-4090-A396-B33EEC04F55E}
2012-03-17 16:40 - 2010-09-25 09:56 - 0000000 ____D C:\Users\Matt\AppData\Local\CrashDumps
2012-03-17 09:58 - 2012-03-17 09:58 - 0000424 ____A C:\Users\Matt\Downloads\FasterHorses_Sprint_x1_5-934.zip
2012-03-16 06:50 - 2012-03-16 06:49 - 0205943 ____A C:\Users\Matt\Downloads\Enhanced_Dynamic_Weather_System_Version_1dot3-8739-1-3.rar
2012-03-16 06:40 - 2012-03-16 06:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{8183609F-36EF-4DD9-864B-864ACF38A2C6}
2012-03-16 06:39 - 2012-03-16 06:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{3470E422-920A-4288-BBE8-A250E5A5ED65}
2012-03-16 06:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-03-15 21:25 - 2012-03-15 21:19 - 0004058 ____A C:\Windows\IE9_main.log
2012-03-15 21:24 - 2012-03-15 21:24 - 9705472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-03-15 21:24 - 2012-03-15 21:24 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-03-15 21:24 - 2012-03-15 21:24 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-03-15 21:24 - 2012-03-15 21:24 - 2308096 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1798656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 17790464 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-03-15 21:24 - 2012-03-15 21:24 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 12282368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-03-15 21:24 - 2012-03-15 21:24 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-03-15 21:24 - 2012-03-15 21:24 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-03-15 21:24 - 2012-03-15 21:24 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-03-15 21:24 - 2012-03-15 21:24 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-03-15 21:24 - 2012-03-15 21:24 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-03-15 21:23 - 2012-03-15 21:23 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-03-15 21:23 - 2012-03-15 21:23 - 10887168 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-03-15 21:23 - 2012-03-15 21:23 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-03-15 21:23 - 2012-03-15 21:23 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-03-15 21:23 - 2012-03-15 21:23 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-03-15 21:23 - 2012-03-15 21:23 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-03-15 21:23 - 2012-03-15 21:23 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-03-15 12:41 - 2012-03-15 12:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{7CA1A3E2-B0A5-4166-AF11-660983CBE050}
2012-03-15 12:41 - 2012-03-15 12:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{7B69EFD3-8946-4DA0-BB34-1D726CF86E12}
2012-03-15 12:36 - 2009-07-13 20:45 - 0421600 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-15 09:10 - 2012-03-15 09:01 - 0000000 ____D C:\Users\Matt\Downloads\Talking Heads - Talking Heads-77 (1977)
2012-03-15 08:58 - 2012-03-15 08:58 - 0015749 ____A C:\Users\Matt\Downloads\[isoHunt] Talking_Heads_-_Talking_Heads-77_(1977).torrent
2012-03-15 07:18 - 2012-03-15 07:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{A201E111-58F6-466D-9091-B0B71E81D9AE}
2012-03-15 07:18 - 2012-03-15 07:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{9B1F0C0D-DD09-486D-9F1C-45336B232C74}
2012-03-14 21:12 - 2012-03-14 21:12 - 0000000 ____D C:\9ce7f1adca54d7da68ec18fcf5
2012-03-14 21:12 - 2010-09-16 03:54 - 56297240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-03-14 21:11 - 2010-01-10 20:34 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-03-14 17:14 - 2012-03-14 17:14 - 0019037 ____A C:\Users\Matt\Downloads\17735E905702BB7048EFF346978F2457AD58AC96.torrent
2012-03-14 14:48 - 2012-03-07 17:50 - 0044644 ____A C:\Users\Matt\Downloads\soulsToPerks_v1-3-2063.zip
2012-03-14 06:42 - 2012-03-14 06:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{E3D0A898-69CA-4790-A52A-A27AE5D6BDF7}
2012-03-14 06:41 - 2012-03-14 06:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{EA76F277-88CB-44D0-879C-26C2D309CE25}
2012-03-13 17:47 - 2012-03-13 17:47 - 1593416 ____A C:\Users\Matt\Downloads\BOSS_Archive-6-1-9-1.7z
2012-03-13 06:47 - 2012-03-13 06:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{C30CE803-28C3-42E3-B319-0A26A5AA9558}
2012-03-13 06:46 - 2012-03-13 06:46 - 0000000 ____D C:\Users\Matt\AppData\Local\{0C3102FA-2386-40BC-92E0-F74BABD73951}
2012-03-12 06:35 - 2012-03-12 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{9B6E8211-0F21-47DB-A313-580BA53615EF}
2012-03-12 06:35 - 2012-03-12 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{759358F1-DB0F-4ED0-9B8D-BBDDFE129F1B}
2012-03-11 10:45 - 2012-03-11 10:45 - 0162801 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheDungeons_Readme.rtf
2012-03-11 10:45 - 2012-03-11 10:45 - 0074446 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheWilds_Readme.rtf
2012-03-11 10:45 - 2012-03-11 10:45 - 0013589 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheWilds_Readme.txt
2012-03-11 10:45 - 2012-03-11 10:45 - 0012395 ____A C:\Users\Matt\Documents\SoundsOfSkyrimTheDungeons_Readme.txt
2012-03-11 10:38 - 2012-03-11 09:21 - 0000000 ____D C:\Users\Matt\Downloads\White Rabbits - Fort Nightly [2007]
2012-03-11 09:19 - 2012-03-11 09:19 - 0019938 ____A C:\Users\Matt\Downloads\[kat.ph]white.rabbits.fort.nightly.2007.torrent
2012-03-11 07:44 - 2012-03-11 07:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{C86D5C3D-3562-46DE-B78D-12B2710744EB}
2012-03-11 07:44 - 2012-03-11 07:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{8C69BF80-27B6-44D4-B911-676EF31D8933}
2012-03-10 14:55 - 2012-02-26 07:03 - 0014930 ____A C:\Users\Matt\Documents\Readme - SkyUI.txt
2012-03-10 14:52 - 2012-03-10 14:52 - 0004886 ____A C:\Users\Matt\Documents\readme.txt
2012-03-10 07:17 - 2012-03-10 07:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{5B18A695-A2C6-49BB-BE2F-1C5B4F78FAC4}
2012-03-10 07:17 - 2012-03-10 07:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{0793238F-ECF7-4F19-B590-F95900A566BA}
2012-03-09 18:32 - 2012-03-09 18:31 - 62429944 ____A C:\Users\Matt\Downloads\Better_Followers_-_Main-7554.7z
2012-03-09 10:45 - 2012-03-09 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{FE472818-4911-4C73-AF59-7C5ABAB32D31}
2012-03-09 10:45 - 2012-03-09 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{3148DDF6-868C-420F-BE50-098F28F84D06}
2012-03-08 18:05 - 2012-03-08 18:04 - 0000000 ____D C:\Users\Matt\Documents\NPC edits
2012-03-08 18:05 - 2011-09-28 14:02 - 0000000 ____D C:\Users\Matt\Documents\Grade 11
2012-03-08 18:01 - 2012-03-08 18:01 - 0000000 ____D C:\Users\Matt\AppData\Local\Skyrim NPC Editor
2012-03-08 18:00 - 2012-03-08 18:00 - 0000000 ____D C:\Program Files (x86)\Skyrim NPC Editor
2012-03-08 17:58 - 2012-03-08 17:56 - 50079247 ____A C:\Users\Matt\Downloads\Skyrim_NPC_Editor_0_70_-_Beta_7-4554-0-70-0-7.rar
2012-03-08 14:14 - 2012-03-08 17:59 - 0000000 ____D C:\Users\Matt\Downloads\Skyrim NPC Editor 0.70 - Beta 7
2012-03-08 12:25 - 2011-03-30 12:55 - 0000000 ____D C:\Users\Matt\AppData\Roaming\.minecraft
2012-03-08 12:24 - 2012-03-08 12:24 - 0311756 ____A (http://magiclauncher.com) C:\Users\Matt\Downloads\MagicLauncher_0.9.7.exe
2012-03-08 11:30 - 2012-03-08 11:16 - 0000000 ____D C:\Users\Matt\Downloads\Xiu Xiu- Always- [2012]- Mp3ViLLe
2012-03-08 11:15 - 2012-03-08 11:15 - 0015862 ____A C:\Users\Matt\Downloads\[kat.ph]xiu.xiu.always.2012.mp3ville.torrent
2012-03-08 10:43 - 2012-03-08 10:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{6AF815D9-4019-459E-A3D7-ED1987464FCA}
2012-03-08 10:42 - 2012-03-08 10:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{95342C68-7AD9-43CC-96A5-1A3C6AE06982}
2012-03-07 20:52 - 2012-03-07 20:50 - 4829632 ____A C:\Users\Matt\Downloads\2012-03-07-21-39-catancraft.zip
2012-03-07 20:22 - 2012-03-07 20:22 - 0051200 ____A C:\Users\Matt\Downloads\2.1a Understanding DATA Concepts.doc
2012-03-07 15:00 - 2012-03-07 15:00 - 0000000 ____D C:\Users\Matt\AppData\Local\{727D9BE1-49DC-41A0-B88B-D114852E282C}
2012-03-07 15:00 - 2012-03-07 15:00 - 0000000 ____D C:\Users\Matt\AppData\Local\{6DF001E5-98B9-468E-A414-36D05492FFA5}
2012-03-06 20:10 - 2012-03-06 20:09 - 0052224 ____A C:\Users\Matt\Downloads\2.2 - Excel Examples.xls
2012-03-06 20:09 - 2012-03-06 20:09 - 0159806 ____A C:\Users\Matt\Downloads\1.14 -- Studying For Summative2.pptx
2012-03-06 10:45 - 2012-03-06 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{9D298B85-FCAE-4570-A0B1-3BF9909EE0F9}
2012-03-06 10:45 - 2012-03-06 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{4C97F461-7E7D-4FD3-8118-FE8E1AD12EC4}
2012-03-05 19:58 - 2012-01-03 14:49 - 0023566 ____A C:\Users\Matt\Documents\music.xlsx
2012-03-05 19:26 - 2012-03-05 19:26 - 0013061 ____A C:\Users\Matt\Documents\skyrimtraveltimes.xlsx
2012-03-05 18:40 - 2012-03-05 18:40 - 0700537 ____A C:\Users\Matt\Downloads\133941
2012-03-05 18:40 - 2012-03-05 18:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{6558DFA7-FF50-47C4-ABFE-F36236D2A4C7}
2012-03-05 18:40 - 2012-03-05 18:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{A86D3E9E-4C35-4C05-806F-38B4FF6CD39A}
2012-03-05 18:39 - 2012-03-05 18:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{2D74C717-CA14-42BD-AD24-5C97FB818363}
2012-03-05 18:38 - 2012-03-05 18:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{2FBE5B40-784E-46AC-8E2A-3CEC213C95E5}
2012-03-05 18:02 - 2012-03-05 18:01 - 0000000 ____D C:\Users\Matt\Desktop\fix
2012-03-05 17:48 - 2012-03-05 17:48 - 0003160 ____A C:\Users\Matt\Downloads\SkyRim_Timers-3084-1-25.7z
2012-03-05 15:21 - 2012-03-05 15:17 - 11790996 ____A C:\Users\Matt\Downloads\estbern-fix-sound.zip
2012-03-05 09:45 - 2012-03-05 09:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{2C680499-F507-4FA9-B7BB-44EA9AA61065}
2012-03-05 09:45 - 2012-03-05 09:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{0D85F4C4-0339-447E-B182-CCA802F91D2E}
2012-03-04 20:05 - 2012-03-04 20:05 - 0048192 ____A C:\Users\Matt\Downloads\TooManyItems2012_03_03_1.2.3.zip
2012-03-04 18:11 - 2012-03-04 18:11 - 0000000 ____D C:\Users\Matt\AppData\Local\{050D2DBE-5385-4DB9-86D8-244E32248422}
2012-03-04 18:11 - 2012-03-04 18:10 - 0000000 ____D C:\Users\Matt\AppData\Local\{78B71C6C-625F-4EF4-BA0E-AD48315CDD79}
2012-03-04 06:40 - 2012-03-04 06:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{4B7B8983-B19F-4B15-8126-399E96C2D062}
2012-03-04 06:40 - 2012-03-04 06:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{4832E420-08EC-4BE0-80C5-B38B8F816F74}
2012-03-03 09:53 - 2012-03-03 09:44 - 0000000 ____D C:\Users\Matt\Downloads\Yo La Tengo - Popular Songs [mp3-192-2009]
2012-03-03 08:25 - 2012-02-25 18:44 - 0000000 ____D C:\Users\Matt\Documents\Nexus Mod Manager
2012-03-03 07:29 - 2012-03-03 07:29 - 0000000 ____D C:\Users\Matt\AppData\Local\{062AFBB3-D957-42E6-9221-91CAAA43B69E}
2012-03-03 07:28 - 2012-03-03 07:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{8EE01366-F91E-4387-BF24-C1E69E2D6165}
2012-03-02 17:27 - 2012-03-02 17:27 - 0041965 ____A C:\Users\Matt\Downloads\Skyrim_Universal_4GB_Memory_Patch-3211-1-0.rar
2012-03-02 10:46 - 2012-03-02 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{665AAC02-4638-4FB6-BE3A-D75B7D90BBD3}
2012-03-02 10:45 - 2012-03-02 10:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{965B6B98-E552-4EF8-AB4B-8CEB76360B2C}
2012-03-01 12:41 - 2012-03-01 12:39 - 35166803 ____A C:\Users\Matt\Downloads\Dragonbone_Weapons_3_1_1-1935-3-1-1.7z
2012-03-01 11:29 - 2012-03-01 11:19 - 0000000 ____D C:\Users\Matt\Downloads\Wilco - Summerteeth
2012-03-01 10:47 - 2012-03-01 10:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{98E1E147-9C38-4D73-A9BB-10B0D93CB846}
2012-03-01 10:47 - 2012-03-01 10:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{221631A7-CA6E-44EE-A585-8541A3B49802}
2012-02-29 17:34 - 2010-09-16 15:14 - 0000000 ____D C:\Users\Matt\AppData\Roaming\SystemRequirementsLab
2012-02-29 17:34 - 2010-09-16 15:14 - 0000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2012-02-29 17:13 - 2012-02-29 17:13 - 3919112 ____A C:\Users\Matt\Downloads\Harbor Village.rar
2012-02-29 17:08 - 2012-02-29 17:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{AADCF0CC-4605-4E8F-9978-505BF5761E25}
2012-02-29 17:08 - 2012-02-29 17:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{94C7CF14-6529-4B57-A98E-19B2BE8E7B6D}
2012-02-29 11:07 - 2012-02-29 11:07 - 0000000 ____D C:\Users\Matt\AppData\Local\{7077F3F0-0704-4943-830C-7E10BD66FC54}
2012-02-29 11:07 - 2012-02-29 11:07 - 0000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2012-02-29 11:07 - 2012-02-29 11:06 - 0000000 ____D C:\Users\Matt\AppData\Local\{93687FE1-4572-4F8A-A2FE-26FAA523EA7F}
2012-02-29 11:07 - 2011-08-20 19:00 - 0000886 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2012-02-28 10:41 - 2012-02-28 10:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{8BE3A556-BDE1-4D53-9FEF-D52B8E897DF2}
2012-02-28 10:41 - 2012-02-28 10:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{3098A5DD-948A-409C-9700-12F7C158A888}
2012-02-27 20:24 - 2012-02-27 20:24 - 0228325 ____A C:\Users\Matt\Downloads\careg.png
2012-02-27 12:49 - 2012-02-27 12:49 - 0003611 ____A C:\Users\Matt\Downloads\Auto_Unequip_Arrows_v2_1-10753-2-1.zip
2012-02-27 11:36 - 2012-02-27 11:18 - 101519515 ____A C:\Users\Matt\Downloads\The Stage Names.zip
2012-02-27 11:03 - 2012-02-27 11:03 - 0000000 ____D C:\Users\Matt\AppData\Local\{8F65A73E-5D64-4B5D-94FC-4497837AAE47}
2012-02-27 11:03 - 2012-02-27 11:02 - 0000000 ____D C:\Users\Matt\AppData\Local\{2B7224F2-ECE6-4833-9D84-E279BB22CDA1}
2012-02-26 16:30 - 2012-02-26 16:23 - 0044874 ____A C:\Users\Matt\Downloads\soulsToPerks_v1-6-2063-1-6.zip
2012-02-26 15:32 - 2012-02-26 15:32 - 1319848 ____A C:\Users\Matt\Downloads\ScriptDragon_1.4.21.3.zip
2012-02-26 14:34 - 2012-02-26 14:34 - 0075264 ____A C:\Users\Matt\Downloads\semesterplanner.doc
2012-02-26 14:33 - 2012-02-26 14:33 - 0066048 ____A C:\Users\Matt\Downloads\Unit Outline.doc
2012-02-26 11:19 - 2012-02-26 11:19 - 0040180 ____A C:\Users\Matt\Downloads\Smithing_Perks_Overhaul_1-1-1-6047.rar
2012-02-26 11:14 - 2012-02-26 11:14 - 0067039 ____A C:\Users\Matt\Downloads\Weapons_and_Armor_fixes_v-2-0-3-4719-2-03.rar
2012-02-26 11:09 - 2012-02-26 11:09 - 0001636 ____A C:\Users\Matt\Downloads\Better_Dynamic_Snow_1-4-10383-1-4.7z
2012-02-26 08:59 - 2012-02-26 08:59 - 0049623 ____A C:\Users\Matt\Downloads\Complete_Crafting_Overhaul_1-1-1-8003-1-11.rar
2012-02-26 06:57 - 2012-02-26 06:57 - 0000000 ____D C:\Users\Matt\AppData\Local\{C56100B7-4F83-4DB6-878E-69F84BF64D07}
2012-02-25 18:58 - 2012-02-25 18:58 - 1251497 ____A C:\Users\Matt\Downloads\SkyUI_2_1-3863-2-1.7z
2012-02-25 18:47 - 2012-02-25 18:47 - 0000000 ____D C:\Games
2012-02-25 18:44 - 2012-02-25 18:44 - 0000000 ____D C:\Users\Matt\AppData\Local\Black_Tree_Gaming
2012-02-25 18:42 - 2012-02-25 18:42 - 2282646 ____A (Black Tree Gaming ) C:\Users\Matt\Downloads\Nexus Mod Manager-0.14.2.exe
2012-02-25 18:41 - 2012-02-25 18:40 - 0001643 ____A C:\Users\Matt\Desktop\Skyrim.lnk
2012-02-25 18:34 - 2012-02-25 18:34 - 4475893 ____A C:\Users\Matt\Downloads\The Elder Scrolls V - Skyrim STEAM CD-KEY Generator.rar
2012-02-25 18:32 - 2012-02-25 18:32 - 0208464 ____A C:\Users\Matt\Downloads\skse_1_04_10.7z
2012-02-25 11:36 - 2012-02-25 11:36 - 0000542 ____A C:\Users\Matt\Downloads\Steam.cs-key.generator.exe.torrent
2012-02-25 10:51 - 2012-02-25 10:51 - 0000000 ____D C:\Users\Matt\Documents\Skyrim Updates
2012-02-25 10:50 - 2012-02-25 10:45 - 135089012 ____A C:\Users\Matt\Downloads\skyyupIIIII5.rar
2012-02-25 08:30 - 2012-02-25 08:30 - 6709514 ____A C:\Users\Matt\Downloads\The.Elder.Scrolls.V.Skyrim-Razor1911-[BTARENA.org]-CrackOnly.rar
2012-02-25 08:30 - 2010-09-25 11:17 - 0156549 ____A C:\Windows\DirectX.log
2012-02-25 08:27 - 2012-02-25 08:27 - 0000000 ____D C:\Users\Matt\AppData\Local\Skyrim
2012-02-25 08:27 - 2011-03-07 16:53 - 0000000 ____D C:\Users\Matt\Documents\My Games
2012-02-25 08:19 - 2012-02-25 08:15 - 0000000 ____D C:\Users\Matt\Documents\Skyrim
2012-02-25 07:16 - 2012-02-25 07:16 - 20905279 ____A C:\Users\Matt\Downloads\Tutorial World II E40.zip
2012-02-25 06:46 - 2012-02-25 06:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{54EFD331-9226-43DD-A521-A6BF75067025}
2012-02-25 06:45 - 2012-02-25 06:45 - 0000000 ____D C:\Users\Matt\AppData\Local\{1153C7F0-E36D-433A-9A62-5487BCED7F29}
2012-02-25 06:43 - 2010-11-28 13:08 - 0000000 ____D C:\Program Files (x86)\uTorrent
2012-02-24 19:27 - 2011-11-14 18:35 - 0000000 ____D C:\Users\Matt\Downloads\rzr-skrm
2012-02-24 10:44 - 2012-02-24 10:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{62D8900A-6E10-4B06-830F-7DB0F385841E}
2012-02-24 10:43 - 2012-02-24 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{B6061B7F-8D9E-46ED-9D3E-221CB6E4BF77}
2012-02-23 08:37 - 2012-02-23 08:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{49E0BC50-7C3D-4FB6-8065-E31CCE7AE5D8}
2012-02-23 08:36 - 2012-02-23 08:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{EE42B79D-62F8-47E5-BCCD-3E514C576BD8}
2012-02-23 03:41 - 2012-02-23 03:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{3FD55232-3D6C-4BD6-8F30-73CB9BA3CCAF}
2012-02-23 03:41 - 2012-02-23 03:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{26DCF004-FCA0-4D1F-B18C-60B791F32B96}
2012-02-22 16:36 - 2012-02-22 16:36 - 5247514 ____A C:\Users\Matt\Downloads\PlanetMinecraft Contest Island Final.zip
2012-02-22 16:27 - 2012-02-22 16:23 - 0000000 ____D C:\Users\Matt\Desktop\evenTime's map - City of arches
2012-02-22 16:22 - 2012-02-22 16:15 - 22719559 ____A C:\Users\Matt\Downloads\evenTimes-map-City-of-arches.zip
2012-02-22 16:21 - 2012-02-22 16:17 - 13594082 ____A C:\Users\Matt\Downloads\Eventime_1.1.0.zip
2012-02-22 11:26 - 2012-02-22 11:23 - 0000000 ____D C:\Users\Matt\Downloads\The Pains of Being Pure at Heart
2012-02-22 11:03 - 2012-02-22 11:03 - 0000000 ____D C:\Users\Matt\AppData\Local\{BEC4B72B-11DC-42AD-9F2E-D65FD9FBC698}
2012-02-22 11:03 - 2012-02-22 11:03 - 0000000 ____D C:\Users\Matt\AppData\Local\{A42370A3-88A0-445B-843D-1FB936F0E69E}
2012-02-21 20:00 - 2012-02-21 20:00 - 0000000 ____D C:\Users\Matt\AppData\Local\{35B6FD17-33E8-48DB-84C4-1A7B98ABB93F}
2012-02-21 20:00 - 2012-02-21 19:59 - 0000000 ____D C:\Users\Matt\AppData\Local\{9326CF4F-CAA5-425E-A79A-2393EBD3DFA6}
2012-02-21 11:09 - 2012-02-21 11:09 - 0000000 ____D C:\Users\Matt\AppData\Local\{957601A0-A681-4941-8206-3D86F084258E}
2012-02-21 11:09 - 2012-02-21 11:09 - 0000000 ____D C:\Users\Matt\AppData\Local\{0D369134-DAC7-4B77-AC28-27265E02887C}
2012-02-20 20:11 - 2012-02-20 20:05 - 124688758 ____A C:\Users\Matt\Downloads\CastleLividusMay27Update#2-NoFire.zip
2012-02-20 20:07 - 2012-02-20 20:07 - 7459962 ____A C:\Users\Matt\Downloads\Oddworld_Medieval_V4.rar
2012-02-20 20:07 - 2012-02-20 20:07 - 5614285 ____A C:\Users\Matt\Downloads\Oddcraft_V5.zip
2012-02-20 19:42 - 2012-02-20 19:42 - 0147289 ____A C:\Users\Matt\Downloads\1.7 -- Formulas you need to know for the first.pptx
2012-02-20 17:50 - 2012-02-20 17:50 - 5498412 ____A C:\Users\Matt\Downloads\Royal Palace (zippet).zip
2012-02-20 16:53 - 2012-02-20 16:53 - 0196339 ____A C:\Users\Matt\Downloads\Hamster Escape part 2!!.rar
2012-02-20 16:45 - 2012-02-20 16:45 - 0153312 ____A C:\Users\Matt\Downloads\Hamster Escape!!.rar
2012-02-20 16:32 - 2012-02-20 16:32 - 9576361 ____A C:\Users\Matt\Downloads\GraviMix7-5.zip
2012-02-20 16:32 - 2012-02-20 16:32 - 5175883 ____A C:\Users\Matt\Downloads\steampunk.zip
2012-02-20 16:18 - 2012-02-20 16:17 - 7383603 ____A C:\Users\Matt\Downloads\Realm of Vikdal.zip
2012-02-20 10:13 - 2012-02-20 10:11 - 95779054 ____A C:\Users\Matt\Downloads\Echo & The Bunnymen - 2003 - Crocodiles.rar
2012-02-20 07:31 - 2012-02-20 07:30 - 0000000 ____D C:\Users\Matt\AppData\Local\{89284555-1FAC-4878-A5AE-DBC70B1B0B76}
2012-02-20 07:30 - 2012-02-20 07:30 - 0000000 ____D C:\Users\Matt\AppData\Local\{5C8BCB56-F83E-47FC-A708-526B4A266C7E}
2012-02-19 18:50 - 2012-02-19 18:49 - 55745879 ____A C:\Users\Matt\Downloads\Super Hostile - Spellbound Caves v1.1.zip
2012-02-19 15:15 - 2012-02-19 15:15 - 6375048 ____A C:\Users\Matt\Downloads\Minecraft-.zip
2012-02-19 06:29 - 2012-02-19 06:29 - 0000000 ____D C:\Users\Matt\AppData\Local\{3A607561-D29F-412F-B323-D2BC2973766B}
2012-02-19 06:28 - 2012-02-19 06:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{D4EF14FF-1AD3-4ED8-BBF8-BCB41C3B23A1}
2012-02-19 06:27 - 2009-07-13 21:08 - 0032604 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-02-18 20:24 - 2012-01-03 13:19 - 0000000 ____A C:\Users\Matt\Documents\music.txt
2012-02-18 07:27 - 2012-02-18 07:25 - 0000000 ____D C:\Users\Matt\AppData\Roaming\Spotify
2012-02-18 07:26 - 2012-02-18 07:26 - 0001799 ____A C:\Users\Matt\Desktop\Spotify.lnk
2012-02-18 07:26 - 2012-02-18 07:26 - 0000000 ____D C:\Users\Matt\AppData\Local\Spotify
2012-02-18 07:21 - 2012-02-18 07:21 - 0085784 ____A (Spotify Ltd) C:\Users\Matt\Downloads\SpotifySetup.exe
2012-02-18 06:43 - 2011-07-22 17:24 - 0001013 ____A C:\Users\Matt\Desktop\Dropbox.lnk
2012-02-18 06:40 - 2012-02-18 06:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{F79C3E32-5C35-486E-AFFD-8CDBEC5FADD7}
2012-02-18 06:40 - 2012-02-18 06:40 - 0000000 ____D C:\Users\Matt\AppData\Local\{6979D8E3-E934-49B6-8EB3-371092F418B9}
2012-02-17 11:38 - 2012-02-17 11:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{C4573208-9242-4989-9E48-50353FFA2C94}
2012-02-17 11:38 - 2012-02-17 11:37 - 0000000 ____D C:\Users\Matt\AppData\Local\{C1A7CD3B-0D13-4426-91A5-1BD4C40226A6}
2012-02-17 11:36 - 2010-09-16 05:44 - 0000174 ___SH C:\Users\Matt\Start Menu\Programs\Startup\desktop.ini
2012-02-17 11:36 - 2010-09-16 05:44 - 0000174 ___SH C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-02-17 11:34 - 2010-09-16 05:42 - 0326024 ____A C:\Windows\PFRO.log
2012-02-16 12:02 - 2012-02-16 12:02 - 30576585 ____A C:\Users\Matt\Downloads\The Gate v.5.zip
2012-02-16 11:32 - 2012-02-16 11:32 - 0101280 ____A C:\Users\Matt\Downloads\Confirmation of Residence 2012.docx
2012-02-16 11:32 - 2012-02-16 11:32 - 0051200 ____A C:\Users\Matt\Downloads\Online Payment Instructions.doc
2012-02-16 11:25 - 2012-02-16 11:23 - 101707641 ____A C:\Users\Matt\Downloads\The Beastie Boys - Paul's Boutique.zip
2012-02-16 10:50 - 2012-02-16 10:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{96791833-52FE-476F-97B6-E195E5E53AB2}
2012-02-16 10:49 - 2012-02-16 10:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{2539DA3C-3E71-4235-872F-8C94044EC4E7}
2012-02-15 21:00 - 2012-02-15 21:00 - 0000000 ____D C:\db877d96a48bd5334df36623
2012-02-15 20:59 - 2010-01-10 22:08 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-02-15 17:57 - 2012-02-15 17:56 - 20787927 ____A C:\Users\Matt\Downloads\IggyVille.rar
2012-02-15 17:56 - 2012-02-15 17:56 - 1271200 ____A (FileServe Limited) C:\Users\Matt\Downloads\FileServeManagerSetup.exe
2012-02-15 17:50 - 2012-02-15 17:50 - 10167551 ____A C:\Users\Matt\Downloads\medieval Village 1.8.1 final.rar
2012-02-15 11:25 - 2012-02-15 11:08 - 101643342 ____A C:\Users\Matt\Downloads\Shearwater_-_Animal_Joy_(2012).rar
2012-02-15 10:44 - 2012-02-15 10:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{E2293A13-C5A3-4172-938A-18955447629A}
2012-02-15 10:44 - 2012-02-15 10:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{68A2E124-872C-4597-B4A5-A3CAE6D515DA}
2012-02-15 07:01 - 2012-02-15 07:01 - 4547944 ____A (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2012-02-15 07:01 - 2012-02-15 07:01 - 0052736 ____A (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2012-02-14 22:27 - 2012-03-14 06:53 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-14 21:44 - 2012-03-14 06:53 - 0826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-14 20:47 - 2012-03-14 06:53 - 0204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-14 20:46 - 2012-03-14 06:53 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-14 11:17 - 2012-02-14 11:16 - 0000000 ____D C:\Users\Matt\AppData\Local\{07C4B85F-8E43-4A9D-B44E-FFB50609939C}
2012-02-14 11:16 - 2012-02-14 11:16 - 0000000 ____D C:\Users\Matt\AppData\Local\{03D1B395-61C8-44E5-A40B-860B6F0AAD83}
2012-02-14 03:56 - 2012-02-14 03:56 - 0000000 ____D C:\Users\Matt\AppData\Local\{F01BFD85-3BDD-48B2-9368-5139AA1E800A}
2012-02-14 03:56 - 2012-02-14 03:55 - 0000000 ____D C:\Users\Matt\AppData\Local\{AC84BAB4-EB55-4542-B5F5-4504B9DF7615}
2012-02-13 17:34 - 2012-02-13 17:34 - 0000859 ____A C:\Users\Matt\Downloads\appointment.ics
2012-02-13 10:43 - 2012-02-13 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{A6231CCC-BEAD-4B27-97FC-5904FC7D5154}
2012-02-13 10:43 - 2012-02-13 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{A0B91097-A24E-49FA-AF8C-A8FE858AA124}
2012-02-13 04:04 - 2012-02-13 04:04 - 0000000 ____D C:\Users\Matt\AppData\Local\{DE939A88-56AF-45C5-8903-FE504AFDBCA2}
2012-02-13 04:04 - 2012-02-13 04:04 - 0000000 ____D C:\Users\Matt\AppData\Local\{22B3BBA9-A72E-4D18-9AA3-0609A9AC15CF}
2012-02-12 07:24 - 2012-02-12 07:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{AF15AE66-9714-45FE-BB6E-A30ED4694985}
2012-02-12 07:24 - 2012-02-12 07:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{20C5A840-41DA-482A-8607-FA0FF47D88D7}
2012-02-11 08:21 - 2012-02-11 08:19 - 70643117 ____A C:\Users\Matt\Downloads\(2005) Clap Your Hands Say Yeah.rar
2012-02-11 06:44 - 2012-02-11 06:44 - 0000000 ____D C:\Users\Matt\AppData\Local\{A6F69EE2-BE80-4A04-8CFA-0F6385EA4CAA}
2012-02-11 06:44 - 2012-02-11 06:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{03DD60F8-5BD4-4AFC-8827-C9CDD9CD3369}
2012-02-10 10:44 - 2012-02-10 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{CAFFE4D0-50CD-4F23-AF58-3D912CEC927C}
2012-02-10 10:43 - 2012-02-10 10:43 - 0000000 ____D C:\Users\Matt\AppData\Local\{1910FA9F-6D5D-491F-A6F5-6E5F50C33F56}
2012-02-09 22:18 - 2012-03-14 06:54 - 1541120 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-02-09 22:17 - 2012-03-14 06:53 - 1837568 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2012-02-09 22:17 - 2012-03-14 06:53 - 0902656 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2012-02-09 22:17 - 2012-03-14 06:53 - 0320512 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2012-02-09 22:17 - 2012-03-14 06:53 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2012-02-09 21:41 - 2012-03-14 06:53 - 1170944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2012-02-09 21:41 - 2012-03-14 06:53 - 1074176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-02-09 21:41 - 2012-03-14 06:53 - 0739840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2012-02-09 21:41 - 2012-03-14 06:53 - 0218624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2012-02-09 21:41 - 2012-03-14 06:53 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2012-02-09 11:05 - 2012-02-09 11:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{3D74A0A8-B33F-4A4E-94CE-1782E3E2A7C6}
2012-02-09 11:05 - 2012-02-09 11:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{27972D3D-62AB-4AA2-B6E3-722D31A9ECBF}
2012-02-08 18:08 - 2012-01-29 13:38 - 4091855 ____A C:\Users\Matt\Desktop\minecraft.jar
2012-02-08 18:07 - 2012-02-08 18:07 - 0464574 ____A C:\Users\Matt\Downloads\NewCraft and Vecter TPack (1).ZIP
2012-02-08 18:01 - 2012-02-08 17:57 - 42698806 ____A C:\Users\Matt\Downloads\NewCraft and Vecter World zip (1).zip
2012-02-08 17:56 - 2012-02-08 17:56 - 1274964 ____A C:\Users\Matt\Downloads\mcpatcher-2.3.2_01.exe
2012-02-08 10:59 - 2012-02-08 10:59 - 0000000 ____D C:\Users\Matt\AppData\Local\{ACC521AB-8A7B-4B74-96C7-13D967B34EA8}
2012-02-08 10:59 - 2012-02-08 10:59 - 0000000 ____D C:\Users\Matt\AppData\Local\{9A6AFFD5-E767-4AE2-9CC8-BF47599FC8A0}
2012-02-07 13:01 - 2012-02-07 13:01 - 0138660 ____A C:\Users\Matt\Downloads\NRaas_MasterControllerCheats_V77.zip
2012-02-07 12:06 - 2012-02-07 12:04 - 81924403 ____A C:\Users\Matt\Downloads\bleepedUp-TheChemistryOfCommonLife.zip
2012-02-07 12:00 - 2012-02-07 11:58 - 82027982 ____A C:\Users\Matt\Downloads\The Chemistry Of Common Life.zip
2012-02-07 10:41 - 2012-02-07 10:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{E5064BAF-5E12-42E0-84B0-F0C95031A239}
2012-02-07 10:41 - 2012-02-07 10:41 - 0000000 ____D C:\Users\Matt\AppData\Local\{E1C445F4-492F-4861-A923-283AE29AC33A}
2012-02-07 03:50 - 2012-02-07 03:50 - 0000000 ____D C:\Users\Matt\AppData\Local\{F3FC5A32-A3CE-48BB-870E-4C57ABF61FCC}
2012-02-07 03:50 - 2012-02-07 03:50 - 0000000 ____D C:\Users\Matt\AppData\Local\{88E2D1BC-22F3-4201-A7D1-6C1A02D328EC}
2012-02-06 19:06 - 2012-02-06 19:06 - 0001401 ____A C:\Users\Matt\Downloads\FrameworkSetup.zip
2012-02-06 18:52 - 2012-02-06 18:52 - 0003948 ____A C:\Users\Matt\Downloads\MTS_HystericalParoxysm_1151069_CelebrityMod-UltraDiff-20FA-DDA_HP (1).7z
2012-02-06 18:40 - 2012-02-06 18:40 - 0166455 ____A C:\Users\Matt\Downloads\NRaas_CareerDataSelfEmployed_V64.zip
2012-02-06 18:40 - 2012-02-06 18:40 - 0033722 ____A C:\Users\Matt\Downloads\NRaas_CareerDataUnemployed_V61.zip
2012-02-06 18:39 - 2012-02-06 18:39 - 0148136 ____A C:\Users\Matt\Downloads\NRaas_CareerDataSchool_V61.zip
2012-02-06 18:39 - 2012-02-06 18:39 - 0131407 ____A C:\Users\Matt\Downloads\NRaas_CareerDataPartTime_V61.zip
2012-02-06 18:38 - 2012-02-06 18:38 - 0299473 ____A C:\Users\Matt\Downloads\NRaas_Career_V64.zip
2012-02-06 18:36 - 2012-02-06 18:36 - 1388059 ____A C:\Users\Matt\Downloads\NRaas_StoryProgressionExpanded_V203.zip
2012-02-06 18:33 - 2012-02-06 18:33 - 2110795 ____A C:\Users\Matt\Downloads\NRaas_StoryProgression_V203.zip
2012-02-06 18:31 - 2012-02-06 18:31 - 0609479 ____A C:\Users\Matt\Downloads\NRaas_MasterController_V75.zip
2012-02-06 11:02 - 2012-02-06 11:01 - 0000000 ____D C:\Users\Matt\AppData\Local\{888DBBA1-86F5-4791-98B8-FF1F7E122128}
2012-02-06 11:01 - 2012-02-06 11:01 - 0000000 ____D C:\Users\Matt\AppData\Local\{5A91792B-BD4C-481E-AA4D-E573F352E36A}
2012-02-05 17:24 - 2010-09-25 12:34 - 0000000 ____D C:\Users\Matt\Documents\Electronic Arts
2012-02-05 14:53 - 2012-02-05 14:53 - 0002160 ____A C:\Users\Public\Desktop\The Sims™ 3 Pets.lnk
2012-02-05 14:49 - 2010-09-25 10:59 - 0000000 ____D C:\Program Files (x86)\Electronic Arts
2012-02-05 14:49 - 2010-01-10 20:00 - 0000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-02-05 14:42 - 2012-02-05 14:38 - 0000000 ____D C:\Users\Matt\Downloads\The Sims 3 - Pets
2012-02-05 14:30 - 2012-02-05 14:30 - 4448351 ____A C:\Users\Matt\Downloads\The_Sims_3_-_Pets_installation_FIX.rar
2012-02-05 14:28 - 2012-02-05 14:26 - 56848873 ____A C:\Users\Matt\Downloads\The_Sims_3_fix.rar
2012-02-05 13:54 - 2012-02-01 17:30 - 3477480686 ____A C:\Users\Matt\Downloads\The Sims 3 - Pets.rar
2012-02-05 10:32 - 2012-02-05 10:28 - 89131165 ____A C:\Users\Matt\Downloads\Destroyer - Trouble in Dreams.rar
2012-02-05 10:00 - 2012-02-04 20:20 - 0000000 ____D C:\Users\Matt\AppData\Local\BIT.TRIP RUNNER
2012-02-05 07:13 - 2012-02-05 07:13 - 0000000 ____D C:\Users\Matt\AppData\Local\{FDCFC249-7313-4C38-B991-BC0FFE429629}
2012-02-05 07:13 - 2012-02-05 07:12 - 0000000 ____D C:\Users\Matt\AppData\Local\{007396BF-E73C-421E-8956-7223F7A9BE77}
2012-02-04 20:20 - 2012-02-04 20:20 - 0466456 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2012-02-04 20:20 - 2012-02-04 20:20 - 0444952 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2012-02-04 20:20 - 2012-02-04 20:20 - 0122904 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2012-02-04 20:20 - 2012-02-04 20:20 - 0109080 ____A (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2012-02-04 20:20 - 2012-02-04 20:20 - 0000000 ____D C:\Program Files (x86)\OpenAL
2012-02-04 20:20 - 2012-02-04 20:17 - 0000000 ____D C:\Windows\SysWOW64\directx
2012-02-04 20:18 - 2012-02-04 20:17 - 0000000 ___HD C:\Windows\msdownld.tmp
2012-02-04 16:07 - 2012-02-04 16:07 - 0745710 ____A C:\Users\Matt\Downloads\SinglePlayerCommands-MC1.1.0_V3.1.1.jar
2012-02-04 07:29 - 2012-02-04 07:29 - 0000000 ____D C:\Users\Matt\AppData\Local\{554E242D-877B-41DE-9290-8C3C782AB43E}
2012-02-04 07:29 - 2012-02-04 07:28 - 0000000 ____D C:\Users\Matt\AppData\Local\{74D2968F-AA2F-4E27-BC43-4DDD2D457323}
2012-02-03 10:10 - 2012-02-03 10:09 - 3898234 ____A C:\Users\Matt\Downloads\Millenaire2.1.6.zip
2012-02-03 10:06 - 2012-02-03 10:06 - 0047993 ____A C:\Users\Matt\Downloads\TooManyItems2012_01_12.zip
2012-02-03 10:00 - 2012-02-03 10:00 - 0089249 ____A C:\Users\Matt\Downloads\ModLoader (3).zip
2012-02-03 09:55 - 2012-02-03 09:52 - 102560367 ____A C:\Users\Matt\Downloads\explosions in the sky - all of a sudden I miss everyone.zip
2012-02-03 07:35 - 2012-02-03 07:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{B6E1FAA4-B7BC-419A-9F2A-11FA4DA257AE}
2012-02-03 07:35 - 2012-02-03 07:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{7417557D-6D91-4891-8553-B88F875A075A}
2012-02-02 20:16 - 2012-03-14 06:54 - 3143168 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-02-02 06:36 - 2012-02-02 06:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{53EF81D2-D694-4CB8-829C-017E89BFA068}
2012-02-02 06:36 - 2012-02-02 06:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{5CD61620-7E84-497D-8458-F6C941E64D94}
2012-02-01 12:30 - 2010-09-18 10:57 - 0000000 ____D C:\Users\Matt\Documents\Webcam
2012-02-01 11:24 - 2012-02-01 10:49 - 0000000 ____D C:\Users\Matt\Downloads\Hurry Up, We're Dreaming
2012-02-01 08:11 - 2012-02-01 08:11 - 0000000 ____D C:\Users\Matt\AppData\Local\{5A9D53DB-4AF2-4AD1-9AB0-A1B23D72D29C}
2012-02-01 08:11 - 2012-02-01 08:10 - 0000000 ____D C:\Users\Matt\AppData\Local\{5FBD06B0-EDE7-4B50-9F8F-EC657A91DB8D}
2012-01-31 11:09 - 2012-01-31 10:39 - 116412224 ____A C:\Users\Matt\Downloads\STRIKEGENTLY.COM Thrice - Major Minor [2011].zip
2012-01-31 08:36 - 2012-01-31 08:36 - 0000000 ____D C:\Users\Matt\AppData\Local\{97122E41-02D7-427F-9948-D17E22CCAE85}
2012-01-31 08:36 - 2012-01-31 08:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{1461A3A9-F72C-4893-8F1B-7339D3B2904F}
2012-01-30 18:22 - 2012-01-30 18:22 - 0000000 ____D C:\Users\Matt\AppData\Local\{1CE9D747-0D64-45B0-9D11-5ED253D479C4}
2012-01-30 18:21 - 2012-01-30 18:21 - 0000000 ____D C:\Users\Matt\AppData\Local\{AA38A3F5-F58A-4E4F-AA9F-0FC3796AA837}
2012-01-29 17:46 - 2012-01-29 17:46 - 0000000 ____D C:\Users\Matt\Desktop\1.0 mc
2012-01-29 17:46 - 2011-11-07 15:07 - 0000000 ____D C:\Users\Matt\Desktop\1.1
2012-01-29 17:44 - 2012-01-29 17:44 - 1015886 ____A C:\Users\Matt\Downloads\Solitude.zip
2012-01-29 17:06 - 2012-01-29 17:06 - 0043248 ____A C:\Users\Matt\Downloads\TooManyItems2011_11_29.zip
2012-01-29 17:00 - 2012-01-29 17:00 - 0730403 ____A C:\Users\Matt\Downloads\MineColony rc16b Master.zip
2012-01-29 16:52 - 2012-01-29 16:52 - 0088347 ____A C:\Users\Matt\Downloads\ModLoader 1.0.0.zip
2012-01-29 16:45 - 2012-01-29 16:38 - 86218648 ____A C:\Users\Matt\Downloads\mcnostalgia2.0.2.zip
2012-01-29 13:37 - 2012-01-29 13:37 - 0048032 ____A C:\Users\Matt\Downloads\TooManyItems2012_01_26_12w04a.zip
2012-01-29 10:13 - 2012-01-29 10:02 - 83516747 ____A C:\Users\Matt\Downloads\The_Beatles_-_Revolver.zip
2012-01-29 07:42 - 2012-01-29 07:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{A5B42F6F-5E1A-46DC-A950-6CDBB5C3F653}
2012-01-29 07:42 - 2012-01-29 07:42 - 0000000 ____D C:\Users\Matt\AppData\Local\{21E6FB5C-C201-43AE-8A25-77F12227F8A6}
2012-01-28 07:26 - 2012-01-01 14:25 - 0000000 ____D C:\Users\Matt\Documents\OpenTTD
2012-01-28 07:21 - 2012-01-28 07:21 - 0000000 ____D C:\Users\Matt\AppData\Local\{C2A50B95-40EE-4399-BDE9-F63797E52B07}
2012-01-28 07:21 - 2012-01-28 07:21 - 0000000 ____D C:\Users\Matt\AppData\Local\{55F0B32C-B258-48A3-9844-AD050AABB57B}
2012-01-27 22:51 - 2012-01-26 20:44 - 0020656 ____A C:\Users\Matt\Documents\12.xlsx
2012-01-27 22:34 - 2010-10-20 17:46 - 0000000 ____D C:\Users\Matt\AppData\Local\Windows Live
2012-01-27 12:11 - 2012-01-27 12:11 - 0000000 ____D C:\Users\Matt\AppData\Local\{B0ACE5C8-AF3E-4370-A991-3944BC141E88}
2012-01-27 12:11 - 2012-01-27 12:10 - 0000000 ____D C:\Users\Matt\AppData\Local\{76C6853F-5E70-4723-B583-85562891D556}
2012-01-26 18:22 - 2012-01-26 18:22 - 71279472 ____A (Apple Inc.) C:\Users\Matt\Downloads\iTunes64Setup (2).exe
2012-01-26 17:36 - 2012-01-26 17:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{3B2BEAE0-9F37-48A2-A8FF-676899846452}
2012-01-26 17:35 - 2012-01-26 17:35 - 0000000 ____D C:\Users\Matt\AppData\Local\{35CDFCAD-C168-4966-8D9D-7D065F3A3C50}
2012-01-26 11:57 - 2012-01-26 11:55 - 93792060 ____A C:\Users\Matt\Downloads\Deerhoof -Deerhoof vs. Evil.rar
2012-01-26 11:39 - 2012-01-26 11:39 - 0000000 ____D C:\Users\Matt\AppData\Local\{654FAEC7-D985-4266-9C95-0201715FDB9D}
2012-01-26 11:39 - 2012-01-26 11:38 - 0000000 ____D C:\Users\Matt\AppData\Local\{4FD92519-5031-42D5-B4C7-A036FA1AF5AF}
2012-01-26 04:25 - 2012-01-26 04:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{D6AF3B82-64B5-406A-B650-A0683721A17E}
2012-01-26 04:24 - 2012-01-26 04:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{61D02B3F-EF8A-4AF5-AF3F-784385C10AB4}
2012-01-25 19:13 - 2011-01-20 13:33 - 0003044 ____A C:\Users\Matt\NSTS_reg605.prefs
2012-01-25 18:09 - 2012-01-25 18:09 - 0000000 ____D C:\Users\Matt\Documents\lol
2012-01-25 18:05 - 2012-01-25 18:04 - 23475765 ____A (Niagara Software) C:\Users\Matt\Downloads\splendidcity_install (1).exe
2012-01-25 18:05 - 2011-01-20 13:32 - 0000000 ____D C:\Program Files\SplendidCity
2012-01-25 09:18 - 2012-01-25 09:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{F3E3730D-27EB-4211-AFBD-161E6A1D024D}
2012-01-25 09:17 - 2012-01-25 09:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{F28C09C1-3344-4BD6-B479-BBB3C4462230}
2012-01-24 22:27 - 2012-03-14 06:53 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-01-24 22:27 - 2012-03-14 06:53 - 0076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-01-24 22:20 - 2012-03-14 06:53 - 0009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-01-24 12:07 - 2012-01-24 12:07 - 0000000 ____D C:\Users\Matt\AppData\Local\{A599A080-3210-4490-B45A-D10495EF0FC6}
2012-01-24 12:07 - 2012-01-24 12:07 - 0000000 ____D C:\Users\Matt\AppData\Local\{92283CF8-1BAB-4218-915B-4A7875FEB93B}
2012-01-23 11:49 - 2012-01-23 11:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{6B4F3428-4E3C-4BC6-BF14-D22B982164DA}
2012-01-23 11:49 - 2012-01-23 11:48 - 0000000 ____D C:\Users\Matt\AppData\Local\{9174315D-780F-4AF7-918D-57359795A597}
2012-01-23 03:49 - 2012-01-23 03:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{EC512EDE-46E8-4835-AB04-F0A82734E7D1}
2012-01-23 03:49 - 2012-01-23 03:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{9B8B79F7-97BF-4205-A355-B3C153405127}
2012-01-22 18:48 - 2012-01-22 18:48 - 0019876 ____A C:\Users\Matt\Downloads\Impact Letter FIXED BY SNOWY.docx
2012-01-22 18:48 - 2012-01-22 18:48 - 0019876 ____A C:\Users\Matt\Downloads\Impact Letter FIXED BY SNOWY (1).docx
2012-01-22 09:27 - 2012-01-22 09:25 - 64972887 ____A C:\Users\Matt\Downloads\The Last Shadow Puppets - The Age Of The Understatement (2008).zip
2012-01-22 06:19 - 2012-01-22 06:19 - 0000000 ____D C:\Users\Matt\AppData\Local\{49108AB0-1D0C-4718-A83B-D6D2F029F067}
2012-01-22 06:19 - 2012-01-22 06:18 - 0000000 ____D C:\Users\Matt\AppData\Local\{F4201776-E0CF-4C14-A779-99B8483F567C}
2012-01-21 15:16 - 2012-01-21 15:16 - 0064512 ____A C:\Users\Matt\Downloads\Catholic Social Teachings (1).doc
2012-01-21 15:13 - 2012-01-21 15:13 - 0079872 ____A C:\Users\Matt\Downloads\Summative Impact Reflection 2012.doc
2012-01-21 06:24 - 2012-01-21 06:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{6FF8A45F-3000-4F0C-88D5-890001D1591B}
2012-01-21 06:24 - 2012-01-21 06:24 - 0000000 ____D C:\Users\Matt\AppData\Local\{6637DF7A-3AA0-44DF-97FE-66F07DB9DCBB}
2012-01-20 12:10 - 2012-01-20 12:08 - 112292208 ____A C:\Users\Matt\Downloads\Mastodon-The_Hunter-2011_by_Dumovochka.rar
2012-01-20 11:56 - 2012-01-20 11:56 - 0000000 ____D C:\Users\Matt\AppData\Local\{DC734E75-33D3-4D57-9056-B6363DE96425}
2012-01-20 11:56 - 2012-01-20 11:56 - 0000000 ____D C:\Users\Matt\AppData\Local\{26E521E2-FC54-4503-9BA0-A76DBA2EEF8C}
2012-01-19 12:46 - 2012-01-19 12:44 - 80878953 ____A C:\Users\Matt\Downloads\My Morning Jacket - Evil Urges (2008) - (1).rar
2012-01-19 12:44 - 2012-01-19 12:44 - 0000000 ____A C:\Users\Matt\Downloads\My Morning Jacket - Evil Urges (2008) -.rar.crdownload
2012-01-19 12:38 - 2012-01-19 12:30 - 83871065 ____A C:\Users\Matt\Downloads\my_morning_jacket_-_evil_urges_2008__2008_06_19_09_48_28_sharedmusic.net_.rar
2012-01-19 12:07 - 2012-01-19 12:06 - 0000000 ____D C:\Users\Matt\AppData\Local\{6B8DB7B3-6A97-40BA-B2C0-38A0EBA9E3BE}
2012-01-19 12:06 - 2012-01-19 12:06 - 0000000 ____D C:\Users\Matt\AppData\Local\{357617FE-737F-4734-ADB4-CD3A132C6963}
2012-01-18 12:33 - 2012-01-18 12:32 - 0000000 ____D C:\Users\Matt\AppData\Local\{2F83068E-6CB5-42B2-B909-FE3A20C8A717}
2012-01-18 12:32 - 2012-01-18 12:32 - 0000000 ____D C:\Users\Matt\AppData\Local\{7787004C-68E9-40C5-989E-C6AD1FB49E72}
2012-01-17 15:40 - 2012-01-17 15:40 - 11429701 ____A C:\Users\Matt\Downloads\skyrimmappdf.zip
2012-01-17 12:38 - 2012-01-17 12:35 - 77868175 ____A C:\Users\Matt\Downloads\Beirut_-_The_Rip_Tide_2011.rar
2012-01-17 12:03 - 2012-01-17 12:03 - 0000000 ____D C:\Users\Matt\AppData\Local\{E4C358AC-16C5-45C8-8718-0DD2A9F16680}
2012-01-17 12:03 - 2012-01-17 12:02 - 0000000 ____D C:\Users\Matt\AppData\Local\{5AEAEDA9-6A40-4597-B162-1B9D1D9988F1}
2012-01-17 03:48 - 2012-01-17 03:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{2F26AF4B-BC88-4DBD-BA7F-52043D704714}
2012-01-17 03:47 - 2012-01-17 03:47 - 0000000 ____D C:\Users\Matt\AppData\Local\{D02E7F47-07DE-44BB-A124-DBF27732E03E}
2012-01-16 11:49 - 2012-01-16 11:49 - 0000000 ____D C:\Users\Matt\AppData\Local\{3B2C4EDD-1F5D-4950-A418-1CA7FEFE4531}
2012-01-16 11:49 - 2012-01-16 11:48 - 0000000 ____D C:\Users\Matt\AppData\Local\{26EC6737-8D19-43AC-95F4-243619EBA2BC}
2012-01-15 21:16 - 2011-12-23 15:28 - 0086012 ____A C:\Users\Matt\Documents\Book1.xlsx
2012-01-15 16:15 - 2012-01-15 16:15 - 0000000 ____D C:\Users\Matt\AppData\Local\{7458434A-5B88-4193-8076-22F425777897}
2012-01-15 16:15 - 2012-01-15 16:14 - 0000000 ____D C:\Users\Matt\AppData\Local\{27A69105-9C13-4C7B-8338-5181A7625F42}
2012-01-14 08:04 - 2012-01-14 08:01 - 104521758 ____A C:\Users\Matt\Downloads\The_Horrors_-_Primary_Colours__2009_.rar
2012-01-14 06:56 - 2012-01-14 06:56 - 0000000 ____D C:\Users\Matt\AppData\Local\{4C5AF428-979C-446C-AE11-8F08661D2527}
2012-01-14 06:56 - 2012-01-14 06:56 - 0000000 ____D C:\Users\Matt\AppData\Local\{3ABA4345-BD24-4FD2-8939-FBCAD8235A95}
2012-01-13 12:09 - 2012-01-13 12:09 - 0000000 ____D C:\Users\Matt\AppData\Local\{CA189DE7-1882-4820-BDEE-9E39A3FE078E}
2012-01-13 12:09 - 2012-01-13 12:08 - 0000000 ____D C:\Users\Matt\AppData\Local\{1EE66821-197A-4B1D-B474-468C2ACCCAA4}
2012-01-12 12:05 - 2012-01-12 12:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{8546FDC6-C994-4BEE-A5D8-970DC160A7A2}
2012-01-12 12:05 - 2012-01-12 12:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{680B974D-C22D-4A82-9537-AED0E80FB771}
2012-01-11 13:56 - 2012-01-11 13:55 - 0000000 ____D C:\Users\Matt\AppData\Roaming\Notepad++
2012-01-11 13:55 - 2012-01-11 13:55 - 0000000 ____D C:\Program Files (x86)\Notepad++
2012-01-11 13:54 - 2012-01-11 13:54 - 5650428 ____A C:\Users\Matt\Downloads\npp.5.9.8.Installer.exe
2012-01-11 13:48 - 2012-01-11 13:48 - 0000000 ____A C:\Users\Matt\Downloads\bestof_2011_tsv.zip.crdownload
2012-01-11 13:35 - 2012-01-11 13:35 - 0273509 ____A C:\Users\Matt\Downloads\bestof_2011_xml.zip
2012-01-11 12:45 - 2012-01-11 12:40 - 144477206 ____A C:\Users\Matt\Downloads\Thirteen Senses - Crystal Sounds.zip
2012-01-11 12:05 - 2012-01-11 12:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{F6689BC7-F8F4-474D-846A-F7FF2779BE05}
2012-01-11 12:05 - 2012-01-11 12:05 - 0000000 ____D C:\Users\Matt\AppData\Local\{3A694532-DD9B-4F20-876C-2B2A7B05429F}
2012-01-10 21:31 - 2011-09-07 12:58 - 1884712 ____A C:\Windows\ntbtlog.txt.bak
2012-01-10 18:19 - 2012-01-10 18:19 - 0000000 ____D C:\Users\Matt\AppData\Local\{FA1BD9A5-794B-45F6-9582-1ED8AFAA7C4D}
2012-01-10 18:19 - 2012-01-10 18:19 - 0000000 ____D C:\Users\Matt\AppData\Local\{B0533248-DBD3-4310-A0A3-E3B33F7AF8B9}
2012-01-10 12:04 - 2012-01-10 12:04 - 0000000 ____D C:\Users\Matt\AppData\Local\{58EBB588-10E4-4F73-A917-6370FA03484D}
2012-01-10 12:04 - 2012-01-10 12:03 - 0000000 ____D C:\Users\Matt\AppData\Local\{95C4875E-F820-4ED3-9EF8-F3A54C3ED5B2}
2012-01-09 11:53 - 2012-01-09 11:53 - 0000000 ____D C:\Users\Matt\AppData\Local\{200B178A-F2F9-4F04-937D-F05FEF2FEDAD}
2012-01-09 11:53 - 2012-01-09 11:52 - 0000000 ____D C:\Users\Matt\AppData\Local\{00DB4207-C0F7-422E-95C5-86D435E766D0}
2012-01-09 08:50 - 2012-01-11 13:51 - 2372114 ____A C:\Users\Matt\Documents\bestof_2011_releases.xml
2012-01-08 08:17 - 2012-01-08 08:17 - 0000000 ____D C:\Users\Matt\AppData\Local\{DB9FA3AB-9E52-4A6C-A811-BA0D3DC234F5}
2012-01-08 08:17 - 2012-01-08 08:16 - 0000000 ____D C:\Users\Matt\AppData\Local\{84A40A33-DCB8-45CF-8C31-C04E3E35184C}
2012-01-07 14:31 - 2012-01-07 13:41 - 0014425 ____A C:\Users\Matt\Documents\To whom it may concern.docx
2012-01-07 11:48 - 2012-01-07 11:48 - 0280854 ____A C:\Users\Matt\Downloads\Mug_Wump.bmp
2012-01-07 10:33 - 2012-01-07 10:30 - 118900633 ____A C:\Users\Matt\Downloads\Foals - Total Life Forever .rar
2012-01-07 07:58 - 2012-01-07 07:57 - 0000000 ____D C:\Users\Matt\AppData\Local\{A1411F94-B1DF-42EA-B863-AF56C9C7690F}
2012-01-07 07:57 - 2012-01-07 07:57 - 0000000 ____D C:\Users\Matt\AppData\Local\{E1886F41-C1FF-430F-B369-F7CCA6A597DB}

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 18%
Total physical RAM: 4022.87 MB
Available physical RAM: 3287.76 MB
Total Pagefile: 4021.02 MB
Available Pagefile: 3276.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:582.24 GB) (Free:330.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:13.63 GB) (Free:2.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
5 Drive h: (Lexar) (Removable) (Total:29.84 GB) (Free:29.77 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: () (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 596 GB 0 B
Disk 1 Online 29 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 582 GB 200 MB
Partition 3 Primary 13 GB 582 GB
Partition 4 Primary 103 MB 596 GB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y NTFS Partition 199 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 582 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E RECOVERY NTFS Partition 13 GB Healthy

======================================================================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 29 GB 17 MB

======================================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H Lexar FAT32 Removable 29 GB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-03-10 16:55

======================= End Of Log ==========================

#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 05 April 2012 - 06:53 PM

Hi

Please do the following:


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

start
SubSystems: [Windows] ==> ZeroAccess
end

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options then select Command Prompt

Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.


Now restart, let it boot normally and tell me how it went.


NEXT



Refer to the ComboFix User's Guide

  • Download ComboFix from one of these locations:

    Link 1
    Link 2

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 MattC13

MattC13
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 06 April 2012 - 03:14 PM

Alright, I've run both scans. My computer booted up normally and didn't have any problems after the FRST fix. I've attached both of the logs that were created.

Attached Files



#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 06 April 2012 - 04:23 PM

Hi,

Please do the following:


Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System is found then ensure Delete is selected
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)


NEXT


Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 MattC13

MattC13
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 06 April 2012 - 05:27 PM

The log the program produced is attached to this post, it didn't turn up anything. I also ran a Quick Scan with Norton and it didn't turn up any problems as well.

Attached Files



#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 06 April 2012 - 05:29 PM

Hi,

Please do the following:

Please download Malwarebytes' Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish


NEXT

Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 MattC13

MattC13
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 07 April 2012 - 02:02 PM

Here are the logs created by the programs. MBAM didn't turn up anything but ESET turned up some downloaded files indicated as threats.

My computer still runs fine, doesn't seem like there are any issues other than the threats that ESET showed.

Attached Files



#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 07 April 2012 - 03:06 PM

Go ahead and delete these files:

C:\Games\Skyrim\mods\Skyrim_Universal_4GB_Memory_Patch-3211-1-0.rar
C:\Program Files (x86)\1ClickDownload\uninst.exe
C:\Program Files (x86)\The Elder Scrolls V Skyrim\Data\Skyrim_Memory_4gb_Patch\Skyrim.Memory.(4gb).Patch.exe
C:\Users\Matt\AppData\Roaming\OpenCandy\DLMgr_3_1.6.87.exe
C:\Users\Matt\AppData\Roaming\OpenCandy\PPIRegistryReviver_p21v1.exe
C:\Users\Matt\AppData\Roaming\OpenCandy\PPIRegistryReviverSetup.exe
C:\Users\Matt\Documents\FL_Studio_9.exe
C:\Users\Matt\Downloads\FL studio 9 www.DJALGERIA.com(2).rar
C:\Users\Matt\Downloads\Fl Studio 9.1 (WITH CRACK).zip
C:\Users\Matt\Downloads\FL Studio 9\flstudio_9.0.exe
C:\Users\Matt\Downloads\flstudio_9.1_online.exe
C:\Users\Matt\Downloads\MsgPlusLive-485.exe
C:\Users\Matt\Downloads\MsgPlusLive-490.exe
C:\Users\Matt\Downloads\Skyrim_Universal_4GB_Memory_Patch-3211-1-0.rar


NEXT


Posted Image Your Java is out of date.
Java™ 6 Update 29 can be updated from the Java control panel Start > Control Panel (Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now.
An update should begin; > follow the prompts.


NEXT

we just need to clean up our tools:


You can delete the FRST logs and program from your desktop.


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Click START then RUN
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at this well written article:
    PC Safety and Security--What Do I Need?.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 MattC13

MattC13
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:09:24 AM

Posted 08 April 2012 - 03:43 PM

Thank you very much for your help with this. I'll leave you a donation.

#12 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 08 April 2012 - 06:44 PM

Thank-you very much, it's appreciated,

stay safe :hello:

~CB

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:10:24 AM

Posted 08 April 2012 - 06:44 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users